sexofilm.co/xxx/tag/free-download-porn-dvd/
104.21.38.82301 Moved Permanently 0 B URL HTTP/1.1 sexofilm.co/xxx/tag/free-download-porn-dvd/
IP 104.21.38.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xxx/tag/free-download-porn-dvd/ HTTP/1.1
Host: sexofilm.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 11:18:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 25 Sep 2022 12:18:00 GMT
Location: https://sexofilm.co/xxx/tag/free-download-porn-dvd/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8erE5U2UqnizHjiU6XX11Z5vGiYUcPaBow2KHoCVRh9iOKCHBqFapE8kYqmZhx5mvwkgES5LZS5RakSa2INOxE89HaPTEwHdK46rS2LMT0nEp9yyRvFwAqT8sbxV0A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75035b4a59afb4f7-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 11:14:56 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -O9eYcdjAtEceKY08QvBea3HQwUg82ODGOjHt824iUj8xc6YvdBnXQ==
Age: 184
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10400
Expires: Sun, 25 Sep 2022 14:11:20 GMT
Date: Sun, 25 Sep 2022 11:18:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9i8Hq6uDhhQG8MjEZQVztjQ94CryC4dooQmsWJNQBF_l8QrluQVAhw==
age: 24166
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash beb5e21019ca714607efc887f5889ad3
888f06c5350cce29fe737df93fe2a92319219683
bbedcb338dc526f96964cf8928de5021c6c56a1a124cb358f1d1e712369e201e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:00 GMT
Server: ECS (amb/6B77)
Content-Length: 280
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:18:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash beb5e21019ca714607efc887f5889ad3
888f06c5350cce29fe737df93fe2a92319219683
bbedcb338dc526f96964cf8928de5021c6c56a1a124cb358f1d1e712369e201e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:00 GMT
Last-Modified: Sun, 25 Sep 2022 11:18:00 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
sexofilm.co/xxx/tag/free-download-porn-dvd/
104.21.38.82200 OK 26 kB URL HTTP/2 sexofilm.co/xxx/tag/free-download-porn-dvd/
IP 104.21.38.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65510), with no line terminators
Hash 4bbd008b9fdde5bd59d7f520f29d3c2f
e2cd99a5832255f5921eaad86dfcc995c954d6b7
f5b5e63cacfaa337f0b7292ca12d8b43a8133e671a4a9650d94600c955927327
GET /xxx/tag/free-download-porn-dvd/ HTTP/1.1
Host: sexofilm.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 25 Sep 2022 11:18:00 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
link: <https://sexofilm.co/xxx/wp-json/>; rel="https://api.w.org/", <https://sexofilm.co/xxx/wp-json/wp/v2/tags/8>; rel="alternate"; type="application/json"
vary: Accept-Encoding
x-litespeed-cache: hit
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqdHnLyPvMedw3ZChiMRYcbHo1tlDsCham3vWHBpdLDVudzjNhOA1FdF9o4UtT%2FnFL0PpRwuRXZapj8j9juaOhng%2FiLzd6MEL91RK2io1QNgsfYn1WQi2tVu0oyPbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75035b4cac5db512-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.realsrv.com/ad-provider.js
205.185.216.10200 OK 24 kB URL HTTP/1.1 a.realsrv.com/ad-provider.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 46504668ecf4671f582f5ba93a2f3c6b
8b165c478da3dd4fd4df3b40745733049b5acb0c
5230c0e2745fedbf038f97e374a5b6ea033434301aa86ec545eae37b29350799
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 11:18:00 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 23726
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"2bf044048f482551901a41a7444"
X-HW: 1664104680.dop226.sk1.t,1664104680.cds264.sk1.shn,1664104680.dop226.sk1.t,1664104680.cds207.sk1.c
Access-Control-Allow-Origin: *, *
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32180)
Hash f16500423cc2867eff8b773df637c48f
1cd32d75b59a89c3a70274e383151a61ce0594f4
6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 10:27:13 GMT
expires: Fri, 22 Sep 2023 10:27:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 262247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:300,400&subset=cyrillic,greek,latin-ext
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400&subset=cyrillic,greek,latin-ext
IP 142.250.74.10:0
Hash 7795f75f5c0e9d8d179dafd95eec686a
97351a4d21d03b67ecc471b660f18417c1a0010d
9fa21ac028607ee68df2af6abd194099181cddc7ed42376dddbbc0c211d6d3d4
GET /css?family=Open+Sans:300,400&subset=cyrillic,greek,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Sep 2022 11:18:00 GMT
date: Sun, 25 Sep 2022 11:18:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald|Montserrat:400,700
142.250.74.10200 OK 656 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald|Montserrat:400,700
IP 142.250.74.10:0
Hash ac7a6046b74d3160bf0adcd12bbb6b54
16dff068fbd2df8ea076231efe39a8bd9f6f30f9
d7a8d55cfa1d6c472c69af6a5874ff4b95fb3faefc34d9ffb20639061162e693
GET /css?family=Oswald|Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Sep 2022 11:18:00 GMT
date: Sun, 25 Sep 2022 11:18:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
104.17.24.14200 OK 57 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sexofilm.co
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 11:18:00 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 56780
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-ddcc"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2818002
expires: Fri, 15 Sep 2023 11:18:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4qRc0Z4LhD8B0IZZb%2BIOYfwpIeJoZgKbG3ILUbKrls%2B8DpdLemTEe%2F1otfZ4SVIT5la3gTU5512GTm6M%2F3y4D6wGRIWejO6bB6BExqgKMtyQGzfBhkw6x5QxuOzD53wiVwUKSII"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75035b4fdc700b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sexofilm.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:40:18 GMT
expires: Fri, 22 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 239863
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.displayvertising.com/ring.min.js
185.76.9.14200 OK 19 kB URL HTTP/2 www.displayvertising.com/ring.min.js
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash 663da9163d99012b23f1698c7107ac8a
06c13b751f075c52b3e8c158a9f7f92efc91139c
97e1d7eb773103462008d373fc5bec4f3b4443256f525c13ade722cdf1772351
GET /ring.min.js HTTP/1.1
Host: www.displayvertising.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sexofilm.co
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 11:18:00 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
expires: Fri, 30 Sep 2022 23:14:04 GMT
access-control-allow-origin: *
link: <https://displayvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1664579645
server: CDN77-Turbo
x-77-nzt: AblMCQ3XQLb/K/sBAA
x-77-nzt-ray: 7oItR3FdisU
x-cache: HIT
x-age: 129835
