www.xxxfiles.tv/videos/197379/b00bee6c97cea38906f6b51e7e1a81af/?sid=12320
104.21.83.6200 OK 16 kB URL HTTP/1.1 www.xxxfiles.tv/videos/197379/b00bee6c97cea38906f6b51e7e1a81af/?sid=12320
IP 104.21.83.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7475)
Hash bc1650918bbc40b81a4457c9b6defd64
61ab493ea27ded96474090f4796ebeef4b03160f
f694dbc05ea466d23317d9ad357ba8bfc96f56c4ac3909d393d67cc1320d312d
GET /videos/197379/b00bee6c97cea38906f6b51e7e1a81af/?sid=12320 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 10:41:00 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=lv2a7qv9a8nmmelic2kphf4drj; path=/; domain=.xxxfiles.tv; SameSite=Lax
second_643539=true; expires=Thu, 23-Mar-2023 10:40:59 GMT; Max-Age=0; path=/
kt_qparams=id%3D197379%26dir%3Db00bee6c97cea38906f6b51e7e1a81af%26sid%3D12320; expires=Fri, 24-Mar-2023 10:41:00 GMT; Max-Age=86400; path=/; domain=.xxxfiles.tv; SameSite=Lax
kt_ips=91.90.42.154; expires=Fri, 24-Mar-2023 10:41:00 GMT; Max-Age=86400; path=/; domain=.xxxfiles.tv; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fu34muef%2BjiSSUqYpL%2FzRY0dyuQ0YvTb9E5%2BeyvND%2B%2FD3YfqsqIOQs1RsS4NGmKPtCSzDKM8W9TI43O7fkanOxkVAxhpeFwPp1DmN8%2BuiXdJwICMPSxdNJywwDgFxbuLUD8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac60f3bee151c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16992
Expires: Thu, 23 Mar 2023 15:24:13 GMT
Date: Thu, 23 Mar 2023 10:41:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5100
Expires: Thu, 23 Mar 2023 12:06:01 GMT
Date: Thu, 23 Mar 2023 10:41:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dc2752d83fbed82852248898a132467a
b27a6b4af2e07663a58cafb641513f7224c7a7c3
ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3420
Expires: Thu, 23 Mar 2023 11:38:01 GMT
Date: Thu, 23 Mar 2023 10:41:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 10:15:05 GMT
content-type: application/json
age: 1556
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: D4WNh7VrQNesZTSvVR27Hk0ZINKfKXn0sb2IpK0IP5ciFsS85TDEwem/c+I3KfrZQRIMHGu3OpcIKpJZAc22aA==
x-amz-request-id: 4ZP16SV0B6TWGWDW
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 09:59:54 GMT
age: 2467
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.xxxfiles.tv/vpaid/videojs_5.vast.vpaid.min.js?v=1679568060
104.21.83.6200 OK 32 kB URL HTTP/1.1 www.xxxfiles.tv/vpaid/videojs_5.vast.vpaid.min.js?v=1679568060
IP 104.21.83.6:0
File type ASCII text, with very long lines (32057)
Hash 560633af767972e3920012cbf83c148b
7f4848825c8237cdac326b8ee74ef20fe1531c83
cc2f218efee95ea1599ff2c3879cc93bcf23e974210aef7f56694fa83861e9fa
GET /vpaid/videojs_5.vast.vpaid.min.js?v=1679568060 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/197379/b00bee6c97cea38906f6b51e7e1a81af/?sid=12320
Cookie: PHPSESSID=lv2a7qv9a8nmmelic2kphf4drj; kt_qparams=id%3D197379%26dir%3Db00bee6c97cea38906f6b51e7e1a81af%26sid%3D12320; kt_ips=91.90.42.154
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 10:41:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Nov 2019 11:59:07 GMT
Vary: Accept-Encoding
ETag: W/"5dd52a8b-19ebe"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjN5aKR%2FyWNPokhtJfXQtsgMXpV9C8q9tlpOobIL%2BledY4sxGxBKUw2mWv%2BxqcWWU%2BkAdDYkF2V9uv%2FkjT%2FoZeBBt7yEf9wQHaOHy2q8W3jduz21sPaoaMEtiDKnhOENk%2B4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac60f3f194c1c16-OSL
alt-svc: h2=":443"; ma=60
img.xxxfiles.tv/341000/341235/medium@2x/1.jpg
104.21.83.6200 OK 57 kB URL HTTP/2 img.xxxfiles.tv/341000/341235/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 94b52d23577d98bcef21fac912549126
e85b7431582ba655d342b02e6cb226a1e37f2272
2c1ea5cd009d5ea731cfbb52fc40289f3f311631f47952017f68149b1b70b108
GET /341000/341235/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 56628
last-modified: Tue, 18 Jun 2019 21:49:38 GMT
etag: "5d095c72-dd34"
expires: Thu, 23 Mar 2023 10:50:00 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3061
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxfkmr16No%2B%2F%2BmZ3ce%2FN97dTQxb7t%2BcZcVHJtduY7Ll5MlFSBlArxEHY0Ipz0nf2q7lbtUzIIyoLxmx8YLRVdgW0pflIcbD97AnTId2h9x4Gxz1NDt%2BHmNQTICy%2Fm9ehS54%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3f98f8fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.xxxfiles.tv/vpaid/videojs.vast.vpaid.min.css
172.67.210.53200 OK 773 B URL HTTP/1.1 www.xxxfiles.tv/vpaid/videojs.vast.vpaid.min.css
IP 172.67.210.53:0
File type ASCII text, with very long lines (1935)
Hash 6845152df80dd7d9aeb046f4e4a31772
5cd1f9eb1e2d19f7b0f46ccecf12d658a62ad324
937976cc423649a6506d474e36ee37a9c6dae07ec617296369f106a32159813e
GET /vpaid/videojs.vast.vpaid.min.css HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/197379/b00bee6c97cea38906f6b51e7e1a81af/?sid=12320
Cookie: PHPSESSID=lv2a7qv9a8nmmelic2kphf4drj; kt_qparams=id%3D197379%26dir%3Db00bee6c97cea38906f6b51e7e1a81af%26sid%3D12320; kt_ips=91.90.42.154
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 10:41:01 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Nov 2019 10:54:23 GMT
Vary: Accept-Encoding
ETag: W/"5dd51b5f-7c7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 3891670
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sPMofnpYlE%2BQiBKykriAuU8p0uJCPK5z3cxNKMsltAxQukak%2FaIF%2BtuNy5Krt6KlOYZYjJk0YV4N8RXPH2nIzIae9pu%2B6PC7Vd36u49QRZbBZM2A7HphkUpKAIDztGPTjg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac60f3f985ab4f4-OSL
alt-svc: h2=":443"; ma=60
img.xxxfiles.tv/234000/234940/medium@2x/1.jpg
104.21.83.6200 OK 48 kB URL HTTP/2 img.xxxfiles.tv/234000/234940/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.64.101", baseline, precision 8, 744x420, components 3\012- data
Hash 26ee139643aa35f1ed2d0ba5680f1463
1736ce82dbe04ed2529ddb47caae4a07a16deb73
055945883368712eb292211bdbbc5725e48d41785ba30a9ebf9b758d4fe70cab
GET /234000/234940/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 47579
last-modified: Sat, 08 Feb 2020 18:01:40 GMT
etag: "5e3ef784-b9db"
expires: Thu, 23 Mar 2023 11:06:24 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2077
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeIZmbgyPZRuDKtQMzUMAvQutcAdDvwA2%2FO83e4wbeknzdi%2FuuKEDRqSY7X%2BplXVIplzjlbhVVEVGutBuv8a2f6pwjfhbgI8H%2FmFqbzgnk%2BUaKhMihuLoxDV%2BdgQyu3o3QY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3f98fffab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/190000/190635/medium@2x/1.jpg
104.21.83.6200 OK 29 kB URL HTTP/2 img.xxxfiles.tv/190000/190635/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash ec09b6b9dcf4a0df3a825c5eb2a635ea
c93af53cd47f17aa1eb017fa8eb9f4a6117f3920
be2d72042a6fbaf81b916248b364804d9d8302afb3e282045dea98c35f57f0a8
GET /190000/190635/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 28550
last-modified: Sat, 18 Jan 2020 13:28:11 GMT
etag: "5e2307eb-6f86"
expires: Thu, 23 Mar 2023 11:06:24 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2077
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTChxOLxTAob1%2F4mASz1YkhpQr%2FHQw7OrDdcuw3yV9UBxSrdGr6rQih2RDCLFLeX57TWf68UM%2F1H4dkh5305dldyzpiVrzMKhiM%2BwEXGYkpgqVgm8jJWR7vbOlRxxuVg89E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3f9900fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js
104.17.24.14200 OK 1.7 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js
IP 104.17.24.14:0
Hash 25262966b8186937356da73b4437077e
119334d19971c98dbb41ed0a074df6f9ee76414c
550053ac2111a284edfc27b8c6ed672dea9d9ae72e389e555620e1ab53e3fd78
GET /ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 1675
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04020-18dd"
last-modified: Mon, 04 May 2020 16:17:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 18204600
expires: Tue, 12 Mar 2024 10:41:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJuyzJ9LlqIuGJTb7j3h9Hx5rKylUWbAefLdj%2FTxi9bpBfyqVRtTQJKalojI9cCWNubNhyyMEsZq8BAhy1XzJxKm5vF%2FYemQyxVPfS3%2F6Ln8RMGJPd6l2EAXxJJadgNCkS8RVK0C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ac60f3fbeb30b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/233000/233811/medium@2x/1.jpg
104.21.83.6200 OK 35 kB URL HTTP/2 img.xxxfiles.tv/233000/233811/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash e491260e9fc21964e2811f0db177c62d
8e7ff4bc345dd552f5b1ddfdef67a38e14b69034
49c5782fe7cc5f64c708b9d1e81ea11de503dadc5cae471db10eda8abc9fb80e
GET /233000/233811/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 34885
last-modified: Fri, 07 Feb 2020 22:43:17 GMT
etag: "5e3de805-8845"
expires: Thu, 23 Mar 2023 11:30:55 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 606
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNqKax8E7r4uBWppF7kcJUbAgViJuZOFxNVCmZMLVAXOeKumxE074x8qr4AQtX3N5Ti2ijeco%2Bu0w7VOQkf2MaA%2F0ipzpw7Ei%2F3Lymww6WV%2FPUvQ69WnTzT9kloO2fd4WEo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3f9902fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/340000/340709/medium@2x/1.jpg
104.21.83.6200 OK 44 kB URL HTTP/2 img.xxxfiles.tv/340000/340709/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash a2a2dd1e4704f12f30618ccd1578be66
c053ce7dddd10ad3b8fad28e33868be07bbd4a87
0ae93f55c289d318a2d09a61fdeff6c691d645604a7a18ca006b48cafbb00a38
GET /340000/340709/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 44312
last-modified: Thu, 06 Jun 2019 04:02:31 GMT
etag: "5cf89057-ad18"
expires: Thu, 23 Mar 2023 11:40:53 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 8
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Beo9LwAcMHfsgIVoZPAhW5XCVxYKJeHyKbvu5QdG1JfRQ6xJ7mRm3wcFpvJG3384wujvJOTco%2FV7Y7Z2p3T5JdorQOmisXzF09yiZH%2FBIEYAYiLgd%2BJjfKTvxl6wTbWVEP8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3f98f9fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/340000/340431/medium@2x/1.jpg
104.21.83.6200 OK 24 kB URL HTTP/2 img.xxxfiles.tv/340000/340431/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash bdc84a0892914ef080d7fd6a2f24583e
561469abb32b2226e152d3336d22865f2549bf86
024b55049dcd90d9c2ec04f8ee3a7bb825a01d8bdcb3c37de0ecb3cc99ffdafe
GET /340000/340431/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 23913
last-modified: Sat, 25 May 2019 20:41:53 GMT
etag: "5ce9a891-5d69"
expires: Thu, 23 Mar 2023 10:42:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3503
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NF1ec1ZBWRFSqbSPfIEl7SkTBqgYGYERcoa14kot5QOXntLBzSJeZjCcoAc6FZlqnlIwhGMujULtXcJZ0fQVPf5hok0%2FNiI7TWVOcRrv%2BWbm8RQlTDm3m9qzZo%2FA6Hx83wU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3fa91efab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/141000/141149/medium@2x/1.jpg
104.21.83.6200 OK 36 kB URL HTTP/2 img.xxxfiles.tv/141000/141149/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 7a58abdc51b06e1013a9f5c86fcb9844
8b4e831514243858640dff77be3f9095fbf99f17
d1b44d4fcaa208176b88ad423f2ed5f6a60354022a8b40bd05d8edd6e02ef817
GET /141000/141149/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 35866
last-modified: Mon, 18 Nov 2019 19:27:08 GMT
etag: "5dd2f08c-8c1a"
expires: Thu, 23 Mar 2023 10:41:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwqC1%2F1nwN3U1l%2B%2BKo6dc%2BOOJL9Vd4uPXMLqjJ%2F2baulLh83%2BDbaCP2xrYY%2FSIjjVxofM9rDliywrKNAjC%2BKf3XE%2Fcp5kEpWrceMX5eBgYIu5bJ7kdnwxwF2ysjitwQhTw0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3f9907fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/341000/341793/medium@2x/1.jpg
104.21.83.6200 OK 45 kB URL HTTP/2 img.xxxfiles.tv/341000/341793/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash bf05c3d3a6e7609f797260c4c7d0d077
884629c96961478ba8516310dde9aeb405306d63
3b6c51791efb19955231e39df3aa2d7577e140ffebc10524b8440304d45d634a
GET /341000/341793/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 45107
last-modified: Sat, 22 Jun 2019 23:09:18 GMT
etag: "5d0eb51e-b033"
expires: Thu, 23 Mar 2023 10:43:02 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3479
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hf2GvUG1o5kdd3jpAVu3Le6nDEpFDb%2Fncp8ShuZ6iSzQgXvEqugWxZdaHPJBealzOiXAMvPLIQDr73FZDNqA9E1Z93I5TtB39Pr4IwdDTr6Ce%2BLPjvJ19XID0LPgStO9gF4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3f98fefab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/341000/341806/medium@2x/1.jpg
104.21.83.6200 OK 47 kB URL HTTP/2 img.xxxfiles.tv/341000/341806/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 7b3c30314d5d4a774ec504e65f018f59
eb09c7c9b966120e87c5dd1011e6aabcdb0931cc
3856e7c2beb11c6e3eeac35f3b496d54a07406da802cd53faf9926580b9a604a
GET /341000/341806/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 46960
last-modified: Sun, 23 Jun 2019 00:37:59 GMT
etag: "5d0ec9e7-b770"
expires: Thu, 23 Mar 2023 11:32:36 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 505
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKpHB6vpuGXnvbb6OZZ4bBOSZg0z2VOyyi0lyYzpqZAPrIKAJv0offOScGKt7xGYHUAGa68q5TQfbki14FNYbwAr9TlLVCJmv9RQdHxoRzZN0RDV64j2nmBBrhSDw%2BwRINA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3f9901fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/139000/139160/medium@2x/1.jpg
104.21.83.6200 OK 37 kB URL HTTP/2 img.xxxfiles.tv/139000/139160/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 28d999d98837d9545ef3450255cd862d
fedfdd885140d0dc6ea1c90cca4310e1a0e36d4d
5cceaa5c93799242f7249d2476a9a3ca1c5772bd6db1a90772db657ac9d1a5e8
GET /139000/139160/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 37346
last-modified: Sat, 09 Nov 2019 10:52:42 GMT
etag: "5dc69a7a-91e2"
expires: Thu, 23 Mar 2023 10:57:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2603
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUFRL4vz1zsbA00oyWK5f2CBWcYxQ69odl93whZd3drpLqh5SwydHNKGLyrvSLArxcODzjghXy6lLWYho1VdPpoxH8acopL1tj2Nuw3qHHwvkxLE3q2fn9Ou5IlQE5HrSgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3f990bfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/145000/145463/medium@2x/1.jpg
104.21.83.6200 OK 38 kB URL HTTP/2 img.xxxfiles.tv/145000/145463/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.64.101", baseline, precision 8, 744x420, components 3\012- data
Hash c30c7b692149d96f75f9a7870334381f
37213e49a51e2165663468e02cfdd8cbabde697a
697cb70dff641bd4451d0ecdf99bd9e967a769484f8b3a7213325c1ec3ec3cc4
GET /145000/145463/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 38370
last-modified: Thu, 28 Nov 2019 17:55:27 GMT
etag: "5de00a0f-95e2"
expires: Thu, 23 Mar 2023 10:53:06 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2875
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAC5%2B3gvTU%2FrIjWFZDKONwiY%2F%2FZXzmOzkuZfSljjyXOv0PmLo%2Bg810Haq0kEQ6ljLiQHQ17gT9zEdbypDLz03Mhe7RW5hAP7CO465mAhE1Izto%2BpmjkcqD860YgmuZEXpks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3f9904fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/486000/486581/medium@2x/1.jpg
104.21.83.6200 OK 40 kB URL HTTP/2 img.xxxfiles.tv/486000/486581/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 4ba95ca8b16fdb19edef29f4cec48546
b229d4e77bd164511d0c3c2001f0a718fc7b28d1
e14fe0d08522f9fe544357a2262b3a4c4b4f42c226e2a2e99147575899551d72
GET /486000/486581/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 39840
last-modified: Thu, 11 Jun 2020 19:47:04 GMT
etag: "5ee28a38-9ba0"
expires: Thu, 23 Mar 2023 11:06:24 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2077
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOp2RVzzpzInh5ydqPhPcXt3oOfHPLn6OLG6ws4A4REE80OpJS1rTcyyF7ztwZnlftbKhUNZjpGrC9wd76UktxHsPjjSJU3XGXgFR1V3RElGpxeQEa6%2BTEhgiiSQh73dzwU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3f9906fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css
104.17.24.14200 OK 256 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css
IP 104.17.24.14:0
Hash 098110bd3ec60e725e6ac659dec292f3
2079d41c25bec276e4dcd4dcbc3c2cdd5c8cad25
13a4726b6560cb70580a6535e9b165bf3c0a447ea054c844043668d1e2ef5e6e
GET /ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: text/css; charset=utf-8
content-length: 256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04020-36a"
last-modified: Mon, 04 May 2020 16:17:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4794312
