redwap-xxx.com/video/kita-love-only-fans-full-videos/
104.21.45.249301 Moved Permanently 162 B URL HTTP/1.1 redwap-xxx.com/video/kita-love-only-fans-full-videos/
IP 104.21.45.249:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /video/kita-love-only-fans-full-videos/ HTTP/1.1
Host: redwap-xxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 08:44:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://redwap-xxx.com/video/kita-love-only-fans-full-videos/
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Protected: by MS22112801
X-Download-Options: noopen
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
X-dns-prefetch-control: on
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3chVsoIVmWQBkfY76%2BUhUegBVNphC6khf6BBr36KJ8dGiRUAxMSNYED2DirISoP%2FhuCZNWwHL%2BrEbiXCMd2hxTSbcHubIdblJQ5zYTeN7FqdauRJNATVnbmlkSrEzzPEw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7774b2e789ec1c06-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2282
Expires: Sat, 10 Dec 2022 09:22:30 GMT
Date: Sat, 10 Dec 2022 08:44:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2488
Expires: Sat, 10 Dec 2022 09:25:56 GMT
Date: Sat, 10 Dec 2022 08:44:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 08:33:20 GMT
content-type: application/json
age: 668
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9330
Expires: Sat, 10 Dec 2022 11:19:58 GMT
Date: Sat, 10 Dec 2022 08:44:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 562748661cfcd8569b61245746a73243
19eb35a408c8f779072e164d9a5e3255088a31af
ef83ce8b47c09064f47781e46a8d27846ac2930a65a82c220f756b8924f7a99d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EF83CE8B47C09064F47781E46A8D27846AC2930A65A82C220F756B8924F7A99D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=71
Expires: Sat, 10 Dec 2022 08:45:39 GMT
Date: Sat, 10 Dec 2022 08:44:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EsYAA8Kpj0zX18PAHsDggPKRFd5oKs1QHjr0Nt3IRpEHjF4lN96VS8cSslpcSDT0mFfcDgQOP2k=
x-amz-request-id: RXN9T5YN539NAN6B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 07:50:35 GMT
age: 3233
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e64105b9f8c9ca3ab215107301d27653
2a8c444068d6f3969dea7d09367042eeb12af00e
8366b5c66845cbc4ee21e653075c35fc0717e692a36abe442ca1692ffcf612cd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "8366B5C66845CBC4EE21E653075C35FC0717E692A36ABE442CA1692FFCF612CD"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8885
Expires: Sat, 10 Dec 2022 11:12:34 GMT
Date: Sat, 10 Dec 2022 08:44:29 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bb43bb7169bb667f060895c7f00f6bc3
38e1c8c04abff235d3764d8694e08d82ced5975f
99c49d7c25f1f7a216efb2e0eb87b8bb80152a7bfa8128bab73baccbddc65c2f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "99C49D7C25F1F7A216EFB2E0EB87B8BB80152A7BFA8128BAB73BACCBDDC65C2F"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13363
Expires: Sat, 10 Dec 2022 12:27:12 GMT
Date: Sat, 10 Dec 2022 08:44:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:44:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8b332031b3ea9c567f352ef9ef267549
a2b877b849e7061a28214b362a9671ab598c2877
3c083ae76ca33f0bf7dc0328429f0f394db3f79341d82796ef0e99fd5ca39540
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3C083AE76CA33F0BF7DC0328429F0F394DB3F79341D82796EF0E99FD5CA39540"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5846
Expires: Sat, 10 Dec 2022 10:21:55 GMT
Date: Sat, 10 Dec 2022 08:44:29 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bb43bb7169bb667f060895c7f00f6bc3
38e1c8c04abff235d3764d8694e08d82ced5975f
99c49d7c25f1f7a216efb2e0eb87b8bb80152a7bfa8128bab73baccbddc65c2f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "99C49D7C25F1F7A216EFB2E0EB87B8BB80152A7BFA8128BAB73BACCBDDC65C2F"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13363
Expires: Sat, 10 Dec 2022 12:27:12 GMT
Date: Sat, 10 Dec 2022 08:44:29 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 165 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Size 165 kB (165380 bytes)
Hash 098acdf3c8897d4994f88f2c1f3ae502
74d2fa67a03aeb33cab30c8ae479f90bdc13c391
27a8af37fa1694f6cdff62c5e2a418ec166b88582024becc18bb517109bc1d73
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 08:44:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 14 Dec 2022 04:59:30 GMT
ETag: "29912e29c9f5ea5414bd8779504b39708f238679"
Last-Modified: Sat, 10 Dec 2022 04:59:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1376
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774b2ebccf5b521-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:44:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vk.com/js/api/share.js?95
87.240.132.67200 OK 3.0 kB URL HTTP/2 vk.com/js/api/share.js?95
IP 87.240.132.67:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1077)
Hash 5152f3cb6fe0b11496ea2a8de5bcb963
71572fb3ea4b65b6d9a4d0989b62133b1b39133d
01e8e588dda5b6bfb716d56b7f051f325382b3e0998853757c8e41f66ec30f25
GET /js/api/share.js?95 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: application/x-javascript
content-length: 2974
last-modified: Thu, 07 Apr 2022 12:12:57 GMT
etag: "624ed549-b9e"
content-encoding: br
expires: Wed, 14 Dec 2022 08:44:29 GMT
cache-control: max-age=345600
x-frontend: front220004
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
redwap-xxx.com/video/kita-love-only-fans-full-videos/
172.67.221.172200 OK 34 kB URL HTTP/2 redwap-xxx.com/video/kita-love-only-fans-full-videos/