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 25 Sep 2022 11:04:17 GMT
Expires: Sun, 25 Sep 2022 11:11:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UFPK9YIqE0PJWhwUw_pq8azNzmWDU256SV7ek5Q_dV9LJO3Gaj8v3Q==
Age: 824
pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=160284519&post=0&tz=0&srv=sexofilm.co&host=sexofilm.co&ref=&fcp=0&rand=0.0007581988614496771
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=160284519&post=0&tz=0&srv=sexofilm.co&host=sexofilm.co&ref=&fcp=0&rand=0.0007581988614496771
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.3.2&blog=160284519&post=0&tz=0&srv=sexofilm.co&host=sexofilm.co&ref=&fcp=0&rand=0.0007581988614496771 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:18:01 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1c5b81a8e375c8fcd95c40099404963e
d44df8a0d7229034dc2d4205b1f5530ec6e2ed67
ab102eb01240ee46c0e6c70b675d8d64bce18d628236c1b7cd9e1d71a01c71c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB102EB01240EE46C0E6C70B675D8D64BCE18D628236C1B7CD9E1D71A01C71C5"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1855
Expires: Sun, 25 Sep 2022 11:48:56 GMT
Date: Sun, 25 Sep 2022 11:18:01 GMT
Connection: keep-alive
cdn.pncloudfl.com/pn/744/081/678/7440816781d0d85a30283dca9b3b28d80826b38f.jpg
104.22.59.221200 OK 37 kB URL HTTP/2 cdn.pncloudfl.com/pn/744/081/678/7440816781d0d85a30283dca9b3b28d80826b38f.jpg
IP 104.22.59.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c994c44c682769b6bbb4079385f02ca0
431277bc9ea5c81f48a73dc0a3aeaa84db3d345a
8b19dee80ecbf597df8b5db23627cf5e0e3cad541dd0260162238d8ad9314c2d
GET /pn/744/081/678/7440816781d0d85a30283dca9b3b28d80826b38f.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 11:18:01 GMT
content-type: image/webp
content-length: 37090
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=73232
content-disposition: inline; filename="7440816781d0d85a30283dca9b3b28d80826b38f.webp"
etag: 71f517f39d38846c02be3576ea99b943
expires: Tue, 27 Sep 2022 02:07:06 GMT
last-modified: Wed, 21 Sep 2022 01:58:36 GMT
vary: Accept
x-openstack-request-id: tx3b5a6acb74eb4fb5bcc97-00632a700b
x-proxy-cache: HIT
x-timestamp: 1663725515.95097
x-trans-id: tx3b5a6acb74eb4fb5bcc97-00632a700b
cf-cache-status: HIT
age: 33055
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 75035b516ac3b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ca4psell23a4bur.com/get/1765963?zoneid=1765963&jp=_cl0hps33i8sqv25jfwt4sb&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7990358112202418
62.122.171.6200 OK 49 kB URL HTTP/2 ca4psell23a4bur.com/get/1765963?zoneid=1765963&jp=_cl0hps33i8sqv25jfwt4sb&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7990358112202418
IP 62.122.171.6:0
Hash f86b4f3863cfc6fa0d6627c73a3f36ab
bf3e1f6494a809f8195fc680d0c14fd671cc33df
b9fcab7643c37eeeb099ab0edd3a542b5e16db865ebdd55e41c767831665a771
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1765963?zoneid=1765963&jp=_cl0hps33i8sqv25jfwt4sb&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7990358112202418 HTTP/1.1
Host: ca4psell23a4bur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Cookie: UID=22092506182db17c51760d411ea132ceac38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:18:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/be2/4f4/e0c/be24f4e0cc57a6bd44c315d808592a3ac45a7d74.jpg
104.22.59.221200 OK 35 kB URL HTTP/2 cdn.pncloudfl.com/pn/be2/4f4/e0c/be24f4e0cc57a6bd44c315d808592a3ac45a7d74.jpg
IP 104.22.59.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 44b034dc0c54104c9605315dd8e04d0e
018a773154ce0d5250ba70522db8568f40ae14ed
bb0c5ebb30e8bcd06807050e97649125fab1af37e62756f7218d20d163d196de
GET /pn/be2/4f4/e0c/be24f4e0cc57a6bd44c315d808592a3ac45a7d74.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 11:18:01 GMT
content-type: image/webp
content-length: 35140
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=73149
content-disposition: inline; filename="be24f4e0cc57a6bd44c315d808592a3ac45a7d74.webp"
etag: 7aa3d66e0eb3e5ae46780f37d76c0d3b
expires: Sun, 25 Sep 2022 17:59:17 GMT
last-modified: Sat, 27 Aug 2022 15:19:36 GMT
vary: Accept
x-openstack-request-id: txf17ea8af647c475db8cf7-00630a369f
x-proxy-cache: HIT
x-timestamp: 1661613575.75142
x-trans-id: txf17ea8af647c475db8cf7-00630a369f
cf-cache-status: HIT
age: 148724
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 75035b517ad0b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
syndication.realsrv.com/v1/api.php
95.211.229.246200 OK 2.6 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.246:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5924), with no line terminators
Hash ae1dc9b0f1c8d4d9a3266f16756b5166
cf79618ff7c2bc251ad2a6505efb6273660876e9
605c02f7a228c26e6dfb09f0a22fe649d50967727f8b5acc0604aee3de69fafb
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 267
Origin: https://sexofilm.co
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 11:18:01 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://sexofilm.co
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6451
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:01 GMT
Last-Modified: Sun, 25 Sep 2022 09:30:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
forlumineoner.com/pfe/current/tag.min.js?pub=1&t=standalone&z=1881651&var=
139.45.197.229200 OK 6.0 kB URL HTTP/2 forlumineoner.com/pfe/current/tag.min.js?pub=1&t=standalone&z=1881651&var=
IP 139.45.197.229:0
File type C source, ASCII text, with very long lines (14782), with no line terminators
Hash 0d0611cd2044e53182a3799fa9e68de6
7df39b893c2dfb0d98c8379140bc3307b51f82ad
19b362f57cc3cdd1a473749dc87b19da8a052a23051e55901df5598cd19b973c
GET /pfe/current/tag.min.js?pub=1&t=standalone&z=1881651&var= HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:17:54 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:39 GMT
etag: W/"63296af3-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
forlumineoner.com/zone?pub=1&zone_id=1881651&is_mobile=false&domain=sexofilm.co&var=&ymid=&var_3=
139.45.197.229200 OK 619 B URL HTTP/2 forlumineoner.com/zone?pub=1&zone_id=1881651&is_mobile=false&domain=sexofilm.co&var=&ymid=&var_3=
IP 139.45.197.229:0
File type JSON data\012- , ASCII text, with very long lines (618)
Hash 614136217717489c1d1c499d5426fa36
7b025265ab14100bf98f52d77cf0691eb5738b6c
bbb36f4cbb348297ce6d953a85d3208d1edf55891acc288372a3e5e6ffffbd5a
GET /zone?pub=1&zone_id=1881651&is_mobile=false&domain=sexofilm.co&var=&ymid=&var_3= HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sexofilm.co/
Origin: https://sexofilm.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:17:54 GMT
