xvideosrei.com/porno/cibelly-ferreira-professora-de-ingles-nua-close-friends/
301 Moved Permanently 0 B URL HTTP/1.1 xvideosrei.com/porno/cibelly-ferreira-professora-de-ingles-nua-close-friends/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /porno/cibelly-ferreira-professora-de-ingles-nua-close-friends/ HTTP/1.1
Host: xvideosrei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Sep 2022 05:32:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 08 Sep 2022 06:32:55 GMT
Location: https://xvideosrei.com/porno/cibelly-ferreira-professora-de-ingles-nua-close-friends/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VojffdWxILAAAcLA09I0tL9yK0AjUIQhQGwstdWl8HJMAODEvWJmhcnBxeSzF2zn1wbQroPdQP%2BtmyomvltvUBXzWUytUh0L1oRajwuzjqg68IBy7wdj32WsDuZ%2F9DK1LA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74754e71afb4b4f3-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3161
Expires: Thu, 08 Sep 2022 06:25:37 GMT
Date: Thu, 08 Sep 2022 05:32:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 08 Sep 2022 05:05:12 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RExTFSTWp2HiOHuLyIl0LUh2b9_V7pV1XUIkfDHLxrfut4hOqUPGag==
Age: 1664
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FU3f1gdAmyfBbwnGgF_rnAuw3x1LBKKx2Sgm3bM1X1xIE3UuVusRgA==
age: 6382
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 5.8 kB IP
Hash 6e3878a8a0451134837a765a054d1614
96142e27d073912ddc0ed044a7d763c7ed93e77b
2f36f2e67c3be204a8a499b1792ef6d5f5af891bde1032afc13fc470bbe0deed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 05:32:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-201333215-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-201333215-1
IP
File type ASCII text, with very long lines (1615)
Hash e47c652ea76272a7126c93b6ec17263b
40c5f7ed42de402c3f43b723810b5c2186a28b31
40394ebed488932ce0cf2ed0889623a6629fbe088dafd8cb9ca00a35138f58b0
GET /gtag/js?id=UA-201333215-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xvideosrei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Sep 2022 05:32:56 GMT
expires: Thu, 08 Sep 2022 05:32:56 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41874
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash de50d39318f58f490483c86aecd38e4c
f92177f493cb7bab9c5ce67f6b41f9214920907d
8bca037d0d46ddd72b4c1bbfc2829f96bc9e7bfb28724af3010f1441d14b7180
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 05:32:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 08 Sep 2022 04:38:18 GMT
Cache-Control: max-age=3600
Expires: Thu, 08 Sep 2022 05:11:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wvmMjPCTo51iTtw2BisVWXfKohIseVdvn2RzZ7tYAp1km95AawhGMQ==
Age: 3278
cdn.pncloudfl.com/pn/e01/a9b/d1e/e01a9bd1e2a8a8d2669c1efc65e08ab1581f0abe.jpg
200 OK 47 kB URL HTTP/2 cdn.pncloudfl.com/pn/e01/a9b/d1e/e01a9bd1e2a8a8d2669c1efc65e08ab1581f0abe.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89d7a70d6de55f51efd211fad627b7fc
7cd6e06d0b1f701e2d33e75beb1dd166dea9a460
dc32d5c34eae7382ab9bb0f6bcfe45144fbc3b62402e2af8598f779ccc047f94
GET /pn/e01/a9b/d1e/e01a9bd1e2a8a8d2669c1efc65e08ab1581f0abe.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: image/webp
content-length: 47170
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=79962
content-disposition: inline; filename="e01a9bd1e2a8a8d2669c1efc65e08ab1581f0abe.webp"
etag: ae7df9ca383ded137227aa9b02ffeeb8
expires: Fri, 09 Sep 2022 11:15:23 GMT
last-modified: Wed, 07 Sep 2022 10:48:25 GMT
vary: Accept
x-openstack-request-id: tx83016edc12614b4b95ea3-0063187833
x-proxy-cache: HIT
x-timestamp: 1662547704.80168
x-trans-id: tx83016edc12614b4b95ea3-0063187833
cf-cache-status: HIT
age: 65853
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 74754e76defbfabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cashewsforlife208.com/lv/esnk/1889766/code.js
200 OK 95 kB URL HTTP/2 cashewsforlife208.com/lv/esnk/1889766/code.js
IP
Hash 8ad1292e325b633701fab0aa81165625
2512a1ce1c3fd931cfed59d20389d793db21582e
2987e5bd906ea2684d0459e689937b414c0b89cf3bcde27e044f34805e2e34ef
GET /lv/esnk/1889766/code.js HTTP/1.1
Host: cashewsforlife208.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xvideosrei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash aaa977f9bbe0a9a4e7da229dc4c81fdb
7056f185990a6f18658375be8e6118ac18a33e49
509b08851ddfeac0baa8fb41e6b87a3cbd45864e28f78a5d86b0dc3c84d5bc61
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "509B08851DDFEAC0BAA8FB41E6B87A3CBD45864E28F78A5D86B0DC3C84D5BC61"
Last-Modified: Tue, 06 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8051
Expires: Thu, 08 Sep 2022 07:47:07 GMT
Date: Thu, 08 Sep 2022 05:32:56 GMT
Connection: keep-alive
videoscdn.online/49297787
200 OK 4.4 kB URL HTTP/2 videoscdn.online/49297787
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4459)
Hash 76d96b4cf5781695131dbcb85c2e049b
0af3f3326e8371d19efd18344c18d66f5481751e
04dad784d79afdb960cff72ce1d2bdee472479fedcd93affbd229176f0c51bb9
GET /49297787 HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xvideosrei.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public
protected: by MS22083110
