Overview

URLwww.xvideosincesto.com/luisa-sonza-onlyfans/
IP 172.67.186.200 (United States)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-26 21:40:33 UTC
StatusLoading report..
IDS alerts0
Blocklist alert5
urlquery alerts No alerts detected
Tags None

Domain Summary (33)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
affiliate.oliverclick.com (8) 0 2021-11-26 19:10:36 UTC 2022-11-01 18:49:55 UTC 209.145.58.154 Unknown ranking
grupoxxx.com (3) 974785 2018-09-10 08:35:23 UTC 2022-11-03 00:32:48 UTC 104.21.59.133
ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-11-26 11:14:44 UTC 142.250.74.74
ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
banquetunarmedgrater.com (1) 0 2022-08-04 15:12:50 UTC 2022-11-26 10:20:55 UTC 173.233.137.60 Unknown ranking
ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
simplewebanalysis.com (2) 0 2022-02-25 04:06:25 UTC 2022-11-26 05:32:16 UTC 52.28.211.11 Unknown ranking
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.22
www.xvideosincesto.com (2) 0 2017-02-14 06:16:50 UTC 2022-11-25 14:45:30 UTC 104.21.2.8 Unknown ranking
r3.o.lencr.org (18) 344 No data No data 23.36.76.226
fonts.gstatic.com (4) 0 2014-09-09 00:40:21 UTC 2022-11-26 10:10:14 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
whos.amung.us (1) 12687 2017-01-30 05:21:57 UTC 2022-11-26 07:35:12 UTC 104.22.74.171
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
e1.o.lencr.org (5) 6159 No data No data 23.36.77.32
code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2020-04-21 12:46:20 UTC 69.16.175.10
widgets.amung.us (1) 12623 2012-05-21 19:25:54 UTC 2022-11-26 09:23:31 UTC 104.22.74.171
wastedinvaluable.com (5) 0 2022-11-16 05:53:14 UTC 2022-11-26 06:47:41 UTC 192.243.59.13 Unknown ranking
tractorfoolproofstandard.com (1) 0 2022-11-11 10:41:58 UTC 2022-11-26 11:28:28 UTC 173.233.137.52 Unknown ranking
cdn.xvideosincesto.com (1) 0 2019-02-04 22:42:11 UTC 2022-10-28 21:46:49 UTC 173.208.228.218 Unknown ranking
img-getpocket.cdn.mozilla.net (5) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
parkingridiculous.com (2) 0 2022-11-22 03:17:37 UTC 2022-11-26 09:35:00 UTC 192.243.59.20 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-26 05:33:20 UTC 34.102.187.140
ocsp.pki.goog (7) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
cdn.barscreative1.com (1) 25648 2021-09-16 11:14:42 UTC 2022-07-13 08:11:12 UTC 45.133.44.4
parlorscenes.com (2) 0 2020-11-10 01:53:47 UTC 2022-11-02 08:45:54 UTC 173.233.137.36 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.167.231.108
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-26 07:22:52 UTC 142.250.74.10
sync.crwdcntrl.net (1) 726 2020-04-12 19:24:02 UTC 2022-11-26 08:03:10 UTC 3.248.128.187
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-26 05:33:16 UTC 34.117.237.239
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
friendshipmale.com (1) 0 2022-10-21 12:15:25 UTC 2022-11-26 09:52:55 UTC 104.21.234.93 Unknown ranking
pixel.onaudience.com (1) 1885 2016-08-19 13:24:30 UTC 2022-11-26 06:33:37 UTC 141.94.170.77
cdn.creative-bars1.com (6) 0 2022-11-15 16:46:22 UTC 2022-11-26 05:56:31 UTC 172.64.108.13 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-26 2 cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/inde (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-26 2 tractorfoolproofstandard.com Sinkholed
2022-11-26 2 banquetunarmedgrater.com Sinkholed
2022-11-26 2 parkingridiculous.com Sinkholed
2022-11-26 2 parkingridiculous.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 172.67.186.200
Date UQ / IDS / BL URL IP
2023-01-15 19:22:11 +0000 0 - 1 - 3 et.celeb-true.com/rudyard-kipling-famous-engl (...) 172.67.186.200
2022-12-16 00:02:04 +0000 0 - 0 - 6 aegis-gmc.in/au/index.php 172.67.186.200
2022-11-26 21:40:33 +0000 0 - 0 - 5 www.xvideosincesto.com/luisa-sonza-onlyfans/ 172.67.186.200


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-09 11:35:15 +0000 0 - 3 - 4 jazzpaltsweatcyconsgilc.tk/756ca 172.67.202.202
2023-02-09 11:34:01 +0000 0 - 2 - 0 buy.baltic-pipe.space/rejestracja_f?cep=1&lpt (...) 172.67.152.121
2023-02-09 11:33:54 +0000 0 - 0 - 1 d.cimvoltd.com/index.php/campaigns/jy994mrpwf (...) 172.67.161.243
2023-02-09 11:30:35 +0000 0 - 0 - 0 tglin.couragechildheae.xyz 104.21.13.36
2023-02-09 11:30:00 +0000 0 - 3 - 0 bitsoft360.buzz/ 188.114.96.1


Last 4 reports on domain: xvideosincesto.com
Date UQ / IDS / BL URL IP
2022-12-23 00:58:15 +0000 0 - 0 - 5 www.xvideosincesto.com/thomaz-costa-pelado-tr (...) 188.114.97.1
2022-11-26 21:40:33 +0000 0 - 0 - 5 www.xvideosincesto.com/luisa-sonza-onlyfans/ 172.67.186.200
2022-11-01 18:50:07 +0000 0 - 0 - 3 www.xvideosincesto.com/videos/karolyne-chaves/ 104.26.15.141
2022-10-28 21:46:59 +0000 0 - 0 - 4 www.xvideosincesto.com/geisy-arruda-pelada-me (...) 104.26.15.141


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-05 10:39:47 +0000 0 - 0 - 6 clk.asia/bbzvd 188.114.96.1
2022-12-01 01:55:49 +0000 0 - 0 - 10 vintage-victorian-style-themed.blogspot.com/2 (...) 142.250.74.161
2022-11-27 10:58:10 +0000 0 - 0 - 4 www.seputarbansos.my.id/2022/01/surat-edaran- (...) 142.250.74.179
2022-11-23 13:34:51 +0000 0 - 0 - 6 tudith.blogspot.com/ 142.250.74.161
2022-11-22 15:12:36 +0000 0 - 0 - 24 162.19.3.91/hemat 162.19.3.91