content-type: application/json; charset=utf-8
content-length: 619
x-trace-id: 4163f0c016575cb07ff142715589a41f
access-control-allow-origin: https://sexofilm.co
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/676799/75638d08fe4d6cab37dad1240402f81d2d783f4f.jpg
185.76.9.24200 OK 25 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/676799/75638d08fe4d6cab37dad1240402f81d2d783f4f.jpg
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 6b0a70ecf7a9716d3c1bdde24ec19f27
75638d08fe4d6cab37dad1240402f81d2d783f4f
2ca0798ab1e31a1cbd34a97343371bdc5f2fe6fd8bcee1e8fdf408c9fc08d3ca
GET /library/676799/75638d08fe4d6cab37dad1240402f81d2d783f4f.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 11:18:01 GMT
content-type: image/jpeg
content-length: 25437
last-modified: Tue, 13 Apr 2021 14:34:08 GMT
etag: "6075abe0-635d"
expires: Fri, 30 Jun 2023 11:20:55 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195467
server: CDN77-Turbo
x-77-nzt: AblMCRRcchn/3ppxAA
x-77-nzt-ray: IIjvxNjjJKU
x-cache: HIT
x-age: 7445214
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e1106bedfa47ab68068e0a8e8e65a5d7
870cf777d1aed7a6191b68b619d83c6c2e965c64
443d9ee4da7dbf8e8b4c178bc8c9ec2e7881070606e5aa99301bea57e549ca78
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 11:18:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 00:04:31 GMT
Expires: Thu, 29 Sep 2022 00:04:30 GMT
Etag: "870cf777d1aed7a6191b68b619d83c6c2e965c64"
Cache-Control: max-age=304588,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75035b51bcc7b511-OSL
limurol.com/ssp/req/1751293/?pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=6i9MQgdA10LAbGdXEGu1QRqwFxVugRipZ6TquID-RFtazGp8FaUQG44IFI4bLhimt6lHh_H_pU6Q_BNrbN0InSYR-Xjd45Rd7_GEu2xDo0SvoWRnv_y5NmzfeFvNYBexo_uOP07r5ZR0kd7BvUkxKG8SCg095_MK_zGkXYBwzRhBTdfyWy2hvn90HBy7Zker1rSD161mEiVE4a03LyjL9DXfQ0571Y5R_ow-Gmap_U2e0QayFJTX9d8Fp-yfRh5ELwFGkkfLDyfxd_rkgSmbuok1JwlJMfrRMecFFnMRV3zyB1uW4EcedswXYWjaCnHFEQ2qXJdSgtaHc4-VJu4zHkblLPkFSiwyTC_wyQlIg9d_N8prH2wqhiLtOe7a_kt4yhtgfk2NAazq8pJuceIBANE2VXN0duzG5JmzAjURfpTBs6znITnjivN7zW_ZgkIaugJVhCBiDfW6K_bb7YDnuAeATj7nUyQTO9tjM7rE88n6qXHc0mFiAN7-0jXSGl7kV53Xsro_-4xA2p60_eo58JGSsTRR0Xau2L8Yyp-YMVvzaq_K4cnZUoi-SM3apj-Q-KkmzBHvm3D_658FM2KaeACGcw==&cb=_clf0gij9y1m9tb1n5bp54l&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1751293/?pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=6i9MQgdA10LAbGdXEGu1QRqwFxVugRipZ6TquID-RFtazGp8FaUQG44IFI4bLhimt6lHh_H_pU6Q_BNrbN0InSYR-Xjd45Rd7_GEu2xDo0SvoWRnv_y5NmzfeFvNYBexo_uOP07r5ZR0kd7BvUkxKG8SCg095_MK_zGkXYBwzRhBTdfyWy2hvn90HBy7Zker1rSD161mEiVE4a03LyjL9DXfQ0571Y5R_ow-Gmap_U2e0QayFJTX9d8Fp-yfRh5ELwFGkkfLDyfxd_rkgSmbuok1JwlJMfrRMecFFnMRV3zyB1uW4EcedswXYWjaCnHFEQ2qXJdSgtaHc4-VJu4zHkblLPkFSiwyTC_wyQlIg9d_N8prH2wqhiLtOe7a_kt4yhtgfk2NAazq8pJuceIBANE2VXN0duzG5JmzAjURfpTBs6znITnjivN7zW_ZgkIaugJVhCBiDfW6K_bb7YDnuAeATj7nUyQTO9tjM7rE88n6qXHc0mFiAN7-0jXSGl7kV53Xsro_-4xA2p60_eo58JGSsTRR0Xau2L8Yyp-YMVvzaq_K4cnZUoi-SM3apj-Q-KkmzBHvm3D_658FM2KaeACGcw==&cb=_clf0gij9y1m9tb1n5bp54l&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1751293/?pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=6i9MQgdA10LAbGdXEGu1QRqwFxVugRipZ6TquID-RFtazGp8FaUQG44IFI4bLhimt6lHh_H_pU6Q_BNrbN0InSYR-Xjd45Rd7_GEu2xDo0SvoWRnv_y5NmzfeFvNYBexo_uOP07r5ZR0kd7BvUkxKG8SCg095_MK_zGkXYBwzRhBTdfyWy2hvn90HBy7Zker1rSD161mEiVE4a03LyjL9DXfQ0571Y5R_ow-Gmap_U2e0QayFJTX9d8Fp-yfRh5ELwFGkkfLDyfxd_rkgSmbuok1JwlJMfrRMecFFnMRV3zyB1uW4EcedswXYWjaCnHFEQ2qXJdSgtaHc4-VJu4zHkblLPkFSiwyTC_wyQlIg9d_N8prH2wqhiLtOe7a_kt4yhtgfk2NAazq8pJuceIBANE2VXN0duzG5JmzAjURfpTBs6znITnjivN7zW_ZgkIaugJVhCBiDfW6K_bb7YDnuAeATj7nUyQTO9tjM7rE88n6qXHc0mFiAN7-0jXSGl7kV53Xsro_-4xA2p60_eo58JGSsTRR0Xau2L8Yyp-YMVvzaq_K4cnZUoi-SM3apj-Q-KkmzBHvm3D_658FM2KaeACGcw==&cb=_clf0gij9y1m9tb1n5bp54l&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:18:01 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22092506185a495d0ae7c9420c82fc2ea77a; Path=/; Expires=Mon, 25 Sep 2023 11:18:01 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e1106bedfa47ab68068e0a8e8e65a5d7
870cf777d1aed7a6191b68b619d83c6c2e965c64
443d9ee4da7dbf8e8b4c178bc8c9ec2e7881070606e5aa99301bea57e549ca78
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 11:18:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 00:04:31 GMT
Expires: Thu, 29 Sep 2022 00:04:30 GMT
Etag: "870cf777d1aed7a6191b68b619d83c6c2e965c64"
Cache-Control: max-age=304588,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75035b534ec8b511-OSL
push.services.mozilla.com/
52.43.253.52101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.253.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DpLnREYt1BhM8qG/WS8p8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /BKad83wX5Rp2M58Un2zdKQDbFY=
c.adsco.re/
104.17.166.186200 OK 106 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Size 106 kB (105728 bytes)
Hash 66807fe4e0fc863765a6632c9497c321
cdaa16edc0473cc80eec73c39388f246daebfcc6
d3f8f5fce423e25406b9fc6894ae021b4ee8c931e3fe4bd51d49665e46b10a6d
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 11:18:01 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 26 Oct 2022 11:18:01 GMT
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
cf-cache-status: HIT
age: 825193
vary: Accept-Encoding
server: cloudflare
cf-ray: 75035b530929b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sexofilm.co
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 11:18:01 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://sexofilm.co
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 75035b546c3f0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
limurol.com/ssp/req/1751293/?pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=6i9MQgdA10LAbGdXEGu1QRqwFxVugRipZ6TquID-RFtazGp8FaUQG44IFI4bLhimt6lHh_H_pU6Q_BNrbN0InSYR-Xjd45Rd7_GEu2xDo0SvoWRnv_y5NmzfeFvNYBexo_uOP07r5ZR0kd7BvUkxKG8SCg095_MK_zGkXYBwzRhBTdfyWy2hvn90HBy7Zker1rSD161mEiVE4a03LyjL9DXfQ0571Y5R_ow-Gmap_U2e0QayFJTX9d8Fp-yfRh5ELwFGkkfLDyfxd_rkgSmbuok1JwlJMfrRMecFFnMRV3zyB1uW4EcedswXYWjaCnHFEQ2qXJdSgtaHc4-VJu4zHkblLPkFSiwyTC_wyQlIg9d_N8prH2wqhiLtOe7a_kt4yhtgfk2NAazq8pJuceIBANE2VXN0duzG5JmzAjURfpTBs6znITnjivN7zW_ZgkIaugJVhCBiDfW6K_bb7YDnuAeATj7nUyQTO9tjM7rE88n6qXHc0mFiAN7-0jXSGl7kV53Xsro_-4xA2p60_eo58JGSsTRR0Xau2L8Yyp-YMVvzaq_K4cnZUoi-SM3apj-Q-KkmzBHvm3D_658FM2KaeACGcw==&cb=_clf0gij9y1m9tb1n5bp54l&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1751293/?pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=6i9MQgdA10LAbGdXEGu1QRqwFxVugRipZ6TquID-RFtazGp8FaUQG44IFI4bLhimt6lHh_H_pU6Q_BNrbN0InSYR-Xjd45Rd7_GEu2xDo0SvoWRnv_y5NmzfeFvNYBexo_uOP07r5ZR0kd7BvUkxKG8SCg095_MK_zGkXYBwzRhBTdfyWy2hvn90HBy7Zker1rSD161mEiVE4a03LyjL9DXfQ0571Y5R_ow-Gmap_U2e0QayFJTX9d8Fp-yfRh5ELwFGkkfLDyfxd_rkgSmbuok1JwlJMfrRMecFFnMRV3zyB1uW4EcedswXYWjaCnHFEQ2qXJdSgtaHc4-VJu4zHkblLPkFSiwyTC_wyQlIg9d_N8prH2wqhiLtOe7a_kt4yhtgfk2NAazq8pJuceIBANE2VXN0duzG5JmzAjURfpTBs6znITnjivN7zW_ZgkIaugJVhCBiDfW6K_bb7YDnuAeATj7nUyQTO9tjM7rE88n6qXHc0mFiAN7-0jXSGl7kV53Xsro_-4xA2p60_eo58JGSsTRR0Xau2L8Yyp-YMVvzaq_K4cnZUoi-SM3apj-Q-KkmzBHvm3D_658FM2KaeACGcw==&cb=_clf0gij9y1m9tb1n5bp54l&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1751293/?pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=6i9MQgdA10LAbGdXEGu1QRqwFxVugRipZ6TquID-RFtazGp8FaUQG44IFI4bLhimt6lHh_H_pU6Q_BNrbN0InSYR-Xjd45Rd7_GEu2xDo0SvoWRnv_y5NmzfeFvNYBexo_uOP07r5ZR0kd7BvUkxKG8SCg095_MK_zGkXYBwzRhBTdfyWy2hvn90HBy7Zker1rSD161mEiVE4a03LyjL9DXfQ0571Y5R_ow-Gmap_U2e0QayFJTX9d8Fp-yfRh5ELwFGkkfLDyfxd_rkgSmbuok1JwlJMfrRMecFFnMRV3zyB1uW4EcedswXYWjaCnHFEQ2qXJdSgtaHc4-VJu4zHkblLPkFSiwyTC_wyQlIg9d_N8prH2wqhiLtOe7a_kt4yhtgfk2NAazq8pJuceIBANE2VXN0duzG5JmzAjURfpTBs6znITnjivN7zW_ZgkIaugJVhCBiDfW6K_bb7YDnuAeATj7nUyQTO9tjM7rE88n6qXHc0mFiAN7-0jXSGl7kV53Xsro_-4xA2p60_eo58JGSsTRR0Xau2L8Yyp-YMVvzaq_K4cnZUoi-SM3apj-Q-KkmzBHvm3D_658FM2KaeACGcw==&cb=_clf0gij9y1m9tb1n5bp54l&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:18:01 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2209250618e54cff3f2266440ea6075bf92d; Path=/; Expires=Mon, 25 Sep 2023 11:18:01 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 97ffb92628eec1fd912e2a1a7a49dadb
9224081c2660b3d467c8ecc60a1a674c813c451c
88e956e1405478b590d58e73e534c07785a1274b25db9a3a3f1f58755dc993de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88E956E1405478B590D58E73E534C07785A1274B25DB9A3A3F1F58755DC993DE"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5509
Expires: Sun, 25 Sep 2022 12:49:50 GMT
Date: Sun, 25 Sep 2022 11:18:01 GMT
Connection: keep-alive
wnzcdyyhlbuq.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 wnzcdyyhlbuq.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: wnzcdyyhlbuq.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://sexofilm.co
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 11:18:01 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sexofilm.co
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 11:18:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://sexofilm.co
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de8a1674c758de5b139275e7e3ba5b39
423ddc60d0c3ee7e0f0504fdc7069f1642ea1763
c7d3b88654a756307bbbb661dc6cd144d057bf7d2752e819d70874a056a2052a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7D3B88654A756307BBBB661DC6CD144D057BF7D2752E819D70874A056A2052A"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2687
Expires: Sun, 25 Sep 2022 12:02:48 GMT
Date: Sun, 25 Sep 2022 11:18:01 GMT
Connection: keep-alive
limurol.com/ssp/req/1751293/?pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=6i9MQgdA10LAbGdXEGu1QRqwFxVugRipZ6TquID-RFtazGp8FaUQG44IFI4bLhimt6lHh_H_pU6Q_BNrbN0InSYR-Xjd45Rd7_GEu2xDo0SvoWRnv_y5NmzfeFvNYBexo_uOP07r5ZR0kd7BvUkxKG8SCg095_MK_zGkXYBwzRhBTdfyWy2hvn90HBy7Zker1rSD161mEiVE4a03LyjL9DXfQ0571Y5R_ow-Gmap_U2e0QayFJTX9d8Fp-yfRh5ELwFGkkfLDyfxd_rkgSmbuok1JwlJMfrRMecFFnMRV3zyB1uW4EcedswXYWjaCnHFEQ2qXJdSgtaHc4-VJu4zHkblLPkFSiwyTC_wyQlIg9d_N8prH2wqhiLtOe7a_kt4yhtgfk2NAazq8pJuceIBANE2VXN0duzG5JmzAjURfpTBs6znITnjivN7zW_ZgkIaugJVhCBiDfW6K_bb7YDnuAeATj7nUyQTO9tjM7rE88n6qXHc0mFiAN7-0jXSGl7kV53Xsro_-4xA2p60_eo58JGSsTRR0Xau2L8Yyp-YMVvzaq_K4cnZUoi-SM3apj-Q-KkmzBHvm3D_658FM2KaeACGcw==&cb=_clf0gij9y1m9tb1n5bp54l&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1751293/?pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=6i9MQgdA10LAbGdXEGu1QRqwFxVugRipZ6TquID-RFtazGp8FaUQG44IFI4bLhimt6lHh_H_pU6Q_BNrbN0InSYR-Xjd45Rd7_GEu2xDo0SvoWRnv_y5NmzfeFvNYBexo_uOP07r5ZR0kd7BvUkxKG8SCg095_MK_zGkXYBwzRhBTdfyWy2hvn90HBy7Zker1rSD161mEiVE4a03LyjL9DXfQ0571Y5R_ow-Gmap_U2e0QayFJTX9d8Fp-yfRh5ELwFGkkfLDyfxd_rkgSmbuok1JwlJMfrRMecFFnMRV3zyB1uW4EcedswXYWjaCnHFEQ2qXJdSgtaHc4-VJu4zHkblLPkFSiwyTC_wyQlIg9d_N8prH2wqhiLtOe7a_kt4yhtgfk2NAazq8pJuceIBANE2VXN0duzG5JmzAjURfpTBs6znITnjivN7zW_ZgkIaugJVhCBiDfW6K_bb7YDnuAeATj7nUyQTO9tjM7rE88n6qXHc0mFiAN7-0jXSGl7kV53Xsro_-4xA2p60_eo58JGSsTRR0Xau2L8Yyp-YMVvzaq_K4cnZUoi-SM3apj-Q-KkmzBHvm3D_658FM2KaeACGcw==&cb=_clf0gij9y1m9tb1n5bp54l&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1751293/?pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=6i9MQgdA10LAbGdXEGu1QRqwFxVugRipZ6TquID-RFtazGp8FaUQG44IFI4bLhimt6lHh_H_pU6Q_BNrbN0InSYR-Xjd45Rd7_GEu2xDo0SvoWRnv_y5NmzfeFvNYBexo_uOP07r5ZR0kd7BvUkxKG8SCg095_MK_zGkXYBwzRhBTdfyWy2hvn90HBy7Zker1rSD161mEiVE4a03LyjL9DXfQ0571Y5R_ow-Gmap_U2e0QayFJTX9d8Fp-yfRh5ELwFGkkfLDyfxd_rkgSmbuok1JwlJMfrRMecFFnMRV3zyB1uW4EcedswXYWjaCnHFEQ2qXJdSgtaHc4-VJu4zHkblLPkFSiwyTC_wyQlIg9d_N8prH2wqhiLtOe7a_kt4yhtgfk2NAazq8pJuceIBANE2VXN0duzG5JmzAjURfpTBs6znITnjivN7zW_ZgkIaugJVhCBiDfW6K_bb7YDnuAeATj7nUyQTO9tjM7rE88n6qXHc0mFiAN7-0jXSGl7kV53Xsro_-4xA2p60_eo58JGSsTRR0Xau2L8Yyp-YMVvzaq_K4cnZUoi-SM3apj-Q-KkmzBHvm3D_658FM2KaeACGcw==&cb=_clf0gij9y1m9tb1n5bp54l&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:18:01 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2209250618140630b169c743198bcbb59fc0; Path=/; Expires=Mon, 25 Sep 2023 11:18:01 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
forlumineoner.com/custom
139.45.197.229200 OK 0 B IP 139.45.197.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sexofilm.co/
Origin: https://sexofilm.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:17:54 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://sexofilm.co
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
wnzcdyyhlbuq.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 wnzcdyyhlbuq.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: wnzcdyyhlbuq.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://sexofilm.co
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 11:18:02 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
forlumineoner.com/custom
139.45.197.229200 OK 39 B IP 139.45.197.229:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sexofilm.co/
Content-Type: application/json
Origin: https://sexofilm.co
Content-Length: 407
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:17:55 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 714bcb9f10ab161c981c83b917af8926
access-control-allow-origin: https://sexofilm.co
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
adsco.re/p
162.252.214.5200 OK 169 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 7af56714867e9a743791b53b13841ac4
f7efe0d8e672882893d008a71f7ecd10f603cec0
