www.xvideosincesto.com/luisa-sonza-onlyfans/
104.21.2.8301 Moved Permanently 0 B URL HTTP/1.1 www.xvideosincesto.com/luisa-sonza-onlyfans/
IP 104.21.2.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /luisa-sonza-onlyfans/ HTTP/1.1
Host: www.xvideosincesto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 21:40:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 22:40:21 GMT
Location: https://www.xvideosincesto.com/luisa-sonza-onlyfans/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2Bvu6suCmr2TbwxFpUtnhbP5z%2FoYoyRtWH81bAnp1jQtz%2F4%2FHtZTN4deITlF5vpr1drv1PNIgwChI3UYh59cc3pwFi76s0vh4cbcoFoWpWhOoo%2BnKmbVNgiBRyGxXHAc%2B5FhWmtaTDCl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7705c8353b4db529-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9095
Expires: Sun, 27 Nov 2022 00:11:57 GMT
Date: Sat, 26 Nov 2022 21:40:22 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4206
Cache-Control: max-age=136851
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:22 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:41:13 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2253
Expires: Sat, 26 Nov 2022 22:17:55 GMT
Date: Sat, 26 Nov 2022 21:40:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 21:19:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1266
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AuumfxMLvZuLBPINTMieYbneyG+ZzIQDDPXnHcxyy/0bzjp/HlPmLeP9hOWXDZnTJ6OYmck/YH1pbJ5zDvW1Tw==
x-amz-request-id: 6A338R76B6TNK6KX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 20:41:21 GMT
age: 3541
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4e37e8e072efde9ebfd4e29d0c6a503d
b74a6a5f042aab3de9ba26ad3c6a6718ad7caeb8
90c4dcb60b81399e5192ff2bbeafccd6f2f956d2252d755476fe8c501570d104
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "90C4DCB60B81399E5192FF2BBEAFCCD6F2F956D2252D755476FE8C501570D104"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13599
Expires: Sun, 27 Nov 2022 01:27:01 GMT
Date: Sat, 26 Nov 2022 21:40:22 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 21:40:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4e37e8e072efde9ebfd4e29d0c6a503d
b74a6a5f042aab3de9ba26ad3c6a6718ad7caeb8
90c4dcb60b81399e5192ff2bbeafccd6f2f956d2252d755476fe8c501570d104
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "90C4DCB60B81399E5192FF2BBEAFCCD6F2F956D2252D755476FE8C501570D104"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13599
Expires: Sun, 27 Nov 2022 01:27:01 GMT
Date: Sat, 26 Nov 2022 21:40:22 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 93132113e8ad2ec05bbec00195d50ff3
57fa2747ec278994b996878f21c7cb90b1c7fd13
a91e6bd0c1d4f4044abeb41bdbf34e513d80ae6727f8ef3262869c0866d19635
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5931
Cache-Control: max-age=89955
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:22 GMT
Etag: "63812cfe-116"
Expires: Sun, 27 Nov 2022 22:39:37 GMT
Last-Modified: Fri, 25 Nov 2022 21:00:46 GMT
Server: ECS (amb/6BA3)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 4.2 kB IP 93.184.220.29:0
File type gzip compressed data, from Unix\012- data
Hash 2c8adef4a5e3ab5297ba05a0bdc028aa
24eadc39afec61db6d3a0c795bb31aec32587800
a1f3b06bf6b63a409792d1439832b7b7a522294bbdeec21cd594149dd6e7b33d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2242
Cache-Control: max-age=86266
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:22 GMT
Etag: "63812cfe-116"
Expires: Sun, 27 Nov 2022 21:38:08 GMT
Last-Modified: Fri, 25 Nov 2022 21:00:46 GMT
Server: ECS (amb/6B9B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 93132113e8ad2ec05bbec00195d50ff3
57fa2747ec278994b996878f21c7cb90b1c7fd13
a91e6bd0c1d4f4044abeb41bdbf34e513d80ae6727f8ef3262869c0866d19635
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4438
Cache-Control: max-age=88462
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:22 GMT
Etag: "63812cfe-116"
Expires: Sun, 27 Nov 2022 22:14:44 GMT
Last-Modified: Fri, 25 Nov 2022 21:00:46 GMT
Server: ECS (amb/6B8D)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 108 kB IP 93.184.220.29:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 108 kB (108132 bytes)
Hash 6b1d23ddb073048be61377374621b8b2
8ac67100e2cb11d09e267a82c62f2a6c9ad6fb68
2e5d5daf979cc5670437d3d7243d37a93ef988d22b28e19624690c175fd0a1ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5931
Cache-Control: max-age=89955
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:22 GMT
Etag: "63812cfe-116"
Expires: Sun, 27 Nov 2022 22:39:37 GMT
Last-Modified: Fri, 25 Nov 2022 21:00:46 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash d2e15df9b266cd1483e0e2c2ad8f2b0c
7c0cb318151932af4b9beb7c98e0dec3eaa4194c
a2e588ceac818cbbf042fe56e07a96e258288a7d9fd6fc2abd5ad7332a3804af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170427
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:22 GMT
Etag: "63827e81-118"
Expires: Mon, 28 Nov 2022 21:00:49 GMT
Last-Modified: Sat, 26 Nov 2022 21:00:49 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash d2e15df9b266cd1483e0e2c2ad8f2b0c
7c0cb318151932af4b9beb7c98e0dec3eaa4194c
a2e588ceac818cbbf042fe56e07a96e258288a7d9fd6fc2abd5ad7332a3804af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:22 GMT
Etag: "63812cfe-116"
Server: ECS (amb/6B97)
Content-Length: 280
code.jquery.com/jquery-3.5.1.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65451)
Hash 3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:23 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669498823.dop225.sk1.t,1669498823.cds024.sk1.hn,1669498823.cds208.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 342b2d55edf6efb748ea7e578a1b853d
04c3722b6317e83e203ff84f746f3bb5dde7197a
c6241efba77cf35682131040a55b5fda3dbcd15568471e3c36af6b65776fa0c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6241EFBA77CF35682131040A55B5FDA3DBCD15568471E3C36AF6B65776FA0C5"
Last-Modified: Fri, 25 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6386
Expires: Sat, 26 Nov 2022 23:26:49 GMT
Date: Sat, 26 Nov 2022 21:40:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 21:11:12 GMT
cache-control: public,max-age=3600
age: 1751
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 342b2d55edf6efb748ea7e578a1b853d
04c3722b6317e83e203ff84f746f3bb5dde7197a
c6241efba77cf35682131040a55b5fda3dbcd15568471e3c36af6b65776fa0c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6241EFBA77CF35682131040A55B5FDA3DBCD15568471E3C36AF6B65776FA0C5"