JavaScript

Executed Scripts (20)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (98)


Request Response
                                        
                                            GET /luisa-sonza-onlyfans/ HTTP/1.1 
Host: www.xvideosincesto.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         104.21.2.8
HTTP/1.1 301 Moved Permanently
                                        
Date: Sat, 26 Nov 2022 21:40:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 22:40:21 GMT
Location: https://www.xvideosincesto.com/luisa-sonza-onlyfans/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2Bvu6suCmr2TbwxFpUtnhbP5z%2FoYoyRtWH81bAnp1jQtz%2F4%2FHtZTN4deITlF5vpr1drv1PNIgwChI3UYh59cc3pwFi76s0vh4cbcoFoWpWhOoo%2BnKmbVNgiBRyGxXHAc%2B5FhWmtaTDCl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7705c8353b4db529-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9095
Expires: Sun, 27 Nov 2022 00:11:57 GMT
Date: Sat, 26 Nov 2022 21:40:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4206
Cache-Control: max-age=136851
Date: Sat, 26 Nov 2022 21:40:22 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:41:13 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2253
Expires: Sat, 26 Nov 2022 22:17:55 GMT
Date: Sat, 26 Nov 2022 21:40:22 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 21:19:16 GMT
cache-control: public,max-age=3600
age: 1266
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: AuumfxMLvZuLBPINTMieYbneyG+ZzIQDDPXnHcxyy/0bzjp/HlPmLeP9hOWXDZnTJ6OYmck/YH1pbJ5zDvW1Tw==
x-amz-request-id: 6A338R76B6TNK6KX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 20:41:21 GMT
age: 3541
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "90C4DCB60B81399E5192FF2BBEAFCCD6F2F956D2252D755476FE8C501570D104"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13599
Expires: Sun, 27 Nov 2022 01:27:01 GMT
Date: Sat, 26 Nov 2022 21:40:22 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 26 Nov 2022 21:40:22 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "90C4DCB60B81399E5192FF2BBEAFCCD6F2F956D2252D755476FE8C501570D104"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13599
Expires: Sun, 27 Nov 2022 01:27:01 GMT
Date: Sat, 26 Nov 2022 21:40:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5931
Cache-Control: max-age=89955
Date: Sat, 26 Nov 2022 21:40:22 GMT
Etag: "63812cfe-116"
Expires: Sun, 27 Nov 2022 22:39:37 GMT
Last-Modified: Fri, 25 Nov 2022 21:00:46 GMT
Server: ECS (amb/6BA3)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2242
Cache-Control: max-age=86266
Date: Sat, 26 Nov 2022 21:40:22 GMT
Etag: "63812cfe-116"
Expires: Sun, 27 Nov 2022 21:38:08 GMT
Last-Modified: Fri, 25 Nov 2022 21:00:46 GMT
Server: ECS (amb/6B9B)
X-Cache: HIT
Content-Length: 278


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   4164
Md5:    2c8adef4a5e3ab5297ba05a0bdc028aa
Sha1:   24eadc39afec61db6d3a0c795bb31aec32587800
Sha256: a1f3b06bf6b63a409792d1439832b7b7a522294bbdeec21cd594149dd6e7b33d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4438
Cache-Control: max-age=88462
Date: Sat, 26 Nov 2022 21:40:22 GMT
Etag: "63812cfe-116"
Expires: Sun, 27 Nov 2022 22:14:44 GMT
Last-Modified: Fri, 25 Nov 2022 21:00:46 GMT
Server: ECS (amb/6B8D)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5931
Cache-Control: max-age=89955
Date: Sat, 26 Nov 2022 21:40:22 GMT
Etag: "63812cfe-116"
Expires: Sun, 27 Nov 2022 22:39:37 GMT
Last-Modified: Fri, 25 Nov 2022 21:00:46 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   108132
Md5:    6b1d23ddb073048be61377374621b8b2
Sha1:   8ac67100e2cb11d09e267a82c62f2a6c9ad6fb68
Sha256: 2e5d5daf979cc5670437d3d7243d37a93ef988d22b28e19624690c175fd0a1ea
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=170427
Date: Sat, 26 Nov 2022 21:40:22 GMT
Etag: "63827e81-118"
Expires: Mon, 28 Nov 2022 21:00:49 GMT
Last-Modified: Sat, 26 Nov 2022 21:00:49 GMT
Server: nginx
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Sat, 26 Nov 2022 21:40:22 GMT
Etag: "63812cfe-116"
Server: ECS (amb/6B97)
Content-Length: 280

                                        
                                            GET /jquery-3.5.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sat, 26 Nov 2022 21:40:23 GMT
content-encoding: gzip
content-length: 30879
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669498823.dop225.sk1.t,1669498823.cds024.sk1.hn,1669498823.cds208.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30879
Md5:    3700d0b271343804b9b9aa1c13efa521
Sha1:   3d6b03dbd74872ca3dfbb0529f6c80943788f918
Sha256: fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C6241EFBA77CF35682131040A55B5FDA3DBCD15568471E3C36AF6B65776FA0C5"
Last-Modified: Fri, 25 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6386
Expires: Sat, 26 Nov 2022 23:26:49 GMT
Date: Sat, 26 Nov 2022 21:40:23 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 21:11:12 GMT
cache-control: public,max-age=3600
age: 1751
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C6241EFBA77CF35682131040A55B5FDA3DBCD15568471E3C36AF6B65776FA0C5"
Last-Modified: Fri, 25 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Sun, 27 Nov 2022 03:39:31 GMT
Date: Sat, 26 Nov 2022 21:40:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C6241EFBA77CF35682131040A55B5FDA3DBCD15568471E3C36AF6B65776FA0C5"
Last-Modified: Fri, 25 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 27 Nov 2022 03:40:23 GMT
Date: Sat, 26 Nov 2022 21:40:23 GMT
Connection: keep-alive