expires: Tue, 12 Mar 2024 10:41:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMjrNX5w2KHMKCiUw8%2BFRojJT6qNQCmJ%2FsAgIoIvme2%2B4USDMSXcTuw0lhMOoLVg7bJkTkWKZDCeLu7kDbPHxsh99oHa7gducycaXQU%2FBmEleCaX%2BEghBJL%2F%2FVzArrCilz6B9Eys"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ac60f3ffefb0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/341000/341095/medium@2x/1.jpg
104.21.83.6200 OK 35 kB URL HTTP/2 img.xxxfiles.tv/341000/341095/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash ae388b4a73438f9c655b1ead1d579349
811b137e0e98c20eeda53ad785a26fb44192a5da
18e8e993d985eecb10573c531eaedb50466741a5c106fe4632397827d8ae464d
GET /341000/341095/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 35119
last-modified: Tue, 28 May 2019 11:11:18 GMT
etag: "5ced1756-892f"
expires: Thu, 23 Mar 2023 11:06:24 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2077
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4M87UuffkToxkDlx%2Bcq%2FkNQLdbQrKE47hd7P4h75zlZTtVSwLH4qkmUWXLlolSqCcwdkhUYMoteUIKLsG%2BPU6rbjVGKRFPielLBPMhB%2BtIR2qpA1fX5ZidK9KLR024lUVes%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3fb91ffab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
umtpopxcsedc.cdnvideo3.com/XEXvawa.js
135.181.208.216200 OK 84 kB URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/XEXvawa.js
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Hash f50336155bdf901f1f45c7bf45c04fa1
e1083672c69884c282c2cd78d18c39ebc2b2c846
83bf7b90f99ac4712f869829c476050e55400a0dac43833024c725662742da92
GET /XEXvawa.js HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 10 Mar 2023 13:42:03 GMT
ETag: W/"640b33ab-48b80"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Vary: Accept-Encoding, Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b56f9b741cabfa29551ca2899d93a1e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HEL50-C1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: l9BH16U92kRFy8TFMKcd78pVbyLihKqGUUGEOPk3gcQcElo2BYZ7Gw==
Age: 223
Content-Encoding: gzip
umtpopxcsedc.cdnvideo3.com/8sq5gA5.js
135.181.208.216200 OK 54 kB URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/8sq5gA5.js
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65472), with no line terminators
Hash 5a64e3f375db76051a905aa77cedd42a
14dad3649b1a5da59b1b47f28433c7b43689de14
1a0a5990f673f35991e6d29d8d0a0793cee38eb7d183bbef993951f9bf60a4b9
GET /8sq5gA5.js HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 10 Mar 2023 13:42:03 GMT
ETag: W/"640b33ab-2af50"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Vary: Accept-Encoding, Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 990cfd108795128378d881c92b299b66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HEL50-C1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: dbGB7pUpPanx_dXTslzRIaw2rwX8LboRMf5BACpQ6-lr96Eow5r-Zw==
Age: 266
Content-Encoding: gzip
umtpopxcsedc.cdnvideo3.com/Ka0q1Ad.js
135.181.208.216200 OK 84 kB URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/Ka0q1Ad.js
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Hash f50336155bdf901f1f45c7bf45c04fa1
e1083672c69884c282c2cd78d18c39ebc2b2c846
83bf7b90f99ac4712f869829c476050e55400a0dac43833024c725662742da92
GET /Ka0q1Ad.js HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 10 Mar 2023 13:42:03 GMT
ETag: W/"640b33ab-48b80"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Vary: Accept-Encoding, Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b56f9b741cabfa29551ca2899d93a1e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HEL50-C1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: l9BH16U92kRFy8TFMKcd78pVbyLihKqGUUGEOPk3gcQcElo2BYZ7Gw==
Age: 223
Content-Encoding: gzip
cdn.jsdelivr.net/npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css
151.101.193.229200 OK 375 B URL HTTP/2 cdn.jsdelivr.net/npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css
IP 151.101.193.229:0
File type ASCII text, with very long lines (449)
Hash fbee40477e7809313d67c319f6e37207
8d1b0f7bd1ef8c80d03b44e6163ba7943fcefe96
382c00fcf41cf8def634c66b83a204657e7aad57485c880277b27e62c2b457cd
GET /npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.1.2
x-jsd-version-type: version
etag: W/"299-rLWKZXMtTX2vbGY6rnhXUEYaKx8"
content-encoding: br
accept-ranges: bytes
date: Thu, 23 Mar 2023 10:41:02 GMT
age: 682877
x-served-by: cache-fra-eddf8230075-FRA, cache-bma1682-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 375
X-Firefox-Spdy: h2
img.xxxfiles.tv/339000/339870/medium@2x/1.jpg
104.21.83.6200 OK 36 kB URL HTTP/2 img.xxxfiles.tv/339000/339870/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 4023be675482b58cf51f2a7785145f5b
9c509555b2e7ca23b8878e20c5e7f15e858ab87b
54be9c734eedba4d4b4e9f983c1d1ded3ca95b9ea0e56237f07a78e0f2ba41d0
GET /339000/339870/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 35829
last-modified: Sat, 25 May 2019 21:40:45 GMT
etag: "5ce9b65d-8bf5"
expires: Thu, 23 Mar 2023 11:41:01 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjEfW%2BRUOIHh71VT1O4021jywdRWT20i0%2Be9Z0RVpE6trt%2F%2FhtUxQVMNieuIGWoYQbsaSiWumMX4NhgRRe7NEAOGTUanUxGafVJtwvaVakdC4cOxz4UzsvdUV%2Bmk6cbZQFw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3f9908fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/193000/193692/medium@2x/1.jpg
104.21.83.6200 OK 68 kB URL HTTP/2 img.xxxfiles.tv/193000/193692/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 2e606971868c198057fffcd0fdbe63c4
f956197643861c4332037a859ed59b30b1b450c9
22f2fed810c10e3236c412aef9e965c78e7f4c1a8537a361d5ee465317175271
GET /193000/193692/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 67716
last-modified: Sun, 19 Jan 2020 19:34:33 GMT
etag: "5e24af49-10884"
expires: Thu, 23 Mar 2023 11:32:36 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 505
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmcdvyrT2rJ3u3b1%2F%2FD72BWNGgAysniOmm0PqTzyGxC64QZlEsci3F8t4GoYbWwzxLTp0QF0kJ8g77Ow88SfyleGCeJ6m8z6AoOJq2dkqwAzkzS5h6WDvmc%2F6MEgTjZ%2Fmt0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f40396bfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/197000/197379/medium@2x/1.jpg
104.21.83.6200 OK 52 kB URL HTTP/2 img.xxxfiles.tv/197000/197379/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 0e624a2c2e31513e0e170ebad0f5dad4
61ff4e76be5f49d53bf44cbc5ccf80fba8f8528b
375f55c4589d906598df6a45945f76e2056b766744b005f088ee100dfe987e24
GET /197000/197379/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 51584
last-modified: Wed, 22 Jan 2020 14:20:31 GMT
etag: "5e285a2f-c980"
expires: Thu, 23 Mar 2023 11:41:01 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuDM%2Bjceh7VKBQXGPgni8drYszJ1ur%2BLTMH8KYjZTXjp34AGEuDRejBCLhemwH7F0GNBwd2hRKjW74Q%2B0ISK0J4UQFdjN%2FZVZkdLEYhgJujfObprmL%2FFxjQThm0v2PrKQWA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f3f990afab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/196000/196362/medium@2x/1.jpg
104.21.83.6200 OK 46 kB URL HTTP/2 img.xxxfiles.tv/196000/196362/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 8b240c17d6c70e935f354fa674acd313
44fb247738f1b98f2cb6aa3dd50e24c04cbcdcbd
ee0d4f7fea74cec2a1078aca7d6b2d6bb1b497b7ba9f28a28c9e6e4281b936de
GET /196000/196362/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 46167
last-modified: Mon, 20 Jan 2020 19:54:43 GMT
etag: "5e260583-b457"
expires: Thu, 23 Mar 2023 11:06:24 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2077
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4U%2FXLWTHxxt%2FE4e5EcOjgiF8G9jF3vfIDiSJHxC6q1KzmKpsCsli7W2pM4DZk9fw7HreRDcPRVLiZXoFmBekwi036ECozNOKlHOJuKFqBIr1yt2ttKIb2VLUwiGRxK9PbzM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f403968fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
151.101.193.229200 OK 2.0 kB URL HTTP/2 cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
IP 151.101.193.229:0
File type ASCII text, with very long lines (1619)
Hash 45f12de4d7b95a193ecdc5cfde664bb9
ee9541cf1a95d2a885f8b143a105caaa08ca9c9d
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
GET /npm/js-cookie@2/src/js.cookie.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.2.1
x-jsd-version-type: version
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
accept-ranges: bytes
date: Thu, 23 Mar 2023 10:41:02 GMT
age: 34876
x-served-by: cache-fra-eddf8230099-FRA, cache-bma1682-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1951
X-Firefox-Spdy: h2
img.xxxfiles.tv/225000/225571/medium@2x/1.jpg
104.21.83.6200 OK 39 kB URL HTTP/2 img.xxxfiles.tv/225000/225571/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 85df5f21305f5875f34ecdabc5123c0c
b413d27c6ab59a340e209fe03f5f596573241ea3
1ce62e04f80965448f761c4bc0ba340587f70131b81628dd933ef257adde6ee5
GET /225000/225571/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 39294
last-modified: Sun, 02 Feb 2020 12:08:28 GMT
etag: "5e36bbbc-997e"
expires: Thu, 23 Mar 2023 11:01:05 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2396
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mH3HGXnXFwYVTf6T7ERyiCS9vNClwqUwEblPH%2FyIgNfz3wu%2FdgNGl9U37aL4w5xxCuzlwMp2z%2BxqmgheSl8ELvtRSwl%2FyuliDdnTcqrAK8UtVm1ic%2Fgl6fcWWgX2poRz2vE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f404975fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vjs.zencdn.net/7.5.5/video-js.css
151.101.130.217200 OK 10 kB URL HTTP/2 vjs.zencdn.net/7.5.5/video-js.css
IP 151.101.130.217:0
File type ASCII text, with very long lines (5636)
Hash 63ef1aa5ef8f1bb4fcb8019a9ad157cd
9cbb2b320cce447d40e3af5118042587263158d5
d5b5c765198056aece9fbee1b43a9873a8a6e0fe6a954f48d001bc030e106146
GET /7.5.5/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 13 Jun 2019 18:18:21 GMT
etag: "29daa9b197765c0111b16939ce1264a9"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Thu, 23 Mar 2023 10:41:02 GMT
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 122
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10533
X-Firefox-Spdy: h2
img.xxxfiles.tv/318000/318404/medium@2x/1.jpg
104.21.83.6200 OK 44 kB URL HTTP/2 img.xxxfiles.tv/318000/318404/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 996527fa0089f567add707eff31d254b
831798b8353842b7b161a48da52e6343387fe113
678f91f7cfd17264f46872fce561cbb55404d986717de12499e6542f3cf381bf
GET /318000/318404/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 43474
last-modified: Sun, 22 Dec 2019 18:40:31 GMT
etag: "5dffb89f-a9d2"
expires: Thu, 23 Mar 2023 11:02:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2337
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuX1c9LOW5tZ5udNzKHZmq55rryVilBdgl8tzIag3aF2ddAXcZfWR8bB%2FSxWc%2Bjcm6xhve2b9mD4AlA5bwdUksOUZtXJo1aza%2Bg%2FDboRzhLXpGepItxx0287xKciJv4ecVM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f40597cfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/186000/186921/medium@2x/1.jpg
104.21.83.6200 OK 62 kB URL HTTP/2 img.xxxfiles.tv/186000/186921/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 7925cc8a7374afd36f013b142a16ccba
d60f5dbb03cefcc0047349703908622f26e8b7e8
7124b55730bb07a3a4bfd48f4742196db58883b89031c0df47c7c9518f535e81
GET /186000/186921/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 61454
last-modified: Thu, 16 Jan 2020 21:35:59 GMT
etag: "5e20d73f-f00e"
expires: Thu, 23 Mar 2023 11:41:01 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVTgEmYld0fDr5WEfwiTDt68jjvJeN6yhzdBn43EV5Vc1JYg7rVbTYglQDyen0FCMfVIU2Ep4%2BGFIHlYjj43ninxizMQR5X2bzv4D7wM0anSpwAKmy3SacNCWjz0SRTvUrc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f403969fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.xxxfiles.tv/197000/197323/medium@2x/1.jpg
104.21.83.6200 OK 45 kB URL HTTP/2 img.xxxfiles.tv/197000/197323/medium@2x/1.jpg
IP 104.21.83.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 694b04031cd62d14a03271f3b62858c1
4cc4e063d236e9f43570ad5600b2d1bb18f44801
e7adb95e85553c65e8cc93726939ce15671a85983efc5c51e917b878e7905714
GET /197000/197323/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: image/jpeg
content-length: 44889
last-modified: Wed, 22 Jan 2020 14:08:45 GMT
etag: "5e28576d-af59"
expires: Thu, 23 Mar 2023 11:41:01 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnYPdCX8iIEVeTc4SgwSfaD7hFXPrdH7%2Fgl9wkNJUesrAJ4IFW3ILyjctxMlrOIlhZbAWl1Sq88sPfm2Sgpg3Hgfq4i1ZWS4qiNgExdlOWNio37snGj7hDoPnKJnXFT%2FJb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f404974fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash d334b2e139db934c7f913c22e9d1deac
51012798599e3750df5f69af26e54e82f8f7b060
8833ec7562c59c89649f3c820922c7058210703ff2a983faf2cb99a415b77949
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 10:41:02 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "EAF3015C71DD81E9886E2F38E7EDF89AD5DB72AB"
Expires: Thu, 23 Mar 2023 21:00:00 GMT
Last-Modified: Thu, 23 Mar 2023 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1497
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac60f47bf29b505-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 10:14:33 GMT
age: 1589
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 10:41:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 10:41:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unpkg.com/silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js
104.16.125.175200 OK 11 kB URL HTTP/2 unpkg.com/silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js
IP 104.16.125.175:0
File type ASCII text, with very long lines (21159)
Hash 896ac0b53ef4e73766707be5cd1f68de
50000cb1c180c0a54c69271a670b5023bacd18d4
809d6abceb8082a8c6a33f4baea7dba373a0edc3a63e8198f766174aaba58291
GET /silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:02 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Wed, 10 Jan 2018 00:56:00 GMT
etag: W/"5329-e6FW82qZOTCVRh707R8p5aJnMuY"
via: 1.1 fly.io
fly-request-id: 01G7549ZE3WWN11S6HGDRQ6KSN-fra
cf-cache-status: HIT
age: 22612084
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7ac60f46ecf1b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
umtpopxcsedc.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 4.5 kB URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (3198)
Hash 7d58cc23403f7763778e274412af514e
0abf3a7b8cbdd20444ca60a01eabeeebd6a3ba39
cce012b016c29aafd48090b967ee5383913739516421edbd9f4ce2f8415a891e
GET /api/spots/329584?p=1&s1=%subid1%&kw= HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=6yGq6n3jkmrgWmILYo96; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
umtpopxcsedc.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 4.5 kB URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (3198)
Hash d83f495bc89b2fd3edfe06acc09d65b8
9acf75b0810643cb379343d1135c944ce87222fd
836481c29ee3d34d8fede87917bda4bfa534c431bf860ff4c17f0e1885089295
GET /api/spots/329585?p=1&s1=%subid1%&kw= HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=wjUiZzbG11zLEOuHy5tv; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
fonts.googleapis.com/css?family=Roboto:300,400,700
142.250.74.74200 OK 24 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700
IP 142.250.74.74:0
Hash c8896fa7c5e9036a719dc898f3a50b90
19512f6871992718751b4f425bc2bf042098b0ab
2e25914600a50bef02484db0334a45c378ba5ea1ba64b09e90211679e82979f4
GET /css?family=Roboto:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xxxfiles.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Mar 2023 10:41:02 GMT
date: Thu, 23 Mar 2023 10:41:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
badgegirdle.com/f1/55/8e/f1558eeca431d45f5f8240bae243d8b1.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 badgegirdle.com/f1/55/8e/f1558eeca431d45f5f8240bae243d8b1.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37158), with no line terminators
Hash 515c2c84de9223c1e72b0b79588cb268
6cbe9d93b331f44c0e261109bcff627a6faa22d1
159f24065c8a7cc0091f56bb842434229fe9fffdcb68ddd96444117401fd3c4f
Analyzer Verdict Alert quad9 Sinkholed
GET /f1/55/8e/f1558eeca431d45f5f8240bae243d8b1.js HTTP/1.1
Host: badgegirdle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 23 Mar 2023 10:41:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a2a7e7131e73eeafb30a1a28ce380f9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
umtpopxcsedc.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 3.5 kB URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Hash db121587e15b8811b0ec44da427f0c77
c9d98c05ecf44f43224d5a4e7442233236e7034f