Last-Modified: Fri, 25 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Sun, 27 Nov 2022 03:39:31 GMT
Date: Sat, 26 Nov 2022 21:40:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 342b2d55edf6efb748ea7e578a1b853d
04c3722b6317e83e203ff84f746f3bb5dde7197a
c6241efba77cf35682131040a55b5fda3dbcd15568471e3c36af6b65776fa0c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6241EFBA77CF35682131040A55B5FDA3DBCD15568471E3C36AF6B65776FA0C5"
Last-Modified: Fri, 25 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 27 Nov 2022 03:40:23 GMT
Date: Sat, 26 Nov 2022 21:40:23 GMT
Connection: keep-alive
affiliate.oliverclick.com/www/delivery/afr.php?zoneid=3&cb=INSERT_RANDOM_NUMBER_HERE
209.145.58.154200 OK 681 B URL HTTP/1.1 affiliate.oliverclick.com/www/delivery/afr.php?zoneid=3&cb=INSERT_RANDOM_NUMBER_HERE
IP 209.145.58.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (770)
Hash 0e226bf8387e8033cbdc31128956e976
5b1b8610713c44cf25b4a0cfcb37877c4683ed89
61a219473414b41f848c361e1ecb90eb309cfec47976a67491997aabb779645e
GET /www/delivery/afr.php?zoneid=3&cb=INSERT_RANDOM_NUMBER_HERE HTTP/1.1
Host: affiliate.oliverclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Sun, 26-Nov-2023 21:40:23 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Encoding: gzip
affiliate.oliverclick.com/www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE
209.145.58.154200 OK 664 B URL HTTP/1.1 affiliate.oliverclick.com/www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE
IP 209.145.58.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (735)
Hash 288d0c05fd5926dfb051040ff0f67ef6
6cbdaa9532fe0f662dc0b7972eb599181cf72566
d44a05b5a34dd6a8caac9510683465b7d615de293fbf152c675a80743aaf5d11
GET /www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE HTTP/1.1
Host: affiliate.oliverclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Sun, 26-Nov-2023 21:40:23 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3385
Cache-Control: max-age=130973
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:23 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:03:16 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 96 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.0 (Windows), datetime=2022:09:06 19:52:26 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-0, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 1186825144474799235106078720.000000], progressive, precision 8, 300x233, components 3\012- data
Hash a6e424ea05e88aefcd1d7dbcba46eb65
813addfa1236f7ea00bc158b77938b03354abab6
e033f1a260cf33e80b405242d03ce44992834bb71165030ed289f78bc5b8e5d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDB746CEC520144159A497B7E0EC343E5E30305AEA85C3BBA9812C06D8EBBF10"
Last-Modified: Thu, 24 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7482
Expires: Sat, 26 Nov 2022 23:45:05 GMT
Date: Sat, 26 Nov 2022 21:40:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 4.4 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62ba7def726b0592a233256fd29e3164
4b35714f262889b08f90e322cefef1e60cc5b22f
d686da6e7eb0234add01332324134bbb799a2adb4c18c1e4bae9004e94262306
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEA99489DE91BB26A3C8067F73D90405D4D3785F7244E0C88A95BDF363279AFD"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18883
Expires: Sun, 27 Nov 2022 02:55:06 GMT
Date: Sat, 26 Nov 2022 21:40:23 GMT
Connection: keep-alive
grupoxxx.com/sistema/uploads/influencers-vazadas.png
104.21.59.133200 OK 124 kB URL HTTP/2 grupoxxx.com/sistema/uploads/influencers-vazadas.png
IP 104.21.59.133:0
File type PNG image data, 300 x 233, 8-bit/color RGBA, non-interlaced\012- data
Size 124 kB (123606 bytes)
Hash b3526feb6fc7f482772ea4e81c2b6f86
972aa8ea5f1279023aec5ab2d4d5bb11f8fdafd5
9a0c4786002c3cf966cc76a5d1dd890ec44637b552c58e8adb60d18d487ce0b5
GET /sistema/uploads/influencers-vazadas.png HTTP/1.1
Host: grupoxxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:22 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 21:43:19 GMT
vary: Accept-Encoding
etag: W/"633ca8f7-1e297"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache: HIT from Backend
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 790032
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tsZHKE9NebzNj%2FN3iSQR7HVScIAenQLIFsZrrh8C4b71SdX2jrlbXAYn%2B%2B4G1eUm8WEtVnOnjBWM243%2BF44dtISn%2FstjQH2wU2C6v4yk13oWjXIJhbaMRH5ECa6mA8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705c83aac9e1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dec7623e836ffe84b4eebd3420161e45
4d310f310d5bffd8e4fedb4136d478114b79fef9
a4d81e53a8c84040e977eb3384d1524c3498ab653e923716291dfb8e9f969197
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4D81E53A8C84040E977EB3384D1524C3498AB653E923716291DFB8E9F969197"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Sun, 27 Nov 2022 03:40:21 GMT
Date: Sat, 26 Nov 2022 21:40:23 GMT
Connection: keep-alive
affiliate.oliverclick.com/www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE
209.145.58.154200 OK 663 B URL HTTP/1.1 affiliate.oliverclick.com/www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE
IP 209.145.58.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (735)
Hash 8837d46ed7d93912254b1c8030721fd8
0110d452986c47ce517a5d79436cc2e095bdf4e4
19d93812e6550234573a81be57096d5945994689032c4e017542b75266bc078e
GET /www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE HTTP/1.1
Host: affiliate.oliverclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Sun, 26-Nov-2023 21:40:23 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Encoding: gzip
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ebedc2ec4252a54928ffc21c1ab1bb51
da7ffc7850a3c5f0e61287497ae7db665e796753
8b0ad4330c60cfa6c6bb4a24827fdb80075eb89e67e06cd89d0c868b98fd002e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 05:29:12 GMT
Expires: Sat, 03 Dec 2022 05:29:11 GMT
Etag: "da7ffc7850a3c5f0e61287497ae7db665e796753"
Cache-Control: max-age=545927,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7705c83d9990b51b-OSL
affiliate.oliverclick.com/www/images/e9b61929ef447b2003de2571537a8d0a.webp
209.145.58.154200 OK 13 kB URL HTTP/1.1 affiliate.oliverclick.com/www/images/e9b61929ef447b2003de2571537a8d0a.webp
IP 209.145.58.154:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e9b61929ef447b2003de2571537a8d0a
473eb2300e9bb1f9b6eec106932f4b572eadd961
41368f374e307cf51f41c0d46dbe0d122155adb8522ed17f15fee2cef445c500
GET /www/images/e9b61929ef447b2003de2571537a8d0a.webp HTTP/1.1