                                        
                                            GET /www/delivery/afr.php?zoneid=3&cb=INSERT_RANDOM_NUMBER_HERE HTTP/1.1 
Host: affiliate.oliverclick.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         209.145.58.154
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Sun, 26-Nov-2023 21:40:23 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (770)
Size:   681
Md5:    0e226bf8387e8033cbdc31128956e976
Sha1:   5b1b8610713c44cf25b4a0cfcb37877c4683ed89
Sha256: 61a219473414b41f848c361e1ecb90eb309cfec47976a67491997aabb779645e
                                        
                                            GET /www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE HTTP/1.1 
Host: affiliate.oliverclick.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         209.145.58.154
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Sun, 26-Nov-2023 21:40:23 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (735)
Size:   664
Md5:    288d0c05fd5926dfb051040ff0f67ef6
Sha1:   6cbdaa9532fe0f662dc0b7972eb599181cf72566
Sha256: d44a05b5a34dd6a8caac9510683465b7d615de293fbf152c675a80743aaf5d11
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3385
Cache-Control: max-age=130973
Date: Sat, 26 Nov 2022 21:40:23 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:03:16 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DDB746CEC520144159A497B7E0EC343E5E30305AEA85C3BBA9812C06D8EBBF10"
Last-Modified: Thu, 24 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7482
Expires: Sat, 26 Nov 2022 23:45:05 GMT
Date: Sat, 26 Nov 2022 21:40:23 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.0 (Windows), datetime=2022:09:06 19:52:26 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-0, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 1186825144474799235106078720.000000], progressive, precision 8, 300x233, components 3\012- data
Size:   95892
Md5:    a6e424ea05e88aefcd1d7dbcba46eb65
Sha1:   813addfa1236f7ea00bc158b77938b03354abab6
Sha256: e033f1a260cf33e80b405242d03ce44992834bb71165030ed289f78bc5b8e5d0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FEA99489DE91BB26A3C8067F73D90405D4D3785F7244E0C88A95BDF363279AFD"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18883
Expires: Sun, 27 Nov 2022 02:55:06 GMT
Date: Sat, 26 Nov 2022 21:40:23 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   4420
Md5:    62ba7def726b0592a233256fd29e3164
Sha1:   4b35714f262889b08f90e322cefef1e60cc5b22f
Sha256: d686da6e7eb0234add01332324134bbb799a2adb4c18c1e4bae9004e94262306
                                        
                                            GET /sistema/uploads/influencers-vazadas.png HTTP/1.1 
Host: grupoxxx.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.59.133
HTTP/2 200 OK
content-type: image/png
                                        
date: Sat, 26 Nov 2022 21:40:22 GMT
last-modified: Tue, 04 Oct 2022 21:43:19 GMT
vary: Accept-Encoding
etag: W/"633ca8f7-1e297"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache: HIT from Backend
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 790032
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tsZHKE9NebzNj%2FN3iSQR7HVScIAenQLIFsZrrh8C4b71SdX2jrlbXAYn%2B%2B4G1eUm8WEtVnOnjBWM243%2BF44dtISn%2FstjQH2wU2C6v4yk13oWjXIJhbaMRH5ECa6mA8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705c83aac9e1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 233, 8-bit/color RGBA, non-interlaced\012- data
Size:   123606
Md5:    b3526feb6fc7f482772ea4e81c2b6f86
Sha1:   972aa8ea5f1279023aec5ab2d4d5bb11f8fdafd5
Sha256: 9a0c4786002c3cf966cc76a5d1dd890ec44637b552c58e8adb60d18d487ce0b5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4D81E53A8C84040E977EB3384D1524C3498AB653E923716291DFB8E9F969197"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Sun, 27 Nov 2022 03:40:21 GMT
Date: Sat, 26 Nov 2022 21:40:23 GMT
Connection: keep-alive

                                        
                                            GET /www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE HTTP/1.1 
Host: affiliate.oliverclick.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         209.145.58.154
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Sun, 26-Nov-2023 21:40:23 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (735)
Size:   663
Md5:    8837d46ed7d93912254b1c8030721fd8
Sha1:   0110d452986c47ce517a5d79436cc2e095bdf4e4
Sha256: 19d93812e6550234573a81be57096d5945994689032c4e017542b75266bc078e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 05:29:12 GMT
Expires: Sat, 03 Dec 2022 05:29:11 GMT
Etag: "da7ffc7850a3c5f0e61287497ae7db665e796753"
Cache-Control: max-age=545927,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7705c83d9990b51b-OSL

                                        
                                            GET /www/images/e9b61929ef447b2003de2571537a8d0a.webp HTTP/1.1 
Host: affiliate.oliverclick.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affiliate.oliverclick.com/www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         209.145.58.154
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Length: 12720
Last-Modified: Thu, 27 Oct 2022 02:34:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6359ee48-31b0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   12720
Md5:    e9b61929ef447b2003de2571537a8d0a
Sha1:   473eb2300e9bb1f9b6eec106932f4b572eadd961
Sha256: 41368f374e307cf51f41c0d46dbe0d122155adb8522ed17f15fee2cef445c500
                                        
                                            GET /39/b0/a2/39b0a2d72b6db0d70299160713d4da46.js HTTP/1.1 
Host: parlorscenes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 21:40:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f79f5284f3297f1516d1f660ff58412f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   28811
Md5:    c8f02254e5e7b72b50f74b04dddffcb5
Sha1:   53404e6eabf8ea6e608fe5dce4134028ec3591e4
Sha256: 151186432c51e1e7a175b59aaa57dfd9905a5a91913c55fb3b663787dfe51ecd
                                        
                                            GET /eb/cf/db/ebcfdbdf5995471793a61bc2c1e19e2d.js HTTP/1.1 
Host: parlorscenes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 21:40:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f7dd38314b151b4ebfcb8204f4d1cc83
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (37162), with no line terminators
Size:   13440
Md5:    c77f9a1a6047c74a34dd02b10e1232e2
Sha1:   ba24e30482967ebb5f402f329c3d8b4d10b10a0e
Sha256: 4f197dcfca97da15c4e149d043d3098d70b84a9dee630a1f1a670e23fba3cfa2
                                        
                                            GET /www/delivery/lg.php?bannerid=135&campaignid=6&zoneid=9&loc=https%3A%2F%2Fwww.xvideosincesto.com%2F&cb=65024ec475 HTTP/1.1 
Host: affiliate.oliverclick.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affiliate.oliverclick.com/www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         209.145.58.154
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Sun, 26-Nov-2023 21:40:23 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   1170
Md5:    f87df2915e142eaf34c52acc464b896b
Sha1:   5b7a99071e4bc94aa21c1eca09a506e5cc23bb46
Sha256: 3d0632e6cc3711594967b63ad2c08e7ebd5dff3b0b4316ae6c8acd1c554a68f4
                                        