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-dns-prefetch-control: on
x-micro-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEKpPfU9QwqTMsf4i10uix7iV2C0MdCkjUqhaAQ%2BLQf%2FTNO84fVyXeTjh8KSW30Hw%2FLF5dJaAmVJ7WE1pWOHsWPr%2Fta64ymgsaR681rBNGuQF3UqsRc3SFpuQ8c9YJErff6W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74754e759b620afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.bncloudfl.com/bn/29a/3a1/a7a/29a3a1a7aeef1bd0afeeef8efd0153cb1bcc3c03.jpg
200 OK 29 kB URL HTTP/2 cdn.bncloudfl.com/bn/29a/3a1/a7a/29a3a1a7aeef1bd0afeeef8efd0153cb1bcc3c03.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Hash cf52c3d752482626fa3c015f1cd22f85
f79bf0ca99d4ba1f5fc4818f58b466ec2330ed28
e323992227f04fa6c50efcac28dc6d377351cddc33a0013b7675dff4153e5ada
GET /bn/29a/3a1/a7a/29a3a1a7aeef1bd0afeeef8efd0153cb1bcc3c03.jpg HTTP/1.1
Host: cdn.bncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: image/jpeg
content-length: 29234
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=31637, status=webp_bigger
etag: 3cd93e51b543bdca8d688d32f582895f
expires: Thu, 08 Sep 2022 21:33:46 GMT
last-modified: Wed, 17 Nov 2021 14:56:48 GMT
x-openstack-request-id: tx4ca664767b9b4034ae95d-0061b095bd
x-proxy-cache: HIT
x-timestamp: 1637161007.65278
x-trans-id: tx4ca664767b9b4034ae95d-0061b095bd
cf-cache-status: HIT
age: 115150
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74754e774e490b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
videoscdn.online/assetsv3/app-v2.js
200 OK 32 kB URL HTTP/2 videoscdn.online/assetsv3/app-v2.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash a6b321e30cbda3298b354c42e057bf28
32f0d120df96cfa5e4220c94779213a5fb21b55c
3c58197b527a53ab3dc1583fa43cbd07c26532bb3c66e4e30cf116294194a779
GET /assetsv3/app-v2.js HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/49297787
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: application/javascript
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=85970
etag: W/"628e3788-14fd2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 25 May 2022 14:04:56 GMT
protected: by MS22051001
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=15768000;
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 8059407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeFEjPJ80dlgPIi47NyNSjmdM2i1zT28XfBLXRNtYyjyKxZeouUQy%2B17k3poQ93Ko1O%2F6O1S8LLROd6BVplijBRIgxH8kv0y6wxXYimSK9uNDen5q46YMyqbUrOVs5%2BTg6WN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74754e76ec380afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cashewsforlife208.com/chicken.gif?z=1889768&pb=7e3a40e237f80a68b978e2279d8434481662622376&psp=EBtr5mc3rv3gQ2TUYzY92i8lybflYQLArW07Q6hqT_78ogT8Sz32nvsa4THzPrKedB6TDS5xK6HkDEV1RVFkhTPs5VtrON9f3DNcBSZhyfShOe89qcWQvw-A9GAuvpTy1GP1PR5tlNQCSQZ7bM2Bw7lTXh-pbEC9J8rCWi-u6qY-lr7dQ5IPOZEXWflHU1Vo6TDQYh7bY0Z4lHAXeJgWWmonRT43qyZAEz5UFp1di6rwzADH1YKQreEjDktmbskMicy53_a4yTm_D-7bOPSA5C85G4sb0O9_amRnX0zvNx1Scb1kYtXJjgsvtRzKa487RJidXWoEkZ3j0-v1FJ0nkQG09iDT8vAuTN3MrYlrcNZqotHEiWijg5SdBnVnoHO3qo2RLckbw9tL0Ri36eHBQPmSOFG05za7aKnc2-LmdZMWoMxEj1EOzVUP59gw8AxdXl01xEmH3YfKLMKzaiOB90-u1Tk1Dk8ZW-8u9Y2pQ42bNrYOR8um3lE4o3HpW07edeO3z-Kh7iVKIsljP_bhUmp5xApvLtNy9W_mEs6SioqjNq3YdiIKBUGXIGRz-IgaTQbRb9amp-fDewdAwpwQLUV-6BXy9erzOPdMDcZrCq4mrnOgOAKPncM0m0EBuYJdFDHH7ax-9iLYFwET60cex09EYenpplOA1K9RtuK3jO_v_UbLkqTnmWUnkxlqWkhp3Q18IS8ze1XXFg_JZqhKX8Vu5V7yXruM&abvar=0&os=0
200 OK 43 B URL HTTP/2 cashewsforlife208.com/chicken.gif?z=1889768&pb=7e3a40e237f80a68b978e2279d8434481662622376&psp=EBtr5mc3rv3gQ2TUYzY92i8lybflYQLArW07Q6hqT_78ogT8Sz32nvsa4THzPrKedB6TDS5xK6HkDEV1RVFkhTPs5VtrON9f3DNcBSZhyfShOe89qcWQvw-A9GAuvpTy1GP1PR5tlNQCSQZ7bM2Bw7lTXh-pbEC9J8rCWi-u6qY-lr7dQ5IPOZEXWflHU1Vo6TDQYh7bY0Z4lHAXeJgWWmonRT43qyZAEz5UFp1di6rwzADH1YKQreEjDktmbskMicy53_a4yTm_D-7bOPSA5C85G4sb0O9_amRnX0zvNx1Scb1kYtXJjgsvtRzKa487RJidXWoEkZ3j0-v1FJ0nkQG09iDT8vAuTN3MrYlrcNZqotHEiWijg5SdBnVnoHO3qo2RLckbw9tL0Ri36eHBQPmSOFG05za7aKnc2-LmdZMWoMxEj1EOzVUP59gw8AxdXl01xEmH3YfKLMKzaiOB90-u1Tk1Dk8ZW-8u9Y2pQ42bNrYOR8um3lE4o3HpW07edeO3z-Kh7iVKIsljP_bhUmp5xApvLtNy9W_mEs6SioqjNq3YdiIKBUGXIGRz-IgaTQbRb9amp-fDewdAwpwQLUV-6BXy9erzOPdMDcZrCq4mrnOgOAKPncM0m0EBuYJdFDHH7ax-9iLYFwET60cex09EYenpplOA1K9RtuK3jO_v_UbLkqTnmWUnkxlqWkhp3Q18IS8ze1XXFg_JZqhKX8Vu5V7yXruM&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1889768&pb=7e3a40e237f80a68b978e2279d8434481662622376&psp=EBtr5mc3rv3gQ2TUYzY92i8lybflYQLArW07Q6hqT_78ogT8Sz32nvsa4THzPrKedB6TDS5xK6HkDEV1RVFkhTPs5VtrON9f3DNcBSZhyfShOe89qcWQvw-A9GAuvpTy1GP1PR5tlNQCSQZ7bM2Bw7lTXh-pbEC9J8rCWi-u6qY-lr7dQ5IPOZEXWflHU1Vo6TDQYh7bY0Z4lHAXeJgWWmonRT43qyZAEz5UFp1di6rwzADH1YKQreEjDktmbskMicy53_a4yTm_D-7bOPSA5C85G4sb0O9_amRnX0zvNx1Scb1kYtXJjgsvtRzKa487RJidXWoEkZ3j0-v1FJ0nkQG09iDT8vAuTN3MrYlrcNZqotHEiWijg5SdBnVnoHO3qo2RLckbw9tL0Ri36eHBQPmSOFG05za7aKnc2-LmdZMWoMxEj1EOzVUP59gw8AxdXl01xEmH3YfKLMKzaiOB90-u1Tk1Dk8ZW-8u9Y2pQ42bNrYOR8um3lE4o3HpW07edeO3z-Kh7iVKIsljP_bhUmp5xApvLtNy9W_mEs6SioqjNq3YdiIKBUGXIGRz-IgaTQbRb9amp-fDewdAwpwQLUV-6BXy9erzOPdMDcZrCq4mrnOgOAKPncM0m0EBuYJdFDHH7ax-9iLYFwET60cex09EYenpplOA1K9RtuK3jO_v_UbLkqTnmWUnkxlqWkhp3Q18IS8ze1XXFg_JZqhKX8Vu5V7yXruM&abvar=0&os=0 HTTP/1.1
