okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
104.21.9.220301 Moved Permanently 0 B URL HTTP/1.1 okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
IP 104.21.9.220:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/ HTTP/1.1
Host: okxxx.cam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Dec 2022 20:48:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 04 Dec 2022 21:48:47 GMT
Location: https://okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5U7qx68%2F2lA2Egn4ONM7b%2FYvymDr3zbCWlu3qYbpAE3DT79rxf27YxajY4G5hHwLyPvKaZqaQd4WjnDEI5SqUaMvTAxpdr%2FyN8W5ZQhjz7G9O1kK83uNfJNunQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774767a93dc31c0a-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14969
Expires: Mon, 05 Dec 2022 00:58:16 GMT
Date: Sun, 04 Dec 2022 20:48:47 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2209
Cache-Control: max-age=137959
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:47 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:08:06 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 20:18:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1823
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10927
Expires: Sun, 04 Dec 2022 23:50:54 GMT
Date: Sun, 04 Dec 2022 20:48:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EBKyz5oncYWsbOxPHqjeQsNyIdVjKHUdg3iSRWSnbsfkW5mAJ8h6U9pqvmn1f9f6gRSNErAD+ik=
x-amz-request-id: X240FAE309PX0A6F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 20:47:07 GMT
age: 100
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 78cffc2f4c94e90f2f75790262de546f
f54df650bed2df3c27f7ec8558f19c3788074f1b
3f87d6eb4906146bb650078d13412f6a74361b8d70e72ba3b54f0005cfe9ab5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=137160
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:47 GMT
Etag: "638c7c77-117"
Expires: Tue, 06 Dec 2022 10:54:47 GMT
Last-Modified: Sun, 04 Dec 2022 10:54:47 GMT
Server: nginx
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 20:08:58 GMT
cache-control: public,max-age=3600
age: 2390
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2199
Cache-Control: max-age=132882
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:48 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:43:30 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 78cffc2f4c94e90f2f75790262de546f
f54df650bed2df3c27f7ec8558f19c3788074f1b
3f87d6eb4906146bb650078d13412f6a74361b8d70e72ba3b54f0005cfe9ab5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3584
Cache-Control: max-age=140743
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:48 GMT
Etag: "638c7c77-117"
Expires: Tue, 06 Dec 2022 11:54:31 GMT
Last-Modified: Sun, 04 Dec 2022 10:54:47 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
35.162.142.194101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.142.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Y7NEXdTUlt3sa2OKG99v4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kFCNYFihPx1VnX9+cBhgSQ6kcbY=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a9496732c1c09c977a39dbe97d01554e
a34c58bc8a294d942e892bdb9272c8fd1d6ab14b
0fb832f8f5adbc2b96bc28be0a09436fb2ddf99d255de27c9cd0694245a0ac21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5649
Cache-Control: max-age=154697
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:48 GMT
Etag: "638caae8-117"
Expires: Tue, 06 Dec 2022 15:47:05 GMT
Last-Modified: Sun, 04 Dec 2022 14:12:56 GMT
Server: ECS (amb/6BBD)
X-Cache: HIT
Content-Length: 279
okxxx.cam/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
104.21.9.220200 OK 17 kB URL HTTP/2 okxxx.cam/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
IP 104.21.9.220:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9cf8436f3282eab0214396d69c3eec7c
adc73683b48814a0380ac2e564f1bb923b057605
0b5976d320154a3be8a7bd01e5d04797a7e235dfc9cdc6c0e46e64e05c118d55
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1 HTTP/1.1
Host: okxxx.cam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:48 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 04:07:09 GMT
cache-control: max-age=31536000