6c1079ce31a2b78d6dbcdd3e8c173d16b8b4dd93bb859614c55b9eb1acdef3f4
GET /api/spots/329586?p=1&s1=%subid1%&kw= HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=nilKH36tMTwJlVkjnalb; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
badgegirdle.com/e5/a3/67/e5a3678a1d1bb8a6b0d93a9a41a239f8.js
192.243.59.12200 OK 21 kB URL HTTP/1.1 badgegirdle.com/e5/a3/67/e5a3678a1d1bb8a6b0d93a9a41a239f8.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60171), with no line terminators
Hash b3b2516c7f97c0a0c6f9d881ef9ec93a
da989933ebb349adeb59b9b8773de8bf1b8f88a4
5bce7a9cf252e56800fa79809ae3b202b8392c3ba986feb3249cff51a1a3c0ec
Analyzer Verdict Alert quad9 Sinkholed
GET /e5/a3/67/e5a3678a1d1bb8a6b0d93a9a41a239f8.js HTTP/1.1
Host: badgegirdle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 23 Mar 2023 10:41:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c48997169d59ff4ee8e8951f0a925edf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18788
Expires: Thu, 23 Mar 2023 15:54:10 GMT
Date: Thu, 23 Mar 2023 10:41:02 GMT
Connection: keep-alive
umtpopxcsedc.cdnvideo3.com/api/spots/377391?v2=1&fill=0&kw=Masturbation%2Cyoung%2CSquirt%2Csquirting%2CSolo%2CFisting%2Cpublic%20nudity%2Cdancing%20scenes%2Cextreme%20closeups%2Cmasturbation%20to%20orgasm%2Cother%20stuffing%2Cupskirt%20in%20public%2Cftvgirls.com%2Cvagina%20gaping%20closeups%2Clong%20labia%20and%20stretching%2CEllie&s1=%25subid1%25&s2=%25subid2%25&i=1
135.181.208.216200 OK 638 B URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/api/spots/377391?v2=1&fill=0&kw=Masturbation%2Cyoung%2CSquirt%2Csquirting%2CSolo%2CFisting%2Cpublic%20nudity%2Cdancing%20scenes%2Cextreme%20closeups%2Cmasturbation%20to%20orgasm%2Cother%20stuffing%2Cupskirt%20in%20public%2Cftvgirls.com%2Cvagina%20gaping%20closeups%2Clong%20labia%20and%20stretching%2CEllie&s1=%25subid1%25&s2=%25subid2%25&i=1
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (342)
Hash 23bccaed71d8d3d4b5c3ca0a4e85de6b
f8382a35a8e1603823e15f1c65daf5e14d5e9201
0e539f2efbd1fab848de6d9b7acec40d42c423760c5f1c71430dd6f32e9f1583
GET /api/spots/377391?v2=1&fill=0&kw=Masturbation%2Cyoung%2CSquirt%2Csquirting%2CSolo%2CFisting%2Cpublic%20nudity%2Cdancing%20scenes%2Cextreme%20closeups%2Cmasturbation%20to%20orgasm%2Cother%20stuffing%2Cupskirt%20in%20public%2Cftvgirls.com%2Cvagina%20gaping%20closeups%2Clong%20labia%20and%20stretching%2CEllie&s1=%25subid1%25&s2=%25subid2%25&i=1 HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:02 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Access-Control-Expose-Headers: X-Asg-Config, X-t
Set-Cookie: nauid=oooNewL9X1MbBFClwBgX; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
X-T: 0
Cache-Control: private
Content-Encoding: gzip
umtpopxcsedc.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 4.5 kB URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (3198)
Hash 825835ccb210956b792a87ee9b42c50d
ac0e9333ae82fdd9e52cb4d1b2f45752acca0ecd
51686120f17feafa5a72329f0f430d70ccde6d4919352792322778c863bac17a
GET /api/spots/329591?p=1&s1=%subid1%&kw= HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=RUyHfk99L1O4nKvEejV4; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
badgegirdle.com/63/d4/5b/63d45b685911cef3b8cc3d1d1550bf85.js
192.243.59.12200 OK 21 kB URL HTTP/1.1 badgegirdle.com/63/d4/5b/63d45b685911cef3b8cc3d1d1550bf85.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60177), with no line terminators
Hash 103ed3fc209246a579c5049ca7c3f19f
985ceb22d0047d19cf915219f8ca19bc5e9cd0bf
5d1392614e074ebad36e23bbf035daa8191a92bb0e58ac670a3cc5d05f49465f
Analyzer Verdict Alert quad9 Sinkholed
GET /63/d4/5b/63d45b685911cef3b8cc3d1d1550bf85.js HTTP/1.1
Host: badgegirdle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 23 Mar 2023 10:41:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9efca72c95ce33659231205b29d4d7b4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 10:41:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 10:41:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 10:41:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 14:12:20 GMT
expires: Tue, 19 Mar 2024 14:12:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 246523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 59752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 59752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 10:41:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
umtpopxcsedc.cdnvideo3.com/api/spots/320559?v2=1&fill=0&kw=Masturbation%2Cyoung%2CSquirt%2Csquirting%2CSolo%2CFisting%2Cpublic%20nudity%2Cdancing%20scenes%2Cextreme%20closeups%2Cmasturbation%20to%20orgasm%2Cother%20stuffing%2Cupskirt%20in%20public%2Cftvgirls.com%2Cvagina%20gaping%20closeups%2Clong%20labia%20and%20stretching%2CEllie&s1=%25subid1%25&s2=%25subid2%25&i=1
135.181.208.216200 OK 618 B URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/api/spots/320559?v2=1&fill=0&kw=Masturbation%2Cyoung%2CSquirt%2Csquirting%2CSolo%2CFisting%2Cpublic%20nudity%2Cdancing%20scenes%2Cextreme%20closeups%2Cmasturbation%20to%20orgasm%2Cother%20stuffing%2Cupskirt%20in%20public%2Cftvgirls.com%2Cvagina%20gaping%20closeups%2Clong%20labia%20and%20stretching%2CEllie&s1=%25subid1%25&s2=%25subid2%25&i=1
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (340)
Hash e9dcf5683ba9c9a3bf714aa365e58dde
0142f8cc69d7079aa7c5ae0c1f539dd0cd17299d
cdb1b94022dacb8ba97c45060c40723e6e4fec3fd772e9e34474671d724ee736
GET /api/spots/320559?v2=1&fill=0&kw=Masturbation%2Cyoung%2CSquirt%2Csquirting%2CSolo%2CFisting%2Cpublic%20nudity%2Cdancing%20scenes%2Cextreme%20closeups%2Cmasturbation%20to%20orgasm%2Cother%20stuffing%2Cupskirt%20in%20public%2Cftvgirls.com%2Cvagina%20gaping%20closeups%2Clong%20labia%20and%20stretching%2CEllie&s1=%25subid1%25&s2=%25subid2%25&i=1 HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Access-Control-Expose-Headers: X-Asg-Config, X-t
Set-Cookie: nauid=CsJFIZpdqQcCIw7Nr6K2; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
X-T: 0
Cache-Control: private
Content-Encoding: gzip
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 408e5e3019d3a14451bc72de4059268f
43593f0f7c57f188d239efed89adc3e71a264008
e5d9d7dc91d8a926a40e5a5f42664ab5812224f3f6359b50f3db1551768ddeec
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113986
Date: Thu, 23 Mar 2023 10:41:03 GMT
Etag: "641b2d57-1d7"
Expires: Fri, 24 Mar 2023 18:20:49 GMT
Last-Modified: Wed, 22 Mar 2023 16:31:19 GMT
Server: ECAcc (nya/79CE)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KD4vSbQmEzWzea7KKbMRYvV34G336VuZr5TXu-xRYjbi6Xm1ymtUKw==
Age: 6570
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 408e5e3019d3a14451bc72de4059268f
43593f0f7c57f188d239efed89adc3e71a264008
e5d9d7dc91d8a926a40e5a5f42664ab5812224f3f6359b50f3db1551768ddeec
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 23 Mar 2023 10:41:03 GMT
Last-Modified: Thu, 23 Mar 2023 09:30:43 GMT
Server: ECAcc (bsa/EACA)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rnit73-bWnLJFJ-PSbeASU4iHUiQNLZoMxS9HRRW2euGgRYXa73vwg==
Age: 4220
www.xxxfiles.tv/videos/197379/b00bee6c97cea38906f6b51e7e1a81af/?sid=12320&video_id=197379&mode=async&action=js_stats&rand=1679568070988
172.67.210.53200 OK 43 B URL HTTP/1.1 www.xxxfiles.tv/videos/197379/b00bee6c97cea38906f6b51e7e1a81af/?sid=12320&video_id=197379&mode=async&action=js_stats&rand=1679568070988
IP 172.67.210.53:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /videos/197379/b00bee6c97cea38906f6b51e7e1a81af/?sid=12320&video_id=197379&mode=async&action=js_stats&rand=1679568070988 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/197379/b00bee6c97cea38906f6b51e7e1a81af/?sid=12320
Cookie: PHPSESSID=lv2a7qv9a8nmmelic2kphf4drj; kt_qparams=id%3D197379%26dir%3Db00bee6c97cea38906f6b51e7e1a81af%26sid%3D12320; kt_ips=91.90.42.154; show_pops2=true2; show_pops1=true1; ppu_show_on_63d45b685911cef3b8cc3d1d1550bf85=1; kt_tcookie=1
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: kt_is_visited=1; expires=Fri, 24-Mar-2023 10:41:03 GMT; Max-Age=86400; path=/; domain=.xxxfiles.tv; SameSite=Lax
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46N04SDyQHp38PKjddzZTr4vDZ6rG%2BPUVp5KBNT%2B6iycyekHENj4YaLcafLjV28E94NKyFAxUjjKCcdFltJoDgOzroSlyDqkfZRonU6gnfh%2BA1XOvUOAQQkgQldiMJKLvGk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac60f4b0990b4f4-OSL
alt-svc: h2=":443"; ma=60
simplewebanalysis.com/stats
18.195.128.32200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.195.128.32:0
File type ASCII text, with no line terminators
Hash dccf1fcd772fa3ee1a78a000b0c66f4f
405335d9ef1d7ad12dc8f61df3f57362296f7df3
882e3fd1790d523e263d123eefb2a5ac5a40f19c1fcd29e40ba3fcc0adb4ff7d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-credentials: true
set-cookie: uid_id2=8544be09-b076-42f9-9e84-23ce2c35be5a:1:1; expires=Sun, 20 Mar 2033 10:41:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.195.128.32200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.195.128.32:0
File type ASCII text, with no line terminators
Hash b5797a50db295185995d391d2877db4a
b476ec70a0347c7dc4e4b69009293d1f04c6dfe3
75b028bc6fea8c866cf3585f440fe44c02a9a1717eb180726f190ad65b849d1d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-credentials: true
set-cookie: uid_id2=921c37b7-0ac6-4d10-9836-9f2e7943eb77:2:1; expires=Sun, 20 Mar 2033 10:41:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 408e5e3019d3a14451bc72de4059268f
43593f0f7c57f188d239efed89adc3e71a264008
e5d9d7dc91d8a926a40e5a5f42664ab5812224f3f6359b50f3db1551768ddeec
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111373
Date: Thu, 23 Mar 2023 10:41:03 GMT
Etag: "641b2d57-1d7"
Expires: Fri, 24 Mar 2023 17:37:16 GMT
Last-Modified: Wed, 22 Mar 2023 16:31:19 GMT
Server: ECAcc (nya/1C5E)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: I3XR2cnVfOtAlB8aZprwngHJn6PJCc3aW2NOb7VsfIjZaGqGflHpYg==
Age: 3957
push.services.mozilla.com/
44.236.143.193101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.143.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z7x8lXUqUCK+X+QBdW25QA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: l00OZoJJxwTLbm6mfXzTGB5avfg=
umtpopxcsedc.cdnvideo3.com/api/click/8249925479340608095?c=90
135.181.208.216200 OK 0 B URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/api/click/8249925479340608095?c=90
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/8249925479340608095?c=90 HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://umtpopxcsedc.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
umtpopxcsedc.cdnvideo3.com/api/click/11372259722972771095?c=90
135.181.208.216200 OK 0 B URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/api/click/11372259722972771095?c=90
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/11372259722972771095?c=90 HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://umtpopxcsedc.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
simplewebanalysis.com/stats
18.195.128.32200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.195.128.32:0
File type ASCII text, with no line terminators
Hash 99c3fe365e243b6f3d60243f48108ea2
de2c7d37702b7963ae1eda0cfb811294c95f38e7
dc5ca2ab3e622d95232ee0e5260ddd3329d0549de98dc204f0052838bfa52343
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-credentials: true
set-cookie: uid_id2=042b4a7f-853d-4f05-bada-bdd7ab307950:3:1; expires=Sun, 20 Mar 2033 10:41:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
a.realsrv.com/ad-provider.js
185.76.9.19200 OK 24 kB URL HTTP/2 a.realsrv.com/ad-provider.js
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (52886)
Hash 90c98f37ccbcd27cb150838d235b26ab
07428670b2a14bec9e509e8042d8c06fd486d880
02b7254f245f09cb466acb84ebac7e41dcd995e4e26bedc7d63a32b69f461e0a
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://umtpopxcsedc.cdnvideo3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:03 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"4a7886b0595c8711a5aae6eac4a"
expires: Wed, 22 Mar 2023 12:53:31 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCQ2/AST/2goAAA
x-77-nzt-ray: c0a4cc28c1d63db5bf2c1c64723ef911
x-accel-expires: @1679576085
x-cache: HIT
x-age: 2778
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
142.250.74.170200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://umtpopxcsedc.cdnvideo3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 59752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17506
Expires: Thu, 23 Mar 2023 15:32:49 GMT
Date: Thu, 23 Mar 2023 10:41:03 GMT
Connection: keep-alive
friendshipmale.com/sfp.js
104.21.234.92200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 104.21.234.92:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 38977aa5d09853f84b0a88bb314cae60
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Thu, 23 Mar 2023 10:41:03 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zxjiwL1cWfetLVVMLM%2B009Jr5TppojddV2NcdCYNCJ8eF6Z4dIPdSZXGTYHbTaoIYnHXodQV%2F%2FTDypRKFAPGvKfmTNLnaieYbuHGVYXtz6l644E9XW90ZeBFmngjUO7jZfWiu0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac60f4ab9ec24dd-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17506
Expires: Thu, 23 Mar 2023 15:32:49 GMT
Date: Thu, 23 Mar 2023 10:41:03 GMT
Connection: keep-alive
www.xxxfiles.tv/js/kvs/main.min.js?v=1679568060
104.21.83.6200 OK 95 kB URL HTTP/2 www.xxxfiles.tv/js/kvs/main.min.js?v=1679568060
IP 104.21.83.6:0
File type ASCII text, with very long lines (32089)
Hash fcb085e9a942a1cfa1e97c5bdbac6c26
052b8373dc9c67975d89c1fe3b7f11b6871cb7b6
0d9a52cc675ab7c7bee795966dd3d3d1814466e41960699dd542addbe0856e9e
GET /js/kvs/main.min.js?v=1679568060 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: application/javascript
last-modified: Wed, 20 Nov 2019 11:57:15 GMT
vary: Accept-Encoding
etag: W/"5dd52a1b-412c8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGZk5jh8SZ%2F8Po5d361XD6k9S%2BPrO%2BMt55qJb5Hc1VC0TzOr%2BPcomOVTGNgFq%2BoKklMk1OR%2BV%2F0UHQJXwGp3gvtBgtelyt3rjlR7wV2bByP3Fbx2QDZCL6aE5rNwGPdhaJA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac60f3f78d1fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
improviseprofane.com/pixel/purst?dl=0&th=0&sc=0&rs=2282&rd=2282&fd=1860&bv=22.10.v.9&tmpl=70
173.233.137.36200 OK 0 B URL HTTP/1.1 improviseprofane.com/pixel/purst?dl=0&th=0&sc=0&rs=2282&rd=2282&fd=1860&bv=22.10.v.9&tmpl=70
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2282&rd=2282&fd=1860&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: improviseprofane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
syndication.realsrv.com/v1/api.php
95.211.229.248200 OK 2.9 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (6297), with no line terminators
Hash abf9c66367705f65a147c828e6297f6e
5cce9f6e2d7f5476cea91b133204f2438297528c
9223310bfcbf38021127f1b95412c6343f3187c2819c4ed8ccfb1c0a0b71b085
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain
Content-Length: 334
Origin: http://umtpopxcsedc.cdnvideo3.com
Connection: keep-alive
Referer: http://umtpopxcsedc.cdnvideo3.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://umtpopxcsedc.cdnvideo3.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22641c2cbf5eb639.651624511640328453%22%3B%7D; expires=Sat, 22-Mar-2025 10:41:03 GMT; Max-Age=63072000; path=/; domain=realsrv.com
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: k6VaCG5oTQnKOvKJnleVqxIIc9yOgdOL0oPcL0ZSVw7DZQ8_GzFoZQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:47:43 GMT
age: 46400
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.xxxfiles.tv/js/videojs.persistvolume.js?v=1679568060
104.21.83.6200 OK 7.4 kB URL HTTP/2 www.xxxfiles.tv/js/videojs.persistvolume.js?v=1679568060
IP 104.21.83.6:0
Hash 95843dcf5bbfbc798e5a5508d8a416c9
0ad72305259253ea630debbf368dd37de1b4bb85
408eabdf2209e0a18de78dbffa89076d0d7afd0118a303aafdd67ef948a1fdd5
GET /js/videojs.persistvolume.js?v=1679568060 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: application/javascript
last-modified: Wed, 20 Nov 2019 11:00:42 GMT
vary: Accept-Encoding
etag: W/"5dd51cda-e5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKUYdKD1DsYg0duAnmB%2BWAWOMiGsLwlNeIz%2Bw4zGz6jRQhe%2BJghyPGqRDqa0FjhCLqsno6qIuff3ooMV2ocK3xSmJLbN7T%2Buj9UUZPQuROejZy5WVYlwiVVki5NlAn6VYHw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac60f3f58adfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c05bfdf1411a931d8ea9adc64b07bc74