IP 172.67.221.172:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18576)
Hash 67143ffb4108f033d237fcb9dc169444
dc6d77ed005c6c5d02590a25a25ca727c4070e8f
29e57968fb78a4402a714b8471cbbd59809761ead1e8b08c33e1afbe9624a97c
GET /video/kita-love-only-fans-full-videos/ HTTP/1.1
Host: redwap-xxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: text/html; charset=utf-8
last-modified: Fri, 02 Dec 2022 14:09:32 GMT
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store, must-revalidate
protected: by MS22112801
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-dns-prefetch-control: on
strict-transport-security: max-age=15768000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwQGBd08eJ9fxJ5zrXWFyZDAaNbSh3lDTtb%2FZdRdXhkw3T7%2B4jYnx3sVPPI7N1MZaI%2BGx5pOCAhWZqaglArhCoZb7mZ8%2BTl1UTU8wEYV6BAtnZ2VtdKOZQ%2B49dbqdsJ1Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7774b2e94d23b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://redwap-xxx.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:42:34 GMT
expires: Thu, 07 Dec 2023 19:42:34 GMT
cache-control: public, max-age=31536000
age: 219715
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:44:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 08:07:55 GMT
age: 2194
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
zanalytics.vip/api/event
172.67.211.118202 Accepted 2 B IP 172.67.211.118:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /api/event HTTP/1.1
Host: zanalytics.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Content-Type: text/plain
Content-Length: 123
Origin: https://redwap-xxx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
x-request-id: Fy9iHmvQyuaTddcl0WeD
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKqssIuconCoepP0lRY2c6QAgYiV%2FvAK%2BRuu2O%2BUdwrhaUphPu4eeQkZUoNrl49JisxytQzEczXlLf1O3bK0lAdSr62OXGZbO%2F%2F3Nl8HUG6owYsDNcpsBP3IwyWMjz9P2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7774b2ecab401c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1921
Cache-Control: max-age=89667
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:44:29 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:38:56 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:44:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.realsrv.com/v1/api.php
95.211.229.247200 OK 992 B URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1333), with no line terminators
Hash bb1d19b6d8267ed8e81bff50a808624a
9b78492754231b333aed29aa6c48e136c41a73eb
9b1f8d938fc82f025953bc8b68850faaf1399411141b244bf617df84259483e7
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Content-Type: text/plain
Content-Length: 311
Origin: https://redwap-xxx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 08:44:29 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://redwap-xxx.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A31%3A%22639446edc78ee6.6403313243657152%22%3B%7D; expires=Mon, 09-Dec-2024 08:44:29 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
cdn.pncloudfl.com/pn/22f/364/08f/22f36408fa53a35e3e2d8f90e8ff4ba5949e1ce6.jpg
104.22.59.221200 OK 41 kB URL HTTP/2 cdn.pncloudfl.com/pn/22f/364/08f/22f36408fa53a35e3e2d8f90e8ff4ba5949e1ce6.jpg
IP 104.22.59.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b327da35933db17bcb333bf31fd61b44
90d81a781d0fdeb325c075782c591e44c0deb1ed
fc57383dc9ddcfdcb05449ae5ffecb144c5000c019592f828dfce4adc0770adb
GET /pn/22f/364/08f/22f36408fa53a35e3e2d8f90e8ff4ba5949e1ce6.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:30 GMT
content-type: image/webp
content-length: 41414
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=75052
content-disposition: inline; filename="22f36408fa53a35e3e2d8f90e8ff4ba5949e1ce6.webp"
etag: 6f63015de48cba62d904725b26f263d4
expires: Sun, 11 Dec 2022 16:51:29 GMT
last-modified: Wed, 26 Oct 2022 09:59:28 GMT
vary: Accept
x-openstack-request-id: tx2a583cc62cb8427b838f0-0063845686
x-proxy-cache: HIT
x-timestamp: 1666778367.25440
x-trans-id: tx2a583cc62cb8427b838f0-0063845686
cf-cache-status: HIT
age: 57181
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 7774b2ef8a8eb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-53331508-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-53331508-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 9110e247e78d0d2780435af9bf54678c
269272bfb27559f59b57c03ef4551dd006427280
cbb6e31e30d89ae8a45ada08cbafee2c9121477f5a3f541777728a581dc6ff5c
GET /gtag/js?id=UA-53331508-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Dec 2022 08:44:30 GMT
expires: Sat, 10 Dec 2022 08:44:30 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43654
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
syndication.realsrv.com/v1/api.php
95.211.229.247200 OK 2.6 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (6064), with no line terminators
Hash 86af56400280e76bf43d2dab6cf71164
272167b6bb9ed406bd3fb90e27ff39d90095894a
a3a2ca0588c2d578df3328afc2a792f2b43eb78243c934244d0a3634234c17f0
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 08:44:30 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22639446edeb2744.504810604232310344%22%3B%7D; expires=Mon, 09-Dec-2024 08:44:30 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
wuzbhjpvsf.com/get/1938297?zoneid=1938297&jp=_clasmo8ptldled0frddapu&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8835212774241336