Host: affiliate.oliverclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affiliate.oliverclick.com/www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Type: image/webp
Content-Length: 12720
Last-Modified: Thu, 27 Oct 2022 02:34:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6359ee48-31b0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
parlorscenes.com/39/b0/a2/39b0a2d72b6db0d70299160713d4da46.js
173.233.137.36200 OK 29 kB URL HTTP/1.1 parlorscenes.com/39/b0/a2/39b0a2d72b6db0d70299160713d4da46.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c8f02254e5e7b72b50f74b04dddffcb5
53404e6eabf8ea6e608fe5dce4134028ec3591e4
151186432c51e1e7a175b59aaa57dfd9905a5a91913c55fb3b663787dfe51ecd
GET /39/b0/a2/39b0a2d72b6db0d70299160713d4da46.js HTTP/1.1
Host: parlorscenes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f79f5284f3297f1516d1f660ff58412f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
parlorscenes.com/eb/cf/db/ebcfdbdf5995471793a61bc2c1e19e2d.js
173.233.137.36200 OK 13 kB URL HTTP/1.1 parlorscenes.com/eb/cf/db/ebcfdbdf5995471793a61bc2c1e19e2d.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (37162), with no line terminators
Hash c77f9a1a6047c74a34dd02b10e1232e2
ba24e30482967ebb5f402f329c3d8b4d10b10a0e
4f197dcfca97da15c4e149d043d3098d70b84a9dee630a1f1a670e23fba3cfa2
GET /eb/cf/db/ebcfdbdf5995471793a61bc2c1e19e2d.js HTTP/1.1
Host: parlorscenes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f7dd38314b151b4ebfcb8204f4d1cc83
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
affiliate.oliverclick.com/www/delivery/lg.php?bannerid=135&campaignid=6&zoneid=9&loc=https%3A%2F%2Fwww.xvideosincesto.com%2F&cb=65024ec475
209.145.58.154200 OK 1.2 kB URL HTTP/1.1 affiliate.oliverclick.com/www/delivery/lg.php?bannerid=135&campaignid=6&zoneid=9&loc=https%3A%2F%2Fwww.xvideosincesto.com%2F&cb=65024ec475
IP 209.145.58.154:0
Hash f87df2915e142eaf34c52acc464b896b
5b7a99071e4bc94aa21c1eca09a506e5cc23bb46
3d0632e6cc3711594967b63ad2c08e7ebd5dff3b0b4316ae6c8acd1c554a68f4
GET /www/delivery/lg.php?bannerid=135&campaignid=6&zoneid=9&loc=https%3A%2F%2Fwww.xvideosincesto.com%2F&cb=65024ec475 HTTP/1.1
Host: affiliate.oliverclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affiliate.oliverclick.com/www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Sun, 26-Nov-2023 21:40:23 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Encoding: gzip
widgets.amung.us/small/13/1372.png
104.22.74.171200 OK 336 B URL HTTP/2 widgets.amung.us/small/13/1372.png
IP 104.22.74.171:0
File type PNG image data, 80 x 15, 8-bit colormap, non-interlaced\012- data
Hash fcef4b085cfe7173efb6e7a67d43a427
57ed3d21d71fed914db35de75b9f921290b0065b
72a52f255df9dffe152ab087dda172096fae722d37c701f6296317150779633e
GET /small/13/1372.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xvideosincesto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:23 GMT
content-type: image/png
content-length: 336
last-modified: Sun, 13 Jun 2010 09:48:30 GMT
etag: "4c14a96e-150"
expires: Sun, 13 Nov 2022 19:51:34 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 1216129
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c83fdb190a24-ARN
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.167.231.108101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.167.231.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ofo4/g1atM1C2wKQyAPq3w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UhiCBF0F0SynubLJPUd7TF0G24s=
affiliate.oliverclick.com/www/delivery/lg.php?bannerid=128&campaignid=6&zoneid=9&loc=https%3A%2F%2Fwww.xvideosincesto.com%2F&cb=b550fd14bf
209.145.58.154200 OK 63 B URL HTTP/1.1 affiliate.oliverclick.com/www/delivery/lg.php?bannerid=128&campaignid=6&zoneid=9&loc=https%3A%2F%2Fwww.xvideosincesto.com%2F&cb=b550fd14bf
IP 209.145.58.154:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3023325b26e8409e9c4e8fd53a59669e
2ac73ae49031ee6c0d39c344d25e9350dd9b49fa
22d20777c7f2d969414610da9a86ac5c3851262d1f9a8a36b4e981943c219b1b
GET /www/delivery/lg.php?bannerid=128&campaignid=6&zoneid=9&loc=https%3A%2F%2Fwww.xvideosincesto.com%2F&cb=b550fd14bf HTTP/1.1
Host: affiliate.oliverclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affiliate.oliverclick.com/www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Sun, 26-Nov-2023 21:40:23 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Encoding: gzip
affiliate.oliverclick.com/www/images/c48fa7f6eecbcb960509579517f6683b.webp
209.145.58.154200 OK 18 kB URL HTTP/1.1 affiliate.oliverclick.com/www/images/c48fa7f6eecbcb960509579517f6683b.webp
IP 209.145.58.154:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c48fa7f6eecbcb960509579517f6683b
9da3cc86c0f4359e98a06856ca612358e956ab53
a82641ffe299cde6e684699ef0881c1d6361b26146a78dd894d1be13b3317888
GET /www/images/c48fa7f6eecbcb960509579517f6683b.webp HTTP/1.1
Host: affiliate.oliverclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affiliate.oliverclick.com/www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Type: image/webp
Content-Length: 17908
Last-Modified: Thu, 27 Oct 2022 02:33:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6359edfe-45f4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
affiliate.oliverclick.com/www/images/d9a771626dfe332ade2afbd0e7bd2734.webp
209.145.58.154200 OK 286 kB URL HTTP/1.1 affiliate.oliverclick.com/www/images/d9a771626dfe332ade2afbd0e7bd2734.webp
IP 209.145.58.154:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 286 kB (286248 bytes)
Hash d9a771626dfe332ade2afbd0e7bd2734
acae7cf431c4188c3a48719554f03347e05d9f4c
8beb7ad06360151bb1b27a2a41d1b1ba9021ab0dda57874eb652bbf1dcd9d0f5
GET /www/images/d9a771626dfe332ade2afbd0e7bd2734.webp HTTP/1.1
Host: affiliate.oliverclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affiliate.oliverclick.com/www/delivery/afr.php?zoneid=3&cb=INSERT_RANDOM_NUMBER_HERE
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Type: image/webp
Content-Length: 286248
Last-Modified: Sat, 05 Nov 2022 20:22:16 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6366c5f8-45e28"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
142.250.74.74200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:34:16 GMT
expires: Wed, 22 Nov 2023 18:34:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 356767
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d438e1af63e2f2b0e0cdf2a74966ab91
37e36842937ddc6abf543f0623894e770cc06118