156ef59e53564a4f2b27002b2695fafecd578d82
15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Jj5lAwItWYm45j5kLqQnd3fhsiGsiuSiSVtrBUOolyHvPAmCc0S71A==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:54:24 GMT
age: 9999
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 40d24dfcd9f0afe0e4077384f16cc494
76213c7d5c759471ed3823888860f918ac7e8f13
fbbbef0498ddf14bc9b204273a3cd416c357dceed20339c3e8c64a16b0be3caf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7083
x-amzn-requestid: 52c38747-4a30-4831-87ca-7e72e5602ed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CHY_gFu8IAMFh9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64193b96-49c53b7c2e5ed4fc0217e357;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 05:07:34 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: XUrSSF8TgZSClR4MqJ0kuXGO-8KIguNmGe5lmVwzKXZO6CN0F9mimg==
via: 1.1 f3802d173009698413044360f84de06c.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:51:03 GMT
age: 46200
etag: "76213c7d5c759471ed3823888860f918ac7e8f13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f777f840a3fc7e500c57a7cbdf88f26d
3518e8a18807209e94011806a96492e0d86ee9c9
44aa32fa1bf15785a4dd8cd6184772fb268113cbf459f5f30a70ff5ca66c9e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7419
x-amzn-requestid: bc02abbe-706d-42af-b963-0163b07b87c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xbnE7OIAMFW2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641562b0-247606a3713a20d25cf83763;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:20 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: W_FZ-TYlfmS1JSvZVG4v_4Iag3ssm5J2oYgk0LBdKqv-Q0KST6FkDQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 20:21:35 GMT
age: 51568
etag: "3518e8a18807209e94011806a96492e0d86ee9c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
syndication.realsrv.com/v1/api.php
95.211.229.248200 OK 3.0 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (6473), with no line terminators
Hash 86018c5192ed91228b3679362ce8f5c8
659f88a679cb35e27129924853719c02c2b48d9b
28bbfb06c80e5526da4d19c87474ace6626a1a4e248ba34c9a84d2d9f7f956cf
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain
Content-Length: 334
Origin: http://umtpopxcsedc.cdnvideo3.com
Connection: keep-alive
Referer: http://umtpopxcsedc.cdnvideo3.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://umtpopxcsedc.cdnvideo3.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22641c2cbf61e694.761688404106737332%22%3B%7D; expires=Sat, 22-Mar-2025 10:41:03 GMT; Max-Age=63072000; path=/; domain=realsrv.com
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
improviseprofane.com/cc/48/f4/cc48f4cc72bd1ab0cd76dca8048a896c.js
173.233.137.36200 OK 13 kB URL HTTP/1.1 improviseprofane.com/cc/48/f4/cc48f4cc72bd1ab0cd76dca8048a896c.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (37131), with no line terminators
Hash 05d66f6d3b2d3a9870f6e79cd8869a7d
16f0d6268b0b055b847b9ce1c87e6f351b99dbf3
4f860b24eb0a61e0d028ac1585c98eb421a7803071598c5a0f7c231f0c348962
Analyzer Verdict Alert quad9 Sinkholed
GET /cc/48/f4/cc48f4cc72bd1ab0cd76dca8048a896c.js HTTP/1.1
Host: improviseprofane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2f8eaf34c9351454f06e4db3c2c55d85
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
18.195.128.32200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.195.128.32:0
File type ASCII text, with no line terminators
Hash 99c3fe365e243b6f3d60243f48108ea2
de2c7d37702b7963ae1eda0cfb811294c95f38e7
dc5ca2ab3e622d95232ee0e5260ddd3329d0549de98dc204f0052838bfa52343
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: uid_id2=042b4a7f-853d-4f05-bada-bdd7ab307950:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-credentials: true
X-Firefox-Spdy: h2
lighthousemissingdisavow.com/pixel/purst?dl=0&th=0&sc=0&rs=2253&rd=2253&fd=1832&bv=22.10.v.9&tmpl=70
173.233.139.164200 OK 0 B URL HTTP/1.1 lighthousemissingdisavow.com/pixel/purst?dl=0&th=0&sc=0&rs=2253&rd=2253&fd=1832&bv=22.10.v.9&tmpl=70
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2253&rd=2253&fd=1832&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: lighthousemissingdisavow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
umtpopxcsedc.cdnvideo3.com/api/spots/5349649835655704095/1636039?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie
135.181.208.216200 OK 619 B URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/api/spots/5349649835655704095/1636039?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (356)
Hash 361032fd0b2400d179f45c1417beab9a
6097581496c725f55ef41fb32f42acbda3fdb99e
c2cf8b69e052b8e54dc6de828c1ab97e928c7d89090dd78a0bd2da643a3da045
GET /api/spots/5349649835655704095/1636039?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Cache-Control: private
Content-Encoding: gzip
umtpopxcsedc.cdnvideo3.com/api/spots/5349649835655704095/1636027?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie
135.181.208.216200 OK 865 B URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/api/spots/5349649835655704095/1636027?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (625)
Hash 4f3b64ba9189231ce9a04a84799d6555
797de20413c737a1270720027ffc820c32feab11
23a15a4a7511ec267881ef330041cb60e8d19e1db01f7d0594943a986d2c6e33
GET /api/spots/5349649835655704095/1636027?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Cache-Control: private
Content-Encoding: gzip
umtpopxcsedc.cdnvideo3.com/api/spots/5349649835655704095/1635934?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie
135.181.208.216200 OK 607 B URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/api/spots/5349649835655704095/1635934?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (356)
Hash 81715db8eab21b71371265343c2085ba
d4f2235c327e62a0d22846a6b07178c63b1f2629
9d263a90c499c4535a33eb5e9f06f1a3531acd305e8a0f6e8d8e73541792cd69
GET /api/spots/5349649835655704095/1635934?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Cache-Control: private
Content-Encoding: gzip
umtpopxcsedc.cdnvideo3.com/api/spots/834248539023184095/997762?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie
135.181.208.216200 OK 866 B URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/api/spots/834248539023184095/997762?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (673)
Hash 84e83132a798660178f5c652e1d9e08b
46ba5723d6f2aca660656d4daee5dacb37a45786
6130b6e7a0a0cb3025a7ec6039888fdc17abf2ea06d2337cefa56d151abe8562
GET /api/spots/834248539023184095/997762?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Cache-Control: private
Content-Encoding: gzip
umtpopxcsedc.cdnvideo3.com/api/spots/834248539023184095/997745?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie
135.181.208.216200 OK 609 B URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/api/spots/834248539023184095/997745?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (357)
Hash 9a62394cdb6b721a522c07b5641f3498
72a476f65eee51a078839ac7c0d1358e12248ea3
d1bf6232cf4b5b803a4f0aa22a458e311ba71c478ec1ed05d6bbafbda0c09721
GET /api/spots/834248539023184095/997745?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Cache-Control: private
Content-Encoding: gzip
umtpopxcsedc.cdnvideo3.com/api/spots/834248539023184095/997869?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie
135.181.208.216200 OK 617 B URL HTTP/1.1 umtpopxcsedc.cdnvideo3.com/api/spots/834248539023184095/997869?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (357)
Hash 721ace8983cad78df0cafd5f982fb70b
3a5c0fe3afd0b37b556f6545fcabdd15b323e6c3
a96e98ebac74353766d7aa7f1c8000816dec19190d50e6f12e877a8ea17ce324
GET /api/spots/834248539023184095/997869?fill=0&kw=Masturbation,young,Squirt,squirting,Solo,Fisting,public%20nudity,dancing%20scenes,extreme%20closeups,masturbation%20to%20orgasm,other%20stuffing,upskirt%20in%20public,ftvgirls.com,vagina%20gaping%20closeups,long%20labia%20and%20stretching,Ellie HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Cache-Control: private
Content-Encoding: gzip
www.xxxfiles.tv/js/main.js?v=1679568060
104.21.83.6200 OK 5.6 kB URL HTTP/2 www.xxxfiles.tv/js/main.js?v=1679568060
IP 104.21.83.6:0
Hash a035b0bf9d78b35f8e60f4b34a2653b7
fc75a8c7fbcb1818aec42d4e5041751d4053c303
2610e2f71b4c74c6bf67d19e636e4457d7304b2eab9315207cd2c7ab513d3c7b
GET /js/main.js?v=1679568060 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: application/javascript
last-modified: Tue, 04 May 2021 10:44:25 GMT
vary: Accept-Encoding
etag: W/"60912589-511f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wje%2FuinzcbXsReyCSWlkpJZTAp51701zmiXVmXCoVl%2BLB97v90Bsp1vZhF9GLpFV%2FMxu%2FTNsDWUx4J5ywf2HbGhIwT%2BYDNSUPgVOAz146coEYDYiUFxUplTbVwVEGrVZ%2FxM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac60f3f88ecfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
173.233.137.36200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 10:41:03 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0fbae688b2d9f3a062f5878ae24b6ea4
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6dd6d4dc2611727d26890f18b8732412
54687b607efdc439c2b5a44e5e480848f456798b
fa253e946a274ba37f999bcd3968377e2af01be28ebc305c42de6167a30e5a4e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA253E946A274BA37F999BCD3968377E2AF01BE28EBC305C42DE6167A30E5A4E"
Last-Modified: Mon, 20 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1068
Expires: Thu, 23 Mar 2023 10:58:52 GMT
Date: Thu, 23 Mar 2023 10:41:04 GMT
Connection: keep-alive
twinrdsrv.com/Redirect.eng?MediaSegmentId=31311&dcid=3_ctx_962331de-d66c-41b2-b76c-f601e5d9e394&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=Zw8gyxOjMs9xkppHwggJs9DB69B5xeyk-IUP6MXV0cZTAIEChuwCqtr6aLrwFV8vLndJju3Yj8aOUujuLp3n8jTAYhXkL2DMAUpP5LYssV6JPN_1Ph2EYaKWpCYFOua2ygnvTRl0MAVh-tYAdGVcwtDogSLbNvBf8ZPzCfi0ZyDxbSvuT7yot8Och1krcpRzio1ew_-o4KuKk1979kWtWefulphMz0Kv_-anADxpOGq2mSaPRDbl7QKHBOIFnUVrraaOmE6M-YNDjNynUUDRwdE0iw71KhmInNp2i94AozjIEjzTnGXLmU7PrRstPYY5kf2sxMjtYZiu2s8fcTGKhQnpQBf5T_w9OLkG7QNV5yEX733QwVwOSUDWrCQdiP2kMpyXQm9aam3qQsyMPcoUH8ZsksLWXj_HtlrSxrx2PNRxTXrEsgQpxp4bNcDUF60F_iZqp2XLevtP8qJIl3WG-FhcrEqmHKYYwA0LGZulSNh_gAL3_Mk7LSfv1XZ6BJ-7ynNQCHKtsxVGXZf45ZuiuY6izCAaks_xooa1hLMEBLb3hDN9rdcuaqep0ULzFmjUbSsClvr8VNmSLgme1LolTI_ZZhy7neKNQiZZrrHd-pCaU0HbytC_YRy_53C3aDTwgKNnyHmOxFQ1gt3ENFcq8k0v2Z0Lug4UZnmOFj6oUoNkk9206k8Bxh1-NDQotnAjCE0233Z8uvURdWh27kpCHYsQyzVNYZuIZeqMR3tP_L4eB0CsCaQlEKRojgdU5BLNrTpzCM86daBsAXP5LLOiZa8WUB6TkT8ANTyUtpju3yE9zFj8eDaTUMC-IK1n4ziOWc20s4Fsc13QeoSIhhkgTDkjqUgG4YJzNfHGnqFOxEEX9lzqEYGeEVl2jIrTWXV1qKq2OEqD7ZwYP6ACupjFJINdM7dl2pJemSqYeLce-e7QXnEunQb5yVgphwax567s93ypI5aTv0xgxWO5AP4epW4oBaqp8FCPObE94zEADpo1&kw=&mw=300&mh=250&cu=
172.66.40.197302 Found 418 B URL HTTP/2 twinrdsrv.com/Redirect.eng?MediaSegmentId=31311&dcid=3_ctx_962331de-d66c-41b2-b76c-f601e5d9e394&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=Zw8gyxOjMs9xkppHwggJs9DB69B5xeyk-IUP6MXV0cZTAIEChuwCqtr6aLrwFV8vLndJju3Yj8aOUujuLp3n8jTAYhXkL2DMAUpP5LYssV6JPN_1Ph2EYaKWpCYFOua2ygnvTRl0MAVh-tYAdGVcwtDogSLbNvBf8ZPzCfi0ZyDxbSvuT7yot8Och1krcpRzio1ew_-o4KuKk1979kWtWefulphMz0Kv_-anADxpOGq2mSaPRDbl7QKHBOIFnUVrraaOmE6M-YNDjNynUUDRwdE0iw71KhmInNp2i94AozjIEjzTnGXLmU7PrRstPYY5kf2sxMjtYZiu2s8fcTGKhQnpQBf5T_w9OLkG7QNV5yEX733QwVwOSUDWrCQdiP2kMpyXQm9aam3qQsyMPcoUH8ZsksLWXj_HtlrSxrx2PNRxTXrEsgQpxp4bNcDUF60F_iZqp2XLevtP8qJIl3WG-FhcrEqmHKYYwA0LGZulSNh_gAL3_Mk7LSfv1XZ6BJ-7ynNQCHKtsxVGXZf45ZuiuY6izCAaks_xooa1hLMEBLb3hDN9rdcuaqep0ULzFmjUbSsClvr8VNmSLgme1LolTI_ZZhy7neKNQiZZrrHd-pCaU0HbytC_YRy_53C3aDTwgKNnyHmOxFQ1gt3ENFcq8k0v2Z0Lug4UZnmOFj6oUoNkk9206k8Bxh1-NDQotnAjCE0233Z8uvURdWh27kpCHYsQyzVNYZuIZeqMR3tP_L4eB0CsCaQlEKRojgdU5BLNrTpzCM86daBsAXP5LLOiZa8WUB6TkT8ANTyUtpju3yE9zFj8eDaTUMC-IK1n4ziOWc20s4Fsc13QeoSIhhkgTDkjqUgG4YJzNfHGnqFOxEEX9lzqEYGeEVl2jIrTWXV1qKq2OEqD7ZwYP6ACupjFJINdM7dl2pJemSqYeLce-e7QXnEunQb5yVgphwax567s93ypI5aTv0xgxWO5AP4epW4oBaqp8FCPObE94zEADpo1&kw=&mw=300&mh=250&cu=
IP 172.66.40.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (346), with CRLF line terminators
Hash a5cea5cd43d3ee004e8a7bbaecc45791
f9282a9119a4e13828a9fb0446641b4eeba81bd6
30cd12db481da4caae5ec45044f92b65b9b3e9fb5603a4bd84ffc25aa6428c5b
GET /Redirect.eng?MediaSegmentId=31311&dcid=3_ctx_962331de-d66c-41b2-b76c-f601e5d9e394&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=Zw8gyxOjMs9xkppHwggJs9DB69B5xeyk-IUP6MXV0cZTAIEChuwCqtr6aLrwFV8vLndJju3Yj8aOUujuLp3n8jTAYhXkL2DMAUpP5LYssV6JPN_1Ph2EYaKWpCYFOua2ygnvTRl0MAVh-tYAdGVcwtDogSLbNvBf8ZPzCfi0ZyDxbSvuT7yot8Och1krcpRzio1ew_-o4KuKk1979kWtWefulphMz0Kv_-anADxpOGq2mSaPRDbl7QKHBOIFnUVrraaOmE6M-YNDjNynUUDRwdE0iw71KhmInNp2i94AozjIEjzTnGXLmU7PrRstPYY5kf2sxMjtYZiu2s8fcTGKhQnpQBf5T_w9OLkG7QNV5yEX733QwVwOSUDWrCQdiP2kMpyXQm9aam3qQsyMPcoUH8ZsksLWXj_HtlrSxrx2PNRxTXrEsgQpxp4bNcDUF60F_iZqp2XLevtP8qJIl3WG-FhcrEqmHKYYwA0LGZulSNh_gAL3_Mk7LSfv1XZ6BJ-7ynNQCHKtsxVGXZf45ZuiuY6izCAaks_xooa1hLMEBLb3hDN9rdcuaqep0ULzFmjUbSsClvr8VNmSLgme1LolTI_ZZhy7neKNQiZZrrHd-pCaU0HbytC_YRy_53C3aDTwgKNnyHmOxFQ1gt3ENFcq8k0v2Z0Lug4UZnmOFj6oUoNkk9206k8Bxh1-NDQotnAjCE0233Z8uvURdWh27kpCHYsQyzVNYZuIZeqMR3tP_L4eB0CsCaQlEKRojgdU5BLNrTpzCM86daBsAXP5LLOiZa8WUB6TkT8ANTyUtpju3yE9zFj8eDaTUMC-IK1n4ziOWc20s4Fsc13QeoSIhhkgTDkjqUgG4YJzNfHGnqFOxEEX9lzqEYGeEVl2jIrTWXV1qKq2OEqD7ZwYP6ACupjFJINdM7dl2pJemSqYeLce-e7QXnEunQb5yVgphwax567s93ypI5aTv0xgxWO5AP4epW4oBaqp8FCPObE94zEADpo1&kw=&mw=300&mh=250&cu= HTTP/1.1
Host: twinrdsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://umtpopxcsedc.cdnvideo3.com/
Cookie: IKSR={}; INF_DFL8=false; IUID=85a66338-72f2-4895-a9c3-f9b6c98aa3bc; ISSH=6A1BFD; VMI=; IPLH=#{}; IPLH_Q=#[]; CHN=#[]; MSSH=#{}; MSRH=#{}; ILP=null; ILPLU=#1/1/0001 12:00:00 AM; ILEALC=#1/1/0001 12:00:00 AM; ILMPF=#False; IPMPLU=#; IPMUID=#; BSWUID=#; IBL=#[]; IPLSH=#{}; IPLSH_Q=#[]; IZH=#{}; IZH_Q=#[]; IMCH=#{}; IMCH_Q=#[]; IMH=#{}; IMH_Q=#[]; ISH=#{}; ISH_Q=#[]; ISPH=#{}; ISPH_Q=#[]; ICH=#{}; ICH_Q=#[]
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 23 Mar 2023 10:41:04 GMT
content-type: text/html; charset=utf-8
content-length: 418
location: https://twinrdsrv.com/mediahosting.engine?MediaId=54280&AId=6827&CId=27887&PId=49657&SiteId=7003&ZoneId=41938&VolumeMetricId=8750b36b-3ebc-44fb-8cfa-6a38f7fa0417&PassBackUrl=&res=&dcid=3_ctx_962331de-d66c-41b2-b76c-f601e5d9e394&cu=&kw=&mw=300&mh=250
cache-control: private, no-transform
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=85a66338-72f2-4895-a9c3-f9b6c98aa3bc; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure
ISSH=6A1BFD; path=/; SameSite=None; secure
VMI=8750b36b-3ebc-44fb-8cfa-6a38f7fa0417; path=/; SameSite=None; secure
IPLH=#{"49657":[{"SId":"6A1BFD","D":"23/3/23T3:41:3"}]}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[49657]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Thu, 23-Mar-2023 14:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{"41938":[{"SId":"6A1BFD","D":"23/3/23T3:41:3"}]}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[41938]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{"54280":[{"SId":"6A1BFD","D":"23/3/23T3:41:3"}]}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[54280]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{"7003":[{"SId":"6A1BFD","D":"23/3/23T3:41:3"}]}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[7003]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{"27887":[{"SId":"6A1BFD","D":"23/3/23T3:41:3"}]}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[27887]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
p3p: CP="CAO PSA OUR IND"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdf0%2FqA1KIlSG9rhb%2BmaXWD%2BSmkoKxr4jARqxtSNYS5xSH2U3ohc0bTBVekA6htsm5XJv5qc2R99eWHiuS83GLMreYBXWaRUZOy8Dr0C%2BQ9KztQvEnBIG8SIiZB%2BAF8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac60f4eef09b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