62.122.171.6200 OK 1.6 kB URL HTTP/2 wuzbhjpvsf.com/get/1938297?zoneid=1938297&jp=_clasmo8ptldled0frddapu&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8835212774241336
IP 62.122.171.6:0
Hash 78a2ad860019d5a7161619d2de33039d
df74870c93883d3018e8c81acbb4380a4c765b88
ff8bc0e972af8c50dca8ebe7894e8146ea43ed33181417a6f3aed631d84b294a
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1938297?zoneid=1938297&jp=_clasmo8ptldled0frddapu&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8835212774241336 HTTP/1.1
Host: wuzbhjpvsf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=221210034483331ef5e21f41668b7ba671cb; Path=/; Expires=Sun, 10 Dec 2023 08:44:29 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:44:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kwtnhdrmbx.com/aas/r45d/vki/1864731/018939ed.js
62.122.171.6200 OK 27 kB URL HTTP/2 kwtnhdrmbx.com/aas/r45d/vki/1864731/018939ed.js
IP 62.122.171.6:0
Hash 9c35f7d071e4c86e1088438b9f34dbc6
c3a7e28db6bd5a7d1849518183cdaf939c6b1377
d8b315a4a70877787b0592962995cc1b403e175300d4fdc439813311d10abd54
Analyzer Verdict Alert quad9 Sinkholed
GET /aas/r45d/vki/1864731/018939ed.js HTTP/1.1
Host: kwtnhdrmbx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-10f52"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
kwtnhdrmbx.com/solid.gif?z=1864731&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 kwtnhdrmbx.com/solid.gif?z=1864731&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1864731&abvar=0 HTTP/1.1
Host: kwtnhdrmbx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Origin: https://redwap-xxx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 08:44:30 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
wuzbhjpvsf.com/chicken.gif?z=1938297&pb=8b84295854b69b1c2df745d715b875de1670669069&psp=6gRg5wyRZHG8Pe_8tgNeMfFxR52883K2DGnCT0Lq8a8g1Mx1rhBbrkUAP_VjJmffwE8AOuKds9ZTXGGDmvPFXg7esmKFHgjzn6RTsLK7r4sP5QB_rTOSRmIzDg6csQizp2kZsnrm6CfsGXzTu-LHKGfnKeuYgjcfBflabVJyN6FsC_4vo1cNZts6840VV6gyT_eP_LP3ESh0NX2pHSeEhWNoIhLDaKDrwgfw4j4NSQlHyWsGMyDUHR2DKLraAt4vP7oazztAr7HWuR_Vo7JCBfE196xmQ0kjTR3oLoeFtJGmsGVDTjBcpTgDPlMozOxLTA61UTAJnqRnVp6515yhsvGOTthuSAWj0Nf0US7wmJ0TC2aYfvLcVcqIqObkMng3FgSbaKLeONJJQAgzcBv508FeJtQf74FVi2T-xFoI6NXanlLHFMviiJ3xuN3g2IOKqGKrk93fY9Ds5WPGb9-gXlpK5YCU6rJsuLIzWx6AaTeTabSwraxDPQc8xAw-2kuHjX3CY4tDPewVQV8Q0zZBZ9cjLYOwKttVCwTF6MI9u5zjYINK2y5Lqwee7Jek85ahl4xd3RZ604Op_KXxz3WeisNejpETXRrhZcSTIH5Ei5gQuigr_30PQf40JLth7XbmL6HR4vElCERocNHvkqdvohdhk0xTdgX8erAarSdzINEfLWbATmPaoe7CLv9QczSmw8n4ZiTxmNtepvU0KejKb0GkAZlhP50CgY-6N5JzJi8JaK2PFofWRCcdGpT_cSHe96ySKmJ9HAWyX_egC4yf&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 wuzbhjpvsf.com/chicken.gif?z=1938297&pb=8b84295854b69b1c2df745d715b875de1670669069&psp=6gRg5wyRZHG8Pe_8tgNeMfFxR52883K2DGnCT0Lq8a8g1Mx1rhBbrkUAP_VjJmffwE8AOuKds9ZTXGGDmvPFXg7esmKFHgjzn6RTsLK7r4sP5QB_rTOSRmIzDg6csQizp2kZsnrm6CfsGXzTu-LHKGfnKeuYgjcfBflabVJyN6FsC_4vo1cNZts6840VV6gyT_eP_LP3ESh0NX2pHSeEhWNoIhLDaKDrwgfw4j4NSQlHyWsGMyDUHR2DKLraAt4vP7oazztAr7HWuR_Vo7JCBfE196xmQ0kjTR3oLoeFtJGmsGVDTjBcpTgDPlMozOxLTA61UTAJnqRnVp6515yhsvGOTthuSAWj0Nf0US7wmJ0TC2aYfvLcVcqIqObkMng3FgSbaKLeONJJQAgzcBv508FeJtQf74FVi2T-xFoI6NXanlLHFMviiJ3xuN3g2IOKqGKrk93fY9Ds5WPGb9-gXlpK5YCU6rJsuLIzWx6AaTeTabSwraxDPQc8xAw-2kuHjX3CY4tDPewVQV8Q0zZBZ9cjLYOwKttVCwTF6MI9u5zjYINK2y5Lqwee7Jek85ahl4xd3RZ604Op_KXxz3WeisNejpETXRrhZcSTIH5Ei5gQuigr_30PQf40JLth7XbmL6HR4vElCERocNHvkqdvohdhk0xTdgX8erAarSdzINEfLWbATmPaoe7CLv9QczSmw8n4ZiTxmNtepvU0KejKb0GkAZlhP50CgY-6N5JzJi8JaK2PFofWRCcdGpT_cSHe96ySKmJ9HAWyX_egC4yf&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1938297&pb=8b84295854b69b1c2df745d715b875de1670669069&psp=6gRg5wyRZHG8Pe_8tgNeMfFxR52883K2DGnCT0Lq8a8g1Mx1rhBbrkUAP_VjJmffwE8AOuKds9ZTXGGDmvPFXg7esmKFHgjzn6RTsLK7r4sP5QB_rTOSRmIzDg6csQizp2kZsnrm6CfsGXzTu-LHKGfnKeuYgjcfBflabVJyN6FsC_4vo1cNZts6840VV6gyT_eP_LP3ESh0NX2pHSeEhWNoIhLDaKDrwgfw4j4NSQlHyWsGMyDUHR2DKLraAt4vP7oazztAr7HWuR_Vo7JCBfE196xmQ0kjTR3oLoeFtJGmsGVDTjBcpTgDPlMozOxLTA61UTAJnqRnVp6515yhsvGOTthuSAWj0Nf0US7wmJ0TC2aYfvLcVcqIqObkMng3FgSbaKLeONJJQAgzcBv508FeJtQf74FVi2T-xFoI6NXanlLHFMviiJ3xuN3g2IOKqGKrk93fY9Ds5WPGb9-gXlpK5YCU6rJsuLIzWx6AaTeTabSwraxDPQc8xAw-2kuHjX3CY4tDPewVQV8Q0zZBZ9cjLYOwKttVCwTF6MI9u5zjYINK2y5Lqwee7Jek85ahl4xd3RZ604Op_KXxz3WeisNejpETXRrhZcSTIH5Ei5gQuigr_30PQf40JLth7XbmL6HR4vElCERocNHvkqdvohdhk0xTdgX8erAarSdzINEfLWbATmPaoe7CLv9QczSmw8n4ZiTxmNtepvU0KejKb0GkAZlhP50CgY-6N5JzJi8JaK2PFofWRCcdGpT_cSHe96ySKmJ9HAWyX_egC4yf&abvar=0&os=0 HTTP/1.1
Host: wuzbhjpvsf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=221210034483331ef5e21f41668b7ba671cb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 08:44:30 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACLHBwAAAAAAAAAB; Path=/; Expires=Mon, 09 Jan 2023 08:44:30 GMT; Secure; SameSite=None
OACIBLOCK=ACLHBwAAAABjlBJQ; Path=/; Expires=Mon, 09 Jan 2023 08:44:30 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Sun, 11 Dec 2022 08:44:30 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.216.192.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.192.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nNAfivXERHzGHfZvdLr9Gg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Rs4GjC1nve+BVYdX2LDrhC0Ygx0=
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21046647dfde239bce64346cf3a8664
4f92c4c7bc6605ef076e67d81924dfaa108586f1
2994fd4b3f240e1a42d408d6208f13ed2867e26f584d95381deecd6110cb9197
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2994FD4B3F240E1A42D408D6208F13ED2867E26F584D95381DEECD6110CB9197"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12838