33d5dc75ca2d17c4633ff3d77787f5401e0b4aaf9de25d3c5f0ad33f17020e40
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1919
Origin: https://sexofilm.co
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 11:18:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://sexofilm.co
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 25 Sep 2022 10:41:09 GMT
expires: Sun, 25 Sep 2022 12:41:09 GMT
cache-control: public, max-age=7200
age: 2213
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b8675067bf584b754f29d07c751de97d
a89dee4c5ce59ff8234d9a355bf12a2639f2c21d
93b8dc16172b02c03531b5874d9630bd1acf75e3250908270b29ee983030aa6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93B8DC16172B02C03531B5874D9630BD1ACF75E3250908270B29EE983030AA6F"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5644
Expires: Sun, 25 Sep 2022 12:52:06 GMT
Date: Sun, 25 Sep 2022 11:18:02 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash a24383ca0bde64c9b38dc3b5cc3b5ead
df2534862df88c15bd4be6327d3e4c5fbe27aa3e
178161f65a26e159dae99afa3a533d39acfb33394339f124441e378036329ab0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 11:18:02 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 03:58:27 GMT
Expires: Fri, 30 Sep 2022 03:58:26 GMT
Etag: "df2534862df88c15bd4be6327d3e4c5fbe27aa3e"
Cache-Control: max-age=405023,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75035b59affab511-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5595
Expires: Sun, 25 Sep 2022 12:51:17 GMT
Date: Sun, 25 Sep 2022 11:18:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5595
Expires: Sun, 25 Sep 2022 12:51:17 GMT
Date: Sun, 25 Sep 2022 11:18:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5595
Expires: Sun, 25 Sep 2022 12:51:17 GMT
Date: Sun, 25 Sep 2022 11:18:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5595
Expires: Sun, 25 Sep 2022 12:51:17 GMT
Date: Sun, 25 Sep 2022 11:18:02 GMT
Connection: keep-alive
displayvertising.com/a.htm?_=BAYAYzA46gFjMDjqgAGBAsAAIEX5EQ_zsBngSSaWm7sBAT9tp9Nx86UWClM2GUNB2Nm8wQBGMEQCIFX8JzhJomQl-avB6R_CfaXBVxoG1AqBUAe9Pilb1_pWAiBfks8_00b1ivQczRXqmIev1JsurILTgbSQlPruH4BcIg&v=4&NmIOnkGD=2896517&oZRHzuYg=&qmaIbNkQ=0:1,0&ZMioIdXy=&gwBQJIjf=&s=1280,1024,1,1280,1024,0
216.59.56.9200 OK 819 B URL HTTP/2 displayvertising.com/a.htm?_=BAYAYzA46gFjMDjqgAGBAsAAIEX5EQ_zsBngSSaWm7sBAT9tp9Nx86UWClM2GUNB2Nm8wQBGMEQCIFX8JzhJomQl-avB6R_CfaXBVxoG1AqBUAe9Pilb1_pWAiBfks8_00b1ivQczRXqmIev1JsurILTgbSQlPruH4BcIg&v=4&NmIOnkGD=2896517&oZRHzuYg=&qmaIbNkQ=0:1,0&ZMioIdXy=&gwBQJIjf=&s=1280,1024,1,1280,1024,0
IP 216.59.56.9:0
File type ASCII text, with very long lines (1148), with no line terminators
Hash 812d8bb5bcdaafe655d428f6139f074a
c6f9fc508b62eee72ed422fdbdb94b1675fcd740
f788583a37b46b653b173af34c3d582906c008b5bc7cbb16b4a1d097c1e1a91d
GET /a.htm?_=BAYAYzA46gFjMDjqgAGBAsAAIEX5EQ_zsBngSSaWm7sBAT9tp9Nx86UWClM2GUNB2Nm8wQBGMEQCIFX8JzhJomQl-avB6R_CfaXBVxoG1AqBUAe9Pilb1_pWAiBfks8_00b1ivQczRXqmIev1JsurILTgbSQlPruH4BcIg&v=4&NmIOnkGD=2896517&oZRHzuYg=&qmaIbNkQ=0:1,0&ZMioIdXy=&gwBQJIjf=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: displayvertising.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Sun, 25-Sep-2022 12:18:02 GMT; Max-Age=3600
fraudcheck=e242a6b24d3b681335cad87ade3cd131; expires=Tue, 25-Oct-2022 11:18:02 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Sun, 25-Sep-2022 17:18:02 GMT; Max-Age=21600
link: <https://free-cosmetics-online.com>;rel=preconnect
content-length: 819
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Sep 2022 11:18:02 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f93f322ecd0244e7ee4169b200b50df
8db9c71402f2c8ceee047c56ca1a5e41c74f5cf3
2bb739a60a4581e554fb308be7df8b3d7f47e95051e5ef5e0d1d9ed0a0443b68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4829
x-amzn-requestid: c283df3f-4198-47dd-9b24-634c425bccd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2aA_HgFoAMF_tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0a06-3881d661368a03ae48227b37;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:08:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3zDl5u8ndYwMQ2-4aH1sRDit8p-G3OK9bvGNj1hOab9dWo5389KPGg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 08:15:05 GMT
age: 10977
etag: "8db9c71402f2c8ceee047c56ca1a5e41c74f5cf3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a89e7161745036637a66e8ab5b7efdf9
79c83cc27996b2339bd63764dbb2ae9744db6d70
13b990c3c6a9bee6def25d007e14628c52e427b6f4c718895b1817d5e8e59760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8715
x-amzn-requestid: d5e237f4-4c0e-4e3b-b3ae-ea1eb5b7cafc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JmTEAwIAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d22f4-48a975a866edc1755858600f;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sm6N8Un8XKHtGGZwxLd1aYygBns1l8siRvcc2w_9V2imJopvt8Ockw==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 07:09:15 GMT
age: 14927
etag: "79c83cc27996b2339bd63764dbb2ae9744db6d70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wnzcdyyhlbuq.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 wnzcdyyhlbuq.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: wnzcdyyhlbuq.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://sexofilm.co
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 11:18:02 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00c09f267aacde9465a329542463b9e5
1534aa8a5158dfa9592d65e6fb761b41c0852c58
276ff24598159f62fd7333992575834f901eea7c75a228b9c12d1c049f1df558
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7642
x-amzn-requestid: b0fc9bea-7735-43c0-a176-eae4d5000a6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2ZPtHajIAMF8zQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c08ca-391092bd30ae5bf9692e93ba;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:03:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gc7lA-XfgIAhotpUdrOaihuA2nbdMY2zNiJSHZpSN3yKPaT-k93auQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 06:00:25 GMT
age: 19057
etag: "1534aa8a5158dfa9592d65e6fb761b41c0852c58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 49243
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714af732a9aa1db2b13ffb62810fd532
358e74de395352a9529ff1c17856daf8900888c5
1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LryqVGSkKbiNOwcqXMULY9FXbOuZBBenjgGPDME3NZLZOdp5divXmw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:02:29 GMT
age: 47733
etag: "358e74de395352a9529ff1c17856daf8900888c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7eba9d4ed7413abb8e8824cc86071b50
1ec47b0f11a2b1173a1dcd32d541e5680b0088b1