expires: Wed, 08 Nov 2023 05:41:27 GMT
etag: W/"6369d5ed-14f92"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2300841
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrRkgw5xhxflUOeATXvNtm%2BF13IYqf%2FsytKBrAnFhL1Io9TexrWvrYPLMOBBvtEDFwuT%2BOk7CCOq8L8LriUW4GFoaSebBFpT%2FFDnXTkUpUiG4yAhp9e%2B8NWu3Is%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774767b0ba01b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vjs.zencdn.net/7.8.4/video-js.css?ver=7.8.4
151.101.194.217200 OK 11 kB URL HTTP/2 vjs.zencdn.net/7.8.4/video-js.css?ver=7.8.4
IP 151.101.194.217:0
File type Unicode text, UTF-8 text, with very long lines (5844)
Hash 9f703c1d1b064f5e72d8dba3484e868f
008cc8c438c57c51cc20bb4cb3e6452a287aaa8f
a1a9f6ebf0e40976737eeb1b6c544d462e5e444fcc8f59ab044833e2737c05e0
GET /7.8.4/video-js.css?ver=7.8.4 HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 08 Jul 2020 20:29:36 GMT
etag: "397a94bb87dfd0a64ba4d3d502912e4a"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Sun, 04 Dec 2022 20:48:48 GMT
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 7247
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10738
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-229130160-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-229130160-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash d22dc00fa6a5da03a67c3d26d639e835
082813a73758abbd654e907b30fb29d1b6916a50
d5a5a05e487324fca3acea5261c56f28599a8030beeab9a0f9a165b6fb6f1282
GET /gtag/js?id=UA-229130160-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 20:48:48 GMT
expires: Sun, 04 Dec 2022 20:48:48 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsorganizationvalsha2g2
151.101.130.133200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 151.101.130.133:0
Hash aeb4a879042ebab3f8be1421e743046c
3dc0b596b0a9b25c065a4f5f6ffcb26ab53522b3
fd3c4d3bb117a395c7acaee599f679db6aa692b927b7e6b7f550deb5dbfdbd43
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 08 Dec 2022 19:18:13 GMT
ETag: "3dc0b596b0a9b25c065a4f5f6ffcb26ab53522b3"
Last-Modified: Sun, 04 Dec 2022 19:18:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 04 Dec 2022 20:48:48 GMT
Age: 2184
X-Served-By: cache-qpg1229-QPG, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 8
X-Timer: S1670186929.927088,VS0,VE0
okxxx.cam/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
104.21.9.220200 OK 140 kB URL HTTP/2 okxxx.cam/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
IP 104.21.9.220:0
Size 140 kB (139520 bytes)
Hash 10a474aefb92dbc4e954f31751af90a7
0b0f72709f4b227982301d26cec833379287059b
b6c4be7ae2db9e8c7dedb28cb86007ab1b7323f908d530958220a1a2ebc43ba1
GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70 HTTP/1.1
Host: okxxx.cam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:48 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Sat, 30 Jul 2022 19:10:22 GMT
etag: W/"176-5e50a84ae4380-gzip"
vary: Accept-Encoding
cache-control: max-age=31536000
expires: Sat, 11 Nov 2023 19:53:55 GMT
referrer-policy: no-referrer-when-downgrade
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1990493
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDXmtwjVdQfQmiwHwoJ%2B%2Fab3lxRaa95m37qkgAQE7Dh3uRjVlSgheQDVYyvfaOQQ047QfrYdcLWaIi31xg5um6RHmQXYC5z%2B0X0z1JO0orS3hlD5%2BD6TGoKPZJ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774767b0b9e7b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
okxxx.cam/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
104.21.9.220200 OK 4.1 kB URL HTTP/2 okxxx.cam/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP 104.21.9.220:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 62b3b103c46a8a69e321dad3729b37a0
39596c3a8685648746d959d28296c67d4f3da7ea
c389b5c2ef148e6324bdf7f60083120992e11ef8d0045318d35bb4f8cd70200a
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: okxxx.cam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:48 GMT
content-type: text/css
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
cache-control: max-age=31536000
expires: Thu, 16 Nov 2023 05:32:39 GMT