Host: cashewsforlife208.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2209080032701d91279eb94d4eb5066e27be; OACICAP=ACEgHAAAAAAAAAAB; OACIBLOCK=ACEgHAAAAABjGXbQ; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACEgHAAAAAAAAAABACB4cAAAAAAAAAAB; Path=/; Expires=Sat, 08 Oct 2022 05:32:56 GMT; Secure; SameSite=None
OACIBLOCK=ACEgHAAAAABjGXbQACB4cAAAAABjGXbQ; Path=/; Expires=Sat, 08 Oct 2022 05:32:56 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Fri, 09 Sep 2022 05:32:56 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cashewsforlife208.com/chicken.gif?z=1889767&pb=7e3a40e237f80a68b978e2279d8434481662622376&psp=NKYFGtF8idYWkK9ASdHLd_jTtMBMKNynE9OTIkMptCO5Nx3q5jR69rTVCi9XITwGAIiY_BPdl0yu4SRzzxACkVcIj-9iSjThiTSsn7NEN_wLDwHSlfX-Vd43lTG6yKGCQOoOvv4qeqV3WiUlTc7I8b9MlcVX1emeOZhIXwBchLWKcWUYP_PydeAC_4uXors5d2hX04eSXU8uK9tQOfpXdH4rgaetS60pK-WXaK38Tq-jU_5YQ1R1yVWL-KPrV_eBWCJlTQcTR9LgcwJJ-ZszHSn025Lv2XE5E4uGFiEFel9MZK-oNPRMeS3GZu8-12D60J5Lq9sigqMCH2AJwI380_W_5MvMa4qV1WhEgOjKspuZSahowWvWq1uilaSG1MnRsvt6s4-SSCaXxxi-cVEjrlth4KRu4dE9K06fy8p5w7wgwWEy7JyE5ON8YFswExScGW8BGmQTQJHUzPMXJjYHEPhTd8i1x1KrL5AsDEKVZ24xhIhYQkbRcthBEuk9yoae-AcrNe0YPIdw6rb1cJuES3LDTZbTE2qpEsZVm2IWEvL7tN-K_NpcYy3VdkjYfan987Zat5L34V647iAEyxQBD7kTGP_lc8uzYfJAQ56Fz8v5hpQK_Klr05wLdEywke1A2EAGAGACSixTXiFp1oQ2UNFUVmTRBhHpdzRRZESd4vm-quwHvFPNGS50zKuYQA03jp1Gq7diRLbuYYE=&abvar=27&os=0
200 OK 43 B URL HTTP/2 cashewsforlife208.com/chicken.gif?z=1889767&pb=7e3a40e237f80a68b978e2279d8434481662622376&psp=NKYFGtF8idYWkK9ASdHLd_jTtMBMKNynE9OTIkMptCO5Nx3q5jR69rTVCi9XITwGAIiY_BPdl0yu4SRzzxACkVcIj-9iSjThiTSsn7NEN_wLDwHSlfX-Vd43lTG6yKGCQOoOvv4qeqV3WiUlTc7I8b9MlcVX1emeOZhIXwBchLWKcWUYP_PydeAC_4uXors5d2hX04eSXU8uK9tQOfpXdH4rgaetS60pK-WXaK38Tq-jU_5YQ1R1yVWL-KPrV_eBWCJlTQcTR9LgcwJJ-ZszHSn025Lv2XE5E4uGFiEFel9MZK-oNPRMeS3GZu8-12D60J5Lq9sigqMCH2AJwI380_W_5MvMa4qV1WhEgOjKspuZSahowWvWq1uilaSG1MnRsvt6s4-SSCaXxxi-cVEjrlth4KRu4dE9K06fy8p5w7wgwWEy7JyE5ON8YFswExScGW8BGmQTQJHUzPMXJjYHEPhTd8i1x1KrL5AsDEKVZ24xhIhYQkbRcthBEuk9yoae-AcrNe0YPIdw6rb1cJuES3LDTZbTE2qpEsZVm2IWEvL7tN-K_NpcYy3VdkjYfan987Zat5L34V647iAEyxQBD7kTGP_lc8uzYfJAQ56Fz8v5hpQK_Klr05wLdEywke1A2EAGAGACSixTXiFp1oQ2UNFUVmTRBhHpdzRRZESd4vm-quwHvFPNGS50zKuYQA03jp1Gq7diRLbuYYE=&abvar=27&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1889767&pb=7e3a40e237f80a68b978e2279d8434481662622376&psp=NKYFGtF8idYWkK9ASdHLd_jTtMBMKNynE9OTIkMptCO5Nx3q5jR69rTVCi9XITwGAIiY_BPdl0yu4SRzzxACkVcIj-9iSjThiTSsn7NEN_wLDwHSlfX-Vd43lTG6yKGCQOoOvv4qeqV3WiUlTc7I8b9MlcVX1emeOZhIXwBchLWKcWUYP_PydeAC_4uXors5d2hX04eSXU8uK9tQOfpXdH4rgaetS60pK-WXaK38Tq-jU_5YQ1R1yVWL-KPrV_eBWCJlTQcTR9LgcwJJ-ZszHSn025Lv2XE5E4uGFiEFel9MZK-oNPRMeS3GZu8-12D60J5Lq9sigqMCH2AJwI380_W_5MvMa4qV1WhEgOjKspuZSahowWvWq1uilaSG1MnRsvt6s4-SSCaXxxi-cVEjrlth4KRu4dE9K06fy8p5w7wgwWEy7JyE5ON8YFswExScGW8BGmQTQJHUzPMXJjYHEPhTd8i1x1KrL5AsDEKVZ24xhIhYQkbRcthBEuk9yoae-AcrNe0YPIdw6rb1cJuES3LDTZbTE2qpEsZVm2IWEvL7tN-K_NpcYy3VdkjYfan987Zat5L34V647iAEyxQBD7kTGP_lc8uzYfJAQ56Fz8v5hpQK_Klr05wLdEywke1A2EAGAGACSixTXiFp1oQ2UNFUVmTRBhHpdzRRZESd4vm-quwHvFPNGS50zKuYQA03jp1Gq7diRLbuYYE=&abvar=27&os=0 HTTP/1.1
Host: cashewsforlife208.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2209080032701d91279eb94d4eb5066e27be; OACICAP=ACEgHAAAAAAAAAAB; OACIBLOCK=ACEgHAAAAABjGXbQ; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACEgHAAAAAAAAAABACB4cAAAAAAAAAAB; Path=/; Expires=Sat, 08 Oct 2022 05:32:56 GMT; Secure; SameSite=None
OACIBLOCK=ACEgHAAAAABjGXbQACB4cAAAAABjGXbQ; Path=/; Expires=Sat, 08 Oct 2022 05:32:56 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Fri, 09 Sep 2022 05:32:56 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
7ca78m3csgbrid7ge.com/solid.gif?z=1864731&abvar=26
200 OK 43 B URL HTTP/2 7ca78m3csgbrid7ge.com/solid.gif?z=1864731&abvar=26
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1864731&abvar=26 HTTP/1.1
Host: 7ca78m3csgbrid7ge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xvideosrei.com
Connection: keep-alive
Referer: https://xvideosrei.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdn18685953.ahacdn.me/skins/bannerdating4.png
200 OK 9.6 kB URL HTTP/2 cdn18685953.ahacdn.me/skins/bannerdating4.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 147 x 153, 8-bit/color RGBA, non-interlaced\012- data
Hash 56f07e0d933a1f7211667b4cc4a7db80
daf466fe3e15cc69bcf6b1d2592ba2d33357250f
5cc8d7fef92d8de943e1979813099b5f825d12443a29cf008928de90197b7118
GET /skins/bannerdating4.png HTTP/1.1
Host: cdn18685953.ahacdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: image/png
content-length: 9644
server: nginx/1.16.1
last-modified: Wed, 28 Jul 2021 08:50:24 GMT
etag: 56f07e0d933a1f7211667b4cc4a7db80
x-timestamp: 1627462223.18881
x-trans-id: tx9ec40df6ae564c1abf95a-0061c43775
x-openstack-request-id: tx9ec40df6ae564c1abf95a-0061c43775