twinrdsrv.com/Redirect.eng?MediaSegmentId=31311&dcid=3_ctx_a1e90c59-89dd-491c-9be5-a1b405fffefd&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=Zw8gyxOjMs9xkppHwggJs9DB69B5xeyk-IUP6MXV0cZTAIEChuwCqtr6aLrwFV8vLndJju3Yj8aOUujuLp3n8jTAYhXkL2DMAUpP5LYssV6JPN_1Ph2EYaKWpCYFOua2oJIz3zk18922fMm87lRvylQSw2aisWRfq4ffg-vmP6f4MZjsnWEYjVNPQLUDLixxuq13a2k-gUqH_hOVaRopimdFDDp3lIfegATolZ9MkTgGwb7vEsl6NEdiBHDB1GlQCChGGpRcuJTOkpYYhUGXVIrmjKA30o1puu6-tpezad42BDMNdIbbCG23PI5oMqMjuH04OmV6BCHR-Wk_UZni63yRkFxz9GQqi6_HHYYwnKw0O54GX5oSYejT3CGO0T6xp6lxJ4LfZ640_LKqwTppYpVnCFmPxGvxTIKC_5EF82au2haA_NGPwTR_FBuUWgL0UgewCyswEFVtiQg64indZDakg5fMKDWqr4vScENbsizB85dE0Hzq0ZZCYmLoB5dZmIl2XjHGaJQqkTLGciO7szdj34p6CmHVoufqcOirjYBEN7fZWLWptWYtgwNFDQEt3XkeCufw12g_g2iLMnCz-9wa0rfC9ogna4qqWrAX-IHLW9ke7zA3t6j4cBGh4SnnRxL2az8et9zuLMVn7DOhXuyds-0gVvljKAIBRgg5-pJlFN1jHMIpaFhSM30Ls3--IZflE5XsESe_p-_ZQrfOSWL_1tQo6nl-ACyWLDNOsGkCuLLPNfDZ3xU5PGZkf6U5g6UxXJBh1HAY3be4Yy50ErewA-DE0iir6GI7NJLe4CExMzScE2dOq0LVmXbt0wL2mLNl3p2EwbgcMMseA1s2yndowhT4uofsueiCOlYyQhTooH4SnsONxNTMYgglLQPhXioHzv-TCyDmTgZIAzzv1giyW7XSHuUUe2j7DRpZo6QkDWE_fmgyrrYgEzcyD03N4f6FaDWhFXRnMlv46HmPTMnKR9VEukz4XpaYo_Ac8xU1&kw=&mw=300&mh=250&cu=
172.66.40.197302 Found 418 B URL HTTP/2 twinrdsrv.com/Redirect.eng?MediaSegmentId=31311&dcid=3_ctx_a1e90c59-89dd-491c-9be5-a1b405fffefd&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=Zw8gyxOjMs9xkppHwggJs9DB69B5xeyk-IUP6MXV0cZTAIEChuwCqtr6aLrwFV8vLndJju3Yj8aOUujuLp3n8jTAYhXkL2DMAUpP5LYssV6JPN_1Ph2EYaKWpCYFOua2oJIz3zk18922fMm87lRvylQSw2aisWRfq4ffg-vmP6f4MZjsnWEYjVNPQLUDLixxuq13a2k-gUqH_hOVaRopimdFDDp3lIfegATolZ9MkTgGwb7vEsl6NEdiBHDB1GlQCChGGpRcuJTOkpYYhUGXVIrmjKA30o1puu6-tpezad42BDMNdIbbCG23PI5oMqMjuH04OmV6BCHR-Wk_UZni63yRkFxz9GQqi6_HHYYwnKw0O54GX5oSYejT3CGO0T6xp6lxJ4LfZ640_LKqwTppYpVnCFmPxGvxTIKC_5EF82au2haA_NGPwTR_FBuUWgL0UgewCyswEFVtiQg64indZDakg5fMKDWqr4vScENbsizB85dE0Hzq0ZZCYmLoB5dZmIl2XjHGaJQqkTLGciO7szdj34p6CmHVoufqcOirjYBEN7fZWLWptWYtgwNFDQEt3XkeCufw12g_g2iLMnCz-9wa0rfC9ogna4qqWrAX-IHLW9ke7zA3t6j4cBGh4SnnRxL2az8et9zuLMVn7DOhXuyds-0gVvljKAIBRgg5-pJlFN1jHMIpaFhSM30Ls3--IZflE5XsESe_p-_ZQrfOSWL_1tQo6nl-ACyWLDNOsGkCuLLPNfDZ3xU5PGZkf6U5g6UxXJBh1HAY3be4Yy50ErewA-DE0iir6GI7NJLe4CExMzScE2dOq0LVmXbt0wL2mLNl3p2EwbgcMMseA1s2yndowhT4uofsueiCOlYyQhTooH4SnsONxNTMYgglLQPhXioHzv-TCyDmTgZIAzzv1giyW7XSHuUUe2j7DRpZo6QkDWE_fmgyrrYgEzcyD03N4f6FaDWhFXRnMlv46HmPTMnKR9VEukz4XpaYo_Ac8xU1&kw=&mw=300&mh=250&cu=
IP 172.66.40.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (346), with CRLF line terminators
Hash 81532845f3550ffb5a13774678df508a
c3ba5fdf041d3ce21a775db8f247ed70976376ec
edf82ee338b4c98e00da805320104061e85a2b7aeb55b63b62a0410f9f90b102
GET /Redirect.eng?MediaSegmentId=31311&dcid=3_ctx_a1e90c59-89dd-491c-9be5-a1b405fffefd&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=Zw8gyxOjMs9xkppHwggJs9DB69B5xeyk-IUP6MXV0cZTAIEChuwCqtr6aLrwFV8vLndJju3Yj8aOUujuLp3n8jTAYhXkL2DMAUpP5LYssV6JPN_1Ph2EYaKWpCYFOua2oJIz3zk18922fMm87lRvylQSw2aisWRfq4ffg-vmP6f4MZjsnWEYjVNPQLUDLixxuq13a2k-gUqH_hOVaRopimdFDDp3lIfegATolZ9MkTgGwb7vEsl6NEdiBHDB1GlQCChGGpRcuJTOkpYYhUGXVIrmjKA30o1puu6-tpezad42BDMNdIbbCG23PI5oMqMjuH04OmV6BCHR-Wk_UZni63yRkFxz9GQqi6_HHYYwnKw0O54GX5oSYejT3CGO0T6xp6lxJ4LfZ640_LKqwTppYpVnCFmPxGvxTIKC_5EF82au2haA_NGPwTR_FBuUWgL0UgewCyswEFVtiQg64indZDakg5fMKDWqr4vScENbsizB85dE0Hzq0ZZCYmLoB5dZmIl2XjHGaJQqkTLGciO7szdj34p6CmHVoufqcOirjYBEN7fZWLWptWYtgwNFDQEt3XkeCufw12g_g2iLMnCz-9wa0rfC9ogna4qqWrAX-IHLW9ke7zA3t6j4cBGh4SnnRxL2az8et9zuLMVn7DOhXuyds-0gVvljKAIBRgg5-pJlFN1jHMIpaFhSM30Ls3--IZflE5XsESe_p-_ZQrfOSWL_1tQo6nl-ACyWLDNOsGkCuLLPNfDZ3xU5PGZkf6U5g6UxXJBh1HAY3be4Yy50ErewA-DE0iir6GI7NJLe4CExMzScE2dOq0LVmXbt0wL2mLNl3p2EwbgcMMseA1s2yndowhT4uofsueiCOlYyQhTooH4SnsONxNTMYgglLQPhXioHzv-TCyDmTgZIAzzv1giyW7XSHuUUe2j7DRpZo6QkDWE_fmgyrrYgEzcyD03N4f6FaDWhFXRnMlv46HmPTMnKR9VEukz4XpaYo_Ac8xU1&kw=&mw=300&mh=250&cu= HTTP/1.1
Host: twinrdsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://umtpopxcsedc.cdnvideo3.com/
Cookie: IKSR={}; INF_DFL8=false; IUID=85a66338-72f2-4895-a9c3-f9b6c98aa3bc; ISSH=6A1BFD; VMI=; IPLH=#{}; IPLH_Q=#[]; CHN=#[]; MSSH=#{}; MSRH=#{}; ILP=null; ILPLU=#1/1/0001 12:00:00 AM; ILEALC=#1/1/0001 12:00:00 AM; ILMPF=#False; IPMPLU=#; IPMUID=#; BSWUID=#; IBL=#[]; IPLSH=#{}; IPLSH_Q=#[]; IZH=#{}; IZH_Q=#[]; IMCH=#{}; IMCH_Q=#[]; IMH=#{}; IMH_Q=#[]; ISH=#{}; ISH_Q=#[]; ISPH=#{}; ISPH_Q=#[]; ICH=#{}; ICH_Q=#[]
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 23 Mar 2023 10:41:04 GMT
content-type: text/html; charset=utf-8
content-length: 418
location: https://twinrdsrv.com/mediahosting.engine?MediaId=54280&AId=6827&CId=27887&PId=49657&SiteId=7003&ZoneId=41951&VolumeMetricId=557a6802-8ab9-4b68-bca0-524c0123dc2c&PassBackUrl=&res=&dcid=3_ctx_a1e90c59-89dd-491c-9be5-a1b405fffefd&cu=&kw=&mw=300&mh=250
cache-control: private, no-transform
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=85a66338-72f2-4895-a9c3-f9b6c98aa3bc; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure
ISSH=6A1BFD; path=/; SameSite=None; secure
VMI=557a6802-8ab9-4b68-bca0-524c0123dc2c; path=/; SameSite=None; secure
IPLH=#{"49657":[{"SId":"6A1BFD","D":"23/3/23T3:41:3"}]}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[49657]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Thu, 23-Mar-2023 14:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{"41951":[{"SId":"6A1BFD","D":"23/3/23T3:41:3"}]}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[41951]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{"54280":[{"SId":"6A1BFD","D":"23/3/23T3:41:3"}]}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[54280]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{"7003":[{"SId":"6A1BFD","D":"23/3/23T3:41:3"}]}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[7003]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{"27887":[{"SId":"6A1BFD","D":"23/3/23T3:41:3"}]}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[27887]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
p3p: CP="CAO PSA OUR IND"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIohfy8ROq6IWjfvEB%2B%2BfsIP6zhGZtP%2FvIdAnASkAymwT%2BW%2BSz4goL410VYpmmU%2FmTXJd%2FTH7fsKggrq9ppWosKUAEDDgq%2BXbomFhNatx8dicJGcAeCk7ZLiJ5xgJ9w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac60f4eff0cb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.xxxfiles.tv/apple-touch-icon.png
172.67.210.53200 OK 14 kB URL HTTP/1.1 www.xxxfiles.tv/apple-touch-icon.png
IP 172.67.210.53:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 302003967bcce57931c372aa26310c88
526045f535e90a6d7b19240532f9100c9535beee
117477b129e4ca959b0afd092f7edca8f460ff25120b8dbe2011a88d9f48bef8
GET /apple-touch-icon.png HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/197379/b00bee6c97cea38906f6b51e7e1a81af/?sid=12320
Cookie: PHPSESSID=lv2a7qv9a8nmmelic2kphf4drj; kt_qparams=id%3D197379%26dir%3Db00bee6c97cea38906f6b51e7e1a81af%26sid%3D12320; kt_ips=91.90.42.154; show_pops2=true2; show_pops1=true1; ppu_show_on_63d45b685911cef3b8cc3d1d1550bf85=1; kt_tcookie=1; kt_is_visited=1; ppu_main_e5a3678a1d1bb8a6b0d93a9a41a239f8=1; sb_main_f1558eeca431d45f5f8240bae243d8b1=1; sb_count_f1558eeca431d45f5f8240bae243d8b1=1; ppu_main_63d45b685911cef3b8cc3d1d1550bf85=1; ppu_exp_63d45b685911cef3b8cc3d1d1550bf85=1679571671417
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 10:41:04 GMT
Content-Type: image/png
Content-Length: 13713
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 12:46:44 GMT
ETag: "6380b934-3591"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 3891232
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mZBT%2Bls1UPujxLza1jEWNGdWnKtg85af0zwzBn5VUz6F8ijVnNW7vhXddHcu33DcdlfIg%2BoE2RTHLuNOp4y63nlt07GDGLMtTv%2B75FJQRK8B%2BzJ3UCa%2FVqJEe71d7ZRElo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac60f50495fb4f4-OSL
alt-svc: h2=":443"; ma=60
www.xxxfiles.tv/favicon-16x16.png
104.21.83.6200 OK 1.5 kB URL HTTP/1.1 www.xxxfiles.tv/favicon-16x16.png
IP 104.21.83.6:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 552872354755cb050014a9501cfec4fa
fd05b4d7002b52e705344db04db723495910e4c7
88ef331642f08aaee6990894bd8015032891181d446faa6c4bbec095a56aba8d
GET /favicon-16x16.png HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/197379/b00bee6c97cea38906f6b51e7e1a81af/?sid=12320
Cookie: PHPSESSID=lv2a7qv9a8nmmelic2kphf4drj; kt_qparams=id%3D197379%26dir%3Db00bee6c97cea38906f6b51e7e1a81af%26sid%3D12320; kt_ips=91.90.42.154; show_pops2=true2; show_pops1=true1; ppu_show_on_63d45b685911cef3b8cc3d1d1550bf85=1; kt_tcookie=1; kt_is_visited=1; ppu_main_e5a3678a1d1bb8a6b0d93a9a41a239f8=1; sb_main_f1558eeca431d45f5f8240bae243d8b1=1; sb_count_f1558eeca431d45f5f8240bae243d8b1=1; ppu_main_63d45b685911cef3b8cc3d1d1550bf85=1; ppu_exp_63d45b685911cef3b8cc3d1d1550bf85=1679571671417
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 10:41:04 GMT
Content-Type: image/png
Content-Length: 1489
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 12:46:44 GMT
ETag: "6380b934-5d1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 3891667
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReWu5z2O4q7E0JWS02pr%2BpBpa1qBSPu6%2F00jSC6DhbmwE0VHtYXNqyzd%2Bwkpp1P%2FIoIgcpc30QQdtWRZkKRI2KgRzBxKS5IaQtAojX5DA784s3PEVLLf3GADn%2FjdOwZs950%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac60f50489d1c16-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 23c054d3aee551b6fdc42a5a472a7040
b1a46c12ac7d65c979fd1998bdb243f3dba8f956
9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 10:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA0VQS04DMQy9ChfoyL8kdtewBamoB+hkIsSinYoCKtI7PMksIJbjF8efZwuJ7kh3og+U98Z7UgRPQZPJxMnw/HKAMa7rx+Vtnep6Ri65RECUSxE4hXuBKXOQIJF3lZLdUTi8q8AICuoiSc0GmohYUBxPxwOOr4/dE9qrMYTQ79F1wC34PlI9N5nZpHKNJNFmLk2sqSzucZprTyJ8nT+v6/Veb22pU10u3+9LW3VjTUiSlcBEeXCYWNRHv43YEGVTMcGO/x6Gfgjb9+n2c6nAf7hvJm0VOnPrUzJQSuqozVbEQsL6trIlqinmviHXXyooZNdxAQAA
95.211.229.248200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA0VQS04DMQy9ChfoyL8kdtewBamoB+hkIsSinYoCKtI7PMksIJbjF8efZwuJ7kh3og+U98Z7UgRPQZPJxMnw/HKAMa7rx+Vtnep6Ri65RECUSxE4hXuBKXOQIJF3lZLdUTi8q8AICuoiSc0GmohYUBxPxwOOr4/dE9qrMYTQ79F1wC34PlI9N5nZpHKNJNFmLk2sqSzucZprTyJ8nT+v6/Veb22pU10u3+9LW3VjTUiSlcBEeXCYWNRHv43YEGVTMcGO/x6Gfgjb9+n2c6nAf7hvJm0VOnPrUzJQSuqozVbEQsL6trIlqinmviHXXyooZNdxAQAA
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA0VQS04DMQy9ChfoyL8kdtewBamoB+hkIsSinYoCKtI7PMksIJbjF8efZwuJ7kh3og+U98Z7UgRPQZPJxMnw/HKAMa7rx+Vtnep6Ri65RECUSxE4hXuBKXOQIJF3lZLdUTi8q8AICuoiSc0GmohYUBxPxwOOr4/dE9qrMYTQ79F1wC34PlI9N5nZpHKNJNFmLk2sqSzucZprTyJ8nT+v6/Veb22pU10u3+9LW3VjTUiSlcBEeXCYWNRHv43YEGVTMcGO/x6Gfgjb9+n2c6nAf7hvJm0VOnPrUzJQSuqozVbEQsL6trIlqinmviHXXyooZNdxAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://umtpopxcsedc.cdnvideo3.com
Connection: keep-alive
Referer: http://umtpopxcsedc.cdnvideo3.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://umtpopxcsedc.cdnvideo3.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 22 Mar 2025 10:41:04 GMT; path=/; domain=.realsrv.com;
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 23 Mar 2023 10:05:11 GMT
expires: Thu, 23 Mar 2023 12:05:11 GMT
cache-control: public, max-age=7200
age: 2153
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 23c054d3aee551b6fdc42a5a472a7040
b1a46c12ac7d65c979fd1998bdb243f3dba8f956
9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 10:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3t3d2y8.afcdn.net/library/676799/60f4adb1968b8111d2fc461886cfd9820c7dba6f.jpg
185.76.9.25200 OK 23 kB URL HTTP/1.1 s3t3d2y8.afcdn.net/library/676799/60f4adb1968b8111d2fc461886cfd9820c7dba6f.jpg
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash a84c6a25873a8ddb405b6adff075bff0
60f4adb1968b8111d2fc461886cfd9820c7dba6f
e733ca4ba0d4664b6be9ad7f0619ff6b4af406a0e2456858c611793e6d09eb96
GET /library/676799/60f4adb1968b8111d2fc461886cfd9820c7dba6f.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://umtpopxcsedc.cdnvideo3.com/
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 10:41:04 GMT
Content-Type: image/jpeg
Content-Length: 22930
Connection: keep-alive
Last-Modified: Fri, 27 Aug 2021 14:16:32 GMT
ETag: "6128f3c0-5992"
Expires: Fri, 30 Jun 2023 11:18:47 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
X-Cache-OP: HIT
Server: CDN77-Turbo
X-Robots-Tag: noindex, follow
X-77-NZT: AblMCRTi+83/jI9dAQ
X-77-NZT-Ray: af585630056705f1c02c1c6460d7110c
X-Accel-Expires: @1688195252
X-Cache: HIT
X-Age: 22908812
X-77-POP: stockholmSE
X-77-Cache: HIT
Accept-Ranges: bytes
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz2PS04DMQyGr8IFGvmVh7uGLUhFPcA0k0Es2qkooCL9hyeZRWMldhL792ch0R3pTvSJ0t54Twrn4BRMAkfD69sBxriuX5ePNdT1jJRTdoco5ywo5KVkmLKZF0QaW3IqBZm9JNcCIyiom0Q1G1EgYkEueDkecHx/7i+uXY0hhH6OriPcku+jlKVOcXGdF2uRJS41NRZui5QldteLCD/n7+t6vddbm2uo8+X3c26rbtSEKEm7DlEaDIGV4+i3gQ3rE6iYYMePi6EvwvY93f4uFXikW9pc3BQ6ufUpubOTsZXEtVWvdFrU24CeYjpNOTr9A3kkBctxAQAA
95.211.229.248200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz2PS04DMQyGr8IFGvmVh7uGLUhFPcA0k0Es2qkooCL9hyeZRWMldhL792ch0R3pTvSJ0t54Twrn4BRMAkfD69sBxriuX5ePNdT1jJRTdoco5ywo5KVkmLKZF0QaW3IqBZm9JNcCIyiom0Q1G1EgYkEueDkecHx/7i+uXY0hhH6OriPcku+jlKVOcXGdF2uRJS41NRZui5QldteLCD/n7+t6vddbm2uo8+X3c26rbtSEKEm7DlEaDIGV4+i3gQ3rE6iYYMePi6EvwvY93f4uFXikW9pc3BQ6ufUpubOTsZXEtVWvdFrU24CeYjpNOTr9A3kkBctxAQAA
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz2PS04DMQyGr8IFGvmVh7uGLUhFPcA0k0Es2qkooCL9hyeZRWMldhL792ch0R3pTvSJ0t54Twrn4BRMAkfD69sBxriuX5ePNdT1jJRTdoco5ywo5KVkmLKZF0QaW3IqBZm9JNcCIyiom0Q1G1EgYkEueDkecHx/7i+uXY0hhH6OriPcku+jlKVOcXGdF2uRJS41NRZui5QldteLCD/n7+t6vddbm2uo8+X3c26rbtSEKEm7DlEaDIGV4+i3gQ3rE6iYYMePi6EvwvY93f4uFXikW9pc3BQ6ufUpubOTsZXEtVWvdFrU24CeYjpNOTr9A3kkBctxAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://umtpopxcsedc.cdnvideo3.com
Connection: keep-alive
Referer: http://umtpopxcsedc.cdnvideo3.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://umtpopxcsedc.cdnvideo3.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 22 Mar 2025 10:41:04 GMT; path=/; domain=.realsrv.com;
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
go.xlivrdr.com/smartpop/ec1535c1cbaa3d0b93513d43b65aa5ca154a4f64912bc1c7443cc846eec2add4?userId=0d0cdc753eed23068b893e6a636a40ccaadc69dc4a5ec7ee080ed62b15816646&memberId=21b55573-35fa-49d8-b9de-0d85a3c7defd&sourceId=xxxfiles.com&p1=Promo_Banners_Straight_T1_Desk&p2=49657&trackOff=1
104.18.51.106302 Found 0 B URL HTTP/2 go.xlivrdr.com/smartpop/ec1535c1cbaa3d0b93513d43b65aa5ca154a4f64912bc1c7443cc846eec2add4?userId=0d0cdc753eed23068b893e6a636a40ccaadc69dc4a5ec7ee080ed62b15816646&memberId=21b55573-35fa-49d8-b9de-0d85a3c7defd&sourceId=xxxfiles.com&p1=Promo_Banners_Straight_T1_Desk&p2=49657&trackOff=1
IP 104.18.51.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/ec1535c1cbaa3d0b93513d43b65aa5ca154a4f64912bc1c7443cc846eec2add4?userId=0d0cdc753eed23068b893e6a636a40ccaadc69dc4a5ec7ee080ed62b15816646&memberId=21b55573-35fa-49d8-b9de-0d85a3c7defd&sourceId=xxxfiles.com&p1=Promo_Banners_Straight_T1_Desk&p2=49657&trackOff=1 HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://twinrdsrv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 23 Mar 2023 10:41:04 GMT
content-length: 0
location: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=ec1535c1cbaa3d0b93513d43b65aa5ca154a4f64912bc1c7443cc846eec2add4&campaignType=smartpop&creativeId=ca6624202b11763d71416a8ead72efb72b6393c2d3c8dd0c6eab3c1996806e05&iterationId=402449&masterSmartpopId=1914&memberId=21b55573-35fa-49d8-b9de-0d85a3c7defd&p1=Promo_Banners_Straight_T1_Desk&p2=49657&quality=optimal&ruleId=17&smartpopId=1807&sourceId=xxxfiles.com&tag=-girls%2Findian&trackOff=1&userId=0d0cdc753eed23068b893e6a636a40ccaadc69dc4a5ec7ee080ed62b15816646&variationId=30282
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=893328.30282; Path=/; HttpOnly; SameSite=Strict
__cflb=02DiuDfsBaY2bRYJiCfFHYpfgnRfzoh6KnTjY23ws6i84; SameSite=None; Secure; path=/; expires=Fri, 24-Mar-23 09:41:04 GMT; HttpOnly
server: cloudflare
cf-ray: 7ac60f52299c0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.xlivrdr.com/smartpop/ec1535c1cbaa3d0b93513d43b65aa5ca154a4f64912bc1c7443cc846eec2add4?userId=0d0cdc753eed23068b893e6a636a40ccaadc69dc4a5ec7ee080ed62b15816646&memberId=41d72742-51c6-4217-8e52-36cad911761d&sourceId=xxxfiles.com&p1=Promo_Banners_Straight_T1_Desk&p2=49657&trackOff=1
104.18.51.106302 Found 0 B URL HTTP/2 go.xlivrdr.com/smartpop/ec1535c1cbaa3d0b93513d43b65aa5ca154a4f64912bc1c7443cc846eec2add4?userId=0d0cdc753eed23068b893e6a636a40ccaadc69dc4a5ec7ee080ed62b15816646&memberId=41d72742-51c6-4217-8e52-36cad911761d&sourceId=xxxfiles.com&p1=Promo_Banners_Straight_T1_Desk&p2=49657&trackOff=1