etag: W/"5cfaccce-105a"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1610169
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0D5e38FJC2SHm8e1I%2BkO87Qmz1Y7ojXlNMYR7rR3gi9EInyTeZr21CTUVn0JeAMpXpCGGQNzCBCidFXhBgEmhP2xiVfqun5jeLWQFPyvy2SitkHQ%2BJVxfteyRC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774767b0a9e1b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ffe291236e6ee19feea4669966118d42
ca4bf3a762f0cf005213bcced081a4527114f9a3
71f661233c98d11d58fc9d26313392cf2823faa688712c7cbd2fb09de6f67383
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4392
Cache-Control: max-age=167112
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:49 GMT
Etag: "638ce051-116"
Expires: Tue, 06 Dec 2022 19:14:01 GMT
Last-Modified: Sun, 04 Dec 2022 18:00:49 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 6482364d1fcfd8c75afca513ad11f122
f30e4d12755ea508c7d36874e2e00c418b4dd392
d0cbef7bd032b84c5fc7dd1cd7f094cbc369d959d7ed6d9f813abd16914d855b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 963
Cache-Control: max-age=160105
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:49 GMT
Etag: "638cd258-139"
Expires: Tue, 06 Dec 2022 17:17:14 GMT
Last-Modified: Sun, 04 Dec 2022 17:01:12 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 6482364d1fcfd8c75afca513ad11f122
f30e4d12755ea508c7d36874e2e00c418b4dd392
d0cbef7bd032b84c5fc7dd1cd7f094cbc369d959d7ed6d9f813abd16914d855b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 963
Cache-Control: max-age=160105
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:49 GMT
Etag: "638cd258-139"
Expires: Tue, 06 Dec 2022 17:17:14 GMT
Last-Modified: Sun, 04 Dec 2022 17:01:12 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 313
inklinkor.com/tag.min.js
172.67.211.29200 OK 25 kB IP 172.67.211.29:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 88c06cd8febdda92d5970ef62b61b99a
6eed3d649a87648e9b296ccddacb7fb4d867cf97
1eb56800edec9b3846bac776fc4d06485f707158b60d85d5adcf42ba24699749
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:49 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 577f7a73ff8263b56537ade177b4de8e
cache-control: max-age=86400
last-modified: Fri, 02 Dec 2022 10:17:26 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Mon, 05 Dec 2022 19:46:40 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 3729
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6022r%2BkFtR62PHhtscg9GJG4ox4xcINVlQf5wNQvUDwpMy9cFGHr5MvI3GD2JQ4hApEvzNcfDMbTukJiq1gl7%2Bpg1wCBdV%2BB4xg4z3LsroHQSk33r%2BdSrHlraRKzSdJo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774767b25e7a0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 283 B IP 172.64.155.188:0
Hash 770cffb4c62766a9a783c5350c22b9f5
2a09b1dfd68b490e952bb90cb3628a634c0b9364
bd93c39bbdad5045708daa72f2e6c6dcd9f5c6da39b2b296b10eda01fba42cfa
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 20:48:49 GMT
Content-Type: application/ocsp-response
Content-Length: 283
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 19:36:38 GMT
Expires: Fri, 09 Dec 2022 19:36:37 GMT
Etag: "2a09b1dfd68b490e952bb90cb3628a634c0b9364"
Cache-Control: max-age=427067,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774767b2ce17b50f-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4f983d2d0c97ff0944a7ef34ec4330ae
14c242b3a0189e9406bc612d8c2540d5e5984d5a
d4eead0b3f27149eaba02487857dede1c4387a26ed1278bb694e898efb07bfc7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4EEAD0B3F27149EABA02487857DEDE1C4387A26ED1278BB694E898EFB07BFC7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11012
Expires: Sun, 04 Dec 2022 23:52:21 GMT
Date: Sun, 04 Dec 2022 20:48:49 GMT
Connection: keep-alive
pixel.wp.com/g.gif?v=ext&blog=206852779&post=27981&tz=0&srv=okxxx.cam&j=1%3A11.5.1&host=okxxx.cam&ref=&fcp=1559&rand=0.05578459682108006
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=206852779&post=27981&tz=0&srv=okxxx.cam&j=1%3A11.5.1&host=okxxx.cam&ref=&fcp=1559&rand=0.05578459682108006
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=206852779&post=27981&tz=0&srv=okxxx.cam&j=1%3A11.5.1&host=okxxx.cam&ref=&fcp=1559&rand=0.05578459682108006 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:49 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