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sat, 10 Sep 2022 05:32:56 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cashewsforlife208.com/chicken.gif?z=1889766&pb=7e3a40e237f80a68b978e2279d8434481662622376&psp=y4PNNmPEgJwbuDNukLZGDWEHWyK_F-OV6IjYrtF1SSr1wskel6EOysQaVWiyTgjbbPN9HHMFbN3kG-Mp0DmioBehIM8mUtPfmZ5Zd27Y2a3i98i7RUS8T4NFznHr2AYWLuFAjK9TrEzvB383ZAq0nzHNQw_dhaiKJ8hkEG_toA2kd98yWnFfmviYMSsat92CD-QwzG2joHA3x_ZlWpdbC_r0tprjL2_Ucd0gvE-rUCxeG98ff5ke2g28oQvIXPKYi-OcJftmvqmc30dD3aXmIBnbgZBf8CG1aKVdT4T72bfkoJs7YLqI_nYQrI9WnuegHheAGvtbLpsJl2iHLdC0cznvqW5akeYADa8L6w1K9DNbbsDVCfB-Z0w2Qdz7_vUf-hY0XYYd33ZKI_sHRqil6M0hJyP8KqE5HwtChTJL1ji3iF6DHd1Ni_VmFKhc3wEp4ecC_5M6p0Nyfwf9hEdfyeHEFXtGOCweu0FIGUPc3yVkC21yjJEDNoekzo926tMJeHR1FiJnpZ1--Mik5eBK26kUt3p5xO0SqnEnnzH2mhO1bieV-4PFaLSMPnSuUQGRKrE5NgYWiQUGLa4qdJc-awmJzCYdRDLJKf4myEaMyLAe4mX-BxkkLorvuLzJxFkPEEKbP5gsazx6dqBBJFfOj64PmpkexOwox8Vulb79BvnmPY3s&abvar=0&os=0
200 OK 43 B URL HTTP/2 cashewsforlife208.com/chicken.gif?z=1889766&pb=7e3a40e237f80a68b978e2279d8434481662622376&psp=y4PNNmPEgJwbuDNukLZGDWEHWyK_F-OV6IjYrtF1SSr1wskel6EOysQaVWiyTgjbbPN9HHMFbN3kG-Mp0DmioBehIM8mUtPfmZ5Zd27Y2a3i98i7RUS8T4NFznHr2AYWLuFAjK9TrEzvB383ZAq0nzHNQw_dhaiKJ8hkEG_toA2kd98yWnFfmviYMSsat92CD-QwzG2joHA3x_ZlWpdbC_r0tprjL2_Ucd0gvE-rUCxeG98ff5ke2g28oQvIXPKYi-OcJftmvqmc30dD3aXmIBnbgZBf8CG1aKVdT4T72bfkoJs7YLqI_nYQrI9WnuegHheAGvtbLpsJl2iHLdC0cznvqW5akeYADa8L6w1K9DNbbsDVCfB-Z0w2Qdz7_vUf-hY0XYYd33ZKI_sHRqil6M0hJyP8KqE5HwtChTJL1ji3iF6DHd1Ni_VmFKhc3wEp4ecC_5M6p0Nyfwf9hEdfyeHEFXtGOCweu0FIGUPc3yVkC21yjJEDNoekzo926tMJeHR1FiJnpZ1--Mik5eBK26kUt3p5xO0SqnEnnzH2mhO1bieV-4PFaLSMPnSuUQGRKrE5NgYWiQUGLa4qdJc-awmJzCYdRDLJKf4myEaMyLAe4mX-BxkkLorvuLzJxFkPEEKbP5gsazx6dqBBJFfOj64PmpkexOwox8Vulb79BvnmPY3s&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1889766&pb=7e3a40e237f80a68b978e2279d8434481662622376&psp=y4PNNmPEgJwbuDNukLZGDWEHWyK_F-OV6IjYrtF1SSr1wskel6EOysQaVWiyTgjbbPN9HHMFbN3kG-Mp0DmioBehIM8mUtPfmZ5Zd27Y2a3i98i7RUS8T4NFznHr2AYWLuFAjK9TrEzvB383ZAq0nzHNQw_dhaiKJ8hkEG_toA2kd98yWnFfmviYMSsat92CD-QwzG2joHA3x_ZlWpdbC_r0tprjL2_Ucd0gvE-rUCxeG98ff5ke2g28oQvIXPKYi-OcJftmvqmc30dD3aXmIBnbgZBf8CG1aKVdT4T72bfkoJs7YLqI_nYQrI9WnuegHheAGvtbLpsJl2iHLdC0cznvqW5akeYADa8L6w1K9DNbbsDVCfB-Z0w2Qdz7_vUf-hY0XYYd33ZKI_sHRqil6M0hJyP8KqE5HwtChTJL1ji3iF6DHd1Ni_VmFKhc3wEp4ecC_5M6p0Nyfwf9hEdfyeHEFXtGOCweu0FIGUPc3yVkC21yjJEDNoekzo926tMJeHR1FiJnpZ1--Mik5eBK26kUt3p5xO0SqnEnnzH2mhO1bieV-4PFaLSMPnSuUQGRKrE5NgYWiQUGLa4qdJc-awmJzCYdRDLJKf4myEaMyLAe4mX-BxkkLorvuLzJxFkPEEKbP5gsazx6dqBBJFfOj64PmpkexOwox8Vulb79BvnmPY3s&abvar=0&os=0 HTTP/1.1
Host: cashewsforlife208.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2209080032701d91279eb94d4eb5066e27be; OACICAP=ACEgHAAAAAAAAAABACB4cAAAAAAAAAAB; OACIBLOCK=ACEgHAAAAABjGXbQACB4cAAAAABjGXbQ; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACEgHAAAAAAAAAABACB4cAAAAAAAAAABABsllgAAAAAAAAAB; Path=/; Expires=Sat, 08 Oct 2022 05:32:56 GMT; Secure; SameSite=None
OACIBLOCK=ACB4cAAAAABjGXbQACEgHAAAAABjGXbQABsllgAAAABjGXbQ; Path=/; Expires=Sat, 08 Oct 2022 05:32:56 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Fri, 09 Sep 2022 05:32:56 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
videoscdn.online/assetsv3/style.css
200 OK 546 B URL HTTP/2 videoscdn.online/assetsv3/style.css
IP
File type ASCII text, with very long lines (1643), with no line terminators
Hash bb851123012c7cc0ed3e5a0323101d81
7902d1275cc4bf164b0c5ed1efeab6f5153d5df7
0e6a422e59ee66c99caab3c81088b5812b64fc42a542dfa1f304117deb913d8b
GET /assetsv3/style.css HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/49297787
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=2138
etag: W/"628e3788-85a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 25 May 2022 14:04:56 GMT
protected: by MS22051001
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=15768000;
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 8064190
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdafh9PhvMO939H5tqh8hnsNMRQHIvJr4FgG%2FLny%2F3TsbetSTouOoZFWiqMG7VOjy15y0LubveqlZvWvvqiM3iGZqQwZ8LPKPmxxGkGSS8L%2BfPNj58uZrc9K4JdqgT4G8As6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74754e76ec3d0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
7ca78m3csgbrid7ge.com/solid.gif?z=1864731&abvar=26
200 OK 43 B URL HTTP/2 7ca78m3csgbrid7ge.com/solid.gif?z=1864731&abvar=26
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1864731&abvar=26 HTTP/1.1
Host: 7ca78m3csgbrid7ge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xvideosrei.com
Connection: keep-alive
Referer: https://xvideosrei.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
analyticsweb.net/js/plausible.js
200 OK 774 B URL HTTP/2 analyticsweb.net/js/plausible.js
IP
File type ASCII text, with very long lines (1390), with no line terminators
Hash 880183aed861a179fa5ceb5bec847d47
d56cadd97b2d5efd9e246a8d960620de8c940979
97dbf976c671b5b87492fca282b1f95a5f41e73226c98fd7090c5d95e00ff66f
GET /js/plausible.js HTTP/1.1
Host: analyticsweb.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xvideosrei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
x-request-id: FxLLsbilFPKwG-ewsgHi
cf-cache-status: EXPIRED
last-modified: Thu, 08 Sep 2022 04:29:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eB%2FxRjZxB5JcVKfOeVEiNM0ffaBWla8surAicwRRh7hf0jScO3o%2BFNEKW5C%2FmbtzXgtQ0QfyXgJX3%2B7hrKwa7IaH4IKPW4LifEpWCh%2BOd332hizkm6ifxlN3rlhIZyBgee3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74754e74d9911c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cashewsforlife208.com/lv/esnk/1889767/code.js