Expires: Sat, 10 Dec 2022 12:18:28 GMT
Date: Sat, 10 Dec 2022 08:44:30 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 10 Dec 2022 07:34:02 GMT
expires: Sat, 10 Dec 2022 09:34:02 GMT
cache-control: public, max-age=7200
age: 4228
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
videoscdn.online/allow.php?v9
104.26.9.59200 OK 1.4 kB URL HTTP/2 videoscdn.online/allow.php?v9
IP 104.26.9.59:0
File type ASCII text, with very long lines (3357)
Hash 59090ef16a133b9cc5ac9b6bb11521c4
37032611db6aadd2cad47d124aabfa8ff1ed3a66
738a94f5e2d7db606f159584bd4d4dd5a2dc725789f75703398ed46996f3cd66
GET /allow.php?v9 HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/41581217?sb=kita-love-only-fans-full-videos
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store, must-revalidate
protected: by MS22112801
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-dns-prefetch-control: on
x-micro-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2MWLwOUel%2Fth7Th7UXTZWmu3Kh27EolWsNz1K4R8WTfD8bQx%2BVlKm%2B0zxI77%2B6OI34K2IZPjaMw2q8jjZoC%2BFv1fWZh85oy%2BVjX1lm%2BKwSqEhFHt3PjRht5oFRQ2U83xI0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7774b2eeef3b1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ec90c7a4aa293e226cf16824e3fb4084
536d0e3187ca3737016f40b1cc52197a9548c2b3
81c2970acea6a17e5b1c1879989e4ceaac6d0b8d14f90939c9101ec4852cf0aa
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 08:44:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 10 Dec 2022 05:29:12 GMT
Expires: Sat, 17 Dec 2022 05:29:11 GMT
Etag: "536d0e3187ca3737016f40b1cc52197a9548c2b3"
Cache-Control: max-age=592480,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7774b2f00d0cb4fa-OSL
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11PS04FIRC8ihcYUv3h02/tWhONB2CYYecnunBM+vDCqG8hBaGaqoaCwbzQmLiBXFQvbG4UDEE5UFS/u39wJX/ft8/6thzHEdrrs1NS4uJMAhS3DOPkmk21wCOmYpJK8pzFSAZRuDgGOIrqZAGQHMkz/Onx9lw0MYzAwRGjmK/PVh0cx2xXXlPXKlQLtrXXvueOuLZd0fra6jT+T4sfBALL0PnvwIVUWNkXuhbqY8BPuX58vTT3qx2/X5zx43nNiKs6N9dVW8/Em9guVCTpZnuFESy3JvUb4+nBNmkBAAA=
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11PS04FIRC8ihcYUv3h02/tWhONB2CYYecnunBM+vDCqG8hBaGaqoaCwbzQmLiBXFQvbG4UDEE5UFS/u39wJX/ft8/6thzHEdrrs1NS4uJMAhS3DOPkmk21wCOmYpJK8pzFSAZRuDgGOIrqZAGQHMkz/Onx9lw0MYzAwRGjmK/PVh0cx2xXXlPXKlQLtrXXvueOuLZd0fra6jT+T4sfBALL0PnvwIVUWNkXuhbqY8BPuX58vTT3qx2/X5zx43nNiKs6N9dVW8/Em9guVCTpZnuFESy3JvUb4+nBNmkBAAA=
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA11PS04FIRC8ihcYUv3h02/tWhONB2CYYecnunBM+vDCqG8hBaGaqoaCwbzQmLiBXFQvbG4UDEE5UFS/u39wJX/ft8/6thzHEdrrs1NS4uJMAhS3DOPkmk21wCOmYpJK8pzFSAZRuDgGOIrqZAGQHMkz/Onx9lw0MYzAwRGjmK/PVh0cx2xXXlPXKlQLtrXXvueOuLZd0fra6jT+T4sfBALL0PnvwIVUWNkXuhbqY8BPuX58vTT3qx2/X5zx43nNiKs6N9dVW8/Em9guVCTpZnuFESy3JvUb4+nBNmkBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Origin: https://redwap-xxx.com
Connection: keep-alive
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22639446edeb2744.504810604232310344%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 08:44:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://redwap-xxx.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Mon, 09 Dec 2024 08:44:30 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
whos.amung.us/pingjs/?k=dqjf8f6dwp&t=Kita%20love%20only%20fans%20full%20videos%20-%20XXX%20Videos%20%7C%20Free%20Porn%20Videos&c=c&x=https%3A%2F%2Fredwap-xxx.com%2Fvideo%2Fkita-love-only-fans-full-videos%2F&y=&a=0&d=1.006&v=29&r=7473
188.114.98.234200 OK 72 B URL HTTP/2 whos.amung.us/pingjs/?k=dqjf8f6dwp&t=Kita%20love%20only%20fans%20full%20videos%20-%20XXX%20Videos%20%7C%20Free%20Porn%20Videos&c=c&x=https%3A%2F%2Fredwap-xxx.com%2Fvideo%2Fkita-love-only-fans-full-videos%2F&y=&a=0&d=1.006&v=29&r=7473
IP 188.114.98.234:0
File type ASCII text, with no line terminators
Hash b9a899ff851493ccf46cdc7bfabed614
b0eee73b9b9331f177ccb702d250c9379b8aec65
3570ecf3f7783b24322bc39ce6eab12ded7a1f369e7a32cb58d7132347109cd2
GET /pingjs/?k=dqjf8f6dwp&t=Kita%20love%20only%20fans%20full%20videos%20-%20XXX%20Videos%20%7C%20Free%20Porn%20Videos&c=c&x=https%3A%2F%2Fredwap-xxx.com%2Fvideo%2Fkita-love-only-fans-full-videos%2F&y=&a=0&d=1.006&v=29&r=7473 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:30 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7774b2f148ffb515-OSL
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/676799/e6b37a342b7f9f52955204fb467a456d07cdbd4a.jpg
185.76.9.25200 OK 26 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/676799/e6b37a342b7f9f52955204fb467a456d07cdbd4a.jpg
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 314bcd4331908cbfa418f46b4cad7cdc
e6b37a342b7f9f52955204fb467a456d07cdbd4a
af1239a1443d757bbd7ffa6bee10752a848ba47b381038563ed0e9c0dbe33d48
GET /library/676799/e6b37a342b7f9f52955204fb467a456d07cdbd4a.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:30 GMT
content-type: image/jpeg
content-length: 26414
last-modified: Tue, 23 Mar 2021 10:37:35 GMT
etag: "6059c4ef-672e"
expires: Fri, 30 Jun 2023 11:23:20 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195258
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCRR8/7v/tKnVAA
x-77-nzt-ray: af585630fbe4e033ee46946318d20828
x-cache: HIT
x-age: 14002612
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.realsrv.com/v1/api.php
95.211.229.247200 OK 2.7 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (6096), with no line terminators