pornez.net/player/?v=qQTNyYMSy1G
81.17.22.116200 OK 1.1 kB URL HTTP/1.1 pornez.net/player/?v=qQTNyYMSy1G
IP 81.17.22.116:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1052ad9317135136048445e720835e34
e4e426dcb3585c49da50a83c1c37b0d2ab7560ca
08ee5108cd42bfed56200d32b68edf747589a95b8d184b49aac8ae515192a096
GET /player/?v=qQTNyYMSy1G HTTP/1.1
Host: pornez.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 04 Dec 2022 20:48:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Cache-Status: HIT
Content-Encoding: gzip
unpkg.com/@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js
104.16.125.175200 OK 209 kB URL HTTP/2 unpkg.com/@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js
IP 104.16.125.175:0
File type ASCII text, with very long lines (23113)
Size 209 kB (209412 bytes)
Hash f61b6a604474bf12bcddadc45bb4169a
c63d60b1c63e63dd9770cab77a0b17fd3c3e4b89
35481283e0bb59c5a29c05ec07ab0e19869ea882bb3c0bfe93a9e8789c29e320
GET /@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://okxxx.cam/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:49 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"5acc-q2POJTFsNAdkUTsA1IhV3IUmXP0"
via: 1.1 fly.io
fly-request-id: 01F3YGTF8JRQD6FT3WSZ9G9XWN
cf-cache-status: HIT
age: 19497697
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774767b298b20b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
209.197.3.25200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP 209.197.3.25:0
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 20:48:49 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10721591
X-HW: 1670186929.dop020.sk1.t,1670186929.cds016.sk1.shn,1670186929.dop020.sk1.t,1670186929.cds228.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
205.185.208.20200 OK 5.0 kB URL HTTP/1.1 hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP 205.185.208.20:0
File type ASCII text, with very long lines (5027), with no line terminators
Hash 5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 20:48:49 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10455966
X-HW: 1670186929.dop013.sk1.t,1670186929.cds209.sk1.shn,1670186929.cds209.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/39/1511/810719/976029/976029_logo.png
205.185.208.20200 OK 1.5 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/39/1511/810719/976029/976029_logo.png
IP 205.185.208.20:0
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash cfbfb6f2310cff958cd7f4686dd57ba7
8f81f47d982850da85f0e131d0100a8f4a0d320e
eb9baa6c3be3a291e3859b9f88872650871a3fc9971b1480c4d9f1e4ef749f49
GET /a7/creatives/39/1511/810719/976029/976029_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 20:48:49 GMT
Connection: Keep-Alive
ETag: "1615366032"
Content-Length: 1548
Content-Type: image/png
Last-Modified: Wed, 10 Mar 2021 08:47:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10724444
X-HW: 1670186929.dop201.sk1.t,1670186929.cds222.sk1.shn,1670186929.dop201.sk1.t,1670186929.cds202.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/1/49/815054/1042366/1042366_logo.png
205.185.208.20200 OK 3.4 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/1/49/815054/1042366/1042366_logo.png
IP 205.185.208.20:0
File type PNG image data, 315 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 09a7eff06215bd40b9594e8d1533a923
dcd1e53d355c2d6972392d67d1bb9113450ad286
4797c2746e17081b9a75810bf8317dc8f6c9bfe22649e883352a9765727eb9f8
GET /a7/creatives/1/49/815054/1042366/1042366_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 20:48:49 GMT
Connection: Keep-Alive
ETag: "1663092646"
Content-Length: 3403
Content-Type: image/png
Last-Modified: Tue, 13 Sep 2022 18:10:46 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10791780
X-HW: 1670186929.dop014.sk1.t,1670186929.cds253.sk1.shn,1670186929.dop014.sk1.t,1670186929.cds228.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/1/49/814881/1039066/1039066_logo.png
205.185.208.20200 OK 81 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/1/49/814881/1039066/1039066_logo.png