200 OK 60 kB URL HTTP/2 cashewsforlife208.com/lv/esnk/1889767/code.js
IP
Hash b103e8e05f131e7c969bc8b8608d2b95
a6a8cd363a60ca2f9a7a9fcd6e61aab793c9d240
4d0bedd6d16da1f4b68955b3d2da4230731c3f7d54a1e9223df342093a900767
GET /lv/esnk/1889767/code.js HTTP/1.1
Host: cashewsforlife208.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xvideosrei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 09:27:43 GMT
vary: Accept-Encoding
etag: W/"6311cc8f-20df9"
x-js-ab1: var27
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4003
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 05:32:57 GMT
Last-Modified: Thu, 08 Sep 2022 04:26:14 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
videoscdn.online/xplayer/dist-cdn/3.2.1/fluidplayer.min.js?v=3.2.3
200 OK 66 kB URL HTTP/2 videoscdn.online/xplayer/dist-cdn/3.2.1/fluidplayer.min.js?v=3.2.3
IP
File type ASCII text, with very long lines (62743)
Hash e4e5e37f5650882566da86d10f469329
f013783095aef670dedb8b020844edff39dd98d8
574a93ab70c575dd2dafd7dd2bcec80ebb9bcd1d3842296d136b6617048330ee
GET /xplayer/dist-cdn/3.2.1/fluidplayer.min.js?v=3.2.3 HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/49297787
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 20:19:29 GMT
vary: Accept-Encoding
etag: W/"62ace1d1-32c00"
protected: by MS22051001
cache-control: max-age=315360000
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
expires: Thu, 31 Dec 2037 23:55:55 GMT
strict-transport-security: max-age=15768000;
cf-cache-status: HIT
age: 7118000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaQypozHQVvY5neBVBxZ56x8s7xURhne4aHAVKM2mO%2BxwYTf1bZRscnJO31X4Y85RmGBwHhguq%2FB5bMXJfP3cc%2BYyAp1qKq5vRbF362ZfNm%2FaQTcrS9AAMY0dNtSDrI4THkE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74754e76ec3c0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
7ca78m3csgbrid7ge.com/get/1864731?zoneid=1864731&jp=_clbb6rlhcbdwcwqb1qvptf&nojs=0&ix=0&abvar=26&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1}&sp=0&cid=7145835565519961
200 OK 58 B URL HTTP/2 7ca78m3csgbrid7ge.com/get/1864731?zoneid=1864731&jp=_clbb6rlhcbdwcwqb1qvptf&nojs=0&ix=0&abvar=26&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1}&sp=0&cid=7145835565519961
IP
Hash 25f5652292ce275f165dc44b72ee0561
5c7b98a126e775d1ee2c17e616565a287e679127
cce34a27b0f961662eb2e1d52770da42cf5e4de9be35a26b4adab919c7e0328f
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1864731?zoneid=1864731&jp=_clbb6rlhcbdwcwqb1qvptf&nojs=0&ix=0&abvar=26&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1}&sp=0&cid=7145835565519961 HTTP/1.1
Host: 7ca78m3csgbrid7ge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xvideosrei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=220908003277515efaaa834f0ab63be5301c; Path=/; Expires=Fri, 08 Sep 2023 05:32:56 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
widgets.amung.us/small/14/1400.png
200 OK 341 B URL HTTP/2 widgets.amung.us/small/14/1400.png
IP
File type PNG image data, 80 x 15, 8-bit colormap, non-interlaced\012- data
Hash cb5b89014ef4854087829db85c1ce687
8a61b55e0ca7184e22f3bf91a3e77ac4b3a390a7
f9a22845770b3911620811dec828546e263644b173452e2da36b9623fad54550
GET /small/14/1400.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xvideosrei.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 05:32:57 GMT
content-type: image/png
content-length: 341
last-modified: Sun, 13 Jun 2010 09:48:30 GMT
etag: "4c14a96e-155"
expires: Thu, 08 Sep 2022 20:50:30 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 31347
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74754e795a7f993c-ARN
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b2ef56bd5e1bb320ed12b28175abbaa3
6d48cd8181a653d642885419c1b07a9d487fc46a
f98a57503fa21121b9978ea5aeb6a8724ef86894e16d282c97e7568315382098
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F98A57503FA21121B9978EA5AEB6A8724EF86894E16D282C97E7568315382098"
Last-Modified: Tue, 06 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7310
Expires: Thu, 08 Sep 2022 07:34:47 GMT
Date: Thu, 08 Sep 2022 05:32:57 GMT
Connection: keep-alive
sstatic1.histats.com/0.gif?4558530&101
200 OK 43 B URL HTTP/1.1 sstatic1.histats.com/0.gif?4558530&101
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /0.gif?4558530&101 HTTP/1.1
Host: sstatic1.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xvideosrei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 05:32:57 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FQ0ZpcdEsBhOCCSLW54zYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CEchAej290CLDMQQxuvboqjJCTc=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6696
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 05:32:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6696
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 05:32:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6696
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 05:32:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6696
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 05:32:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6696