Hash 6162ad0f58e49a3c76b1e66851aa9ff2
dde5a3248c9dc6e9b9a16d79d4e9c413ac93bf1a
a4fb009b6e5a9bd75d32e062ab54e9c5a451b83730779da19403b741d2278bb1
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22639446edeb2744.504810604232310344%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 08:44:30 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
a.realsrv.com/iframe.js?idzone=4794486&size=300x100
185.76.9.14200 OK 30 kB URL HTTP/2 a.realsrv.com/iframe.js?idzone=4794486&size=300x100
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
Hash 669803a3efd42b3adb81236ab62e37f5
f42418f32bb4ea5b33052f2341139e8514d084b5
55bfc5784a67662a31ed3462749fc2d294725e2dc6a01fda79669373ed175462
GET /iframe.js?idzone=4794486&size=300x100 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4794486&size=300x100
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22639446edeb2744.504810604232310344%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:30 GMT
content-type: application/javascript
etag: W/"b31721e9f558105a9e1e7b948af"
expires: Thu, 08 Dec 2022 12:52:32 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1670666166
server: CDN77-Turbo
x-77-nzt: AblMCQ2TXWj/aBkAAA
x-77-nzt-ray: c0a4cc288e1f6d6aee4694633961d624
x-cache: HIT
x-age: 6504
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1Qy27EIAz8lf5AkG0GA3vuuZVa9QNYQqRKXbXKSm0O/viaHJbhMYA1HltIZGGf9ETxAlwiWeVQKUACJ9jL65uBbR/rX/tZjuMI/ftmmjXXasKRqFjNVEUNuQJFLflTIslaimWuRWuEgSwaOSRFYLJAHsPOM9nH+/O52CFkvs+8k8I5HWQaXVzHOq6SgZAIhUkJEiUyTclScpc4Ukffxtq497IpDc68pd4xppC1sI/2dd9/zzLIkqhXzEQ6TQUWLtPC6XQiMqJAbOHHBeaD7Pz+3PZ2G2aPeOh55DOZmJfn6uYdSoC3qTO1Blk11aYroyHjWqj9A5p7BcyHAQAA
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1Qy27EIAz8lf5AkG0GA3vuuZVa9QNYQqRKXbXKSm0O/viaHJbhMYA1HltIZGGf9ETxAlwiWeVQKUACJ9jL65uBbR/rX/tZjuMI/ftmmjXXasKRqFjNVEUNuQJFLflTIslaimWuRWuEgSwaOSRFYLJAHsPOM9nH+/O52CFkvs+8k8I5HWQaXVzHOq6SgZAIhUkJEiUyTclScpc4Ukffxtq497IpDc68pd4xppC1sI/2dd9/zzLIkqhXzEQ6TQUWLtPC6XQiMqJAbOHHBeaD7Pz+3PZ2G2aPeOh55DOZmJfn6uYdSoC3qTO1Blk11aYroyHjWqj9A5p7BcyHAQAA
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1Qy27EIAz8lf5AkG0GA3vuuZVa9QNYQqRKXbXKSm0O/viaHJbhMYA1HltIZGGf9ETxAlwiWeVQKUACJ9jL65uBbR/rX/tZjuMI/ftmmjXXasKRqFjNVEUNuQJFLflTIslaimWuRWuEgSwaOSRFYLJAHsPOM9nH+/O52CFkvs+8k8I5HWQaXVzHOq6SgZAIhUkJEiUyTclScpc4Ukffxtq497IpDc68pd4xppC1sI/2dd9/zzLIkqhXzEQ6TQUWLtPC6XQiMqJAbOHHBeaD7Pz+3PZ2G2aPeOh55DOZmJfn6uYdSoC3qTO1Blk11aYroyHjWqj9A5p7BcyHAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22639446edeb2744.504810604232310344%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 08:44:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%22639446edeb2744.504810604232310344%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D; expires=Mon, 09 Dec 2024 08:44:30 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12371
Expires: Sat, 10 Dec 2022 12:10:42 GMT
Date: Sat, 10 Dec 2022 08:44:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12371
Expires: Sat, 10 Dec 2022 12:10:42 GMT
Date: Sat, 10 Dec 2022 08:44:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12371
Expires: Sat, 10 Dec 2022 12:10:42 GMT
Date: Sat, 10 Dec 2022 08:44:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0cb823bf2991a7047962ee388f00dc0
4a0377cd21b6ab69f7e45392a547c9846e607464
86e8e629ffd2efe7c4c86a7e140412dae81a35376cb7f03ee511c6e1d023c788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9948
x-amzn-requestid: 0b1400a6-7791-468f-a1d5-b46836e7b164
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMEGNZoAMF7ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4d-124f9a6f03db01a67784657f;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qPlUjc4Gzc8cFyyQH_3vZoF_k5J61aXPOXozWTO_8txfn11m8Bo5IQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:00:16 GMT
age: 38655
etag: "4a0377cd21b6ab69f7e45392a547c9846e607464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3acf5a494a6bb8b26858974ede70a33
4bccc3032f7427d881a49250e576c05dd7d5614f
786db0da1198986aeba9aa420a7c89b5b27a09bc48c3806769342159f116705d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12047
x-amzn-requestid: a8082dc0-21cd-4fd8-8c3b-50a0b03b6200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_rGiaIAMFnLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-2a0096650760715e6201b97a;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81ITdqoxk0_9sH9c9Nu9t50Ke2BDkI9RJqxFPziuYZwcpwnmpwfWYQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:26:51 GMT
age: 37060
etag: "4bccc3032f7427d881a49250e576c05dd7d5614f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 03:28:41 GMT
age: 18950
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3fb520-edaa-4af1-9369-2e90ba97fadd.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3fb520-edaa-4af1-9369-2e90ba97fadd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7abc253f87be063c8bccb9dcf8c1ccfa
088c938e8807779f1f9d3113d89a152d8c9389c3
a07c81bff4bda55ae45f3cbdbdd1f91d761582a7eb3c75d4d82a6c6ff56b7a37
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3fb520-edaa-4af1-9369-2e90ba97fadd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6818
x-amzn-requestid: f4de5113-c58a-4dc5-a3a5-fb3cf023b679
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw46AEQsoAMFu8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903b73-12594da83576d6b74640ea1a;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:06:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1o_I6ge1lJKIRxUPMJEFpRiikugr9Poh2e1THZACcMmFxwjoBr38CQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 07:07:31 GMT