IP 205.185.208.20:0
File type PNG image data, 900 x 250, 8-bit colormap, non-interlaced\012- data
Hash 596109aee06b81fa584f3a11e7668e35
897e24260c83489f689bfd116bf533fdd1c46a43
819e75c0b059088e5b954b1eca5180f0139e1b33bc778fed7c9d74fb5e3cdb9c
GET /a7/creatives/1/49/814881/1039066/1039066_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 20:48:49 GMT
Connection: Keep-Alive
ETag: "1659452023"
Content-Length: 80596
Content-Type: image/png
Last-Modified: Tue, 02 Aug 2022 14:53:43 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10641867
X-HW: 1670186929.dop014.sk1.t,1670186929.cds211.sk1.shn,1670186929.dop014.sk1.t,1670186929.cds020.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/1/49/815070/1042831/1042831_logo.png
205.185.208.20200 OK 91 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/1/49/815070/1042831/1042831_logo.png
IP 205.185.208.20:0
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash fc9f4cd367f2998410e83b5c42d5f3d4
5809bdd8652698ab6638df6ac2c11ac449984f3b
3eecdf355280922905aca8f60274e5af610effed02e4bd2d74c3727efaef0c31
GET /a7/creatives/1/49/815070/1042831/1042831_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 20:48:49 GMT
Connection: Keep-Alive
ETag: "1663690282"
Content-Length: 90920
Content-Type: image/png
Last-Modified: Tue, 20 Sep 2022 16:11:22 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10436211
X-HW: 1670186929.dop013.sk1.t,1670186929.cds209.sk1.shn,1670186929.dop013.sk1.t,1670186929.cds254.sk1.c
Access-Control-Allow-Origin: *
cdn.fluidplayer.com/v3/current/fluidplayer.min.js
205.185.216.42200 OK 47 kB URL HTTP/1.1 cdn.fluidplayer.com/v3/current/fluidplayer.min.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (62751)
Hash a600a1d5894852aa5e6f4a063a491bc2
45290012903acf8301dc95e20610ab6f76a154b3
4b6168065d3487bc14b0ce3b81212293a5bb0108ac4a24857298e2095be742ca
GET /v3/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 20:48:49 GMT
Connection: Keep-Alive
ETag: "1666105328"
Cache-Control: max-age=76571
Content-Encoding: gzip
Content-Length: 46959
Content-Type: application/javascript
Last-Modified: Tue, 18 Oct 2022 15:02:08 GMT
Accept-Ranges: bytes
X-HW: 1670186929.dop206.sk1.t,1670186929.cds010.sk1.shn,1670186929.dop206.sk1.t,1670186929.cds253.sk1.c
cdn.jsdelivr.net/npm/hls.js@latest
151.101.1.229200 OK 103 kB URL HTTP/2 cdn.jsdelivr.net/npm/hls.js@latest
IP 151.101.1.229:0
Size 103 kB (103272 bytes)
Hash 2eadeab98dcac60a52eca12aaf27acca
d75cb36116e49d24121f998b6d93dfdda7ca0a12
28cf29bf3aa03bf4a3b5d075f58758628629a0be74df04cba146c28e8f41b1de
GET /npm/hls.js@latest HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.2.8
x-jsd-version-type: version
etag: W/"53f50-sjJvx615vF2c13iflsN+iJ/MHz8"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 20:48:49 GMT
age: 5913
x-served-by: cache-fra-eddf8230132-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 98397
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
151.101.66.133200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 151.101.66.133:0
Hash c8cda19ea00593f635e6bc208663ac54
cf1db51eb14fb68bee1e84af4c3c17cd5f58542e
2aa161fd08c7cae02a67b680796a897a6e7a4a591083e14eed05e2dfe340d58d
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "008019B8039265DA182EB9CEF0EDC28DB5F38DA5"
Expires: Mon, 05 Dec 2022 07:00:00 UTC
Last-Modified: Sun, 04 Dec 2022 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Sun, 04 Dec 2022 20:48:49 GMT
Via: 1.1 varnish
Age: 3225
X-Served-By: cache-bma1681-BMA
X-Cache: HIT
X-Cache-Hits: 2
X-Timer: S1670186930.524044,VS0,VE0
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a9496732c1c09c977a39dbe97d01554e
a34c58bc8a294d942e892bdb9272c8fd1d6ab14b
0fb832f8f5adbc2b96bc28be0a09436fb2ddf99d255de27c9cd0694245a0ac21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=149047
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:49 GMT
Etag: "638caae8-117"
Expires: Tue, 06 Dec 2022 14:12:56 GMT
Last-Modified: Sun, 04 Dec 2022 14:12:56 GMT
Server: nginx
Content-Length: 279
cdn.fluidplayer.com/v3/current/webvtt.fdc7dad3caa6ddb11b9a.min.js