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 05:32:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a07d553b6441514870ed7e9e989a29a7
98c145b9326d1e6036fa9089d87a25232dd45b0b
373a586b596016baeb8de98022207c25af24c099c06077edbdfd837cffc31a0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7492
x-amzn-requestid: 2c5e9ff3-c7a4-4a8f-96bf-74f0ca5d9137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9dOHguIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f87-70dbe6532b1a241e6dbe729e;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 6mfdlMHJozdykr4faiijvUuJPXVrJGU_n0MxJgCrZ-uWWdejGYfiAQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 020978022b22df6352245f09cfbc410c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:33:06 GMT
age: 25192
etag: "98c145b9326d1e6036fa9089d87a25232dd45b0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ccc1d45458086694a8221a8a6c6aa3b
b8f1359214f21be812390a6cca80b8e84c26a403
461503caa5ec14c1214bdc19795e47b8c1c3c5be1b21f0f29e923e5191e93846
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8693
x-amzn-requestid: aae6e4f7-9b0a-49da-b2f1-58b625609942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgFokoAMFbwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-27854a575dea22e1035454e3;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PKD1-NMnB_gBWmi4tmCDLib4ROvVwI4hrOL7CHtoMXEEGgYNYiAsTw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:48:35 GMT
etag: "b8f1359214f21be812390a6cca80b8e84c26a403"
content-type: image/jpeg
age: 27863
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca5b5d4ac26d97b5729a30ecdc688bc
3e633bc6c4ab9adfe84899e5209d73bef1d097eb
2c8275d1819d933f86df9685b76aea030842ba5a341c59ea88ffd2da99a5a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7885
x-amzn-requestid: 305dc6b7-eb3d-40ad-af89-8b60be935637
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThE3DIAMFRtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7c0b58644e26de7f27c5b388;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ry2D03udnweYHan_7KhC9IDhT01g9_73G40Fa10BdIX21tgK0Cgjiw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:48:35 GMT
etag: "3e633bc6c4ab9adfe84899e5209d73bef1d097eb"
content-type: image/jpeg
age: 27863
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg
200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edcd025faafbf7161d4d606f47304c2b
a99519726bc82f2cc0541c79f47ddd15c7362669
ed7b147e3ea371ea4b014805d9c2f45407918924bb2ec540ea6f7cd0a8b1b698
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3529
x-amzn-requestid: 6ee305f1-aaaf-49eb-94b5-1176943a1922
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YCjYWFzNoAMFajg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63174c35-7e8ef3554da3194d47726d0d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 13:33:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: u3PSpvVEoPGJTFmcB643hOaVUAp-iW0X68PxtIaJZvGHc-Bh79gPgQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:44:14 GMT
age: 28124
etag: "a99519726bc82f2cc0541c79f47ddd15c7362669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1574e23-3c8b-4ce2-95be-812a884e557e.webp
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1574e23-3c8b-4ce2-95be-812a884e557e.webp
IP
Hash 7d8a404d989b0dfacc9f46df904ae970
64223cca7f2f3512cacdb2dcbbbbc188056eee62
4a1aed85dc2b8cc9d6238091ceb7aef9efd22b961cced6f2ab1110fb59c9195f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1574e23-3c8b-4ce2-95be-812a884e557e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4320
x-amzn-requestid: cd37ae50-7ab0-48b6-8a30-caf4f941b65d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE9u4EeXIAMFoRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6318432b-6751e5fc30a2ecae0776fa74;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:07:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EVmEzfIUfLSUXlj4yx5l-gNStFI0kGevn9nhFsBw0zNCHDrTlVEhlA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 07:07:24 GMT
age: 80734
etag: "705bece0f3cca112c508c6e77bbb728e6e733905"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b1ceaeb-6cf1-42e7-b7e3-28eb631f4b98.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b1ceaeb-6cf1-42e7-b7e3-28eb631f4b98.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 77aa1349e0d44b4756bbede0cbd05413
339fc154a29a7459101dd6125bebf38219bfd11a
74e6439067201bba5e0edc7fd477c62c0566c5fac30b035150d06fea2d30cce0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b1ceaeb-6cf1-42e7-b7e3-28eb631f4b98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12131
x-amzn-requestid: c190466e-eab9-4705-be7e-9724d240a1a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9VNF8BoAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f54-0f718d821b0107bb1b1474a9;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:28 GMT
x-amz-cf-pop: SFO20-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: FgyITZMcjYj-IQbBMI21OtlmpP9HE9ZG3mJ0TyWYNxwMR4S0gz9oSg==
via: 1.1 36cc13280ef76bb2fee6ae5eed6fec2e.cloudfront.net (CloudFront), 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:59:40 GMT
age: 27198