age: 5820
etag: "088c938e8807779f1f9d3113d89a152d8c9389c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 052b61a3bd1c839e1f5ce37834cad817
1fbbf8fb328a1406904d6346004e2c89c6ba2419
96dcb266eaec98f6305071598df3b49ca93234e0e8b1c8c9801a1a99d7f5c817
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7811
x-amzn-requestid: dc97f86e-a29c-4139-887a-e775a0327280
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4EH_oAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-3a38086160ac180b3f8cf5d8;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TM_0Q_GmJDuXth6JpRvm_JAZXwT-xFZEjzuMeIzfzBu1J5jQ_Tng9A==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:25 GMT
age: 39066
etag: "1fbbf8fb328a1406904d6346004e2c89c6ba2419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nD0bWCjTU6LNSsNYCNqT4rt7okG1dmPPWiw4FXSi_uNWpcZnxhZgKw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:03:37 GMT
age: 38454
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn77-pic.xvideos-cdn.com/videos/thumbs169lll/cd/23/8a/cd238a55b76a36ceadf37341a7cb8794/cd238a55b76a36ceadf37341a7cb8794.30.jpg
195.181.166.12200 OK 48 kB URL HTTP/2 cdn77-pic.xvideos-cdn.com/videos/thumbs169lll/cd/23/8a/cd238a55b76a36ceadf37341a7cb8794/cd238a55b76a36ceadf37341a7cb8794.30.jpg
IP 195.181.166.12:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 600x337, components 3\012- data
Hash 202c5e7a6cfbba93d4bfcb59eccf7f81
c196490c49469ff46efd9cc5588ab6e9ca1bccee
05ba2794a9522ee49dfb2e8ef60ca224a6490108cf6aab853b07d01774d657fb
GET /videos/thumbs169lll/cd/23/8a/cd238a55b76a36ceadf37341a7cb8794/cd238a55b76a36ceadf37341a7cb8794.30.jpg HTTP/1.1
Host: cdn77-pic.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:32 GMT
content-type: image/jpeg
content-length: 48461
last-modified: Fri, 09 Nov 2018 09:39:14 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-accel-expires: @1674896412
x-77-nzt: A8O1pgr20Zj/mc8AANRmOAHVR/H/O8dcAI/0Ot0Dck//q9EAAA
x-77-cache: HIT
server: CDN77-Turbo
x-77-nzt-ray: JbtSW2MMMgQ
x-cache-lb: HIT, HIT
x-age-lb: 6080315, 53145
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A900&display=swap&ver=1.0.0
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A900&display=swap&ver=1.0.0
IP 142.250.74.74:0
GET /css?family=Roboto%3A900&display=swap&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Dec 2022 08:44:29 GMT
date: Sat, 10 Dec 2022 08:44:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
videoscdn.online/assetsv3/app-v2.js
104.26.9.59200 OK 0 B URL HTTP/2 videoscdn.online/assetsv3/app-v2.js
IP 104.26.9.59:0
GET /assetsv3/app-v2.js HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/41581217?sb=kita-love-only-fans-full-videos
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=85970
etag: W/"633f5299-14fd2"
last-modified: Thu, 06 Oct 2022 22:11:37 GMT
protected: by MS22092901
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 5537053
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afPhJJ0N9lkWimNUyhs8wFRgTf81KLrmeOv3oYVUTEoj7STNE9fvrvMdt6VLtgGRpkSvqDcEYWe4LcIl4KV2uEpacryZBurnNOs0x%2FSiQFbDfMN1llExj5mz9YR%2FKg7koq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7774b2eeef361bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
videoscdn.online/xplayer/dist-cdn/3.2.1/fluidplayer.min.js?v=3.2.3
104.26.9.59200 OK 0 B URL HTTP/2 videoscdn.online/xplayer/dist-cdn/3.2.1/fluidplayer.min.js?v=3.2.3
IP 104.26.9.59:0
GET /xplayer/dist-cdn/3.2.1/fluidplayer.min.js?v=3.2.3 HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/41581217?sb=kita-love-only-fans-full-videos
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 17 Oct 2022 15:59:55 GMT
vary: Accept-Encoding
etag: W/"634d7bfb-32c00"
cache-control: max-age=315360000
protected: by MS22092901
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 4447802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHg4V9%2Bfjv%2FJpPf%2B8W7kuj4YHbtNmZCR2nQxMEUlW6LqOotSOAN7AvBG%2BRW1c5QfjFgp6pdD%2BJFWQUZeP0J71OWb49p22PiPq84Z9H3DqJdKVYwtjwqhAGPwnhUwc2vTuBg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7774b2eeef391bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
videoscdn.online/getVideoAuth.php?vs_key=d8a5eb355fc2077c23a5da336eaf8fa9_b9433669c95b6dcede24fa978cf9f0dd
104.26.9.59200 OK 0 B URL HTTP/2 videoscdn.online/getVideoAuth.php?vs_key=d8a5eb355fc2077c23a5da336eaf8fa9_b9433669c95b6dcede24fa978cf9f0dd
IP 104.26.9.59:0
GET /getVideoAuth.php?vs_key=d8a5eb355fc2077c23a5da336eaf8fa9_b9433669c95b6dcede24fa978cf9f0dd HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/41581217?sb=kita-love-only-fans-full-videos
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:30 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
protected: by MS22112801
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-dns-prefetch-control: on
x-micro-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4hSRYGQruAEqnmuXrieqGGnQdoPwN55CcgEQwpE0hDLMn%2B4ytLZ7VEk4UFxk5ZqOr7fAylxVH1gSdy2ipe65p%2Bc79ikMoT13EypW7%2FMen34OSSBH1LoyQUyMMCuHkpTQP8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7774b2f0180d1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
videoscdn.online/applyVideo.php?data=NDE1ODEyMTc%3D&sb=Keilani+kita+en+el+largo+dong+adi%C3%B3s&vs_key=b0143518e841b2470af84d86e1b09d3b&_token=%248SiI6kvewt(_2LUmT6c-M8Dk())(UXKc-SMWVp9BOEQrz-)kzT_x(JZbrz(15--2(Qo5khj))WE)