                                            GET /small/13/1372.png HTTP/1.1 
Host: widgets.amung.us
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xvideosincesto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.74.171
HTTP/2 200 OK
content-type: image/png
                                        
date: Sat, 26 Nov 2022 21:40:23 GMT
content-length: 336
last-modified: Sun, 13 Jun 2010 09:48:30 GMT
etag: "4c14a96e-150"
expires: Sun, 13 Nov 2022 19:51:34 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 1216129
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c83fdb190a24-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 80 x 15, 8-bit colormap, non-interlaced\012- data
Size:   336
Md5:    fcef4b085cfe7173efb6e7a67d43a427
Sha1:   57ed3d21d71fed914db35de75b9f921290b0065b
Sha256: 72a52f255df9dffe152ab087dda172096fae722d37c701f6296317150779633e
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ofo4/g1atM1C2wKQyAPq3w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.167.231.108
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UhiCBF0F0SynubLJPUd7TF0G24s=

                                        
                                            GET /www/delivery/lg.php?bannerid=128&campaignid=6&zoneid=9&loc=https%3A%2F%2Fwww.xvideosincesto.com%2F&cb=b550fd14bf HTTP/1.1 
Host: affiliate.oliverclick.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affiliate.oliverclick.com/www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         209.145.58.154
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Sun, 26-Nov-2023 21:40:23 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Content-Encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   63
Md5:    3023325b26e8409e9c4e8fd53a59669e
Sha1:   2ac73ae49031ee6c0d39c344d25e9350dd9b49fa
Sha256: 22d20777c7f2d969414610da9a86ac5c3851262d1f9a8a36b4e981943c219b1b
                                        
                                            GET /www/images/c48fa7f6eecbcb960509579517f6683b.webp HTTP/1.1 
Host: affiliate.oliverclick.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affiliate.oliverclick.com/www/delivery/afr.php?zoneid=9&cb=INSERT_RANDOM_NUMBER_HERE
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         209.145.58.154
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Length: 17908
Last-Modified: Thu, 27 Oct 2022 02:33:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6359edfe-45f4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   17908
Md5:    c48fa7f6eecbcb960509579517f6683b
Sha1:   9da3cc86c0f4359e98a06856ca612358e956ab53
Sha256: a82641ffe299cde6e684699ef0881c1d6361b26146a78dd894d1be13b3317888
                                        
                                            GET /www/images/d9a771626dfe332ade2afbd0e7bd2734.webp HTTP/1.1 
Host: affiliate.oliverclick.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affiliate.oliverclick.com/www/delivery/afr.php?zoneid=3&cb=INSERT_RANDOM_NUMBER_HERE
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         209.145.58.154
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 21:40:23 GMT
Content-Length: 286248
Last-Modified: Sat, 05 Nov 2022 20:22:16 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6366c5f8-45e28"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   286248
Md5:    d9a771626dfe332ade2afbd0e7bd2734
Sha1:   acae7cf431c4188c3a48719554f03347e05d9f4c
Sha256: 8beb7ad06360151bb1b27a2a41d1b1ba9021ab0dda57874eb652bbf1dcd9d0f5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 21:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/webfont/1/webfont.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.74
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:34:16 GMT
expires: Wed, 22 Nov 2023 18:34:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 356767
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2134)
Size:   5437
Md5:    30ca3165d143baf2835023bfcf463450
Sha1:   62c662c0873b79a314c040fef28dcd29abb14480
Sha256: 4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 21:40:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "A5121C332D69FBEC0378A247A93432ECC3F00014BD67DF9B1FF613BEA57AF4D1"
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8290
Expires: Sat, 26 Nov 2022 23:58:34 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144966
Date: Sat, 26 Nov 2022 21:40:24 GMT
Etag: "63821517-1d7"
Expires: Mon, 28 Nov 2022 13:56:30 GMT
Last-Modified: Sat, 26 Nov 2022 13:31:03 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: V08r9F2J4qRTtYeV3xsE7hMwvim53lUvxFsLC_3cH4LNwWkSB4_nAQ==
Age: 1527

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148932
Date: Sat, 26 Nov 2022 21:40:24 GMT
Etag: "63821517-1d7"
Expires: Mon, 28 Nov 2022 15:02:36 GMT
Last-Modified: Sat, 26 Nov 2022 13:31:03 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: t0dfqRHV5eKe6Z_xQV7IRIhbPAMxmHdaxCyntphpNEbTHKgnMfz7RQ==
Age: 5493

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.28.211.11
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sat, 26 Nov 2022 21:40:24 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.xvideosincesto.com
access-control-allow-credentials: true
set-cookie: uid_id2=9ea7b4d4-9e9f-4c09-af2a-1467d2ce6885:1:1; expires=Tue, 23 Nov 2032 21:40:24 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    b9376b000a372c9dd89046cb20891cc3
Sha1:   9278edc6529381080d1f18f1c6943acca43a79a0
Sha256: 829701ca9d3c57b66e431ff93a3945ed454530115620641ef06894c40e4c6196
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 21:40:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 21:40:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.28.211.11
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sat, 26 Nov 2022 21:40:24 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.xvideosincesto.com
access-control-allow-credentials: true
set-cookie: uid_id2=01ac3da3-1ea0-4362-860a-5db98ea2f96d:1:1; expires=Tue, 23 Nov 2032 21:40:24 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    661211b07eda1dbdcdc0796b0d724b80
Sha1:   16bc4682669290958618fac3fa00e634012e2d3f
Sha256: d25066f28175ed08a50fb45b2506959d660eaf6c729ef760a5d263b7505a018a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 21:40:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 286372
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 21:40:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 266776
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 269195
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:56:18 GMT
expires: Thu, 23 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
age: 269046
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Size:   17368
Md5:    abe083d96b58eb02ada8b7c30d7b09f2
Sha1:   61447d66d13a8c8f4335696777a85c438c46f749
Sha256: db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 21:40:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "A5121C332D69FBEC0378A247A93432ECC3F00014BD67DF9B1FF613BEA57AF4D1"
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8290
Expires: Sat, 26 Nov 2022 23:58:34 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AC20339846844F8E6595584114A9C389A838D3773D27D2FD25D2591BDFBC3507"
Last-Modified: Thu, 24 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9012
Expires: Sun, 27 Nov 2022 00:10:36 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DED9668D16FDBA5A785700AE8D8427758811695525D05419914B5E0FBDF8DF7E"
Last-Modified: Sat, 26 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6301
Expires: Sat, 26 Nov 2022 23:25:25 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive

                                        
                                            GET /swidget/csg79dxr47.gif HTTP/1.1 
Host: whos.amung.us
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.22.74.171
HTTP/2 307 Temporary Redirect
content-type: text/html; charset=UTF-8
                                        
date: Sat, 26 Nov 2022 21:40:23 GMT
location: https://widgets.amung.us/small/13/1372.png
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7705c83efa390a24-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max speed, from Unix\012- data
Size:   13419
Md5:    f49d6817bee3c919b75265313b312c4a
Sha1:   6a22cb48b8f074483906b0bef3b3021ffc7315f5
Sha256: 60f814ef8401f7399aadea507975556db718ea1a07a7e3db2805235b56f95487
                                        
                                            GET /44/4a/94/444a9425ce406fbda680284e6b59107b.js HTTP/1.1 
Host: wastedinvaluable.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.243.59.13
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 21:40:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 954ba190f127b87896bfecc42edc18bb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size:   28775
Md5:    dbd6a86b04196d6bfd4274269f7d7a32
Sha1:   b4130484151a83c75455199fb7f826e68713b389
Sha256: e79cf504fecc781c350e6856f742a23738e36252569ba0a8b9ce190ac512104e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18610
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18610
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1672
Md5:    771a47afeaa046a7541e62e5b6f19af6
Sha1:   7f3297dbf16329b3c3999311f449aeb0c4f43ba6
Sha256: 765367dee1e1366ff122e01444e4a5aab6fcadd786490328ac1640a71fb3d245
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18610
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18610
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:40:24 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:17:55 GMT
age: 84149
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   15818
Md5:    17ebe470d040a6ea8c57e9b9d4f4e828
Sha1:   1ac7a410cd4f3709f476c776dd5646dd982dcfa8
Sha256: d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 03:55:38 GMT
age: 63886
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3502
Md5:    a783df85f30f9c555f9df6b99f61744d
Sha1:   61f9bed607e81606be78285596acdc5e0e4f4994
Sha256: 19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 02:19:43 GMT
age: 69641
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /sfp.js HTTP/1.1 
Host: friendshipmale.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.234.93
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sat, 26 Nov 2022 21:40:24 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 07375be7e799aaea33e7de051e3a959d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 26 Nov 2022 21:40:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMRAVjbL60nv%2FOj9nQUTDPeHYjJl5p0Kya9eGeNBjogd7ePT7iyjXZQ1xyi83rPO0dJnj4ujufTqlZQkK5UtfKcjx17fOQVPH8tNum8lQc5NTsqM3CKSY7CeMSt8eUaSH9UQjzg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c8427f507433-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   37033
Md5:    4c3139ff70428685e10b06c82d883ea4
Sha1:   09a45ae017c675b972fac181e2b3c3766539c063
Sha256: d7082fa178b0b18afaac75a0243021beea8b3887c9aa010c1ac2267f88b4f2fc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7799
x-amzn-requestid: 4b3bf619-fb69-4cfe-b8e7-7de4ea127853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXADFOvoAMFXQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813866-77f561ae3496d84c75541300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:49:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lt_7H9W9LVUS5gKPrBF_vGiXg-anP_bGV5izsxPiGhiasy2eBnltuw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:39 GMT
age: 83205
etag: "3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7799
Md5:    96437d0cb1ceaffa77124f0dcfeb38cf
Sha1:   3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50
Sha256: 89244601b0a4bc150033e52dc56cf0fbe2846ebba7532c477146258a70783e05
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:40 GMT
age: 85904
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9049
Md5:    c8dc4b8a7e9f7f4f84f0da568b43392b
Sha1:   3d32bff85cb7ec118c4496d0c3802829fdc9af3b
Sha256: 4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
                                        