etag: "339fc154a29a7459101dd6125bebf38219bfd11a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn77-pic.xvideos-cdn.com/videos/thumbs169lll/43/35/6f/43356fabd9d58d7a580632df6b1af619-1/43356fabd9d58d7a580632df6b1af619.2.jpg
200 OK 31 kB URL HTTP/2 cdn77-pic.xvideos-cdn.com/videos/thumbs169lll/43/35/6f/43356fabd9d58d7a580632df6b1af619-1/43356fabd9d58d7a580632df6b1af619.2.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", progressive, precision 8, 600x337, components 3\012- data
Hash 5ef8c60832623dd1c455e87f581efcaf
7d4e3d288b2d4d99ddfe7317fa7f90bea5741ee4
53085dbe52cfe2f61c24c8c9b89535f925cf2ab53fd1a3b721cd00fd8ed79afd
GET /videos/thumbs169lll/43/35/6f/43356fabd9d58d7a580632df6b1af619-1/43356fabd9d58d7a580632df6b1af619.2.jpg HTTP/1.1
Host: cdn77-pic.xvideos-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://videoscdn.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 05:32:58 GMT
content-type: image/jpeg
content-length: 30596
x-frame-options: sameorigin
last-modified: Thu, 18 Aug 2022 07:25:19 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-accel-expires: @1671176261
x-77-nzt: A8O1pgdUk0WhnJIhLonaLf+ukRsAj/Q62C5m7f+XAAAA
x-77-cache: HIT
x-77-nzt-ray: h5SgAYddNGI
x-age-lb: 1806766
server: CDN77-Turbo
x-cache-lb: HIT, MISS
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9afa50f-5ac3-4bb1-b267-82b7fe3558d5.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9afa50f-5ac3-4bb1-b267-82b7fe3558d5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c80ab72b0027230ca932410e56e77509
ed0ed6164c756645532fd631d0ce72bc76ef6aa4
03ed42a7fb94bff45232e88d934f41889703e15934d106cd100f327f1c17d346
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9afa50f-5ac3-4bb1-b267-82b7fe3558d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5395
x-amzn-requestid: 33c5a8a9-a006-40e4-b210-ad6ca29523e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG-lnEMWIAMF8fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63191156-7792c8dc77d1e9706466b7a7;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:47:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: cJ-JtA3PFE3C0aqz9Ui5ymiQeFQYEVEIb55nHkOEWw8KnVQsjS8jeA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:12:25 GMT
age: 26440
etag: "ed0ed6164c756645532fd631d0ce72bc76ef6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
whos.amung.us/swidget/hp4dg9j3f5lk.gif
307 Temporary Redirect 0 B URL HTTP/2 whos.amung.us/swidget/hp4dg9j3f5lk.gif
IP
GET /swidget/hp4dg9j3f5lk.gif HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xvideosrei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Thu, 08 Sep 2022 05:32:57 GMT
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/small/14/1400.png
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74754e7889c4993c-ARN
X-Firefox-Spdy: h2
cashewsforlife208.com/get/1889766?zoneid=1889766&jp=_cl8o4lr1a5a8vp097zo8zr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3205185891538970
200 OK 0 B URL HTTP/2 cashewsforlife208.com/get/1889766?zoneid=1889766&jp=_cl8o4lr1a5a8vp097zo8zr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3205185891538970
IP
GET /get/1889766?zoneid=1889766&jp=_cl8o4lr1a5a8vp097zo8zr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3205185891538970 HTTP/1.1
Host: cashewsforlife208.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xvideosrei.com/
Cookie: UID=2209080032701d91279eb94d4eb5066e27be
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
videoscdn.online/allow.php?v9
200 OK 0 B URL HTTP/2 videoscdn.online/allow.php?v9
IP
GET /allow.php?v9 HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/49297787
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
cache-control: public
protected: by MS22083110
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-dns-prefetch-control: on
x-micro-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlO2zWOUEiHcEUivRppw1nfZmrUJVY%2F%2FXM0rXfUjYC7mJhZ3Lawe0%2FDFPuFxE2bd9%2B1DFbr2qbKmdVrSmAUP4zVBlCzBil8M3EYAlis1aLr6WUVUsLgTUjvmvtVQtOnz3qv4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74754e76ec3f0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cashewsforlife208.com/lv/esnk/1889768/code.js
200 OK 0 B URL HTTP/2 cashewsforlife208.com/lv/esnk/1889768/code.js
IP
GET /lv/esnk/1889768/code.js HTTP/1.1
Host: cashewsforlife208.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xvideosrei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
7ca78m3csgbrid7ge.com/get/1864731?zoneid=1864731&jp=_clzjv5r9r8tqj6h532fi66&nojs=0&ix=0&abvar=26&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1}&sp=0&cid=6301410635363878
200 OK 0 B URL HTTP/2 7ca78m3csgbrid7ge.com/get/1864731?zoneid=1864731&jp=_clzjv5r9r8tqj6h532fi66&nojs=0&ix=0&abvar=26&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1}&sp=0&cid=6301410635363878
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1864731?zoneid=1864731&jp=_clzjv5r9r8tqj6h532fi66&nojs=0&ix=0&abvar=26&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1}&sp=0&cid=6301410635363878 HTTP/1.1