104.26.9.59200 OK 0 B URL HTTP/2 videoscdn.online/applyVideo.php?data=NDE1ODEyMTc%3D&sb=Keilani+kita+en+el+largo+dong+adi%C3%B3s&vs_key=b0143518e841b2470af84d86e1b09d3b&_token=%248SiI6kvewt(_2LUmT6c-M8Dk())(UXKc-SMWVp9BOEQrz-)kzT_x(JZbrz(15--2(Qo5khj))WE)
IP 104.26.9.59:0
GET /applyVideo.php?data=NDE1ODEyMTc%3D&sb=Keilani+kita+en+el+largo+dong+adi%C3%B3s&vs_key=b0143518e841b2470af84d86e1b09d3b&_token=%248SiI6kvewt(_2LUmT6c-M8Dk())(UXKc-SMWVp9BOEQrz-)kzT_x(JZbrz(15--2(Qo5khj))WE) HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/41581217?sb=kita-love-only-fans-full-videos
X-CSRF-TOKEN: $8SiI6kvewt(_2LUmT6c-M8Dk())(UXKc-SMWVp9BOEQrz-)kzT_x(JZbrz(15--2(Qo5khj))WE)
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:31 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
protected: by MS22112801
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-dns-prefetch-control: on
x-micro-cache: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzCPvXyIl5I9mhfE%2Bb%2FuE2uXom1jToihPTTA86GXytwlr%2BtjtreqK%2F9blHs%2F6QTCInYMwI5HuT4btAYcSWFwf15xMyF62Y7ZyyDmI7NWnPOZtS3M8haVxyBOcyGGXlKyclE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7774b2f31a321bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
zanalytics.vip/js/plausible.js
172.67.211.118200 OK 0 B URL HTTP/2 zanalytics.vip/js/plausible.js
IP 172.67.211.118:0
GET /js/plausible.js HTTP/1.1
Host: zanalytics.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35112
last-modified: Fri, 09 Dec 2022 22:59:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azenP%2BkELeRRDEKYvhoBKX717GFaAcSF%2BmIRYH6FcbueEQvNnWhPyLmZX8bK8%2Bhx9hIvBETBwQS%2FtVZGrN1XFzTbMNCbByjwUNzSvs9rKN2w6vwy1QQbULJ5sD30yYCJVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7774b2eb8b1d0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
videoscdn.online/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1670659200
104.26.9.59200 OK 0 B URL HTTP/2 videoscdn.online/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1670659200
IP 104.26.9.59:0
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1670659200 HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:30 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-control-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAPcbGPL0goq6GSng0%2BNnAYfjViYqByQUqYJzcwhsKXinBub0J6hmcdY0CgQM8DZCzWisFEkjH4DALR6QSMn%2FPUDGsSVTBFHfk3yxvm8l8RKui93tvGp80QHb1q%2FvBmyKzE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7774b2f0281b1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
videoscdn.online/41581217?sb=kita-love-only-fans-full-videos
104.26.9.59200 OK 0 B URL HTTP/2 videoscdn.online/41581217?sb=kita-love-only-fans-full-videos
IP 104.26.9.59:0
GET /41581217?sb=kita-love-only-fans-full-videos HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
protected: by MS22112801
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-dns-prefetch-control: on
x-micro-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9K7j%2BkbQA9VTIKBU7uhL2XUyRSja0iFjECqiT4Vv%2B%2F6pHK%2FGUYp8FHrWWsXKhefIm0CrUWyH80S69PbhbfCJrrgu%2FyyUJdz7RDNFkCFR%2FCFQsAHG8ZfTna5KAWCKfedG6g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7774b2ed9e421bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
videoscdn.online/assetsv3/pol.js
104.26.9.59200 OK 0 B URL HTTP/2 videoscdn.online/assetsv3/pol.js
IP 104.26.9.59:0
GET /assetsv3/pol.js HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/41581217?sb=kita-love-only-fans-full-videos
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
etag: W/"6356ce7a-f25"
last-modified: Mon, 24 Oct 2022 17:42:18 GMT
protected: by MS22092901
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 4025811
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4kd8QVqedol3ejynsx7FMYP9PCD3ZDlry1zUKGx0E6EQqGH0gNJ9QabIBVzHNv69noKoatq150sckZV7Fc19U42wvcZsmTaeTntMrbuqZ6hDwkzGbqohMAPDJvrZ7uNqqM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7774b2eeef3c1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.realsrv.com/iframe.php?idzone=4794476&size=300x100
185.76.9.14200 OK 0 B URL HTTP/2 a.realsrv.com/iframe.php?idzone=4794476&size=300x100
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /iframe.php?idzone=4794476&size=300x100 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 10 Dec 2022 09:53:27 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1670666121
server: CDN77-Turbo
x-77-nzt: AblMCQ2JTHr/lBkAAA
x-77-nzt-ray: c0a4cc288e1f6d6aed4694638eb4bf29
x-cache: HIT
x-age: 6548
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
videoscdn.online/assetsv3/wa.js?as1
104.26.9.59200 OK 0 B URL HTTP/2 videoscdn.online/assetsv3/wa.js?as1
IP 104.26.9.59:0
GET /assetsv3/wa.js?as1 HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=15541
etag: W/"634d7bfb-3cb5"
last-modified: Mon, 17 Oct 2022 15:59:55 GMT
protected: by MS22092901
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 4447802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEpNh8ijmw%2FTpk7RfkeTmSHrjOAESoiKarR4%2FTPjenED2YuNjE51jMEMVmzLxYpeJ038bhbVo86J1yFz3SNJBfR4OUljtFlJl%2FPxBbFNCjm1NaMIemH7V%2FDx9XJrSco8Ums%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7774b2ebccd61bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
wuzbhjpvsf.com/lv/esnk/1938297/code.js
62.122.171.6200 OK 0 B URL HTTP/2 wuzbhjpvsf.com/lv/esnk/1938297/code.js
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /lv/esnk/1938297/code.js HTTP/1.1
Host: wuzbhjpvsf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-1aaa0"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