IP 104.18.51.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/ec1535c1cbaa3d0b93513d43b65aa5ca154a4f64912bc1c7443cc846eec2add4?userId=0d0cdc753eed23068b893e6a636a40ccaadc69dc4a5ec7ee080ed62b15816646&memberId=41d72742-51c6-4217-8e52-36cad911761d&sourceId=xxxfiles.com&p1=Promo_Banners_Straight_T1_Desk&p2=49657&trackOff=1 HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://twinrdsrv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 23 Mar 2023 10:41:04 GMT
content-length: 0
location: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=ec1535c1cbaa3d0b93513d43b65aa5ca154a4f64912bc1c7443cc846eec2add4&campaignType=smartpop&creativeId=ca6624202b11763d71416a8ead72efb72b6393c2d3c8dd0c6eab3c1996806e05&iterationId=402449&masterSmartpopId=1914&memberId=41d72742-51c6-4217-8e52-36cad911761d&p1=Promo_Banners_Straight_T1_Desk&p2=49657&quality=optimal&ruleId=17&smartpopId=1807&sourceId=xxxfiles.com&tag=-girls%2Findian&trackOff=1&userId=0d0cdc753eed23068b893e6a636a40ccaadc69dc4a5ec7ee080ed62b15816646&variationId=30282
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=893328.30282; Path=/; HttpOnly; SameSite=Strict
__cflb=02DiuDfsBaY2bRYJiCddNhqGgfsRfgxdZSR77f3VWMR8Y; SameSite=None; Secure; path=/; expires=Fri, 24-Mar-23 09:41:04 GMT; HttpOnly
server: cloudflare
cf-ray: 7ac60f52399f0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 73d642075b0b14d83ba5e1e6ea839319
f94fe475dce289215c0f38833a1acf4f25e755d7
ae6e3a87910b22a44d77dc05f40d5d2e7088d19ce0311b7a98f78274e7cc0409
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE6E3A87910B22A44D77DC05F40D5D2E7088D19CE0311B7A98F78274E7CC0409"
Last-Modified: Tue, 21 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14543
Expires: Thu, 23 Mar 2023 14:43:27 GMT
Date: Thu, 23 Mar 2023 10:41:04 GMT
Connection: keep-alive
go.xlivrdr.com/smartpop/ec1535c1cbaa3d0b93513d43b65aa5ca154a4f64912bc1c7443cc846eec2add4?userId=0d0cdc753eed23068b893e6a636a40ccaadc69dc4a5ec7ee080ed62b15816646&memberId=d3a82dd2-26c0-4e9d-b530-e10bbc57bbd2&sourceId=xxxfiles.com&p1=Promo_Banners_Straight_T1_Desk&p2=49657&trackOff=1
104.18.51.106302 Found 0 B URL HTTP/2 go.xlivrdr.com/smartpop/ec1535c1cbaa3d0b93513d43b65aa5ca154a4f64912bc1c7443cc846eec2add4?userId=0d0cdc753eed23068b893e6a636a40ccaadc69dc4a5ec7ee080ed62b15816646&memberId=d3a82dd2-26c0-4e9d-b530-e10bbc57bbd2&sourceId=xxxfiles.com&p1=Promo_Banners_Straight_T1_Desk&p2=49657&trackOff=1
IP 104.18.51.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/ec1535c1cbaa3d0b93513d43b65aa5ca154a4f64912bc1c7443cc846eec2add4?userId=0d0cdc753eed23068b893e6a636a40ccaadc69dc4a5ec7ee080ed62b15816646&memberId=d3a82dd2-26c0-4e9d-b530-e10bbc57bbd2&sourceId=xxxfiles.com&p1=Promo_Banners_Straight_T1_Desk&p2=49657&trackOff=1 HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://twinrdsrv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 23 Mar 2023 10:41:04 GMT
content-length: 0
location: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=ec1535c1cbaa3d0b93513d43b65aa5ca154a4f64912bc1c7443cc846eec2add4&campaignType=smartpop&creativeId=ca6624202b11763d71416a8ead72efb72b6393c2d3c8dd0c6eab3c1996806e05&iterationId=402449&masterSmartpopId=1914&memberId=d3a82dd2-26c0-4e9d-b530-e10bbc57bbd2&p1=Promo_Banners_Straight_T1_Desk&p2=49657&quality=optimal&ruleId=17&smartpopId=1807&sourceId=xxxfiles.com&tag=-girls%2Findian&trackOff=1&userId=0d0cdc753eed23068b893e6a636a40ccaadc69dc4a5ec7ee080ed62b15816646&variationId=30282
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=893328.30282; Path=/; HttpOnly; SameSite=Strict
__cflb=02DiuDfsBaY2bRYJiCeScBLPeXxw9eeb9JD1ET1wGkEyS; SameSite=None; Secure; path=/; expires=Fri, 24-Mar-23 09:41:04 GMT; HttpOnly
server: cloudflare
cf-ray: 7ac60f5229990b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
registercherryheadquarter.com/sbar.json?key=f1558eeca431d45f5f8240bae243d8b1
173.233.137.44200 OK 4.0 kB URL HTTP/1.1 registercherryheadquarter.com/sbar.json?key=f1558eeca431d45f5f8240bae243d8b1
IP 173.233.137.44:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6037), with no line terminators
Hash 7a7b5e43ae941494d249943c6de8df0f
e61340160157ecdd0ad4ff357e8c03c382b41933
da9068c95e39994224146b106fb5c7c17f6fb8c2e4500f7392a26a513a5c331b
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=f1558eeca431d45f5f8240bae243d8b1 HTTP/1.1
Host: registercherryheadquarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 10:41:04 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.xxxfiles.tv
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18618717; expires=Fri, 24 Mar 2023 10:41:04 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 24 Mar 2023 10:41:04 GMT; secure; SameSite=None
uncs=1; expires=Fri, 24 Mar 2023 10:41:04 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 24 Mar 2023 10:41:04 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 24 Mar 2023 10:41:04 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d9bc1be987651a53e1196a7f4cb7f6a8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
syndication.realsrv.com/splash.php?idzone=4646896
95.211.229.248200 OK 2.9 kB URL HTTP/1.1 syndication.realsrv.com/splash.php?idzone=4646896
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 65e346a8c47411891346c164e1f6f0ec
a094654291ba20bf6e66788f85fb728ef56196a4
7c8a581b9fbc4e244535d50d5a502afba23fe2aa874113ba613c37d9c452114f
GET /splash.php?idzone=4646896 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:04 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22641c2cc07b4f74.836433683021290702%22%3B%7D; expires=Sat, 22 Mar 2025 10:41:04 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4646896%7C80752864%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Cxxxfiles.tv%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Fri, 24 Mar 2023 10:41:04 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
video.ktkjmp.com/adsbygoogle.js
104.18.62.235200 OK 79 kB URL HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP 104.18.62.235:0
Hash 319426144b3a1caab08540f2d55cdbcc
7c747faf75d4a47e07f74ba9d93a6ba2801c45d5
4da733ff9c3177ed4757c70300104d1f5c34123ec5ed0fb3d883215cf0e4c132
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlivrdr.com/
Origin: https://creative.xlivrdr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:04 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: umnGOMVCjminO+qe5UBV06OrSizh/U59KvaEibge5v1gMRbq/UnThpljPBepeh+5w7wEpQIcu/4=
x-amz-request-id: 3YW9SERF7DC7262X
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xlivrdr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 6686
expires: Thu, 23 Mar 2023 14:41:04 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f539a2cb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
syndication.realsrv.com/splash.php?idzone=4248590
95.211.229.248200 OK 4.2 kB URL HTTP/1.1 syndication.realsrv.com/splash.php?idzone=4248590
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 60e23bcafc151b95131a4446dc16cc4e
35489fe0320a8dc89aacf361424f60ef8f1dd0e0
4bf44cca1e9bee4c2eb0064b29223ea41f1b32853ef70824440fe88ec94b101d
GET /splash.php?idzone=4248590 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22641c2cc07b4f74.836433683021290702%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4646896%7C80752864%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Cxxxfiles.tv%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 10:41:04 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22641c2cc07b4f74.836433683021290702%22%3B%7D; expires=Sat, 22 Mar 2025 10:41:04 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4248590%7C76717922%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C641c2cc07b4f74.836433683021290702%7C%7C0%7Cxxxfiles.tv%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Fri, 24 Mar 2023 10:41:04 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
improviseprofane.com/sbar.json?key=cc48f4cc72bd1ab0cd76dca8048a896c
173.233.137.36200 OK 4.3 kB URL HTTP/1.1 improviseprofane.com/sbar.json?key=cc48f4cc72bd1ab0cd76dca8048a896c
IP 173.233.137.36:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5977), with no line terminators
Hash 8c22285c42bbea4dd14ff9c423c62041
5e96ccde18d93d80d4d2117b4f7000b5d73c877d
a16def693fa70f4490ee4dad78c99c4a66ad741bf4df45b1e8682f12f916c112
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=cc48f4cc72bd1ab0cd76dca8048a896c HTTP/1.1
Host: improviseprofane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 10:41:04 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.xxxfiles.tv
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17371676; expires=Fri, 24 Mar 2023 10:41:04 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 24 Mar 2023 10:41:04 GMT; secure; SameSite=None
uncs=1; expires=Fri, 24 Mar 2023 10:41:04 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 24 Mar 2023 10:41:04 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 24 Mar 2023 10:41:04 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc1465f8208cb2bb672855eb3e421f7c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b35cd610ca1e023afa7463aab837549
1111d57c584a817f7155a6a0b6c561205cb523bb
d4102cdc832d746a8829089aaa3b7a9d5d0f87d920d0f53e5eac80af5d76219e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4102CDC832D746A8829089AAA3B7A9D5D0F87D920D0F53E5EAC80AF5D76219E"
Last-Modified: Tue, 21 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12073
Expires: Thu, 23 Mar 2023 14:02:17 GMT
Date: Thu, 23 Mar 2023 10:41:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b35cd610ca1e023afa7463aab837549
1111d57c584a817f7155a6a0b6c561205cb523bb
d4102cdc832d746a8829089aaa3b7a9d5d0f87d920d0f53e5eac80af5d76219e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4102CDC832D746A8829089AAA3B7A9D5D0F87D920D0F53E5EAC80AF5D76219E"
Last-Modified: Tue, 21 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12073
Expires: Thu, 23 Mar 2023 14:02:17 GMT
Date: Thu, 23 Mar 2023 10:41:04 GMT
Connection: keep-alive
registercherryheadquarter.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWsbxxeeTfw75fJLCIFACuqthSDvStpYaqChbupg6tpunOJTD7Mzs%2FLUszPLzK5W1sk0tORQitpTj%2BtPdkzbEJI%2FoBDkXlrTglVK8aGG%2FA2FQG9FskDtg5n3vvne4fvem8%2F38jPiI6en6x%2BYnlSKzodVv%2FLGptTcFK6y%2BqAS%2BFX%2FdmVT6luN25Xu%2BLKdtwI%2FrPpvVu4Jtm3ma37g%2B4EfVJakFbHpzk9YyPRJK6i2%2FGqjVg3CBrr2v9jlHhz1wDtn5AokH%2F1v66fnkGwInTy7K9x2ZtKb7yW5opmx6PDDj%2FS2NoVGMitj6yHWh9NuGDci5JsLMPpw6gCmsz92gEiOiPdHgEgfTmUi6hycK40UhEbEL6HoDCHUEJIOwcxDSH5CAMaxugadPF41tqA75ywdsyMy9%2BovyGJE5v68Cp08XVSyW9kwKs%2Bk0Q7duITsDiHbQ6T5EbKeB1kcgWWfQvJfyfyrFehkf80pA8nLiXsph5DxEEr0QZ2HfHykhzz2kKceEn5aoWEr9v2FOIrr9WaDMVavMxY2b%2FGQ1xvN2EfOxvL6yNI%2BmOqD2V2kdhfb8uuT8MrJyjJs%2FgJuq4TjHlw2It6Hu%2BjwEoUgKBxBQQkKSVBkBEWnPODK1Vz5mCuXR8E016a5Xg5M1t6jByZrC0320jNyeTwd78b1j7EtTitxEIZNIRht1APeCOMwbtYafkRFrVHnzSiAkyWkuzAx3JMjcvnaZ0jliFygvyCiR3DqCEz%2BHzR%2FDbQYLNR80K1Bo%2Bmjp591hN2JrRCpsbrKTAJuSqTZHLIdb0%2BdkeuTTb29cQ2CHd%2F5%2BeW9p1d7L8FsidSW%2BET%2BSNBWjwb3TUH275vCkedraSYT2aPjLW5kNBMXv3tf7BTG8uW7rv%2FtO2xMjMsnD4TLVqjmUrcd%2BX5Rci7skrFMkB%2BW3aaI1nO3tZhbnacr6%2B8uLSepFc5Jo4eg8sR9ASZH5JL5e%2FI%2FX%2F%2F9S0g7hM1LJPkxmQakGYKlu3DpTL0zBFbNeqLUQ5GXA1uLZo9KEigxwzQq4f6Fo1m95x6hbT3Q7CF0UqJjS3RUCar6cPnFQZba4zu%2F1SeBSHmDSFlvP1JWfXU%2BWidPKyKM%2FVj4NRHFrSheoD5vxY1WRFuBWIhCGiBzI37j5ot%2FAAAA%2F%2F8BAAD%2F%2F1JHKNh3BAAA
173.233.137.44200 OK 7 B URL HTTP/1.1 registercherryheadquarter.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWsbxxeeTfw75fJLCIFACuqthSDvStpYaqChbupg6tpunOJTD7Mzs%2FLUszPLzK5W1sk0tORQitpTj%2BtPdkzbEJI%2FoBDkXlrTglVK8aGG%2FA2FQG9FskDtg5n3vvne4fvem8%2F38jPiI6en6x%2BYnlSKzodVv%2FLGptTcFK6y%2BqAS%2BFX%2FdmVT6luN25Xu%2BLKdtwI%2FrPpvVu4Jtm3ma37g%2B4EfVJakFbHpzk9YyPRJK6i2%2FGqjVg3CBrr2v9jlHhz1wDtn5AokH%2F1v66fnkGwInTy7K9x2ZtKb7yW5opmx6PDDj%2FS2NoVGMitj6yHWh9NuGDci5JsLMPpw6gCmsz92gEiOiPdHgEgfTmUi6hycK40UhEbEL6HoDCHUEJIOwcxDSH5CAMaxugadPF41tqA75ywdsyMy9%2BovyGJE5v68Cp08XVSyW9kwKs%2Bk0Q7duITsDiHbQ6T5EbKeB1kcgWWfQvJfyfyrFehkf80pA8nLiXsph5DxEEr0QZ2HfHykhzz2kKceEn5aoWEr9v2FOIrr9WaDMVavMxY2b%2FGQ1xvN2EfOxvL6yNI%2BmOqD2V2kdhfb8uuT8MrJyjJs%2FgJuq4TjHlw2It6Hu%2BjwEoUgKBxBQQkKSVBkBEWnPODK1Vz5mCuXR8E016a5Xg5M1t6jByZrC0320jNyeTwd78b1j7EtTitxEIZNIRht1APeCOMwbtYafkRFrVHnzSiAkyWkuzAx3JMjcvnaZ0jliFygvyCiR3DqCEz%2BHzR%2FDbQYLNR80K1Bo%2Bmjp591hN2JrRCpsbrKTAJuSqTZHLIdb0%2BdkeuTTb29cQ2CHd%2F5%2BeW9p1d7L8FsidSW%2BET%2BSNBWjwb3TUH275vCkedraSYT2aPjLW5kNBMXv3tf7BTG8uW7rv%2FtO2xMjMsnD4TLVqjmUrcd%2BX5Rci7skrFMkB%2BW3aaI1nO3tZhbnacr6%2B8uLSepFc5Jo4eg8sR9ASZH5JL5e%2FI%2FX%2F%2F9S0g7hM1LJPkxmQakGYKlu3DpTL0zBFbNeqLUQ5GXA1uLZo9KEigxwzQq4f6Fo1m95x6hbT3Q7CF0UqJjS3RUCar6cPnFQZba4zu%2F1SeBSHmDSFlvP1JWfXU%2BWidPKyKM%2FVj4NRHFrSheoD5vxY1WRFuBWIhCGiBzI37j5ot%2FAAAA%2F%2F8BAAD%2F%2F1JHKNh3BAAA
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwWsbxxeeTfw75fJLCIFACuqthSDvStpYaqChbupg6tpunOJTD7Mzs%2FLUszPLzK5W1sk0tORQitpTj%2BtPdkzbEJI%2FoBDkXlrTglVK8aGG%2FA2FQG9FskDtg5n3vvne4fvem8%2F38jPiI6en6x%2BYnlSKzodVv%2FLGptTcFK6y%2BqAS%2BFX%2FdmVT6luN25Xu%2BLKdtwI%2FrPpvVu4Jtm3ma37g%2B4EfVJakFbHpzk9YyPRJK6i2%2FGqjVg3CBrr2v9jlHhz1wDtn5AokH%2F1v66fnkGwInTy7K9x2ZtKb7yW5opmx6PDDj%2FS2NoVGMitj6yHWh9NuGDci5JsLMPpw6gCmsz92gEiOiPdHgEgfTmUi6hycK40UhEbEL6HoDCHUEJIOwcxDSH5CAMaxugadPF41tqA75ywdsyMy9%2BovyGJE5v68Cp08XVSyW9kwKs%2Bk0Q7duITsDiHbQ6T5EbKeB1kcgWWfQvJfyfyrFehkf80pA8nLiXsph5DxEEr0QZ2HfHykhzz2kKceEn5aoWEr9v2FOIrr9WaDMVavMxY2b%2FGQ1xvN2EfOxvL6yNI%2BmOqD2V2kdhfb8uuT8MrJyjJs%2FgJuq4TjHlw2It6Hu%2BjwEoUgKBxBQQkKSVBkBEWnPODK1Vz5mCuXR8E016a5Xg5M1t6jByZrC0320jNyeTwd78b1j7EtTitxEIZNIRht1APeCOMwbtYafkRFrVHnzSiAkyWkuzAx3JMjcvnaZ0jliFygvyCiR3DqCEz%2BHzR%2FDbQYLNR80K1Bo%2Bmjp591hN2JrRCpsbrKTAJuSqTZHLIdb0%2BdkeuTTb29cQ2CHd%2F5%2BeW9p1d7L8FsidSW%2BET%2BSNBWjwb3TUH275vCkedraSYT2aPjLW5kNBMXv3tf7BTG8uW7rv%2FtO2xMjMsnD4TLVqjmUrcd%2BX5Rci7skrFMkB%2BW3aaI1nO3tZhbnacr6%2B8uLSepFc5Jo4eg8sR9ASZH5JL5e%2FI%2FX%2F%2F9S0g7hM1LJPkxmQakGYKlu3DpTL0zBFbNeqLUQ5GXA1uLZo9KEigxwzQq4f6Fo1m95x6hbT3Q7CF0UqJjS3RUCar6cPnFQZba4zu%2F1SeBSHmDSFlvP1JWfXU%2BWidPKyKM%2FVj4NRHFrSheoD5vxY1WRFuBWIhCGiBzI37j5ot%2FAAAA%2F%2F8BAAD%2F%2F1JHKNh3BAAA HTTP/1.1
Host: registercherryheadquarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: u_pl=18618717; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 10:41:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c3a248e85720b204286792e76d5b2739
Strict-Transport-Security: max-age=0; includeSubdomains
go.xlirdr.com/smartpop/8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20?userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&memberId=ooc4ASOprprturdbLZVPbXS6VzqpbXUzOodTK6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOc6VylK47.3LGZDnOldK6V0rpXSuldK6VwfYA-
104.18.51.106302 Found 0 B URL HTTP/2 go.xlirdr.com/smartpop/8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20?userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&memberId=ooc4ASOprprturdbLZVPbXS6VzqpbXUzOodTK6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOc6VylK47.3LGZDnOldK6V0rpXSuldK6VwfYA-
IP 104.18.51.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20?userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&memberId=ooc4ASOprprturdbLZVPbXS6VzqpbXUzOodTK6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOc6VylK47.3LGZDnOldK6V0rpXSuldK6VwfYA- HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 23 Mar 2023 10:41:04 GMT
content-length: 0
location: https://go.xlirdr.com/api/models/vast?campaignId=8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20&campaignType=smartpop&creativeId=4ecbf483db62b985de7f6ba77c0c167dcdbbd27e797a4c82eb223a1393acd989&iterationId=414986&masterSmartpopId=2683&memberId=ooc4ASOprprturdbLZVPbXS6VzqpbXUzOodTK6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOc6VylK47.3LGZDnOldK6V0rpXSuldK6VwfYA-&ruleId=157&smartpopId=7237&tag=girls&usePreroll=true&userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&variationId=30386
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=67574152.30386; Path=/; HttpOnly; SameSite=Strict
__cflb=0H28uukSkGJRy5UBr1u9iAwwBfboBLDnR111ythuhgG; SameSite=None; Secure; path=/; expires=Fri, 24-Mar-23 09:41:04 GMT; HttpOnly
server: cloudflare
cf-ray: 7ac60f55ee781c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tsyndicate.com/do2/5a4d8c9f24e543abb29e2f21424e70ea/vast?