Host: 7ca78m3csgbrid7ge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xvideosrei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2209080032c3a57c0d17474253bfa5c1f335; Path=/; Expires=Fri, 08 Sep 2023 05:32:56 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cashewsforlife208.com/get/1889768?zoneid=1889768&jp=_cldj6bvikwd3wdjb74ajbm&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2642235938170577
200 OK 0 B URL HTTP/2 cashewsforlife208.com/get/1889768?zoneid=1889768&jp=_cldj6bvikwd3wdjb74ajbm&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2642235938170577
IP
GET /get/1889768?zoneid=1889768&jp=_cldj6bvikwd3wdjb74ajbm&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2642235938170577 HTTP/1.1
Host: cashewsforlife208.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xvideosrei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=220908003234b958b4650043568b70cc91d7; Path=/; Expires=Fri, 08 Sep 2023 05:32:56 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=typkwclm67js&t=VIDEOSCDN%20-%2049297787&c=c&x=https%3A%2F%2Fvideoscdn.online%2F49297787&y=https%3A%2F%2Fxvideosrei.com%2F&a=0&d=0.574&v=29&r=4821
200 OK 0 B URL HTTP/2 whos.amung.us/pingjs/?k=typkwclm67js&t=VIDEOSCDN%20-%2049297787&c=c&x=https%3A%2F%2Fvideoscdn.online%2F49297787&y=https%3A%2F%2Fxvideosrei.com%2F&a=0&d=0.574&v=29&r=4821
IP
GET /pingjs/?k=typkwclm67js&t=VIDEOSCDN%20-%2049297787&c=c&x=https%3A%2F%2Fvideoscdn.online%2F49297787&y=https%3A%2F%2Fxvideosrei.com%2F&a=0&d=0.574&v=29&r=4821 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://videoscdn.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 05:32:57 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74754e799ac1993c-ARN
X-Firefox-Spdy: h2
cashewsforlife208.com/get/1889767?zoneid=1889767&jp=_cl5zi5p5x74duvpri2n0ln&nojs=0&ix=0&abvar=27&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=1234861054604870
200 OK 0 B URL HTTP/2 cashewsforlife208.com/get/1889767?zoneid=1889767&jp=_cl5zi5p5x74duvpri2n0ln&nojs=0&ix=0&abvar=27&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=1234861054604870
IP
GET /get/1889767?zoneid=1889767&jp=_cl5zi5p5x74duvpri2n0ln&nojs=0&ix=0&abvar=27&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=1234861054604870 HTTP/1.1
Host: cashewsforlife208.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xvideosrei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2209080032701d91279eb94d4eb5066e27be; Path=/; Expires=Fri, 08 Sep 2023 05:32:56 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
7ca78m3csgbrid7ge.com/get/1864731?zoneid=1864731&jp=_cloxhzqt4p005pkpmwfnh9&nojs=0&ix=0&abvar=26&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1}&sp=0&cid=108961147723348
200 OK 0 B URL HTTP/2 7ca78m3csgbrid7ge.com/get/1864731?zoneid=1864731&jp=_cloxhzqt4p005pkpmwfnh9&nojs=0&ix=0&abvar=26&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1}&sp=0&cid=108961147723348
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1864731?zoneid=1864731&jp=_cloxhzqt4p005pkpmwfnh9&nojs=0&ix=0&abvar=26&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1}&sp=0&cid=108961147723348 HTTP/1.1
Host: 7ca78m3csgbrid7ge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xvideosrei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=22090800320492c6f505fe411dadbd852573; Path=/; Expires=Fri, 08 Sep 2023 05:32:56 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
videoscdn.online/assetsv3/wa.js?as1
200 OK 0 B URL HTTP/2 videoscdn.online/assetsv3/wa.js?as1
IP
GET /assetsv3/wa.js?as1 HTTP/1.1
Host: videoscdn.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videoscdn.online/49297787
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: application/javascript
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=15541
etag: W/"62423cc3-3cb5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 28 Mar 2022 22:54:59 GMT
protected: by MS22021003
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 14107051
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Dbw4kWUlUnSqTaW34%2FN%2FEYCE50k3qRbbnXiQ1xkl7h4pJp2mQhjOMpAPrMjA1uWM4JGvHApkbt4SgSNyaoMBE3FU%2F4RABzeG1Wxgh1BdfSA0Fi32jO7u5%2Fqh9ZKLicFu4DD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74754e770c520afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xvideosrei.com/porno/cibelly-ferreira-professora-de-ingles-nua-close-friends/
200 OK 0 B URL HTTP/2 xvideosrei.com/porno/cibelly-ferreira-professora-de-ingles-nua-close-friends/
IP
GET /porno/cibelly-ferreira-professora-de-ingles-nua-close-friends/ HTTP/1.1
Host: xvideosrei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 08 Sep 2022 05:32:56 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 24 Jun 2022 20:22:55 GMT
cache-control: public
protected: by MS22083110
x-dns-prefetch-control: on
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=15768000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Lvocqpqx24e9iS058KxEEY5hAmQDZLvApd6axTUJl3I%2BbwKRiE%2FKLxk25C3uqw2bHanb221EfFcRujlxmUMBzqMFiujsTXqs%2FP4jhOkw%2Baz2Uc7N0FaW%2F1YGMpJR%2F%2BAng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74754e72c8351c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
104.21.40.202
62.122.171.6
192.99.8.27
34.120.237.76
104.21.2.103
23.36.77.32
93.184.220.29
195.181.166.9