a.realsrv.com/iframe.js?idzone=4794476&size=300x100
185.76.9.14200 OK 0 B URL HTTP/2 a.realsrv.com/iframe.js?idzone=4794476&size=300x100
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /iframe.js?idzone=4794476&size=300x100 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4794476&size=300x100
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: application/javascript
etag: W/"e5ab3606288c72a3e66601e1b71"
expires: Thu, 08 Dec 2022 12:51:51 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1670666094
server: CDN77-Turbo
x-77-nzt: AblMCQ3pni3/rxkAAA
x-77-nzt-ray: c0a4cc288e1f6d6aed469463314fa82e
x-cache: HIT
x-age: 6575
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
videoscdn.online/assetsv3/style.css
104.26.9.59200 OK 0 B URL HTTP/2 videoscdn.online/assetsv3/style.css
IP 104.26.9.59:0
GET /assetsv3/style.css HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/41581217?sb=kita-love-only-fans-full-videos
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:29 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=2138
etag: W/"633f5299-85a"
last-modified: Thu, 06 Oct 2022 22:11:37 GMT
protected: by MS22092901
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 5537053
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gh6%2FBmW5gcXEJzF0XoY6OKq3r%2FRyXXNGd43U868xc%2Bk7W6ar99AOO9PkOaGkW4V%2B7XRdaRPE9u%2ByOzcuJqrr%2BSTFWHUGSYF0LNhhjBGbfjkAgNNsEsSVNrSIHPfa7quPbtQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7774b2eeef3a1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
openfpcdn.io/fingerprintjs/v3/iife.min.js
54.230.111.48200 OK 0 B URL HTTP/2 openfpcdn.io/fingerprintjs/v3/iife.min.js
IP 54.230.111.48:0
GET /fingerprintjs/v3/iife.min.js HTTP/1.1
Host: openfpcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
server: CloudFront
date: Sat, 10 Dec 2022 07:01:53 GMT
cache-control: public, max-age=625879, s-maxage=10737
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
etag: W/"o3oFikw2djY4UUYvr0FJzhoUF9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dvDXFWAtZLcm4QurSHH6V3TX3aVCON_OYFlWG4tUmAZLSyopq06P3A==
age: 6156
X-Firefox-Spdy: h2
kwtnhdrmbx.com/get/1864731?zoneid=1864731&jp=_clhofh1uq05mep7nncbjua&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2079813333216912
62.122.171.6200 OK 0 B URL HTTP/2 kwtnhdrmbx.com/get/1864731?zoneid=1864731&jp=_clhofh1uq05mep7nncbjua&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2079813333216912
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1864731?zoneid=1864731&jp=_clhofh1uq05mep7nncbjua&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2079813333216912 HTTP/1.1
Host: kwtnhdrmbx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 08:44:30 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2212100344109ba1152ef2456fb72114d5f2; Path=/; Expires=Sun, 10 Dec 2023 08:44:30 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
static.ahvideoscdn.net/cdn/uploads/41581217/41581217.jpg
104.21.57.103200 OK 0 B URL HTTP/2 static.ahvideoscdn.net/cdn/uploads/41581217/41581217.jpg
IP 104.21.57.103:0
GET /cdn/uploads/41581217/41581217.jpg HTTP/1.1
Host: static.ahvideoscdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:30 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
protected: by MS22110101
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-dns-prefetch-control: on
x-micro-cache: MISS
strict-transport-security: max-age=15768000;
last-modified: Thu, 10 Nov 2022 17:52:42 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Er1MtBK4jx70bXDIxPlFiykHJkxNsmP%2BwiKATxwT7RFY2bw38cvGHPG%2FjxHN0pTci7DiJowhfxU7EB3KgCyEdDQcUWUwuJqC7sFGeg9rWrfKaeTWCXo0mfPrXMZdaZJIdZc79HozK9d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7774b2f03bee1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.realsrv.com/iframe.php?idzone=4794486&size=300x100
185.76.9.14200 OK 0 B URL HTTP/2 a.realsrv.com/iframe.php?idzone=4794486&size=300x100
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /iframe.php?idzone=4794486&size=300x100 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redwap-xxx.com/
Connection: keep-alive
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22639446edeb2744.504810604232310344%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:44:30 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 10 Dec 2022 09:53:47 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1670666166
server: CDN77-Turbo
x-77-nzt: AblMCQ0BiKr/aBkAAA
x-77-nzt-ray: c0a4cc288e1f6d6aee46946348879b23
x-cache: HIT
x-age: 6504
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/164128/9d6121e653fda940170fdf76e6a683179177d947.mp4
185.76.9.25206 Partial Content 0 B URL HTTP/2 s3t3d2y8.afcdn.net/library/164128/9d6121e653fda940170fdf76e6a683179177d947.mp4
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
GET /library/164128/9d6121e653fda940170fdf76e6a683179177d947.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://redwap-xxx.com/
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Sat, 10 Dec 2022 08:44:30 GMT
content-type: video/mp4
content-length: 62513
last-modified: Mon, 05 Dec 2022 03:27:14 GMT
etag: "638d6512-f431"
expires: Tue, 05 Dec 2023 03:32:04 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1701747441
server: CDN77-Turbo
x-77-nzt: AblMCRSubTj/fd8GAA
x-77-nzt-ray: af585630fbe4e033ee46946329772028
x-cache: HIT
x-age: 450429
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-62512/62513
X-Firefox-Spdy: h2