                                            GET /sbar.json?key=ebcfdbdf5995471793a61bc2c1e19e2d&uuid=9ea7b4d4-9e9f-4c09-af2a-1467d2ce6885%3A1%3A1 HTTP/1.1 
Host: wastedinvaluable.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         192.243.59.13
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 21:40:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.xvideosincesto.com
Access-Control-Allow-Origin: https://www.xvideosincesto.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16017163; expires=Sun, 27 Nov 2022 21:40:24 GMT; secure; SameSite=None uid_id2=9ea7b4d4-9e9f-4c09-af2a-1467d2ce6885:1:1; expires=Sat, 03 Dec 2022 21:40:24 GMT; secure; SameSite=None pdhtkv=true; expires=Sun, 27 Nov 2022 21:40:25 GMT; secure; SameSite=None uncs=1; expires=Sun, 27 Nov 2022 21:40:25 GMT; secure; SameSite=None pdhtkv29=true; expires=Sun, 27 Nov 2022 21:40:25 GMT; secure; SameSite=None uncs29=1; expires=Sun, 27 Nov 2022 21:40:25 GMT; secure; SameSite=None slecebcfdbdf5995471793a61bc2c1e19e2d=[3760946]; expires=Sat, 26 Nov 2022 21:40:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d2956bfeac1c682da5ee4a99bf8c09f7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5840), with no line terminators
Size:   4034
Md5:    d2b668e3604dea9f1e6777a9e1d0993c
Sha1:   385f25505b12db100dd344407756d877370848b9
Sha256: 5b252c5e61ae97077f4923ce006d71b2b74a308d7253e66d47ebb48d8a62b403
                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2sdVRi9U%2BOmBdEiggvlLVxYMC8z82byMhYJ1rZS7C%2Fbatf317xcc2fucO%2FMm9esQgta0EWKGxcKk%2FPSBrUU616Ul7ooAaHPRcjC%2FAsKLQV38l4CwQ9mvu%2FecxbnnO9%2Bvl7tER8V3b18waworelc3PZbb19XuTC1a1281gr8tn%2BydV3l89HJ1mDys%2F13Az9u%2BydaH0q%2BbOZCP%2FD9wA9aZ5WVqRnMTVGo4n4StBO%2FHYXtII4wsP8%2Fu8qDox5Ef48chxLjF5ceP4TiI%2BTZT6elWy5N8c6ZrNK0NBZ9sflJvpybOkd2OKbWQ5pvHrBh3JiQb47A5JsHDmD6GxMHYGpMvJ0ALN88kAnWv7uvlGnIHEwcQ90fQeoRFB2Bm1tQ4gkBuMDFS8izexeNremNfZRO0DGZef4Uqh6Tmb9eRZ49OKXVoHXV6KpUJncYpA3UYATVG6GotlCueFD1Fnh5E0r8Qeaen0eebVxy2kCJ3bcSSbssEtFsIpN0NuJ%2BMkvTkM4G0XxXhFzOLyzE04iUGkGlI2i5Buo8VJNPeahSD1XhIRO7LRonqe93U5Z2OgsR57zT4TxemBex6EQLqY%2BKTzysoSzWwPUauF1FYVexrO48iY%2FDVr%2FBLTVwwoMrCfqiQS0JakdQU4JaEdQlQd1v7grtQtfcE9pVLDjo4UHvNENT9tbpXVP2ZE7Wiz3yyjS7Z71jWJa7Lcl4KphI4ySJo27QTTp0PmA85IEMEhkKONVAuSNTpytqTF77skIxWeiJRTC6Bae3wNXLoNUboPWwG%2FqgS8NowcdK%2FmDQV0Ia1za5VrmEMA2KcgblDW9d75HXp0oSHkLy7cV%2Fd46%2BVwx3wG2Dwjb4TD0i6OnbwyumJhtXTO3Iw0tFqTK1QicbvlrSUs788JG8URsrzp12a9%2B%2FzyfAZLx%2FTbryPM2FynuO%2FHhKCSHtWWO5JL%2Bcc9clu1y5pVOVzavi%2FOUPzp7LCiudUyYfgaon3a%2FB1ZgcvbA6fbtvfvUIyo5gqwZZtU0OCspsgRercMX24rPNv7%2F7efYlOENg9SGHFR7qqhnakB1eajUm4dPfoeX24rePR59%2BfCYDZQ2cPIyBye1f%2F9nnr7vb6FkPtLyFPGvQtw36ugHVa3DVC8OysNuLf3amBaa9IdPW22Da6jv78Tq125Jx6qfSDyVLE5Z2qS%2BSNEoYTQLZZTENULoxv%2FnF4%2F8AAAD%2F%2FwEAAP%2F%2FBb6FJpcEAAA%3D HTTP/1.1 
Host: wastedinvaluable.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Cookie: u_pl=16017163; uid_id2=9ea7b4d4-9e9f-4c09-af2a-1467d2ce6885:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecebcfdbdf5995471793a61bc2c1e19e2d=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.243.59.13
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 21:40:25 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28f48968afde8df95e0ff456be653729
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0C3DDFEEB9AC40E786CA138A0B3B7041B174E3AD45ECA531A344D41C2185B3B3"
Last-Modified: Fri, 25 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9348
Expires: Sun, 27 Nov 2022 00:16:13 GMT
Date: Sat, 26 Nov 2022 21:40:25 GMT
Connection: keep-alive

                                        
                                            GET /pixel/purst?dl=0&th=0&sc=0&rs=2944&rd=2944&fd=869&bv=22.10.v.10&tmpl=136 HTTP/1.1 
Host: tractorfoolproofstandard.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.52
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 21:40:25 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CEF064183DB51CEFADCCA610B91C5EA86154AE2024029D60E59A152A7A3B1723"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1657
Expires: Sat, 26 Nov 2022 22:08:02 GMT
Date: Sat, 26 Nov 2022 21:40:25 GMT
Connection: keep-alive

                                        
                                            GET /?partner=232&mapped=01ac3da3-1ea0-4362-860a-5db98ea2f96d HTTP/1.1 
Host: pixel.onaudience.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         141.94.170.77
HTTP/1.1 302 Found
                                        
set-cookie: cookie=96e61ac564929c0e; Max-Age=31536000; Expires=Sun, 26 Nov 2023 21:40:25 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None done_redirects104=1; Max-Age=86400; Expires=Sun, 27 Nov 2022 21:40:25 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=96e61ac564929c0e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length: 0

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CC3953BCFF0F9AAEB59B71E15C8B72BCAC9D94FF203EECCBF159B40CF38521E9"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4164
Expires: Sat, 26 Nov 2022 22:49:49 GMT
Date: Sat, 26 Nov 2022 21:40:25 GMT
Connection: keep-alive

                                        
                                            GET /sb/interstitial/software/flashPlayer/mac/multi/1/index.html HTTP/1.1 
Host: cdn.barscreative1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         45.133.44.4
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Sat, 26 Nov 2022 21:40:25 GMT
server: nginx/1.17.6
last-modified: Wed, 01 Sep 2021 12:22:33 GMT
etag: W/"612f7089-cfb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 26 Nov 2022 22:40:25 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1301
Md5:    2d60500de28fa381db094a81aef289d0
Sha1:   4bcf57e94d5f31690b22c72171f69f0bd91af541
Sha256: ec843a00dd0ff588e2ccd9ec6f829bd3c74ed58a2c65c669082e41a55ab986f8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: image/png
                                        
date: Sat, 26 Nov 2022 21:40:25 GMT
content-length: 9360
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: "612f708f-2490"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 978375
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4PiQaDIYVvFsu6JLo15FnO8ZKtfMcJLyJNngG31pAs59CjlTZSNTsBqiEnZUnr%2FyhapBCWWGvCEtnXx3oQYlY5bUuC1iBYBEZ5rLOPw7EqpxB9ThHHH48b3KFLnVgS8bfSeAuvoYIJU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c84c699b7723-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 240 x 240, 8-bit colormap, non-interlaced\012- data
Size:   9360
Md5:    910542c04f8bf2f90ee33d17d538a006
Sha1:   18d5943e5d51539038f7988c34bccef2937c5545
Sha256: 5969cb3c5c4f573f5c05035ddf9748ee17d5c71df6fca4e484f65d30e2694e57
                                        