a5121c332d69fbec0378a247a93432ecc3f00014bd67df9b1ff613bea57af4d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A5121C332D69FBEC0378A247A93432ECC3F00014BD67DF9B1FF613BEA57AF4D1"
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8290
Expires: Sat, 26 Nov 2022 23:58:34 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 4af47334194a0d10c2bfd52f16eb91ac
8ea04d240499dea43f26c738c8428df118dd622d
6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144966
Date: Sat, 26 Nov 2022 21:40:24 GMT
Etag: "63821517-1d7"
Expires: Mon, 28 Nov 2022 13:56:30 GMT
Last-Modified: Sat, 26 Nov 2022 13:31:03 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: V08r9F2J4qRTtYeV3xsE7hMwvim53lUvxFsLC_3cH4LNwWkSB4_nAQ==
Age: 1527
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 4af47334194a0d10c2bfd52f16eb91ac
8ea04d240499dea43f26c738c8428df118dd622d
6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148932
Date: Sat, 26 Nov 2022 21:40:24 GMT
Etag: "63821517-1d7"
Expires: Mon, 28 Nov 2022 15:02:36 GMT
Last-Modified: Sat, 26 Nov 2022 13:31:03 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: t0dfqRHV5eKe6Z_xQV7IRIhbPAMxmHdaxCyntphpNEbTHKgnMfz7RQ==
Age: 5493
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash b9376b000a372c9dd89046cb20891cc3
9278edc6529381080d1f18f1c6943acca43a79a0
829701ca9d3c57b66e431ff93a3945ed454530115620641ef06894c40e4c6196
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:24 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.xvideosincesto.com
access-control-allow-credentials: true
set-cookie: uid_id2=9ea7b4d4-9e9f-4c09-af2a-1467d2ce6885:1:1; expires=Tue, 23 Nov 2032 21:40:24 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 661211b07eda1dbdcdc0796b0d724b80
16bc4682669290958618fac3fa00e634012e2d3f
d25066f28175ed08a50fb45b2506959d660eaf6c729ef760a5d263b7505a018a
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:24 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.xvideosincesto.com
access-control-allow-credentials: true
set-cookie: uid_id2=01ac3da3-1ea0-4362-860a-5db98ea2f96d:1:1; expires=Tue, 23 Nov 2032 21:40:24 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 286372
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 266776
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 269195
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:56:18 GMT
expires: Thu, 23 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
age: 269046
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:40:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d438e1af63e2f2b0e0cdf2a74966ab91
37e36842937ddc6abf543f0623894e770cc06118
a5121c332d69fbec0378a247a93432ecc3f00014bd67df9b1ff613bea57af4d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A5121C332D69FBEC0378A247A93432ECC3F00014BD67DF9B1FF613BEA57AF4D1"
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8290
Expires: Sat, 26 Nov 2022 23:58:34 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 98eaecd9f0e022d4b9b424cb0ec55799
53276f3d6b49cba36107c5bbad4b975b62f1d345
ac20339846844f8e6595584114a9c389a838d3773d27d2fd25d2591bdfbc3507
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC20339846844F8E6595584114A9C389A838D3773D27D2FD25D2591BDFBC3507"
Last-Modified: Thu, 24 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9012
Expires: Sun, 27 Nov 2022 00:10:36 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 110fe5160840681a476d93793f7942c0
f80a103ed642d0db8c008939d7bfc2621681747b
ded9668d16fdba5a785700ae8d8427758811695525d05419914b5e0fbdf8df7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DED9668D16FDBA5A785700AE8D8427758811695525D05419914B5E0FBDF8DF7E"
Last-Modified: Sat, 26 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6301
Expires: Sat, 26 Nov 2022 23:25:25 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive
whos.amung.us/swidget/csg79dxr47.gif
104.22.74.171307 Temporary Redirect 13 kB URL HTTP/2 whos.amung.us/swidget/csg79dxr47.gif
IP 104.22.74.171:0
File type gzip compressed data, max speed, from Unix\012- data
Hash f49d6817bee3c919b75265313b312c4a
6a22cb48b8f074483906b0bef3b3021ffc7315f5
60f814ef8401f7399aadea507975556db718ea1a07a7e3db2805235b56f95487
GET /swidget/csg79dxr47.gif HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Sat, 26 Nov 2022 21:40:23 GMT
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/small/13/1372.png
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7705c83efa390a24-ARN
X-Firefox-Spdy: h2
wastedinvaluable.com/44/4a/94/444a9425ce406fbda680284e6b59107b.js
192.243.59.13200 OK 29 kB URL HTTP/1.1 wastedinvaluable.com/44/4a/94/444a9425ce406fbda680284e6b59107b.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash dbd6a86b04196d6bfd4274269f7d7a32
b4130484151a83c75455199fb7f826e68713b389
e79cf504fecc781c350e6856f742a23738e36252569ba0a8b9ce190ac512104e
GET /44/4a/94/444a9425ce406fbda680284e6b59107b.js HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 21:40:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 954ba190f127b87896bfecc42edc18bb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18610
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 1.7 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 771a47afeaa046a7541e62e5b6f19af6
7f3297dbf16329b3c3999311f449aeb0c4f43ba6
765367dee1e1366ff122e01444e4a5aab6fcadd786490328ac1640a71fb3d245
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18610
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18610
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18610
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:17:55 GMT
age: 84149
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 03:55:38 GMT
age: 63886
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 02:19:43 GMT
age: 69641
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
104.21.234.93200 OK 37 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.93:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 4c3139ff70428685e10b06c82d883ea4
09a45ae017c675b972fac181e2b3c3766539c063
d7082fa178b0b18afaac75a0243021beea8b3887c9aa010c1ac2267f88b4f2fc
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:24 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 07375be7e799aaea33e7de051e3a959d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 26 Nov 2022 21:40:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMRAVjbL60nv%2FOj9nQUTDPeHYjJl5p0Kya9eGeNBjogd7ePT7iyjXZQ1xyi83rPO0dJnj4ujufTqlZQkK5UtfKcjx17fOQVPH8tNum8lQc5NTsqM3CKSY7CeMSt8eUaSH9UQjzg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c8427f507433-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96437d0cb1ceaffa77124f0dcfeb38cf