399622d6099137974fa30a332c145b45182a7be272523a325418c63bfe70e5a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4320
x-amzn-requestid: 72d102a6-8552-473f-b3f8-99450722017d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmHEgIAMFXvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-7e4789b1723913e2500ea5f2;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4XK0s7000jxVbsu88-3ze_Mg_SqTKMDgAWKiLkc3ZCiiqGhS02Cn5w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:12:06 GMT
age: 47156
etag: "1ec47b0f11a2b1173a1dcd32d541e5680b0088b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-122645327-3&cid=97016239.1664104681&jid=20926403&gjid=1317133630&_gid=2030326869.1664104681&_u=IEBAAEAAAAAAAC~&z=1872386891
64.233.162.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-122645327-3&cid=97016239.1664104681&jid=20926403&gjid=1317133630&_gid=2030326869.1664104681&_u=IEBAAEAAAAAAAC~&z=1872386891
IP 64.233.162.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-122645327-3&cid=97016239.1664104681&jid=20926403&gjid=1317133630&_gid=2030326869.1664104681&_u=IEBAAEAAAAAAAC~&z=1872386891 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://sexofilm.co
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://sexofilm.co
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 25 Sep 2022 11:18:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f3a3cb805a7ce3e5dcc0a68f67662707
4092b65b1f38f40372fbe1380f5e3d4cfb5ff5a3
c8fba094b176bb1b29e573d3e1d2539c068d7f3786b32e7f41d6e107e7c1a5fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8FBA094B176BB1B29E573D3E1D2539C068D7F3786B32E7F41D6E107E7C1A5FD"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2047
Expires: Sun, 25 Sep 2022 11:52:09 GMT
Date: Sun, 25 Sep 2022 11:18:02 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f3a3cb805a7ce3e5dcc0a68f67662707
4092b65b1f38f40372fbe1380f5e3d4cfb5ff5a3
c8fba094b176bb1b29e573d3e1d2539c068d7f3786b32e7f41d6e107e7c1a5fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8FBA094B176BB1B29E573D3E1D2539C068D7F3786B32E7F41D6E107E7C1A5FD"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2046
Expires: Sun, 25 Sep 2022 11:52:09 GMT
Date: Sun, 25 Sep 2022 11:18:03 GMT
Connection: keep-alive
forlumineoner.com/custom
139.45.197.229200 OK 39 B IP 139.45.197.229:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sexofilm.co/
Content-Type: application/json
Origin: https://sexofilm.co
Content-Length: 750
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:17:55 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 5145da38232125f63f2a0d5bd8bde3af
access-control-allow-origin: https://sexofilm.co
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-122645327-3&cid=97016239.1664104681&jid=20926403&_u=IEBAAEAAAAAAAC~&z=1090835286
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-122645327-3&cid=97016239.1664104681&jid=20926403&_u=IEBAAEAAAAAAAC~&z=1090835286
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-122645327-3&cid=97016239.1664104681&jid=20926403&_u=IEBAAEAAAAAAAC~&z=1090835286 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 11:18:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-122645327-3&cid=97016239.1664104681&jid=20926403&_u=IEBAAEAAAAAAAC~&z=1090835286
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-122645327-3&cid=97016239.1664104681&jid=20926403&_u=IEBAAEAAAAAAAC~&z=1090835286
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-122645327-3&cid=97016239.1664104681&jid=20926403&_u=IEBAAEAAAAAAAC~&z=1090835286 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 11:18:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ca4psell23a4bur.com/chicken.gif?z=1765963&pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=CECH4NkahVSkflnrwDP5AeUF8e7LyBok2iDiTF5Ap2ggBRwQxGXF7PwZxXUKZEd3nf43KHEz4B7oPQRNgXs8YrjOvo8f-HUkxo1hSEXwMH7-l05INtvWGBIeGnBY69tXE9IXazhusslkA2w_CJ-BIUNAg161WB19U-tkz9p_RXiWnC4Ohle7mY0fTbx6BGTCf4PDC6HaEVzJ_5m3zezApLFyLGUxWy4cgiLnmuWswuVFZ6zSttTypWWfx2Je5Eyb1ierGF3h7sdgScBqZCQw2EsCZXLu9vKm8lrUKpsGU9aJg6LM-2Ctu0yjqTe73KvV_NkEoBIyo7imf1ai81C1H4bAuLCouq2oey0bV3hTYkPuNZM_whn_4iw_iNPSi-7i6e34XeORXXQPmCCKskS8hxs6dMAbE4zUJgpwopYzenwKpA99vCC-lrhSRx38NRI7wl1CxO7dPjHYecodUCPq0QwmgKUCSi0XuAjq9HlErXaAbHE54gcwTJFXIQ0o_Zx6CZD8O-cHMUfH-ZAYFdY4ITOtVXi6_uRvtKj6S5aqQxOgkNqg4b-3s07RHy5kSRtZWMCE3gsxrjw5IieKv6stO5Ff67r8yiq8VDU6R3o9CX90TAAXAPzryli1VAJX48_-YF3A7DRxNKMX7ekdKWr-GrK8r6Mkvl--UFf7jaF7m8G0dWH8xi6XQzsVaXjl9WHKxDXy6dtKPJYenjHydskkCGx5dJMxrR613ioXtKgxKNs4xl9U7JzQ7ZNbl50TkYHU0hOz9pGUeUH-rA4jGIs6tfVxOwUX6tknqrU8RWnDof1AnNCxndcVRkq-5NYO1nmENBHP1I6L66nmezCTbshzF_Cr4zclvdOix5S71vI2sRgRCAHUmpE6LgTyp_aSuUc3shT_2MGKDINb9a2EZ5VBk4gILfrd64w-wBxM1xcifKIp_8tmQEu5vq9VeCZyrC7BHrzwpjWO_r-jy3aaVAgXrfbp7XFeNIZRVrwCVSY810Jyqbbwwd2zsQdBUYhjsHpqV9L0IQfA8qAh0UGdlA8PqEZxSqq37iaWkGmtp4Ok1AHLI03IEGdooji2kMHSwGQ7BXpIQqyll95BGMNkLW0LL7ebRsSd8GrSRJKvIHbqBTudsBZrVQVel_MoEKqbaw9eG_Sjc1OMshvh4dGPoU6dNUHYaKXTbifm0c3zxEJAkWWEbbN6cxC6kA3p-FT2gnyGXZEyU8CgUdtz97z4BTlAg6l9RD5x8-f2KltNK9pPMlZI_i_QOVriSNvsAXKD50KLDT-KgCigSEZLiHCqKZcWhiBreuMO5gbxd-cGYhxPciK9eTqNE9NJYQYKxWfO7aLWzkq2QDoNdm9J9GYqKWvw0Yz7HSDRIQ6eDxXcDA9V7MvXIDBzbUPSAIEJpGdf7AbH95490mELqyQmrFlEm6hl9eSdS7VWCYtqm1tyw4ZWUZl6nRAgL-hXcSB-6EVmeLsowjunG35wOEh1kBsdvO6h3dHIVH_Kjg5zH0uJjOxWln5t5ukwarPNjLprjMx8o28-vL46lzAhwMiM1BcUzhJ1Tq9fLXS63T-WQhODTUHiYyYsq-Vcl1VMpg12Oxkz8jpD2ZNxq6rl4Y96KYYoS0Uk8XM5s0TfWaWBt4eZjIyJy8rYJiFyUA==&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 ca4psell23a4bur.com/chicken.gif?z=1765963&pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=CECH4NkahVSkflnrwDP5AeUF8e7LyBok2iDiTF5Ap2ggBRwQxGXF7PwZxXUKZEd3nf43KHEz4B7oPQRNgXs8YrjOvo8f-HUkxo1hSEXwMH7-l05INtvWGBIeGnBY69tXE9IXazhusslkA2w_CJ-BIUNAg161WB19U-tkz9p_RXiWnC4Ohle7mY0fTbx6BGTCf4PDC6HaEVzJ_5m3zezApLFyLGUxWy4cgiLnmuWswuVFZ6zSttTypWWfx2Je5Eyb1ierGF3h7sdgScBqZCQw2EsCZXLu9vKm8lrUKpsGU9aJg6LM-2Ctu0yjqTe73KvV_NkEoBIyo7imf1ai81C1H4bAuLCouq2oey0bV3hTYkPuNZM_whn_4iw_iNPSi-7i6e34XeORXXQPmCCKskS8hxs6dMAbE4zUJgpwopYzenwKpA99vCC-lrhSRx38NRI7wl1CxO7dPjHYecodUCPq0QwmgKUCSi0XuAjq9HlErXaAbHE54gcwTJFXIQ0o_Zx6CZD8O-cHMUfH-ZAYFdY4ITOtVXi6_uRvtKj6S5aqQxOgkNqg4b-3s07RHy5kSRtZWMCE3gsxrjw5IieKv6stO5Ff67r8yiq8VDU6R3o9CX90TAAXAPzryli1VAJX48_-YF3A7DRxNKMX7ekdKWr-GrK8r6Mkvl--UFf7jaF7m8G0dWH8xi6XQzsVaXjl9WHKxDXy6dtKPJYenjHydskkCGx5dJMxrR613ioXtKgxKNs4xl9U7JzQ7ZNbl50TkYHU0hOz9pGUeUH-rA4jGIs6tfVxOwUX6tknqrU8RWnDof1AnNCxndcVRkq-5NYO1nmENBHP1I6L66nmezCTbshzF_Cr4zclvdOix5S71vI2sRgRCAHUmpE6LgTyp_aSuUc3shT_2MGKDINb9a2EZ5VBk4gILfrd64w-wBxM1xcifKIp_8tmQEu5vq9VeCZyrC7BHrzwpjWO_r-jy3aaVAgXrfbp7XFeNIZRVrwCVSY810Jyqbbwwd2zsQdBUYhjsHpqV9L0IQfA8qAh0UGdlA8PqEZxSqq37iaWkGmtp4Ok1AHLI03IEGdooji2kMHSwGQ7BXpIQqyll95BGMNkLW0LL7ebRsSd8GrSRJKvIHbqBTudsBZrVQVel_MoEKqbaw9eG_Sjc1OMshvh4dGPoU6dNUHYaKXTbifm0c3zxEJAkWWEbbN6cxC6kA3p-FT2gnyGXZEyU8CgUdtz97z4BTlAg6l9RD5x8-f2KltNK9pPMlZI_i_QOVriSNvsAXKD50KLDT-KgCigSEZLiHCqKZcWhiBreuMO5gbxd-cGYhxPciK9eTqNE9NJYQYKxWfO7aLWzkq2QDoNdm9J9GYqKWvw0Yz7HSDRIQ6eDxXcDA9V7MvXIDBzbUPSAIEJpGdf7AbH95490mELqyQmrFlEm6hl9eSdS7VWCYtqm1tyw4ZWUZl6nRAgL-hXcSB-6EVmeLsowjunG35wOEh1kBsdvO6h3dHIVH_Kjg5zH0uJjOxWln5t5ukwarPNjLprjMx8o28-vL46lzAhwMiM1BcUzhJ1Tq9fLXS63T-WQhODTUHiYyYsq-Vcl1VMpg12Oxkz8jpD2ZNxq6rl4Y96KYYoS0Uk8XM5s0TfWaWBt4eZjIyJy8rYJiFyUA==&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1765963&pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=CECH4NkahVSkflnrwDP5AeUF8e7LyBok2iDiTF5Ap2ggBRwQxGXF7PwZxXUKZEd3nf43KHEz4B7oPQRNgXs8YrjOvo8f-HUkxo1hSEXwMH7-l05INtvWGBIeGnBY69tXE9IXazhusslkA2w_CJ-BIUNAg161WB19U-tkz9p_RXiWnC4Ohle7mY0fTbx6BGTCf4PDC6HaEVzJ_5m3zezApLFyLGUxWy4cgiLnmuWswuVFZ6zSttTypWWfx2Je5Eyb1ierGF3h7sdgScBqZCQw2EsCZXLu9vKm8lrUKpsGU9aJg6LM-2Ctu0yjqTe73KvV_NkEoBIyo7imf1ai81C1H4bAuLCouq2oey0bV3hTYkPuNZM_whn_4iw_iNPSi-7i6e34XeORXXQPmCCKskS8hxs6dMAbE4zUJgpwopYzenwKpA99vCC-lrhSRx38NRI7wl1CxO7dPjHYecodUCPq0QwmgKUCSi0XuAjq9HlErXaAbHE54gcwTJFXIQ0o_Zx6CZD8O-cHMUfH-ZAYFdY4ITOtVXi6_uRvtKj6S5aqQxOgkNqg4b-3s07RHy5kSRtZWMCE3gsxrjw5IieKv6stO5Ff67r8yiq8VDU6R3o9CX90TAAXAPzryli1VAJX48_-YF3A7DRxNKMX7ekdKWr-GrK8r6Mkvl--UFf7jaF7m8G0dWH8xi6XQzsVaXjl9WHKxDXy6dtKPJYenjHydskkCGx5dJMxrR613ioXtKgxKNs4xl9U7JzQ7ZNbl50TkYHU0hOz9pGUeUH-rA4jGIs6tfVxOwUX6tknqrU8RWnDof1AnNCxndcVRkq-5NYO1nmENBHP1I6L66nmezCTbshzF_Cr4zclvdOix5S71vI2sRgRCAHUmpE6LgTyp_aSuUc3shT_2MGKDINb9a2EZ5VBk4gILfrd64w-wBxM1xcifKIp_8tmQEu5vq9VeCZyrC7BHrzwpjWO_r-jy3aaVAgXrfbp7XFeNIZRVrwCVSY810Jyqbbwwd2zsQdBUYhjsHpqV9L0IQfA8qAh0UGdlA8PqEZxSqq37iaWkGmtp4Ok1AHLI03IEGdooji2kMHSwGQ7BXpIQqyll95BGMNkLW0LL7ebRsSd8GrSRJKvIHbqBTudsBZrVQVel_MoEKqbaw9eG_Sjc1OMshvh4dGPoU6dNUHYaKXTbifm0c3zxEJAkWWEbbN6cxC6kA3p-FT2gnyGXZEyU8CgUdtz97z4BTlAg6l9RD5x8-f2KltNK9pPMlZI_i_QOVriSNvsAXKD50KLDT-KgCigSEZLiHCqKZcWhiBreuMO5gbxd-cGYhxPciK9eTqNE9NJYQYKxWfO7aLWzkq2QDoNdm9J9GYqKWvw0Yz7HSDRIQ6eDxXcDA9V7MvXIDBzbUPSAIEJpGdf7AbH95490mELqyQmrFlEm6hl9eSdS7VWCYtqm1tyw4ZWUZl6nRAgL-hXcSB-6EVmeLsowjunG35wOEh1kBsdvO6h3dHIVH_Kjg5zH0uJjOxWln5t5ukwarPNjLprjMx8o28-vL46lzAhwMiM1BcUzhJ1Tq9fLXS63T-WQhODTUHiYyYsq-Vcl1VMpg12Oxkz8jpD2ZNxq6rl4Y96KYYoS0Uk8XM5s0TfWaWBt4eZjIyJy8rYJiFyUA==&abvar=0&os=0 HTTP/1.1
Host: ca4psell23a4bur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=22092506182db17c51760d411ea132ceac38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:18:03 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACDyowAAAAAAAAAB; Path=/; Expires=Tue, 25 Oct 2022 11:18:03 GMT; Secure; SameSite=None
OACIBLOCK=ACDyowAAAABjL%2BBQ; Path=/; Expires=Tue, 25 Oct 2022 11:18:03 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Mon, 26 Sep 2022 11:18:03 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 267300d587831dda7559c30c40cc614e
d7ff0b9754e61f5d4178eddb5e63c3390ab559c8
ec7aad1a3116ce8ef5258b49de87cf3456c8c4890206fa5d46c8e510ded80ac0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 11:18:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ca4psell23a4bur.com/chicken.gif?z=1765963&pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=ntzD_Ufgm2NxAGXJKOC0CE_7sqZNJZCHd09zor7CSb1YFzQfC7Kx3qSz5vCHedFce0FiEbmLJNpYw9TqXRhejNE4Tw-UJfZYRaRmIQZZlGkIaC8Iv9YkNPlX2sAml3QLb6_60RRQnUFeOqv9tiBlPSGM8wDIkxf0sZcGgC4MZ7KyAm537_0qFG6cowg_AdLMciq1HPo-3-RWfm9J46bTxVUbny4oJVbLFAcIR6mMt077OCg49FHbCcIPUQup1oZyINL6K_rLh2v1K9Tm7X_5U6FhygZWtVtixfMMsk-JHHj3tdWUbH8Af7K0XZQOIo_WjfNXG1SPMjQadmby-jnsudGuelz72fA2fZcap7OtX-vBmACRMSBHBHs2iRPV4FdhTN75s5Wdart0OdSAQ5sq-3eX2CxiwvpXchWl2cUTZ7xekxyxQT4Ar9cvyQV7zjlg3n9dFLMuYkMIJWOmCrvIFvcc6vwL2RGlPvdLUPnvs9RX8KybjcIhIwmiptDjNLdtdSiSQU0nueLxrZifbJjWZtzapNpdA1nyJIiG5VccAXulzYRWHfsivDNRDOuWfD63oUP4fZzOdhiq0mc_fXM8c7VXd3FwNxiuNLHN85Sx97aWu7cJaOldMWmJwAXQFUnEkhLO8JsKXWYkLS5oSiDxhjHtlQZvExSXJbwnEEKO20eUULjsBC0Siy650QNoSJ1XLTaMkoDMEnuPwIFqni2rvXjsrePlSlAjdvfHvdSdyVTx9iNRHamfj0Gds6hUKMlrhD-wVW3D8TpufYt1zo7XXVo0lX5WRYCd4AT2Dmt377mL2srxtAANJlQToWAJ7CJuoxL4nxIpEEDpAO98DxbAEuMQsXbWiI9lVF4eS6cly1II6TPoW-Gzb2aIiUWUnRRj-HI1uo5iobt0O8YAUpD7I0Rdpwl3FqyaSGrTA_JabExIa_Ygi04R953KSeL3eimQqEKq_JFfWjgpmrn0a6zGEqDD66kIULlcsH3FTPmPL1ub--x4-13Nsy8PSgyGahi4NvQCTf5cr4pMZgEogLgRayZGBgMCi2xCG_V-3WgxynmAVcCMwtuP4ImrRc9VdepfnlsvGP_rSEK0mQ9nQRFWjUZqvun-FILaLvSYuIxeqjzC_lOXEm3_mrLKCArnmZ_oz0Y1V5Kvup6exsUGtWehiSK4TWNrXF7BlszumQBM3I3ijc01VB3X4K7lyRSNIl22jScHZEabr8ZLI8kzlnw9lClheU5f6y4jTzn7gpfUlr2uRZeVLTy5FJtWhV48VkJGIaZVS4RZdHsFIYLcbJj4Z7PLNjLKKWc_FeNl5yCS8sUXDgUkPpg85OzZqYk1dH6JJiTc7gXY6AJygqlIve716OZ6DnzWcJN4Inx_zYf8LFmtmWhbQ_4IyPnhGJ1EJOj9zVbshQIDiwxgf6Xwkj74I2jaV6Jq-8zgbPuU4duGyG6pgm4aiDmzJhRmpqfQZ4C1AocBmlExEWWqd-tl9ShRKFO71tQd97oA-dVnGdg47wjd1DiihfkpjdThvpvqzu3Xcvx4hzlJg2ZCwALaNx2FjgoQQiEhb7sC4FTk-cG9d7jO_n-WAWHcBRXjj_xpPeveOET2V-47mu4P-OdVYuHTyaYVE6VrwcekFk6Sbvae6LUyQGxNDSg_BC3SPPDBvdMjDUlykmze61XufwOyNDve4xtsPDPFXiHBL2OE7h38UnsOpdrFQD-RXgll1aEdXDG5-CTElm3CDqJqIWKyYHHEPueZ8TR8eV9LYuzJWBA95dKeRgovIvFDOdk7tOoR_sI=&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 ca4psell23a4bur.com/chicken.gif?z=1765963&pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=ntzD_Ufgm2NxAGXJKOC0CE_7sqZNJZCHd09zor7CSb1YFzQfC7Kx3qSz5vCHedFce0FiEbmLJNpYw9TqXRhejNE4Tw-UJfZYRaRmIQZZlGkIaC8Iv9YkNPlX2sAml3QLb6_60RRQnUFeOqv9tiBlPSGM8wDIkxf0sZcGgC4MZ7KyAm537_0qFG6cowg_AdLMciq1HPo-3-RWfm9J46bTxVUbny4oJVbLFAcIR6mMt077OCg49FHbCcIPUQup1oZyINL6K_rLh2v1K9Tm7X_5U6FhygZWtVtixfMMsk-JHHj3tdWUbH8Af7K0XZQOIo_WjfNXG1SPMjQadmby-jnsudGuelz72fA2fZcap7OtX-vBmACRMSBHBHs2iRPV4FdhTN75s5Wdart0OdSAQ5sq-3eX2CxiwvpXchWl2cUTZ7xekxyxQT4Ar9cvyQV7zjlg3n9dFLMuYkMIJWOmCrvIFvcc6vwL2RGlPvdLUPnvs9RX8KybjcIhIwmiptDjNLdtdSiSQU0nueLxrZifbJjWZtzapNpdA1nyJIiG5VccAXulzYRWHfsivDNRDOuWfD63oUP4fZzOdhiq0mc_fXM8c7VXd3FwNxiuNLHN85Sx97aWu7cJaOldMWmJwAXQFUnEkhLO8JsKXWYkLS5oSiDxhjHtlQZvExSXJbwnEEKO20eUULjsBC0Siy650QNoSJ1XLTaMkoDMEnuPwIFqni2rvXjsrePlSlAjdvfHvdSdyVTx9iNRHamfj0Gds6hUKMlrhD-wVW3D8TpufYt1zo7XXVo0lX5WRYCd4AT2Dmt377mL2srxtAANJlQToWAJ7CJuoxL4nxIpEEDpAO98DxbAEuMQsXbWiI9lVF4eS6cly1II6TPoW-Gzb2aIiUWUnRRj-HI1uo5iobt0O8YAUpD7I0Rdpwl3FqyaSGrTA_JabExIa_Ygi04R953KSeL3eimQqEKq_JFfWjgpmrn0a6zGEqDD66kIULlcsH3FTPmPL1ub--x4-13Nsy8PSgyGahi4NvQCTf5cr4pMZgEogLgRayZGBgMCi2xCG_V-3WgxynmAVcCMwtuP4ImrRc9VdepfnlsvGP_rSEK0mQ9nQRFWjUZqvun-FILaLvSYuIxeqjzC_lOXEm3_mrLKCArnmZ_oz0Y1V5Kvup6exsUGtWehiSK4TWNrXF7BlszumQBM3I3ijc01VB3X4K7lyRSNIl22jScHZEabr8ZLI8kzlnw9lClheU5f6y4jTzn7gpfUlr2uRZeVLTy5FJtWhV48VkJGIaZVS4RZdHsFIYLcbJj4Z7PLNjLKKWc_FeNl5yCS8sUXDgUkPpg85OzZqYk1dH6JJiTc7gXY6AJygqlIve716OZ6DnzWcJN4Inx_zYf8LFmtmWhbQ_4IyPnhGJ1EJOj9zVbshQIDiwxgf6Xwkj74I2jaV6Jq-8zgbPuU4duGyG6pgm4aiDmzJhRmpqfQZ4C1AocBmlExEWWqd-tl9ShRKFO71tQd97oA-dVnGdg47wjd1DiihfkpjdThvpvqzu3Xcvx4hzlJg2ZCwALaNx2FjgoQQiEhb7sC4FTk-cG9d7jO_n-WAWHcBRXjj_xpPeveOET2V-47mu4P-OdVYuHTyaYVE6VrwcekFk6Sbvae6LUyQGxNDSg_BC3SPPDBvdMjDUlykmze61XufwOyNDve4xtsPDPFXiHBL2OE7h38UnsOpdrFQD-RXgll1aEdXDG5-CTElm3CDqJqIWKyYHHEPueZ8TR8eV9LYuzJWBA95dKeRgovIvFDOdk7tOoR_sI=&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1765963&pb=08c43ec16ee7805e780a2af514fc54231664111881&psp=ntzD_Ufgm2NxAGXJKOC0CE_7sqZNJZCHd09zor7CSb1YFzQfC7Kx3qSz5vCHedFce0FiEbmLJNpYw9TqXRhejNE4Tw-UJfZYRaRmIQZZlGkIaC8Iv9YkNPlX2sAml3QLb6_60RRQnUFeOqv9tiBlPSGM8wDIkxf0sZcGgC4MZ7KyAm537_0qFG6cowg_AdLMciq1HPo-3-RWfm9J46bTxVUbny4oJVbLFAcIR6mMt077OCg49FHbCcIPUQup1oZyINL6K_rLh2v1K9Tm7X_5U6FhygZWtVtixfMMsk-JHHj3tdWUbH8Af7K0XZQOIo_WjfNXG1SPMjQadmby-jnsudGuelz72fA2fZcap7OtX-vBmACRMSBHBHs2iRPV4FdhTN75s5Wdart0OdSAQ5sq-3eX2CxiwvpXchWl2cUTZ7xekxyxQT4Ar9cvyQV7zjlg3n9dFLMuYkMIJWOmCrvIFvcc6vwL2RGlPvdLUPnvs9RX8KybjcIhIwmiptDjNLdtdSiSQU0nueLxrZifbJjWZtzapNpdA1nyJIiG5VccAXulzYRWHfsivDNRDOuWfD63oUP4fZzOdhiq0mc_fXM8c7VXd3FwNxiuNLHN85Sx97aWu7cJaOldMWmJwAXQFUnEkhLO8JsKXWYkLS5oSiDxhjHtlQZvExSXJbwnEEKO20eUULjsBC0Siy650QNoSJ1XLTaMkoDMEnuPwIFqni2rvXjsrePlSlAjdvfHvdSdyVTx9iNRHamfj0Gds6hUKMlrhD-wVW3D8TpufYt1zo7XXVo0lX5WRYCd4AT2Dmt377mL2srxtAANJlQToWAJ7CJuoxL4nxIpEEDpAO98DxbAEuMQsXbWiI9lVF4eS6cly1II6TPoW-Gzb2aIiUWUnRRj-HI1uo5iobt0O8YAUpD7I0Rdpwl3FqyaSGrTA_JabExIa_Ygi04R953KSeL3eimQqEKq_JFfWjgpmrn0a6zGEqDD66kIULlcsH3FTPmPL1ub--x4-13Nsy8PSgyGahi4NvQCTf5cr4pMZgEogLgRayZGBgMCi2xCG_V-3WgxynmAVcCMwtuP4ImrRc9VdepfnlsvGP_rSEK0mQ9nQRFWjUZqvun-FILaLvSYuIxeqjzC_lOXEm3_mrLKCArnmZ_oz0Y1V5Kvup6exsUGtWehiSK4TWNrXF7BlszumQBM3I3ijc01VB3X4K7lyRSNIl22jScHZEabr8ZLI8kzlnw9lClheU5f6y4jTzn7gpfUlr2uRZeVLTy5FJtWhV48VkJGIaZVS4RZdHsFIYLcbJj4Z7PLNjLKKWc_FeNl5yCS8sUXDgUkPpg85OzZqYk1dH6JJiTc7gXY6AJygqlIve716OZ6DnzWcJN4Inx_zYf8LFmtmWhbQ_4IyPnhGJ1EJOj9zVbshQIDiwxgf6Xwkj74I2jaV6Jq-8zgbPuU4duGyG6pgm4aiDmzJhRmpqfQZ4C1AocBmlExEWWqd-tl9ShRKFO71tQd97oA-dVnGdg47wjd1DiihfkpjdThvpvqzu3Xcvx4hzlJg2ZCwALaNx2FjgoQQiEhb7sC4FTk-cG9d7jO_n-WAWHcBRXjj_xpPeveOET2V-47mu4P-OdVYuHTyaYVE6VrwcekFk6Sbvae6LUyQGxNDSg_BC3SPPDBvdMjDUlykmze61XufwOyNDve4xtsPDPFXiHBL2OE7h38UnsOpdrFQD-RXgll1aEdXDG5-CTElm3CDqJqIWKyYHHEPueZ8TR8eV9LYuzJWBA95dKeRgovIvFDOdk7tOoR_sI=&abvar=0&os=0 HTTP/1.1
Host: ca4psell23a4bur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=22092506182db17c51760d411ea132ceac38; OACICAP=ACDyowAAAAAAAAAB; OACIBLOCK=ACDyowAAAABjL%2BBQ; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:18:04 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACDyowAAAAAAAAABACIo3gAAAAAAAAAB; Path=/; Expires=Tue, 25 Oct 2022 11:18:04 GMT; Secure; SameSite=None
OACIBLOCK=ACDyowAAAABjL%2BBQACIo3gAAAABjL%2BBQ; Path=/; Expires=Tue, 25 Oct 2022 11:18:04 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Mon, 26 Sep 2022 11:18:04 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
stats.wp.com/e-202238.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202238.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:18:00 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 11 Sep 2023 07:31:45 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
jaavnacsdw.com/t/9/fret/meow4/1751293/brt.js
62.122.171.6200 OK 0 B URL HTTP/2 jaavnacsdw.com/t/9/fret/meow4/1751293/brt.js
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /t/9/fret/meow4/1751293/brt.js HTTP/1.1
Host: jaavnacsdw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:18:00 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1091a"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
ca4psell23a4bur.com/pn07uscr/f/tr/zavbn/1881651/lib.js
62.122.171.6200 OK 0 B URL HTTP/2 ca4psell23a4bur.com/pn07uscr/f/tr/zavbn/1881651/lib.js
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pn07uscr/f/tr/zavbn/1881651/lib.js HTTP/1.1
Host: ca4psell23a4bur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:18:00 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: script
set-cookie: UID=22092506182db17c51760d411ea132ceac38; Path=/; Expires=Mon, 25 Sep 2023 11:18:00 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
free-cosmetics-online.com/favicon.ico
172.67.209.47404 Not Found 0 B URL HTTP/2 free-cosmetics-online.com/favicon.ico
IP 172.67.209.47:0
GET /favicon.ico HTTP/1.1
Host: free-cosmetics-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 25 Sep 2022 11:18:02 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 10
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yv2iaaHLayR%2Bfcz7XC3xxNDLTXtMaAibZeqAHJWpB7WSDo%2F7aJHGKWQtu3CUp6B7xz1ipVpaq55DFXeMU4iyWVInp15jufP5xIF5l6tBB6lJztc9mQKIl6J8Hk2fW8zPavZMvJt%2FyHgQt5fk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75035b5c9dfcb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ca4psell23a4bur.com/bultykh/ipp24/7/bazinga/1765963
62.122.171.6200 OK 0 B URL HTTP/2 ca4psell23a4bur.com/bultykh/ipp24/7/bazinga/1765963
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /bultykh/ipp24/7/bazinga/1765963 HTTP/1.1
Host: ca4psell23a4bur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:18:00 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-346e8"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
jaavnacsdw.com/get/1751293?zoneid=1751293&jp=_cl7bjzzxtdp3yoomorq2a3&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=109058764302535
62.122.171.6200 OK 0 B URL HTTP/2 jaavnacsdw.com/get/1751293?zoneid=1751293&jp=_cl7bjzzxtdp3yoomorq2a3&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=109058764302535
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1751293?zoneid=1751293&jp=_cl7bjzzxtdp3yoomorq2a3&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=109058764302535 HTTP/1.1
Host: jaavnacsdw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexofilm.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:18:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=220925061864f598044bbe468d9a014ffe48; Path=/; Expires=Mon, 25 Sep 2023 11:18:01 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
forlumineoner.com/pfe/current/standalone.min.js?v=3.1.395
139.45.197.229200 OK 0 B URL HTTP/2 forlumineoner.com/pfe/current/standalone.min.js?v=3.1.395
IP 139.45.197.229:0
GET /pfe/current/standalone.min.js?v=3.1.395 HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sexofilm.co/
Origin: https://sexofilm.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 11:17:54 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:39 GMT
etag: W/"63296af3-1e3ef"
access-control-allow-origin: https://sexofilm.co
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2