                                            GET /advertisers.js HTTP/1.1 
Host: banquetunarmedgrater.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.60
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 21:40:25 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: adbe7063f272dcc90c5fc879fc64d796
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10950
Expires: Sun, 27 Nov 2022 00:42:55 GMT
Date: Sat, 26 Nov 2022 21:40:25 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   1005
Md5:    65ae9cd5d393ad9c8a8449233a929663
Sha1:   61281755528beef30a89c287c8f27397755546f4
Sha256: 667d9b93ef014587235187e283ce9bb118f8342da705b35c597a660aaf1f8fc2
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "84EB422804F5BB5CB226D1E778F4E98E3BBC5B99E0A7F8AB91AEEB1A5502F117"
Last-Modified: Fri, 25 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6140
Expires: Sat, 26 Nov 2022 23:22:46 GMT
Date: Sat, 26 Nov 2022 21:40:26 GMT
Connection: keep-alive

                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=389 HTTP/1.1 
Host: parkingridiculous.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.243.59.20
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 21:40:26 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 26 Nov 2022 21:40:25 GMT
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-11aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lf%2FbOHHINLbL%2FIRIwxv2yn0A%2Br7byCyi7vIrWqIxDszrthXj0a8ucPY3%2Fo16Mq4V7y8dY6rMXhZqCq3qfgResvw55Qm7ogO9rUq%2F0LU2MvvyiIzffcFilmaYdoJ09VkK1%2BQ07nZHMldm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c84c39547723-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1341
Md5:    b0b362d133eb4904706bb0622229b74f
Sha1:   22d89f78efb4c1cf967ac7e28821f4f39df8baf7
Sha256: 79b0f34463059aaa97b3b2f0f3319f64e893a595ce9e300d86fb031cc7fa28c0
                                        
                                            GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 26 Nov 2022 21:40:25 GMT
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddIKIo%2BTuS1cuNwOn29dbqyFof1xaE5RhTtSH6CqnN%2F7do6Lx%2BvMDu7nxFwUcjNnqutNqMBYql80XUzmuqPvOfTL8WQj%2F8bEb02YhZSek2gKAztPQIOcbuf44pYY5o%2FwQWbDhoT3hNTn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c84c394a7723-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4847
Md5:    c91016401e0a0b7b3d7572de48c76597
Sha1:   12fb634abb5e708b4f55d1489055b4f626d3cdd1
Sha256: 2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=377 HTTP/1.1 
Host: parkingridiculous.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.243.59.20
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 21:40:26 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css?family=Roboto:400,400i,500,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 21:40:24 GMT
date: Sat, 26 Nov 2022 21:40:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2512
Md5:    4b0c04eb57269acf23834775773f33b4
Sha1:   d9aeec7683cd77904bcf2211fc5f7eebb723156c
Sha256: ab361b0fe710f87f8a5d7f65379bddba0869663f7224cf2d3203a0104d55f430
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 21:40:27 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 26 Nov 2022 20:26:17 GMT
Expires: Sun, 27 Nov 2022 20:26:17 GMT
ETag: "7469c4a1f0b4cebdb7b66733bbec59bcf492d955"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    80e743aa65c73193da1b5a2df3f62f4a
Sha1:   7469c4a1f0b4cebdb7b66733bbec59bcf492d955
Sha256: 3f87ec235ca46a2d9aa0e4d2f7c9c1937fe5bc4bdb3dae232239ce295db33116
                                        
                                            GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitjuslAdEgggdlDh4MuLPdPT070wZZjEkkmF8m0Zyrq6pny63uaqq6p2f3tCSgAT1M8OJBoffNbhY1BONdlNl4WAaEHQ%2FLHtx%2FQSEh4E1mdmDxg%2B7vq3rv8N776vON4pC4KOjB9St6TSpFF5p1t%2Fb2bZlyXdra1Vs1z627Z2u3ZboYnK31Jj%2FTfddzm3X3TO1DwVb0gu96ruu5Xu2iNCLWvYUpCpk9DL166NYDv%2B41A%2FTM%2F8%2B2cGCpA949JKch%2BfjF5d3HkGyINPnpvLAruc7euZAUiubaoMu3P0lXUl2mSI7H2DiI0%2B0ZG9qOCfnmBHS6PXMA3d2cOEAkx8TZ9xCl2zOZiLpbR0ojBZEi4qdQdocQaghJh2D6LiTfIwDjuHoNafLgqjYlXT1C6QQdk7nnTyHLMZn761WkyaNzSvZqN7UqcqlTi15cQfaGkJ0hsmIH%2BZoDWe6A5Xcg%2BR9k4fllpMnmNas0JD94KxS0FQU8mA9FGM8HzA3naezTeS9YbHGficV2uzmNSMohZDyEEn1Q66CYfNJBETsoMgcJP6jRZhi7biuO4kajHTDGGg3Gmu1F3uSNoB27KNjEQx951gdTfTCzjsysY0Xe32uehil%2Bg12uYLkDmxN0eYVSEJSWoKQEpSQoc4KyW21xZX1bPeDKFpE36%2F6sN6qBzjsbdEvnHZGSjeyQvDLN7lnnFFbEQU1ELOYRj5th2AxaXits0EUvYj7zhBcKn8PKCtKemDpdk2Py2pcFsslCzywhojuwagdMvgxavAFaDlq%2BC7o8CNou1tJHva7kQtu6TpVMBbiukOVzyFedDXVIXp8qCZkPwUZL%2F%2B6ffC8b7IOZCpmp8Jl8QtBR9wY3dEk2b%2BjSksfXslwmco1ONnwzp7mY%2B%2BEjsVpqwy%2Bdt%2F3v32cTYDI%2BvCVsfpmmXKYdS348JzkX5qI2TJBfLtnbIrpe2OVzhUmL7PL1Dy5eSjIjrJU6HYLKvdbXYHJMTl5Zn77dN796AmmGMEWFpBiRWUHqHbBsHTYbLT3b%2Fvu7n%2BdfgtUERh1zosxBWVQD40fHl0qOif%2F0dygxWvp2d%2FjpxxcS0KiCFccxRGL06z9H%2FA17Dx3jgOZ3kSYVuqZCV1Wgqg9bvDDIMzNa%2BrMxLUTKGUTKOJuRMur%2BUbxWHtSaXiDaUbvFOI8E417Lb7QbrutzHrRC4YXI7Zjd%2BWL3PwAAAP%2F%2FAQAA%2F%2F8RtgvAlwQAAA%3D%3D HTTP/1.1 
Host: wastedinvaluable.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Cookie: u_pl=16017163; uid_id2=9ea7b4d4-9e9f-4c09-af2a-1467d2ce6885:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecebcfdbdf5995471793a61bc2c1e19e2d=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.243.59.13
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 21:40:26 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c50864822b1d3cfa932ca8d427c88d4c
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
                                        