3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50
89244601b0a4bc150033e52dc56cf0fbe2846ebba7532c477146258a70783e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7799
x-amzn-requestid: 4b3bf619-fb69-4cfe-b8e7-7de4ea127853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXADFOvoAMFXQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813866-77f561ae3496d84c75541300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:49:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lt_7H9W9LVUS5gKPrBF_vGiXg-anP_bGV5izsxPiGhiasy2eBnltuw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:39 GMT
age: 83205
etag: "3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:40 GMT
age: 85904
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wastedinvaluable.com/sbar.json?key=ebcfdbdf5995471793a61bc2c1e19e2d&uuid=9ea7b4d4-9e9f-4c09-af2a-1467d2ce6885%3A1%3A1
192.243.59.13200 OK 4.0 kB URL HTTP/1.1 wastedinvaluable.com/sbar.json?key=ebcfdbdf5995471793a61bc2c1e19e2d&uuid=9ea7b4d4-9e9f-4c09-af2a-1467d2ce6885%3A1%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5840), with no line terminators
Hash d2b668e3604dea9f1e6777a9e1d0993c
385f25505b12db100dd344407756d877370848b9
5b252c5e61ae97077f4923ce006d71b2b74a308d7253e66d47ebb48d8a62b403
GET /sbar.json?key=ebcfdbdf5995471793a61bc2c1e19e2d&uuid=9ea7b4d4-9e9f-4c09-af2a-1467d2ce6885%3A1%3A1 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 21:40:25 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.xvideosincesto.com
Access-Control-Allow-Origin: https://www.xvideosincesto.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16017163; expires=Sun, 27 Nov 2022 21:40:24 GMT; secure; SameSite=None
uid_id2=9ea7b4d4-9e9f-4c09-af2a-1467d2ce6885:1:1; expires=Sat, 03 Dec 2022 21:40:24 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 21:40:25 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 21:40:25 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 27 Nov 2022 21:40:25 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 27 Nov 2022 21:40:25 GMT; secure; SameSite=None
slecebcfdbdf5995471793a61bc2c1e19e2d=[3760946]; expires=Sat, 26 Nov 2022 21:40:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d2956bfeac1c682da5ee4a99bf8c09f7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
wastedinvaluable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2sdVRi9U%2BOmBdEiggvlLVxYMC8z82byMhYJ1rZS7C%2Fbatf317xcc2fucO%2FMm9esQgta0EWKGxcKk%2FPSBrUU616Ul7ooAaHPRcjC%2FAsKLQV38l4CwQ9mvu%2FecxbnnO9%2Bvl7tER8V3b18waworelc3PZbb19XuTC1a1281gr8tn%2BydV3l89HJ1mDys%2F13Az9u%2BydaH0q%2BbOZCP%2FD9wA9aZ5WVqRnMTVGo4n4StBO%2FHYXtII4wsP8%2Fu8qDox5Ef48chxLjF5ceP4TiI%2BTZT6elWy5N8c6ZrNK0NBZ9sflJvpybOkd2OKbWQ5pvHrBh3JiQb47A5JsHDmD6GxMHYGpMvJ0ALN88kAnWv7uvlGnIHEwcQ90fQeoRFB2Bm1tQ4gkBuMDFS8izexeNremNfZRO0DGZef4Uqh6Tmb9eRZ49OKXVoHXV6KpUJncYpA3UYATVG6GotlCueFD1Fnh5E0r8Qeaen0eebVxy2kCJ3bcSSbssEtFsIpN0NuJ%2BMkvTkM4G0XxXhFzOLyzE04iUGkGlI2i5Buo8VJNPeahSD1XhIRO7LRonqe93U5Z2OgsR57zT4TxemBex6EQLqY%2BKTzysoSzWwPUauF1FYVexrO48iY%2FDVr%2FBLTVwwoMrCfqiQS0JakdQU4JaEdQlQd1v7grtQtfcE9pVLDjo4UHvNENT9tbpXVP2ZE7Wiz3yyjS7Z71jWJa7Lcl4KphI4ySJo27QTTp0PmA85IEMEhkKONVAuSNTpytqTF77skIxWeiJRTC6Bae3wNXLoNUboPWwG%2FqgS8NowcdK%2FmDQV0Ia1za5VrmEMA2KcgblDW9d75HXp0oSHkLy7cV%2Fd46%2BVwx3wG2Dwjb4TD0i6OnbwyumJhtXTO3Iw0tFqTK1QicbvlrSUs788JG8URsrzp12a9%2B%2FzyfAZLx%2FTbryPM2FynuO%2FHhKCSHtWWO5JL%2Bcc9clu1y5pVOVzavi%2FOUPzp7LCiudUyYfgaon3a%2FB1ZgcvbA6fbtvfvUIyo5gqwZZtU0OCspsgRercMX24rPNv7%2F7efYlOENg9SGHFR7qqhnakB1eajUm4dPfoeX24rePR59%2BfCYDZQ2cPIyBye1f%2F9nnr7vb6FkPtLyFPGvQtw36ugHVa3DVC8OysNuLf3amBaa9IdPW22Da6jv78Tq125Jx6qfSDyVLE5Z2qS%2BSNEoYTQLZZTENULoxv%2FnF4%2F8AAAD%2F%2FwEAAP%2F%2FBb6FJpcEAAA%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 wastedinvaluable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2sdVRi9U%2BOmBdEiggvlLVxYMC8z82byMhYJ1rZS7C%2Fbatf317xcc2fucO%2FMm9esQgta0EWKGxcKk%2FPSBrUU616Ul7ooAaHPRcjC%2FAsKLQV38l4CwQ9mvu%2FecxbnnO9%2Bvl7tER8V3b18waworelc3PZbb19XuTC1a1281gr8tn%2BydV3l89HJ1mDys%2F13Az9u%2BydaH0q%2BbOZCP%2FD9wA9aZ5WVqRnMTVGo4n4StBO%2FHYXtII4wsP8%2Fu8qDox5Ef48chxLjF5ceP4TiI%2BTZT6elWy5N8c6ZrNK0NBZ9sflJvpybOkd2OKbWQ5pvHrBh3JiQb47A5JsHDmD6GxMHYGpMvJ0ALN88kAnWv7uvlGnIHEwcQ90fQeoRFB2Bm1tQ4gkBuMDFS8izexeNremNfZRO0DGZef4Uqh6Tmb9eRZ49OKXVoHXV6KpUJncYpA3UYATVG6GotlCueFD1Fnh5E0r8Qeaen0eebVxy2kCJ3bcSSbssEtFsIpN0NuJ%2BMkvTkM4G0XxXhFzOLyzE04iUGkGlI2i5Buo8VJNPeahSD1XhIRO7LRonqe93U5Z2OgsR57zT4TxemBex6EQLqY%2BKTzysoSzWwPUauF1FYVexrO48iY%2FDVr%2FBLTVwwoMrCfqiQS0JakdQU4JaEdQlQd1v7grtQtfcE9pVLDjo4UHvNENT9tbpXVP2ZE7Wiz3yyjS7Z71jWJa7Lcl4KphI4ySJo27QTTp0PmA85IEMEhkKONVAuSNTpytqTF77skIxWeiJRTC6Bae3wNXLoNUboPWwG%2FqgS8NowcdK%2FmDQV0Ia1za5VrmEMA2KcgblDW9d75HXp0oSHkLy7cV%2Fd46%2BVwx3wG2Dwjb4TD0i6OnbwyumJhtXTO3Iw0tFqTK1QicbvlrSUs788JG8URsrzp12a9%2B%2FzyfAZLx%2FTbryPM2FynuO%2FHhKCSHtWWO5JL%2Bcc9clu1y5pVOVzavi%2FOUPzp7LCiudUyYfgaon3a%2FB1ZgcvbA6fbtvfvUIyo5gqwZZtU0OCspsgRercMX24rPNv7%2F7efYlOENg9SGHFR7qqhnakB1eajUm4dPfoeX24rePR59%2BfCYDZQ2cPIyBye1f%2F9nnr7vb6FkPtLyFPGvQtw36ugHVa3DVC8OysNuLf3amBaa9IdPW22Da6jv78Tq125Jx6qfSDyVLE5Z2qS%2BSNEoYTQLZZTENULoxv%2FnF4%2F8AAAD%2F%2FwEAAP%2F%2FBb6FJpcEAAA%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2sdVRi9U%2BOmBdEiggvlLVxYMC8z82byMhYJ1rZS7C%2Fbatf317xcc2fucO%2FMm9esQgta0EWKGxcKk%2FPSBrUU616Ul7ooAaHPRcjC%2FAsKLQV38l4CwQ9mvu%2FecxbnnO9%2Bvl7tER8V3b18waworelc3PZbb19XuTC1a1281gr8tn%2BydV3l89HJ1mDys%2F13Az9u%2BydaH0q%2BbOZCP%2FD9wA9aZ5WVqRnMTVGo4n4StBO%2FHYXtII4wsP8%2Fu8qDox5Ef48chxLjF5ceP4TiI%2BTZT6elWy5N8c6ZrNK0NBZ9sflJvpybOkd2OKbWQ5pvHrBh3JiQb47A5JsHDmD6GxMHYGpMvJ0ALN88kAnWv7uvlGnIHEwcQ90fQeoRFB2Bm1tQ4gkBuMDFS8izexeNremNfZRO0DGZef4Uqh6Tmb9eRZ49OKXVoHXV6KpUJncYpA3UYATVG6GotlCueFD1Fnh5E0r8Qeaen0eebVxy2kCJ3bcSSbssEtFsIpN0NuJ%2BMkvTkM4G0XxXhFzOLyzE04iUGkGlI2i5Buo8VJNPeahSD1XhIRO7LRonqe93U5Z2OgsR57zT4TxemBex6EQLqY%2BKTzysoSzWwPUauF1FYVexrO48iY%2FDVr%2FBLTVwwoMrCfqiQS0JakdQU4JaEdQlQd1v7grtQtfcE9pVLDjo4UHvNENT9tbpXVP2ZE7Wiz3yyjS7Z71jWJa7Lcl4KphI4ySJo27QTTp0PmA85IEMEhkKONVAuSNTpytqTF77skIxWeiJRTC6Bae3wNXLoNUboPWwG%2FqgS8NowcdK%2FmDQV0Ia1za5VrmEMA2KcgblDW9d75HXp0oSHkLy7cV%2Fd46%2BVwx3wG2Dwjb4TD0i6OnbwyumJhtXTO3Iw0tFqTK1QicbvlrSUs788JG8URsrzp12a9%2B%2FzyfAZLx%2FTbryPM2FynuO%2FHhKCSHtWWO5JL%2Bcc9clu1y5pVOVzavi%2FOUPzp7LCiudUyYfgaon3a%2FB1ZgcvbA6fbtvfvUIyo5gqwZZtU0OCspsgRercMX24rPNv7%2F7efYlOENg9SGHFR7qqhnakB1eajUm4dPfoeX24rePR59%2BfCYDZQ2cPIyBye1f%2F9nnr7vb6FkPtLyFPGvQtw36ugHVa3DVC8OysNuLf3amBaa9IdPW22Da6jv78Tq125Jx6qfSDyVLE5Z2qS%2BSNEoYTQLZZTENULoxv%2FnF4%2F8AAAD%2F%2FwEAAP%2F%2FBb6FJpcEAAA%3D HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Cookie: u_pl=16017163; uid_id2=9ea7b4d4-9e9f-4c09-af2a-1467d2ce6885:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecebcfdbdf5995471793a61bc2c1e19e2d=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 21:40:25 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28f48968afde8df95e0ff456be653729