136.243.80.153200 OK 4.1 kB URL HTTP/2 tsyndicate.com/do2/5a4d8c9f24e543abb29e2f21424e70ea/vast?
IP 136.243.80.153:0
ASN #24940 Hetzner Online GmbH
Hash eca5d9f90bdd72b8abcc1aa3ad694911
3ca4b453d5f5cb5c049bd1a1084688b07f531491
4acaa38269a1d4097a28a68102bed9b718946da8c9624ea9dd68fe0a9f3443d2
GET /do2/5a4d8c9f24e543abb29e2f21424e70ea/vast? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Cookie: ts_uid=75387cc9-7a1c-4f4c-9bbf-223562984651; bfq=APeIECNCx5YZMmbMiFFjRhcWIsYU3BLjoYgyE2PYuJHDRg0aNGzQ6NJH
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 10:41:04 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-vast: 3.0
x-request-id: 82d48c08d6b35a38
set-cookie: ts_uid=75387cc9-7a1c-4f4c-9bbf-223562984651; expires=Sat, 23 Sep 2023 10:41:04 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCx5YZMmbMiFFjRhcWIsYU3CLjoYgyE2PYuJHDRg0aNGzQ6NJH; expires=Fri, 24 Mar 2023 10:41:04 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
go.xlirdr.com/easy?campaignId=56887531e20ffc8ec4b32f114752cd5e087f0e1a66a28e88fe82ad1f38a4c7c1&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&xhVersion=1&skipOffset=00:00:05&memberId=7b28721a-3822-4410-8645-bc3fe14eeef2&contentType=video/mp4&no_bb=1
104.18.51.106302 Found 0 B URL HTTP/2 go.xlirdr.com/easy?campaignId=56887531e20ffc8ec4b32f114752cd5e087f0e1a66a28e88fe82ad1f38a4c7c1&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&xhVersion=1&skipOffset=00:00:05&memberId=7b28721a-3822-4410-8645-bc3fe14eeef2&contentType=video/mp4&no_bb=1
IP 104.18.51.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /easy?campaignId=56887531e20ffc8ec4b32f114752cd5e087f0e1a66a28e88fe82ad1f38a4c7c1&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&xhVersion=1&skipOffset=00:00:05&memberId=7b28721a-3822-4410-8645-bc3fe14eeef2&contentType=video/mp4&no_bb=1 HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 23 Mar 2023 10:41:04 GMT
content-length: 0
location: https://go.xlirdr.com/api/models/vast?campaignId=56887531e20ffc8ec4b32f114752cd5e087f0e1a66a28e88fe82ad1f38a4c7c1&campaignType=easylink&contentType=video%2Fmp4&creativeId=4ecbf483db62b985de7f6ba77c0c167dcdbbd27e797a4c82eb223a1393acd989&iterationId=414909&masterSmartpopId=2683&memberId=7b28721a-3822-4410-8645-bc3fe14eeef2&no_bb=1&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=5347&tag=girls&usePreroll=true&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=30386&xhVersion=1
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=67247758.30386; Path=/; HttpOnly; SameSite=Strict
__cflb=02DiuDfsBaY2bRYJiCeS4Kkib9dpHBnhaXi4RnGPGkvgL; SameSite=None; Secure; path=/; expires=Fri, 24-Mar-23 09:41:04 GMT; HttpOnly
server: cloudflare
cf-ray: 7ac60f560e911c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 494945b8bb9f0e55d9f0f28877421a46
7757bda1d05aeee71219158f5ce67891c8cc3524
26f0004290e81e938d7a4d6f22d8ef03a79dcf0c3ebabd71296df782e6cff94f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26F0004290E81E938D7A4D6F22D8EF03A79DCF0C3EBABD71296DF782E6CFF94F"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11623
Expires: Thu, 23 Mar 2023 13:54:48 GMT
Date: Thu, 23 Mar 2023 10:41:05 GMT
Connection: keep-alive
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
45.133.44.3200 OK 31 kB URL HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash 0ac6afeef66adc6d68614b357a0b17ea
19100f057abceaef4d63d2cf34bebaa465d30a65
5a3a6ab2ae0ebf23c1d3b77be4972ddc7e0032b73b0a9a6ce75ffb9707b48e0c
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:04 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 23 Mar 2023 11:41:04 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
umtpopxcsedc.cdnvideo3.com/api/spots/309159?host=www.xxxfiles.tv&ev=205&wh=939&ww=1280&uuid=&i=1&kw=Masturbation%2Cyoung%2CSquirt%2Csquirting%2CSolo%2CFisting%2Cpublic%20nudity%2Cdancing%20scenes%2Cextreme%20closeups%2Cmasturbation%20to%20orgasm%2Cother%20stuffing%2Cupskirt%20in%20public%2Cftvgirls.com%2Cvagina%20gaping%20closeups%2Clong%20labia%20and%20stretching%2CEllie&s1=%25subid1%25
135.181.208.216200 OK 42 kB URL HTTP/2 umtpopxcsedc.cdnvideo3.com/api/spots/309159?host=www.xxxfiles.tv&ev=205&wh=939&ww=1280&uuid=&i=1&kw=Masturbation%2Cyoung%2CSquirt%2Csquirting%2CSolo%2CFisting%2Cpublic%20nudity%2Cdancing%20scenes%2Cextreme%20closeups%2Cmasturbation%20to%20orgasm%2Cother%20stuffing%2Cupskirt%20in%20public%2Cftvgirls.com%2Cvagina%20gaping%20closeups%2Clong%20labia%20and%20stretching%2CEllie&s1=%25subid1%25
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 8ff5dd214e181c9419b30b6ccf060f27
de1ef2bf990f585d441169715518db5e741a85ec
1cad352949f59b6c99fe7d75deed1d2fba8d718328cd88b70a8cea801a455e0a
GET /api/spots/309159?host=www.xxxfiles.tv&ev=205&wh=939&ww=1280&uuid=&i=1&kw=Masturbation%2Cyoung%2CSquirt%2Csquirting%2CSolo%2CFisting%2Cpublic%20nudity%2Cdancing%20scenes%2Cextreme%20closeups%2Cmasturbation%20to%20orgasm%2Cother%20stuffing%2Cupskirt%20in%20public%2Cftvgirls.com%2Cvagina%20gaping%20closeups%2Clong%20labia%20and%20stretching%2CEllie&s1=%25subid1%25 HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 10:41:04 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=VpXsKGnikRABPCsvrR1E; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1679568000/95501563
104.18.63.124200 OK 35 kB URL HTTP/2 img.strpst.com/thumbs/1679568000/95501563
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash eb539d05c11fff8a0e4d4270fb458324
fb0fd56d5b60cc0277354af2b610c3bedac50bc4
70c1c58c08b42a93236b9961832faff9a3cf8c79c7170519e00a382c2b9df22e
GET /thumbs/1679568000/95501563 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: image/jpeg
content-length: 34945
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-bgj: imgq:100,h2pri
cf-polished: origSize=36112, status=webp_bigger
etag: "e264a11c18266cbf53e3529a34b33d74"
last-modified: Thu, 23 Mar 2023 10:39:47 GMT
cf-cache-status: HIT
age: 63
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f56fb7f1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
45.133.44.3200 OK 30 kB URL HTTP/2 cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash 65393d5cd314955a8a5d375881c634b6
7a924dedd299a52b8eab2c74b48c9ffba540e30f
314add567d111563d3ec234ddbb2a43e3765e5275f73681faae162c935091647
GET /sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:04 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 12:54:16 GMT
etag: W/"602fb4f8-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 23 Mar 2023 11:41:04 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1679568000/48780161
104.18.63.124200 OK 25 kB URL HTTP/2 img.strpst.com/thumbs/1679568000/48780161
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash 8eb5344cca56ef188ed1c26a05092f30
04f7f86ce287e1a7e4ac9a7133e3f7c5964a0882
0d762eabd3ff45bb512e21068b4264e95685ce968ec8eac9dfc727d33ce7eeb1
GET /thumbs/1679568000/48780161 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: image/jpeg
content-length: 24562
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-bgj: imgq:100,h2pri
cf-polished: origSize=25549, status=webp_bigger
etag: "ca6accff9fb60d3d0514ec30e29ec54a"
last-modified: Thu, 23 Mar 2023 10:39:36 GMT
cf-cache-status: HIT
age: 62
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f570b921c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1679568000/87386015
104.18.63.124200 OK 32 kB URL HTTP/2 img.strpst.com/thumbs/1679568000/87386015
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 648x360, components 3\012- data
Hash 18641e383480cb4a466e9322eb54ce34
80f6b9808bfdfcccbab0ae02dbc3165ef3a8378b
9c22186d21c779aa204d6acc3fa25b4e42fdb8063aea3589747d79b27af9436c
GET /thumbs/1679568000/87386015 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: image/jpeg
content-length: 31540
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-bgj: imgq:100,h2pri
cf-polished: origSize=32822, status=webp_bigger
etag: "c3f91bbd0f6b9b157978e900c0a94177"
last-modified: Thu, 23 Mar 2023 10:39:15 GMT
cf-cache-status: HIT
age: 57
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f56fb831c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1679568000/80316166
104.18.63.124200 OK 42 kB URL HTTP/2 img.strpst.com/thumbs/1679568000/80316166
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash d05cc8461a66192b92215ea9d3993156
7483a0e6a9a70c6899f62f1016ed86319a0ed39f
571275d7a78aa8758eb78df66ad0762deff65d656b9d1f981a0a58a246d6e6e6
GET /thumbs/1679568000/80316166 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: image/jpeg
content-length: 41891
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-bgj: imgq:100,h2pri
cf-polished: origSize=44308, status=webp_bigger
etag: "213b4fecaa108f30d1dd5522283fc9dd"
last-modified: Thu, 23 Mar 2023 10:39:13 GMT
cf-cache-status: HIT
age: 56
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f56fb861c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1679568000/77550739
104.18.63.124200 OK 39 kB URL HTTP/2 img.strpst.com/thumbs/1679568000/77550739
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash f248c9209f8c815948699d2a08795762
030651ec67518131fc9ce5a77483f31278bf00fd
f44e8753af66d0d06c773e7090878d262fa81511db32bc62de37f9b3484599bc
GET /thumbs/1679568000/77550739 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: image/jpeg
content-length: 38752
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-bgj: imgq:100,h2pri
cf-polished: origSize=41222, status=webp_bigger
etag: "767412240d0935914aaab85f116f1b80"
last-modified: Thu, 23 Mar 2023 10:39:30 GMT
cf-cache-status: HIT
age: 62
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f570b901c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1679568000/94049035
104.18.63.124200 OK 50 kB URL HTTP/2 img.strpst.com/thumbs/1679568000/94049035
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 9954a706a688e40ae91b618d6978e82d
6a8b816ece4c2f23601aced69f8e5733e00505ee
6e9c0e6cff21a4b310f48ae952a3f41379ccef154938e899b06d7e867d3665be
GET /thumbs/1679568000/94049035 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: image/jpeg
content-length: 49468
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-bgj: imgq:100,h2pri
cf-polished: origSize=50886, status=webp_bigger
etag: "bd8a94ddaae4d59cb7f5b5adfd3c17c7"
last-modified: Thu, 23 Mar 2023 10:39:27 GMT
cf-cache-status: HIT
age: 62
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f570b941c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1679568000/103723538
104.18.63.124200 OK 44 kB URL HTTP/2 img.strpst.com/thumbs/1679568000/103723538
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 0fca9901c6f40fe87be8600cb70ad8a6
417911e687938788fb47dae6f3915ee1a5040d7a
986479fefaeed3fcf4d2bc973b8bec47b868badbb052f4b16d80917ec9719be6
GET /thumbs/1679568000/103723538 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: image/jpeg
content-length: 44039
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-bgj: imgq:100,h2pri
cf-polished: origSize=45454, status=webp_bigger
etag: "c4ae6d40f00005664cb93b64a841db58"
last-modified: Thu, 23 Mar 2023 10:39:11 GMT
cf-cache-status: HIT
age: 61
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f570b951c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.74200 OK 660 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.74:0
Hash 55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 23 Mar 2023 10:41:05 GMT
Date: Thu, 23 Mar 2023 10:41:05 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn.creative-bars1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
172.64.166.9200 OK 1.1 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
IP 172.64.166.9:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 13dd818edf5cfeb29167d146ff88785a
9775609187c66e1188aaecf9606c503b0755afe8
04cf5a4989b4ed829a0572a364fd50a8a35779ec4759b6e60c0f698d54e91d83
GET /sb/ssp/utility/social-media/whatsapp/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:19:43 GMT
etag: W/"60254b0f-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 11047785
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BICx%2FDzLggMcohJvYsjdI39c%2BZxbFHurY4lsNe0d8k6mlgu52eDo2SZActE7ThvZ4BhrR5bM5TyClyX%2FBTj2I7rQ%2BoTFkfIJu0DLOLimLscUdUeqK8cgA8FRHIaQeA7%2F0Ac5hnnAmQHG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f588b983855-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dbc482c9e68924aca2d3c0b78f9ffa1d
24af8a9ea51600ce0b5824bc64e663838a212be8
fe9a1b3c4fb8bbb1b0df43875b6d563b7967e2d9fc9529dbb6d4865a9faa7752
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE9A1B3C4FB8BBB1B0DF43875B6D563B7967E2D9FC9529DBB6D4865A9FAA7752"
Last-Modified: Wed, 22 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17840
Expires: Thu, 23 Mar 2023 15:38:25 GMT
Date: Thu, 23 Mar 2023 10:41:05 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/c6/9a/f6/c69af62e3cbd0d91d332fbb8d334d20d/1664809088.jpg
45.133.44.10200 OK 18 kB URL HTTP/2 cdn.cloudimagesb.com/si/c6/9a/f6/c69af62e3cbd0d91d332fbb8d334d20d/1664809088.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 134787da0bebf45283b62cd462fbbe5c
abcba8dbf3806bc9729947b296f9f8bcfae50923
fdb4a9fce0bb8aef8727ef30b222eb392858f6cbd5683d6709f130286f8981c8
GET /si/c6/9a/f6/c69af62e3cbd0d91d332fbb8d334d20d/1664809088.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: image/jpeg
content-length: 18489
server: nginx/1.17.6
last-modified: Mon, 03 Oct 2022 14:58:17 GMT
etag: "633af889-4839"
expires: Sat, 25 Mar 2023 10:41:05 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/52/97/c1/5297c1fb64175109fb5f09fefd0f9a13/1658144766.jpg
45.133.44.10200 OK 13 kB URL HTTP/2 cdn.cloudimagesb.com/si/52/97/c1/5297c1fb64175109fb5f09fefd0f9a13/1658144766.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 47e747449351084fe5ef429526819017
827962eecfdd9a9858d1e25c8f403d35acb58927
0291133ac72562f0b1ecbfd6b490b474e551d2bfa29d43598ed88feefe4e5d59
GET /si/52/97/c1/5297c1fb64175109fb5f09fefd0f9a13/1658144766.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: image/jpeg
content-length: 13212
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:46:14 GMT
etag: "62d54806-339c"
expires: Sat, 25 Mar 2023 10:41:05 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 22 Mar 2023 18:05:14 GMT
Expires: Thu, 21 Mar 2024 18:05:14 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
Age: 59751
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 22 Mar 2023 18:05:14 GMT
Expires: Thu, 21 Mar 2024 18:05:14 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
Age: 59751
improviseprofane.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3s0eZC8a9qCwwnhTWCbd8yPT44KLcc0SjEncrORcXVU9KVPd1VR1T08GhOCC7MHD6Mlj55tkgxoW9w8Qlo4XDQoZEcnBwF69CgveZCYDow%2Bq3vvqe4fve68%2B388uiIuMnm98qPtSKbrQrLqVN7dkzHVuK2sPKp5bdW9XtmS82Lhd6Y0v033bc5tV963KPcF29ELN9VzXc73KsjQi1L2FCQuZHLe9atutNmpVr9lAz%2Fwf28yBpQ5494LMQ%2FLRte2fnkKyEnH0%2FV1hd1Kd3Ho%2FyhRNtUGXH30c78Q6jxHNytA4COOjaTe0HRHy9RXo%2BGjqALp7MHaAQI6I84eHID6aykTQPbxUGiiIGAG%2FjrxbQqgSkpZg%2BiEkPyMA41hbRxw9XtMmp7uXLB2zIzL34m%2FIfETm%2FryBOHqypGSvsqlVlkodW%2FTCArJXQnZKJNkJ0r4DmZ%2BApZ9B8l%2FJwotVxNHBulUakhcT91KWkGEJJQag1kE2PtJBFjrIEgcRP6%2FQZjt03VYYhPW632CM1euMNf1F3uT1hh%2B6yNhY3gBpMgBTAzCzh8TsYUd%2BddacP1tdgcmewW4XsNyBTUfE%2BWgPXV4gFwS5JcgpQS4J8pQg7xaHXNmaLR5zZbPAm%2BbaNNeLoU47%2B%2FRQpx0Rk%2F3kgrwyno7z0vxN7IjzCmMNP2ww1qoF3KOBy3hrkTPquw2f%2Bu1FBisLSHtlYrgvR%2BTaX58ikSNyhf6CgJ7AqhMw%2BTJo9jpoPmzVXNDtYcN30Y%2BPe71eKJWwVaYjcF0gSeeQ7jr76oK8NtnSO5uvQrDTOz8%2Fv%2FfkRv85mCmQmAKfyB8JOurR8L7OycF9nVvydD1JZST7dLzBzZSm4uq3H4jdXBu%2BctcOvnmXjYlxefxA2HSVxlzGHUu%2BW5KcC7OsDRPkhxW7JYKNzG4vZSbOktWN95ZXosQIa6WOS1B5Zr8AkyNyXf8z%2BZtv%2FD6ANCVMViDKTsk0IHUJluzBJjP1VhMYNesJEgd5VgxNLZg9KkmgxAzToID9Dw5m9b59hI5xQNOHiKMCXVOgqwpQNYDNrg7TxJze%2Ba0%2BCQTKGQbKOAeBMurLy9FaeV5peg3hB36LcR4Ixr1Wre7XXbfGeaPVFl4bqR3xm7ee%2FQsAAP%2F%2FAQAA%2F%2F%2FLZEIEcwQAAA%3D%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 improviseprofane.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3s0eZC8a9qCwwnhTWCbd8yPT44KLcc0SjEncrORcXVU9KVPd1VR1T08GhOCC7MHD6Mlj55tkgxoW9w8Qlo4XDQoZEcnBwF69CgveZCYDow%2Bq3vvqe4fve68%2B388uiIuMnm98qPtSKbrQrLqVN7dkzHVuK2sPKp5bdW9XtmS82Lhd6Y0v033bc5tV963KPcF29ELN9VzXc73KsjQi1L2FCQuZHLe9atutNmpVr9lAz%2Fwf28yBpQ5494LMQ%2FLRte2fnkKyEnH0%2FV1hd1Kd3Ho%2FyhRNtUGXH30c78Q6jxHNytA4COOjaTe0HRHy9RXo%2BGjqALp7MHaAQI6I84eHID6aykTQPbxUGiiIGAG%2FjrxbQqgSkpZg%2BiEkPyMA41hbRxw9XtMmp7uXLB2zIzL34m%2FIfETm%2FryBOHqypGSvsqlVlkodW%2FTCArJXQnZKJNkJ0r4DmZ%2BApZ9B8l%2FJwotVxNHBulUakhcT91KWkGEJJQag1kE2PtJBFjrIEgcRP6%2FQZjt03VYYhPW632CM1euMNf1F3uT1hh%2B6yNhY3gBpMgBTAzCzh8TsYUd%2BddacP1tdgcmewW4XsNyBTUfE%2BWgPXV4gFwS5JcgpQS4J8pQg7xaHXNmaLR5zZbPAm%2BbaNNeLoU47%2B%2FRQpx0Rk%2F3kgrwyno7z0vxN7IjzCmMNP2ww1qoF3KOBy3hrkTPquw2f%2Bu1FBisLSHtlYrgvR%2BTaX58ikSNyhf6CgJ7AqhMw%2BTJo9jpoPmzVXNDtYcN30Y%2BPe71eKJWwVaYjcF0gSeeQ7jr76oK8NtnSO5uvQrDTOz8%2Fv%2FfkRv85mCmQmAKfyB8JOurR8L7OycF9nVvydD1JZST7dLzBzZSm4uq3H4jdXBu%2BctcOvnmXjYlxefxA2HSVxlzGHUu%2BW5KcC7OsDRPkhxW7JYKNzG4vZSbOktWN95ZXosQIa6WOS1B5Zr8AkyNyXf8z%2BZtv%2FD6ANCVMViDKTsk0IHUJluzBJjP1VhMYNesJEgd5VgxNLZg9KkmgxAzToID9Dw5m9b59hI5xQNOHiKMCXVOgqwpQNYDNrg7TxJze%2Ba0%2BCQTKGQbKOAeBMurLy9FaeV5peg3hB36LcR4Ixr1Wre7XXbfGeaPVFl4bqR3xm7ee%2FQsAAP%2F%2FAQAA%2F%2F%2FLZEIEcwQAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3s0eZC8a9qCwwnhTWCbd8yPT44KLcc0SjEncrORcXVU9KVPd1VR1T08GhOCC7MHD6Mlj55tkgxoW9w8Qlo4XDQoZEcnBwF69CgveZCYDow%2Bq3vvqe4fve68%2B388uiIuMnm98qPtSKbrQrLqVN7dkzHVuK2sPKp5bdW9XtmS82Lhd6Y0v033bc5tV963KPcF29ELN9VzXc73KsjQi1L2FCQuZHLe9atutNmpVr9lAz%2Fwf28yBpQ5494LMQ%2FLRte2fnkKyEnH0%2FV1hd1Kd3Ho%2FyhRNtUGXH30c78Q6jxHNytA4COOjaTe0HRHy9RXo%2BGjqALp7MHaAQI6I84eHID6aykTQPbxUGiiIGAG%2FjrxbQqgSkpZg%2BiEkPyMA41hbRxw9XtMmp7uXLB2zIzL34m%2FIfETm%2FryBOHqypGSvsqlVlkodW%2FTCArJXQnZKJNkJ0r4DmZ%2BApZ9B8l%2FJwotVxNHBulUakhcT91KWkGEJJQag1kE2PtJBFjrIEgcRP6%2FQZjt03VYYhPW632CM1euMNf1F3uT1hh%2B6yNhY3gBpMgBTAzCzh8TsYUd%2BddacP1tdgcmewW4XsNyBTUfE%2BWgPXV4gFwS5JcgpQS4J8pQg7xaHXNmaLR5zZbPAm%2BbaNNeLoU47%2B%2FRQpx0Rk%2F3kgrwyno7z0vxN7IjzCmMNP2ww1qoF3KOBy3hrkTPquw2f%2Bu1FBisLSHtlYrgvR%2BTaX58ikSNyhf6CgJ7AqhMw%2BTJo9jpoPmzVXNDtYcN30Y%2BPe71eKJWwVaYjcF0gSeeQ7jr76oK8NtnSO5uvQrDTOz8%2Fv%2FfkRv85mCmQmAKfyB8JOurR8L7OycF9nVvydD1JZST7dLzBzZSm4uq3H4jdXBu%2BctcOvnmXjYlxefxA2HSVxlzGHUu%2BW5KcC7OsDRPkhxW7JYKNzG4vZSbOktWN95ZXosQIa6WOS1B5Zr8AkyNyXf8z%2BZtv%2FD6ANCVMViDKTsk0IHUJluzBJjP1VhMYNesJEgd5VgxNLZg9KkmgxAzToID9Dw5m9b59hI5xQNOHiKMCXVOgqwpQNYDNrg7TxJze%2Ba0%2BCQTKGQbKOAeBMurLy9FaeV5peg3hB36LcR4Ixr1Wre7XXbfGeaPVFl4bqR3xm7ee%2FQsAAP%2F%2FAQAA%2F%2F%2FLZEIEcwQAAA%3D%3D HTTP/1.1