                                            GET /pixel/sbs?c=1 HTTP/1.1 
Host: wastedinvaluable.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Cookie: u_pl=16017163; uid_id2=9ea7b4d4-9e9f-4c09-af2a-1467d2ce6885:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecebcfdbdf5995471793a61bc2c1e19e2d=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.243.59.13
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 21:40:26 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

                                        
                                            GET /map/c=8587/tp=CLOD/tpid=96e61ac564929c0e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP/1.1 
Host: sync.crwdcntrl.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xvideosincesto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         3.248.128.187
HTTP/2 404 Not Found
content-type: image/gif
                                        
date: Sat, 26 Nov 2022 21:40:26 GMT
content-length: 49
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.15.130
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   49
Md5:    56398e76be6355ad5999b262208a17c9
Sha1:   a1fdee122b95748d81cee426d717c05b5174fe96
Sha256: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
                                        
                                            GET /sistema/uploads/anitta.png HTTP/1.1 
Host: grupoxxx.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.59.133
HTTP/2 200 OK
content-type: image/png
                                        
date: Sat, 26 Nov 2022 21:40:22 GMT
last-modified: Tue, 13 Sep 2022 14:07:39 GMT
vary: Accept-Encoding
etag: W/"63208eab-239d6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache: HIT from Backend
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 795622
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xI1hFmg6wRHTyjY0JD7MwEpTc40cmY3bVchZzXtIpGLdmLKFTYo%2FCMFqPi59c3o7RRSY8SM12hcrMndbu2Mqhd2lUK5Zi6htLMSKj3meIjOAC39aDuz0yA61zzg7OpM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705c83abcad1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /embed/Luisa-Sonza-Onlyfans.mp4?st=0g67Qw1REeXmiK9jtxkS1Q&e=1669578471 HTTP/1.1 
Host: cdn.xvideosincesto.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         173.208.228.218
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
server: nginx/1.22.0
date: Sat, 26 Nov 2022 21:40:23 GMT
content-length: 10045163
last-modified: Sun, 08 May 2022 01:55:13 GMT
etag: "62772301-9946eb"
content-range: bytes 0-10045162/10045163
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 26 Nov 2022 21:40:25 GMT
last-modified: Wed, 01 Sep 2021 12:22:37 GMT
etag: W/"612f708d-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 978375
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRI4pmtOWbw6hCjSPL9DpmOrEeYPsWM2h3vxGEhtC1TzZs8cz2jbbmLggPn5Wkqb4U1EAzRnm0Rc4p21TIr8ij5QhxNzOmS5M%2FslqmN91TV11Y1i0A%2B2%2BlGUliKqbs03K9PULxqfKLv0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c84c69a07723-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /luisa-sonza-onlyfans/ HTTP/1.1 
Host: www.xvideosincesto.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.21.2.8
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sat, 26 Nov 2022 21:40:22 GMT
vary: Accept-Encoding
cf-edge-cache: cache,platform=wordpress
x-pingback: https://www.xvideosincesto.com/xmlrpc.php
link: <https://www.xvideosincesto.com/wp-json/>; rel="https://api.w.org/", <https://www.xvideosincesto.com/wp-json/wp/v2/posts/120593>; rel="alternate"; type="application/json", <https://www.xvideosincesto.com/?p=120593>; rel=shortlink
x-varnish: 93009749
via: 1.1 varnish (Varnish/5.2)
x-cache: HIT from Backend
strict-transport-security: max-age=31518000
x-content-type-options: nosniff
last-modified: Sat, 26 Nov 2022 19:47:50 GMT
cache-control: max-age=1800
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xV5Lsn2ZAkY902VBE%2FA1mtWVM9GnTduraXzfYcSuhyuiUq5BqwOqneZocpmqd5OMLIzorGyKa4DZPYae6uO3ZuOFmAobwevFNEIk%2FTzt1BDtlpsFQ8IH13ln29lf9Laj%2Bj2stRfwRBN0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705c837db9cb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sistema/uploads/vazadas-privacy.png HTTP/1.1 
Host: grupoxxx.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.59.133
HTTP/2 200 OK
content-type: image/png
                                        
date: Sat, 26 Nov 2022 21:40:22 GMT
last-modified: Tue, 13 Sep 2022 14:21:38 GMT
vary: Accept-Encoding
etag: W/"632091f2-17f9b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache: HIT from Backend
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 793309
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQ3bYxZ82UVk0Hr%2FfFW9gtlS03SMs2hTfwna%2FKzzDMeTLdoQaVuNfdM8NHEXqXsNyTcu86EZ8aMYulf1tsGXZktdHtUjsNJrMBthHHYCrZdX%2BT%2BK1%2FXKnstbfvITDB0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705c83aac9f1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 21:40:25 GMT
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: W/"612f708f-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 978375
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NYOUpyzWjTR7HC6X58ZXVlhti7pJQeJdbX9YP6bZAnf6TLwfcw9BoNKxsQsN4Ut3hdlnsu7tKyjSnorpPLeABhGKNzyu%2B8iD%2BHPn%2FjvIXdxQ0cVJ5jErNd4Ulb%2BrJsyvHKoax%2B4nnoh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c84c69967723-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xvideosincesto.com
Connection: keep-alive
Referer: https://www.xvideosincesto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 26 Nov 2022 21:40:26 GMT
last-modified: Wed, 01 Sep 2021 12:22:36 GMT
etag: W/"612f708c-7082"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qLaDOcq4RmRbNRt0gumQ6nvbYMWWqk4iQ5kxKTrWXqbqhL0et9cvAUZtycIq4rQagbLx6pg31kHvjJ3fHh9biUpJtG7z2qJhW%2Fbsf%2F9Lwh%2BODYOpdNjxRcdvp3WO00aejvZteCM2AAV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705c84ceaab7723-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---