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 41681abf2383b66862ccf79d20cafe70
e22a0c879539158a378ffdbdd1cab935e05008a6
0c3ddfeeb9ac40e786ca138a0b3b7041b174e3ad45eca531a344d41c2185b3b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C3DDFEEB9AC40E786CA138A0B3B7041B174E3AD45ECA531A344D41C2185B3B3"
Last-Modified: Fri, 25 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9348
Expires: Sun, 27 Nov 2022 00:16:13 GMT
Date: Sat, 26 Nov 2022 21:40:25 GMT
Connection: keep-alive
tractorfoolproofstandard.com/pixel/purst?dl=0&th=0&sc=0&rs=2944&rd=2944&fd=869&bv=22.10.v.10&tmpl=136
173.233.137.52200 OK 0 B URL HTTP/1.1 tractorfoolproofstandard.com/pixel/purst?dl=0&th=0&sc=0&rs=2944&rd=2944&fd=869&bv=22.10.v.10&tmpl=136
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2944&rd=2944&fd=869&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: tractorfoolproofstandard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 21:40:25 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f3a3efe248a599bcccf04881f3d686cb
10e5741399303e7c20f334d8dd72b4b8c968c0d4
cef064183db51cefadcca610b91c5ea86154ae2024029d60e59a152a7a3b1723
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF064183DB51CEFADCCA610B91C5EA86154AE2024029D60E59A152A7A3B1723"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1657
Expires: Sat, 26 Nov 2022 22:08:02 GMT
Date: Sat, 26 Nov 2022 21:40:25 GMT
Connection: keep-alive
pixel.onaudience.com/?partner=232&mapped=01ac3da3-1ea0-4362-860a-5db98ea2f96d
141.94.170.77302 Found 0 B URL HTTP/1.1 pixel.onaudience.com/?partner=232&mapped=01ac3da3-1ea0-4362-860a-5db98ea2f96d
IP 141.94.170.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?partner=232&mapped=01ac3da3-1ea0-4362-860a-5db98ea2f96d HTTP/1.1
Host: pixel.onaudience.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
set-cookie: cookie=96e61ac564929c0e; Max-Age=31536000; Expires=Sun, 26 Nov 2023 21:40:25 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
done_redirects104=1; Max-Age=86400; Expires=Sun, 27 Nov 2022 21:40:25 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=96e61ac564929c0e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length: 0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ba38de08e280647cbb86344a1333d111
5554f52a584ccfde961c4f14c2cf1c3beb74af51
cc3953bcff0f9aaeb59b71e15c8b72bcac9d94ff203eeccbf159b40cf38521e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC3953BCFF0F9AAEB59B71E15C8B72BCAC9D94FF203EECCBF159B40CF38521E9"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4164
Expires: Sat, 26 Nov 2022 22:49:49 GMT
Date: Sat, 26 Nov 2022 21:40:25 GMT
Connection: keep-alive
cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
45.133.44.4200 OK 1.3 kB URL HTTP/2 cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash 2d60500de28fa381db094a81aef289d0
4bcf57e94d5f31690b22c72171f69f0bd91af541
ec843a00dd0ff588e2ccd9ec6f829bd3c74ed58a2c65c669082e41a55ab986f8
Analyzer Verdict Alert fortinet Phishing
GET /sb/interstitial/software/flashPlayer/mac/multi/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:25 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 01 Sep 2021 12:22:33 GMT
etag: W/"612f7089-cfb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 26 Nov 2022 22:40:25 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
172.64.108.13200 OK 9.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
IP 172.64.108.13:0
File type PNG image data, 240 x 240, 8-bit colormap, non-interlaced\012- data
Hash 910542c04f8bf2f90ee33d17d538a006
18d5943e5d51539038f7988c34bccef2937c5545
5969cb3c5c4f573f5c05035ddf9748ee17d5c71df6fca4e484f65d30e2694e57
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:25 GMT
content-type: image/png
content-length: 9360
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: "612f708f-2490"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 978375
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4PiQaDIYVvFsu6JLo15FnO8ZKtfMcJLyJNngG31pAs59CjlTZSNTsBqiEnZUnr%2FyhapBCWWGvCEtnXx3oQYlY5bUuC1iBYBEZ5rLOPw7EqpxB9ThHHH48b3KFLnVgS8bfSeAuvoYIJU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c84c699b7723-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
173.233.137.60200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 21:40:25 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: adbe7063f272dcc90c5fc879fc64d796
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.77.32200 OK 1.0 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash 65ae9cd5d393ad9c8a8449233a929663
61281755528beef30a89c287c8f27397755546f4
667d9b93ef014587235187e283ce9bb118f8342da705b35c597a660aaf1f8fc2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10950
Expires: Sun, 27 Nov 2022 00:42:55 GMT
Date: Sat, 26 Nov 2022 21:40:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash af7b8db21256a1e9513f134f4a83aa7f
a81fc3bc0519040bfcbd9e2875b6aaa44259bc4d
84eb422804f5bb5cb226d1e778f4e98e3bbc5b99e0a7f8ab91aeeb1a5502f117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84EB422804F5BB5CB226D1E778F4E98E3BBC5B99E0A7F8AB91AEEB1A5502F117"
Last-Modified: Fri, 25 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6140
Expires: Sat, 26 Nov 2022 23:22:46 GMT
Date: Sat, 26 Nov 2022 21:40:26 GMT
Connection: keep-alive
parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=389
192.243.59.20200 OK 0 B URL HTTP/1.1 parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=389
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=389 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 21:40:26 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
172.64.108.13200 OK 1.3 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
IP 172.64.108.13:0
Hash b0b362d133eb4904706bb0622229b74f
22d89f78efb4c1cf967ac7e28821f4f39df8baf7