Host: improviseprofane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: u_pl=17371676; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 10:41:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ee19ca66cc2a4e7cfbfe0e5e94227acc
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/ssp/utility/social-media/whatsapp/css/animate.css
172.64.166.9200 OK 4.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/whatsapp/css/animate.css
IP 172.64.166.9:0
Hash b0af94306e34d863f64baa44f42f77c6
ad2be00e29e0654550b96d62fe35646ead8cd842
035253b8637a8f47df557ac142af86db549f515c9749f6b8768641bf64a94b95
GET /sb/ssp/utility/social-media/whatsapp/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kl%2BKS6cEc7q%2FFSuYGEtaFvc3t5n02Mfv90TMCyhg9boQfuvHClqxrDnQ2fcTqezTQZwi9%2BFsltPMo2nmilJmmXSA39kuvXPlUbptVs8Eg7YsvdMuEQN51O%2BCD61n5TW9LvnAvGomW3p8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f5789a83855-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=042b4a7f-853d-4f05-bada-bdd7ab307950&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=e5a3678a1d1bb8a6b0d93a9a41a239f8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=042b4a7f-853d-4f05-bada-bdd7ab307950&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=e5a3678a1d1bb8a6b0d93a9a41a239f8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=042b4a7f-853d-4f05-bada-bdd7ab307950&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=e5a3678a1d1bb8a6b0d93a9a41a239f8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 23 Mar 2023 10:41:05 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4faca3242465519389270f4eccfd046b
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=042b4a7f-853d-4f05-bada-bdd7ab307950&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=63d45b685911cef3b8cc3d1d1550bf85&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=042b4a7f-853d-4f05-bada-bdd7ab307950&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=63d45b685911cef3b8cc3d1d1550bf85&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=042b4a7f-853d-4f05-bada-bdd7ab307950&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=63d45b685911cef3b8cc3d1d1550bf85&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 23 Mar 2023 10:41:05 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b7e23247ee3d6532a3132c04efba68c6
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=042b4a7f-853d-4f05-bada-bdd7ab307950&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=cc48f4cc72bd1ab0cd76dca8048a896c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=042b4a7f-853d-4f05-bada-bdd7ab307950&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=cc48f4cc72bd1ab0cd76dca8048a896c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=042b4a7f-853d-4f05-bada-bdd7ab307950&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=cc48f4cc72bd1ab0cd76dca8048a896c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 23 Mar 2023 10:41:05 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d7a7233170a50f0f7c0e34d303d27bb4
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=042b4a7f-853d-4f05-bada-bdd7ab307950&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=f1558eeca431d45f5f8240bae243d8b1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.59.13200 OK 77 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=042b4a7f-853d-4f05-bada-bdd7ab307950&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=f1558eeca431d45f5f8240bae243d8b1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d98927f28b78cf8ec3b2fa36539eb002
3b48b1b470dcbd7c2b473d43ae445f5184e41154
f1e541e6192a808583bb6b32166cb67395a0ad6dd97b6e7e4f516c111cd43524
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=042b4a7f-853d-4f05-bada-bdd7ab307950&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=f1558eeca431d45f5f8240bae243d8b1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 23 Mar 2023 10:41:05 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 685cf4902da67ce42c8a185688fe2cb5
Strict-Transport-Security: max-age=0; includeSubdomains
improviseprofane.com/pixel/sbs?c=1
173.233.137.36200 OK 0 B URL HTTP/1.1 improviseprofane.com/pixel/sbs?c=1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: improviseprofane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: u_pl=17371676; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 10:41:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
172.64.166.9200 OK 2.7 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP 172.64.166.9:0
File type ASCII text, with very long lines (2765), with no line terminators
Hash 3801b1cef2b9acae541c04e0d24b16d0
da15fbff9f098674eed95bce3091a93716fba8c0
4d736d28b08365397b0dff7a6427f173e79366b350ef483f68478e11216881fc
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBFEkdPSVoVYx5ZBCJPF6Cci%2F8edlYwpSGvrziLOdYgxCRdR5HbBFuYqjYlIwhZg0z6NGquLotwvyhHk2Li2vt02vsoy5cdCEk4cRNfDATjgHmzR9V9MdTpWU3yItM43OD8IpiXwMCDj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f5789a33855-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
umtpopxcsedc.cdnvideo3.com/api/settings/377391
135.181.208.216200 OK 0 B URL HTTP/2 umtpopxcsedc.cdnvideo3.com/api/settings/377391
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/settings/377391 HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 10:41:03 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
www.xxxfiles.tv/css/plugins.css?v=1679568060
104.21.83.6200 OK 0 B URL HTTP/2 www.xxxfiles.tv/css/plugins.css?v=1679568060
IP 104.21.83.6:0
GET /css/plugins.css?v=1679568060 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: text/css
last-modified: Wed, 20 Nov 2019 10:53:49 GMT
vary: Accept-Encoding
etag: W/"5dd51b3d-c445"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEaxlGUU555sUvB12GjtAjzhAGW0XLxHsDJSnT2%2BWc6HivYmm1q%2BOD%2FcW9vMj3idjhYxY3d9nW%2F6INBHFfxx8ACS%2Fnatza86sKMCGIr0%2FoHbr18POgvNwIBQvnZZe4Nk%2BH8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac60f3f78cefab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
twinrdsrv.com/banner.engine?id=4ce47ff2-c2e3-47a1-a9be-931241b17841&z=41938&cid=b9c&rand=11102&ver=async&time=0&referrerurl=http%3A%2F%2Fwww.xxxfiles.tv%2F&abr=false&curl=http%3A%2F%2Fwww.xxxfiles.tv%2F
172.66.40.197200 OK 0 B URL HTTP/2 twinrdsrv.com/banner.engine?id=4ce47ff2-c2e3-47a1-a9be-931241b17841&z=41938&cid=b9c&rand=11102&ver=async&time=0&referrerurl=http%3A%2F%2Fwww.xxxfiles.tv%2F&abr=false&curl=http%3A%2F%2Fwww.xxxfiles.tv%2F
IP 172.66.40.197:0
GET /banner.engine?id=4ce47ff2-c2e3-47a1-a9be-931241b17841&z=41938&cid=b9c&rand=11102&ver=async&time=0&referrerurl=http%3A%2F%2Fwww.xxxfiles.tv%2F&abr=false&curl=http%3A%2F%2Fwww.xxxfiles.tv%2F HTTP/1.1
Host: twinrdsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://umtpopxcsedc.cdnvideo3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=183d9228-e6d8-4a7f-a438-a131358468f3; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure
ISSH=6A1BFD; path=/; SameSite=None; secure
VMI=; path=/; SameSite=None; secure
IPLH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Thu, 23-Mar-2023 14:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFqamIdShFhRweznJKERqtT8iQGhqlDs5V5o5xiT58euLhzP1SwNIqxX7u0qSkOXrMREKpOQWWDzTPnlLttqTlF7BlpToeLqEpdNTpVbokilOfp9PadlsHt08b8mLbE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac60f4c9b95b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.xxxfiles.tv/css/main.css?v=1679568060
104.21.83.6200 OK 0 B URL HTTP/2 www.xxxfiles.tv/css/main.css?v=1679568060
IP 104.21.83.6:0
GET /css/main.css?v=1679568060 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: text/css
last-modified: Mon, 23 May 2022 12:38:16 GMT
vary: Accept-Encoding
etag: W/"628b8038-12e50"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oM9RFtWie%2F4F63uyFzaw%2B86UZGBoqTTG4t30cYDvSafAlPCqrF0HWnCjccdmJ8FWt2IPAekoYQrooKo0BKPBI%2BIPVoTo2mHS5fcMBYmcnxDH6Pre3J2TKfR5gHmCHALYFds%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac60f3f58abfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
twinrdsrv.com/banner.engine?id=4ce47ff2-c2e3-47a1-a9be-931241b17841&z=41951&cid=b9c&rand=73306&ver=async&time=0&referrerurl=http%3A%2F%2Fwww.xxxfiles.tv%2F&abr=false&curl=http%3A%2F%2Fwww.xxxfiles.tv%2F
172.66.40.197200 OK 0 B URL HTTP/2 twinrdsrv.com/banner.engine?id=4ce47ff2-c2e3-47a1-a9be-931241b17841&z=41951&cid=b9c&rand=73306&ver=async&time=0&referrerurl=http%3A%2F%2Fwww.xxxfiles.tv%2F&abr=false&curl=http%3A%2F%2Fwww.xxxfiles.tv%2F
IP 172.66.40.197:0
GET /banner.engine?id=4ce47ff2-c2e3-47a1-a9be-931241b17841&z=41951&cid=b9c&rand=73306&ver=async&time=0&referrerurl=http%3A%2F%2Fwww.xxxfiles.tv%2F&abr=false&curl=http%3A%2F%2Fwww.xxxfiles.tv%2F HTTP/1.1
Host: twinrdsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://umtpopxcsedc.cdnvideo3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=85a66338-72f2-4895-a9c3-f9b6c98aa3bc; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure
ISSH=6A1BFD; path=/; SameSite=None; secure
VMI=; path=/; SameSite=None; secure
IPLH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Thu, 23-Mar-2023 14:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{}; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[]; expires=Wed, 23-Mar-2033 10:41:03 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUjs9W2QeDs93wHrqNwxDXtqkgWxIehpBEVrNRVidwH8cdxhBICMIvNqgYXAI52QC6bsAvO8zZu5ll%2Bl0YgKRtohDqS7aIEp%2B4cp6t5nzN3MQ5g7YB7bjMzquozRYN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac60f4c8b80b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
crprt.livejasmin.com/vast/v3?psid=ed_dpronvbdtno&utm_source=tr&ms_notrack=1&pstour=t1&psprogram=REVS&site=jsm&utm_medium=network&categoryName=girl&subaffid=7407&sub_source=pornpapa.com&utm_campaign=RON_Preroll_Contract
93.93.51.191200 OK 0 B URL HTTP/2 crprt.livejasmin.com/vast/v3?psid=ed_dpronvbdtno&utm_source=tr&ms_notrack=1&pstour=t1&psprogram=REVS&site=jsm&utm_medium=network&categoryName=girl&subaffid=7407&sub_source=pornpapa.com&utm_campaign=RON_Preroll_Contract
IP 93.93.51.191:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
GET /vast/v3?psid=ed_dpronvbdtno&utm_source=tr&ms_notrack=1&pstour=t1&psprogram=REVS&site=jsm&utm_medium=network&categoryName=girl&subaffid=7407&sub_source=pornpapa.com&utm_campaign=RON_Preroll_Contract HTTP/1.1
Host: crprt.livejasmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/xml; charset=utf-8
cache-control: no-cache
date: Thu, 23 Mar 2023 10:41:05 GMT
x-target-pstool: 401_1
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
server: unknown
set-cookie: psui=a59f007fbf3384ccc33cc586d5d348f0; Path=/; Expires=Sat, 22-Apr-23 10:41:05 GMT; SameSite=None; Secure
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP 172.64.166.9:0
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gED0vm8GqWOXpQbg1D%2F1XFdfp%2FYC4bYPVKZ1oD%2BGzYxff0BTnLZe68Th3awX5O2S5dOQ5F%2B4j6WrwSdh14GBTUK1h7hTWZPm9GHIC1phXEbai8j9NDcMNHfOcpo6oo%2F8liqEaZCPvkS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f57590d3855-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP 172.64.166.9:0
GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4821724
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Szte%2BI0s%2BrYXHLjUvIXSjw5cf2%2F4ELLcJunwln5RtA5mpCK4sJA7bFIDo6Ppl6Od4F3rWyEYATgGYQMS8tieT4maBOszhczG2zPuWB2%2Bha9LmCNAL4CadEC6YthRrfK1S07b2HdOk9zl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f588b903855-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
umtpopxcsedc.cdnvideo3.com/api/spots/410357?host=www.xxxfiles.tv&ev=205&wh=939&ww=1280&uuid=&i=1&kw=Masturbation%2Cyoung%2CSquirt%2Csquirting%2CSolo%2CFisting%2Cpublic%20nudity%2Cdancing%20scenes%2Cextreme%20closeups%2Cmasturbation%20to%20orgasm%2Cother%20stuffing%2Cupskirt%20in%20public%2Cftvgirls.com%2Cvagina%20gaping%20closeups%2Clong%20labia%20and%20stretching%2CEllie&s1=%25subid1%25
135.181.208.216200 OK 0 B URL HTTP/2 umtpopxcsedc.cdnvideo3.com/api/spots/410357?host=www.xxxfiles.tv&ev=205&wh=939&ww=1280&uuid=&i=1&kw=Masturbation%2Cyoung%2CSquirt%2Csquirting%2CSolo%2CFisting%2Cpublic%20nudity%2Cdancing%20scenes%2Cextreme%20closeups%2Cmasturbation%20to%20orgasm%2Cother%20stuffing%2Cupskirt%20in%20public%2Cftvgirls.com%2Cvagina%20gaping%20closeups%2Clong%20labia%20and%20stretching%2CEllie&s1=%25subid1%25
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/410357?host=www.xxxfiles.tv&ev=205&wh=939&ww=1280&uuid=&i=1&kw=Masturbation%2Cyoung%2CSquirt%2Csquirting%2CSolo%2CFisting%2Cpublic%20nudity%2Cdancing%20scenes%2Cextreme%20closeups%2Cmasturbation%20to%20orgasm%2Cother%20stuffing%2Cupskirt%20in%20public%2Cftvgirls.com%2Cvagina%20gaping%20closeups%2Clong%20labia%20and%20stretching%2CEllie&s1=%25subid1%25 HTTP/1.1
Host: umtpopxcsedc.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=82SSp9kkF6CvTjsVGccc; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP 172.64.166.9:0
GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TF10go3qun8XkycVaArr%2BCkoJYF14ukxvmlYLUNnf9L87cYZtWSu7vAdv%2B%2BRFwplHirqRGaavq9%2FUatz5Zg0SdJQ4AU7iKwYLKnQkiRK5dGH6ypzQzkFXHnAwiqotcT5BQgePyxsTT3o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f57899d3855-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
IP 172.64.166.9:0
GET /sb/ssp/utility/social-media/whatsapp/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51xCAY2s3cF8ZGhl1kgBD0ui27z3g3i4mJYsfREos%2BIUyPrYAN%2Fl6AL7Y7%2FbNkx0%2BsBQo%2BCjdY%2BBNuFCuhykKgzKwEQlnRoDjFuUZA0VU%2BuCLAnkWN2wXf0I7Z7RfXUAfPeMZc5q9UXI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f57a9e43855-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
IP 172.64.166.9:0
GET /sb/ssp/utility/social-media/whatsapp/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:05 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:30:40 GMT
etag: W/"6128daf0-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4R%2FI27LUcPcAtlHKxhrTHwwJrPjyigLxAqNMHTE%2BrWLWtO1H8CHe0lhRg%2F4Pp9Hai6kZXoFOEI1i6ltnAmYaQEM93EZRvCt8NsoshinWGatweIqRCohWnWNaPyh4Li27EUubha8ALnp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac60f5799d43855-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tsyndicate.com/do2/4f374a23cf56497b89d53e89be5502a2/vast?
136.243.80.153200 OK 0 B URL HTTP/2 tsyndicate.com/do2/4f374a23cf56497b89d53e89be5502a2/vast?
IP 136.243.80.153:0
ASN #24940 Hetzner Online GmbH
GET /do2/4f374a23cf56497b89d53e89be5502a2/vast? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 10:41:04 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-vast: 3.0
x-request-id: 478ab80664308f95
set-cookie: ts_uid=75387cc9-7a1c-4f4c-9bbf-223562984651; expires=Sat, 23 Sep 2023 10:41:04 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCx5YZMmbMiFFjRhcWIsYU3BLjoYgyE2PYuJHDRg0aNGzQ6NJH; expires=Fri, 24 Mar 2023 10:41:04 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
www.xxxfiles.tv/js/plugins.js?v=1679568060
104.21.83.6200 OK 0 B URL HTTP/2 www.xxxfiles.tv/js/plugins.js?v=1679568060
IP 104.21.83.6:0
GET /js/plugins.js?v=1679568060 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2019 06:40:43 GMT
vary: Accept-Encoding
etag: W/"5ddcc8eb-1fe6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFdrXTv3OwV9ktFQ7xefNxX1IpeTc5NH%2FomYaDnBCCSWXVgaz2bk8aDJ%2F%2BCDusk9zqxFLToUfP1GXxbSK%2BILkbkCz78JNk0E5x7%2F0P%2B9AF6lTOSyfjmjm7tkYVgkWtoQ0%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac60f3f88eafab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js
104.16.125.175302 Found 0 B URL HTTP/2 unpkg.com/silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js
IP 104.16.125.175:0
GET /silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 23 Mar 2023 10:41:01 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GW70B6VNVDQZTJEHPXWZCHVF-fra
cf-cache-status: HIT
age: 599
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7ac60f3fabe5b4ee-OSL
X-Firefox-Spdy: h2