79b0f34463059aaa97b3b2f0f3319f64e893a595ce9e300d86fb031cc7fa28c0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:25 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-11aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lf%2FbOHHINLbL%2FIRIwxv2yn0A%2Br7byCyi7vIrWqIxDszrthXj0a8ucPY3%2Fo16Mq4V7y8dY6rMXhZqCq3qfgResvw55Qm7ogO9rUq%2F0LU2MvvyiIzffcFilmaYdoJ09VkK1%2BQ07nZHMldm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c84c39547723-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
172.64.108.13200 OK 4.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
IP 172.64.108.13:0
Hash c91016401e0a0b7b3d7572de48c76597
12fb634abb5e708b4f55d1489055b4f626d3cdd1
2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:25 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddIKIo%2BTuS1cuNwOn29dbqyFof1xaE5RhTtSH6CqnN%2F7do6Lx%2BvMDu7nxFwUcjNnqutNqMBYql80XUzmuqPvOfTL8WQj%2F8bEb02YhZSek2gKAztPQIOcbuf44pYY5o%2FwQWbDhoT3hNTn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c84c394a7723-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=377
192.243.59.20200 OK 0 B URL HTTP/1.1 parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=377
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=377 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 21:40:26 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.googleapis.com/css?family=Roboto:400,400i,500,700&display=swap
142.250.74.10200 OK 2.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,400i,500,700&display=swap
IP 142.250.74.10:0
Hash 4b0c04eb57269acf23834775773f33b4
d9aeec7683cd77904bcf2211fc5f7eebb723156c
ab361b0fe710f87f8a5d7f65379bddba0869663f7224cf2d3203a0104d55f430
GET /css?family=Roboto:400,400i,500,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 21:40:24 GMT
date: Sat, 26 Nov 2022 21:40:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 80e743aa65c73193da1b5a2df3f62f4a
7469c4a1f0b4cebdb7b66733bbec59bcf492d955
3f87ec235ca46a2d9aa0e4d2f7c9c1937fe5bc4bdb3dae232239ce295db33116
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 21:40:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 26 Nov 2022 20:26:17 GMT
Expires: Sun, 27 Nov 2022 20:26:17 GMT
ETag: "7469c4a1f0b4cebdb7b66733bbec59bcf492d955"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
wastedinvaluable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitjuslAdEgggdlDh4MuLPdPT070wZZjEkkmF8m0Zyrq6pny63uaqq6p2f3tCSgAT1M8OJBoffNbhY1BONdlNl4WAaEHQ%2FLHtx%2FQSEh4E1mdmDxg%2B7vq3rv8N776vON4pC4KOjB9St6TSpFF5p1t%2Fb2bZlyXdra1Vs1z627Z2u3ZboYnK31Jj%2FTfddzm3X3TO1DwVb0gu96ruu5Xu2iNCLWvYUpCpk9DL166NYDv%2B41A%2FTM%2F8%2B2cGCpA949JKch%2BfjF5d3HkGyINPnpvLAruc7euZAUiubaoMu3P0lXUl2mSI7H2DiI0%2B0ZG9qOCfnmBHS6PXMA3d2cOEAkx8TZ9xCl2zOZiLpbR0ojBZEi4qdQdocQaghJh2D6LiTfIwDjuHoNafLgqjYlXT1C6QQdk7nnTyHLMZn761WkyaNzSvZqN7UqcqlTi15cQfaGkJ0hsmIH%2BZoDWe6A5Xcg%2BR9k4fllpMnmNas0JD94KxS0FQU8mA9FGM8HzA3naezTeS9YbHGficV2uzmNSMohZDyEEn1Q66CYfNJBETsoMgcJP6jRZhi7biuO4kajHTDGGg3Gmu1F3uSNoB27KNjEQx951gdTfTCzjsysY0Xe32uehil%2Bg12uYLkDmxN0eYVSEJSWoKQEpSQoc4KyW21xZX1bPeDKFpE36%2F6sN6qBzjsbdEvnHZGSjeyQvDLN7lnnFFbEQU1ELOYRj5th2AxaXits0EUvYj7zhBcKn8PKCtKemDpdk2Py2pcFsslCzywhojuwagdMvgxavAFaDlq%2BC7o8CNou1tJHva7kQtu6TpVMBbiukOVzyFedDXVIXp8qCZkPwUZL%2F%2B6ffC8b7IOZCpmp8Jl8QtBR9wY3dEk2b%2BjSksfXslwmco1ONnwzp7mY%2B%2BEjsVpqwy%2Bdt%2F3v32cTYDI%2BvCVsfpmmXKYdS348JzkX5qI2TJBfLtnbIrpe2OVzhUmL7PL1Dy5eSjIjrJU6HYLKvdbXYHJMTl5Zn77dN796AmmGMEWFpBiRWUHqHbBsHTYbLT3b%2Fvu7n%2BdfgtUERh1zosxBWVQD40fHl0qOif%2F0dygxWvp2d%2FjpxxcS0KiCFccxRGL06z9H%2FA17Dx3jgOZ3kSYVuqZCV1Wgqg9bvDDIMzNa%2BrMxLUTKGUTKOJuRMur%2BUbxWHtSaXiDaUbvFOI8E417Lb7QbrutzHrRC4YXI7Zjd%2BWL3PwAAAP%2F%2FAQAA%2F%2F8RtgvAlwQAAA%3D%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 wastedinvaluable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitjuslAdEgggdlDh4MuLPdPT070wZZjEkkmF8m0Zyrq6pny63uaqq6p2f3tCSgAT1M8OJBoffNbhY1BONdlNl4WAaEHQ%2FLHtx%2FQSEh4E1mdmDxg%2B7vq3rv8N776vON4pC4KOjB9St6TSpFF5p1t%2Fb2bZlyXdra1Vs1z627Z2u3ZboYnK31Jj%2FTfddzm3X3TO1DwVb0gu96ruu5Xu2iNCLWvYUpCpk9DL166NYDv%2B41A%2FTM%2F8%2B2cGCpA949JKch%2BfjF5d3HkGyINPnpvLAruc7euZAUiubaoMu3P0lXUl2mSI7H2DiI0%2B0ZG9qOCfnmBHS6PXMA3d2cOEAkx8TZ9xCl2zOZiLpbR0ojBZEi4qdQdocQaghJh2D6LiTfIwDjuHoNafLgqjYlXT1C6QQdk7nnTyHLMZn761WkyaNzSvZqN7UqcqlTi15cQfaGkJ0hsmIH%2BZoDWe6A5Xcg%2BR9k4fllpMnmNas0JD94KxS0FQU8mA9FGM8HzA3naezTeS9YbHGficV2uzmNSMohZDyEEn1Q66CYfNJBETsoMgcJP6jRZhi7biuO4kajHTDGGg3Gmu1F3uSNoB27KNjEQx951gdTfTCzjsysY0Xe32uehil%2Bg12uYLkDmxN0eYVSEJSWoKQEpSQoc4KyW21xZX1bPeDKFpE36%2F6sN6qBzjsbdEvnHZGSjeyQvDLN7lnnFFbEQU1ELOYRj5th2AxaXits0EUvYj7zhBcKn8PKCtKemDpdk2Py2pcFsslCzywhojuwagdMvgxavAFaDlq%2BC7o8CNou1tJHva7kQtu6TpVMBbiukOVzyFedDXVIXp8qCZkPwUZL%2F%2B6ffC8b7IOZCpmp8Jl8QtBR9wY3dEk2b%2BjSksfXslwmco1ONnwzp7mY%2B%2BEjsVpqwy%2Bdt%2F3v32cTYDI%2BvCVsfpmmXKYdS348JzkX5qI2TJBfLtnbIrpe2OVzhUmL7PL1Dy5eSjIjrJU6HYLKvdbXYHJMTl5Zn77dN796AmmGMEWFpBiRWUHqHbBsHTYbLT3b%2Fvu7n%2BdfgtUERh1zosxBWVQD40fHl0qOif%2F0dygxWvp2d%2FjpxxcS0KiCFccxRGL06z9H%2FA17Dx3jgOZ3kSYVuqZCV1Wgqg9bvDDIMzNa%2BrMxLUTKGUTKOJuRMur%2BUbxWHtSaXiDaUbvFOI8E417Lb7QbrutzHrRC4YXI7Zjd%2BWL3PwAAAP%2F%2FAQAA%2F%2F8RtgvAlwQAAA%3D%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitjuslAdEgggdlDh4MuLPdPT070wZZjEkkmF8m0Zyrq6pny63uaqq6p2f3tCSgAT1M8OJBoffNbhY1BONdlNl4WAaEHQ%2FLHtx%2FQSEh4E1mdmDxg%2B7vq3rv8N776vON4pC4KOjB9St6TSpFF5p1t%2Fb2bZlyXdra1Vs1z627Z2u3ZboYnK31Jj%2FTfddzm3X3TO1DwVb0gu96ruu5Xu2iNCLWvYUpCpk9DL166NYDv%2B41A%2FTM%2F8%2B2cGCpA949JKch%2BfjF5d3HkGyINPnpvLAruc7euZAUiubaoMu3P0lXUl2mSI7H2DiI0%2B0ZG9qOCfnmBHS6PXMA3d2cOEAkx8TZ9xCl2zOZiLpbR0ojBZEi4qdQdocQaghJh2D6LiTfIwDjuHoNafLgqjYlXT1C6QQdk7nnTyHLMZn761WkyaNzSvZqN7UqcqlTi15cQfaGkJ0hsmIH%2BZoDWe6A5Xcg%2BR9k4fllpMnmNas0JD94KxS0FQU8mA9FGM8HzA3naezTeS9YbHGficV2uzmNSMohZDyEEn1Q66CYfNJBETsoMgcJP6jRZhi7biuO4kajHTDGGg3Gmu1F3uSNoB27KNjEQx951gdTfTCzjsysY0Xe32uehil%2Bg12uYLkDmxN0eYVSEJSWoKQEpSQoc4KyW21xZX1bPeDKFpE36%2F6sN6qBzjsbdEvnHZGSjeyQvDLN7lnnFFbEQU1ELOYRj5th2AxaXits0EUvYj7zhBcKn8PKCtKemDpdk2Py2pcFsslCzywhojuwagdMvgxavAFaDlq%2BC7o8CNou1tJHva7kQtu6TpVMBbiukOVzyFedDXVIXp8qCZkPwUZL%2F%2B6ffC8b7IOZCpmp8Jl8QtBR9wY3dEk2b%2BjSksfXslwmco1ONnwzp7mY%2B%2BEjsVpqwy%2Bdt%2F3v32cTYDI%2BvCVsfpmmXKYdS348JzkX5qI2TJBfLtnbIrpe2OVzhUmL7PL1Dy5eSjIjrJU6HYLKvdbXYHJMTl5Zn77dN796AmmGMEWFpBiRWUHqHbBsHTYbLT3b%2Fvu7n%2BdfgtUERh1zosxBWVQD40fHl0qOif%2F0dygxWvp2d%2FjpxxcS0KiCFccxRGL06z9H%2FA17Dx3jgOZ3kSYVuqZCV1Wgqg9bvDDIMzNa%2BrMxLUTKGUTKOJuRMur%2BUbxWHtSaXiDaUbvFOI8E417Lb7QbrutzHrRC4YXI7Zjd%2BWL3PwAAAP%2F%2FAQAA%2F%2F8RtgvAlwQAAA%3D%3D HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Cookie: u_pl=16017163; uid_id2=9ea7b4d4-9e9f-4c09-af2a-1467d2ce6885:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecebcfdbdf5995471793a61bc2c1e19e2d=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 21:40:26 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c50864822b1d3cfa932ca8d427c88d4c
Strict-Transport-Security: max-age=0; includeSubdomains
wastedinvaluable.com/pixel/sbs?c=1
192.243.59.13200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/sbs?c=1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbs?c=1 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Cookie: u_pl=16017163; uid_id2=9ea7b4d4-9e9f-4c09-af2a-1467d2ce6885:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecebcfdbdf5995471793a61bc2c1e19e2d=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 21:40:26 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=96e61ac564929c0e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
3.248.128.187404 Not Found 49 B URL HTTP/2 sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=96e61ac564929c0e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
IP 3.248.128.187:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
GET /map/c=8587/tp=CLOD/tpid=96e61ac564929c0e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP/1.1
Host: sync.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xvideosincesto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 26 Nov 2022 21:40:26 GMT
content-type: image/gif
content-length: 49
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.15.130
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
grupoxxx.com/sistema/uploads/anitta.png
104.21.59.133200 OK 0 B URL HTTP/2 grupoxxx.com/sistema/uploads/anitta.png
IP 104.21.59.133:0
GET /sistema/uploads/anitta.png HTTP/1.1
Host: grupoxxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:22 GMT
content-type: image/png
last-modified: Tue, 13 Sep 2022 14:07:39 GMT
vary: Accept-Encoding
etag: W/"63208eab-239d6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache: HIT from Backend
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 795622
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xI1hFmg6wRHTyjY0JD7MwEpTc40cmY3bVchZzXtIpGLdmLKFTYo%2FCMFqPi59c3o7RRSY8SM12hcrMndbu2Mqhd2lUK5Zi6htLMSKj3meIjOAC39aDuz0yA61zzg7OpM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705c83abcad1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.xvideosincesto.com/embed/Luisa-Sonza-Onlyfans.mp4?st=0g67Qw1REeXmiK9jtxkS1Q&e=1669578471
173.208.228.218206 Partial Content 0 B URL HTTP/2 cdn.xvideosincesto.com/embed/Luisa-Sonza-Onlyfans.mp4?st=0g67Qw1REeXmiK9jtxkS1Q&e=1669578471
IP 173.208.228.218:0
GET /embed/Luisa-Sonza-Onlyfans.mp4?st=0g67Qw1REeXmiK9jtxkS1Q&e=1669578471 HTTP/1.1
Host: cdn.xvideosincesto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 206 Partial Content
server: nginx/1.22.0
date: Sat, 26 Nov 2022 21:40:23 GMT
content-type: video/mp4
content-length: 10045163
last-modified: Sun, 08 May 2022 01:55:13 GMT
etag: "62772301-9946eb"
content-range: bytes 0-10045162/10045163
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
IP 172.64.108.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:25 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:37 GMT
etag: W/"612f708d-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 978375
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRI4pmtOWbw6hCjSPL9DpmOrEeYPsWM2h3vxGEhtC1TzZs8cz2jbbmLggPn5Wkqb4U1EAzRnm0Rc4p21TIr8ij5QhxNzOmS5M%2FslqmN91TV11Y1i0A%2B2%2BlGUliKqbs03K9PULxqfKLv0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c84c69a07723-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.xvideosincesto.com/luisa-sonza-onlyfans/
104.21.2.8200 OK 0 B URL HTTP/2 www.xvideosincesto.com/luisa-sonza-onlyfans/
IP 104.21.2.8:0
GET /luisa-sonza-onlyfans/ HTTP/1.1
Host: www.xvideosincesto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-edge-cache: cache,platform=wordpress
x-pingback: https://www.xvideosincesto.com/xmlrpc.php
link: <https://www.xvideosincesto.com/wp-json/>; rel="https://api.w.org/", <https://www.xvideosincesto.com/wp-json/wp/v2/posts/120593>; rel="alternate"; type="application/json", <https://www.xvideosincesto.com/?p=120593>; rel=shortlink
x-varnish: 93009749
via: 1.1 varnish (Varnish/5.2)
x-cache: HIT from Backend
strict-transport-security: max-age=31518000
x-content-type-options: nosniff
last-modified: Sat, 26 Nov 2022 19:47:50 GMT
cache-control: max-age=1800
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xV5Lsn2ZAkY902VBE%2FA1mtWVM9GnTduraXzfYcSuhyuiUq5BqwOqneZocpmqd5OMLIzorGyKa4DZPYae6uO3ZuOFmAobwevFNEIk%2FTzt1BDtlpsFQ8IH13ln29lf9Laj%2Bj2stRfwRBN0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705c837db9cb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
grupoxxx.com/sistema/uploads/vazadas-privacy.png
104.21.59.133200 OK 0 B URL HTTP/2 grupoxxx.com/sistema/uploads/vazadas-privacy.png
IP 104.21.59.133:0
GET /sistema/uploads/vazadas-privacy.png HTTP/1.1
Host: grupoxxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:22 GMT
content-type: image/png
last-modified: Tue, 13 Sep 2022 14:21:38 GMT
vary: Accept-Encoding
etag: W/"632091f2-17f9b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache: HIT from Backend
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 793309
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQ3bYxZ82UVk0Hr%2FfFW9gtlS03SMs2hTfwna%2FKzzDMeTLdoQaVuNfdM8NHEXqXsNyTcu86EZ8aMYulf1tsGXZktdHtUjsNJrMBthHHYCrZdX%2BT%2BK1%2FXKnstbfvITDB0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705c83aac9f1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
IP 172.64.108.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:25 GMT
content-type: image/svg+xml
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: W/"612f708f-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 978375
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NYOUpyzWjTR7HC6X58ZXVlhti7pJQeJdbX9YP6bZAnf6TLwfcw9BoNKxsQsN4Ut3hdlnsu7tKyjSnorpPLeABhGKNzyu%2B8iD%2BHPn%2FjvIXdxQ0cVJ5jErNd4Ulb%2BrJsyvHKoax%2B4nnoh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c84c69967723-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js
IP 172.64.108.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:40:26 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:36 GMT
etag: W/"612f708c-7082"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qLaDOcq4RmRbNRt0gumQ6nvbYMWWqk4iQ5kxKTrWXqbqhL0et9cvAUZtycIq4rQagbLx6pg31kHvjJ3fHh9biUpJtG7z2qJhW%2Fbsf%2F9Lwh%2BODYOpdNjxRcdvp3WO00aejvZteCM2AAV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c84ceaab7723-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2