205.185.216.42200 OK 3.0 kB URL HTTP/1.1 cdn.fluidplayer.com/v3/current/webvtt.fdc7dad3caa6ddb11b9a.min.js
IP 205.185.216.42:0
File type Unicode text, UTF-8 text, with very long lines (8334), with no line terminators
Hash e983a4d3c20b1db429cb9f96d96bafd3
fdd72d2ba2da0bd257be7cae6cf7c163dc85a70e
ec005c90e82f1a26e0c610322696495d37947d3c83cc4955610a2e65db5dd890
GET /v3/current/webvtt.fdc7dad3caa6ddb11b9a.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 20:48:49 GMT
Connection: Keep-Alive
ETag: "1666105329"
Cache-Control: max-age=53391
Content-Encoding: gzip
Content-Length: 2952
Content-Type: application/javascript
Last-Modified: Tue, 18 Oct 2022 15:02:09 GMT
Accept-Ranges: bytes
X-HW: 1670186929.dop206.sk1.t,1670186929.cds010.sk1.shn,1670186929.dop206.sk1.t,1670186929.cds211.sk1.c
a.adtng.com/get/10002486?ata=Tisabd
66.254.114.171200 OK 14 kB URL HTTP/2 a.adtng.com/get/10002486?ata=Tisabd
IP 66.254.114.171:0
Hash 84a730b43bd05c8f81e6b4c97d830e90
83837c546e7a4f75d8fb8ca2cb4df98177fd83be
1f8cd8ddbfd031dcbcf54c3d338836e5f8f18c6c83f4c061683dff5f053a0345
GET /get/10002486?ata=Tisabd HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 04 Dec 2022 20:48:49 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KHmONB7FO8BEIRpLpAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7078; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 638D07B1-42FE72AB01BB5C96-6D25D13
X-Firefox-Spdy: h2
pornhuub.xyz/wp-content/uploads/2022/11/The-Mechanics-Messy-Wife-Gianna-Dior-Bella-Rolland-Alex-Mack.jpg
188.114.96.1200 OK 174 kB URL HTTP/2 pornhuub.xyz/wp-content/uploads/2022/11/The-Mechanics-Messy-Wife-Gianna-Dior-Bella-Rolland-Alex-Mack.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3\012- data
Size 174 kB (173793 bytes)
Hash 9453d3c3ebec651ab6b8f3e360cf458f
4db091152da0828e5caf9332d9b0a86dbbe77a05
0cfa5eb48a91fac50c8483ccb3be7f849c30d20f8c39ee4fa53c845a047d6822
GET /wp-content/uploads/2022/11/The-Mechanics-Messy-Wife-Gianna-Dior-Bella-Rolland-Alex-Mack.jpg HTTP/1.1
Host: pornhuub.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:49 GMT
content-type: image/jpeg
content-length: 173793
last-modified: Thu, 03 Nov 2022 12:28:47 GMT
etag: "6363b3ff-2a6e1"
x-powered-by: PleskLin
cache-control: max-age=16070400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acqrlRWauJOLw5144jLtso2046%2Bgo5aOh7boPitTD8YnCxac9ur2OvVuBBY6SGo5lgl4GfPrUtdRxL%2Bh2FAJq7mKztbWckIxWuyI2jyw%2FxhVOTz6Xtxc78ELejaXbNc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774767b16bbbb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 33002e87ed87cec83ec76bdfe55cb33a
a2dafcefab949833412ab20508096c9974b9e359
f73d30247eb325d9dc9531381224e8942b39b56c264ade1618855f1fad9eda2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3571
Cache-Control: max-age=144702
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:49 GMT
Etag: "638c8bfc-1d7"
Expires: Tue, 06 Dec 2022 13:00:31 GMT
Last-Modified: Sun, 04 Dec 2022 12:01:00 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/fr_FR/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/fr_FR/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 867d4c875b0b7bc290c46077b340e4a9
917310c61551aaf9df733d2850e54e62e677d63b
81d118c9035b990fccb66a7961f2d125dd4ac8622c607afc5d9a4f7d7af77572
GET /fr_FR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: cf0494a61f7cef2c6a439bb2fd380195
etag: "249a7008dbd37404b6c52ef5dc9d75e5"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 04 Dec 2022 21:06:40 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: hn1Mh1sLe8KQxGB3s0DkqQ==
x-fb-debug: 4S0YmG0RVAzolelqKCCxBsmIeYqRoVVaov9Z9ydgws3BlwZTwIe36SE31MMkzVEQ9uO0JgtotJx4HMYZqdTgrA==
content-length: 1686
x-fb-trip-id: 1904183273
date: Sun, 04 Dec 2022 20:48:49 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 04 Dec 2022 20:41:08 GMT
expires: Sun, 04 Dec 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 461
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 33002e87ed87cec83ec76bdfe55cb33a
a2dafcefab949833412ab20508096c9974b9e359
f73d30247eb325d9dc9531381224e8942b39b56c264ade1618855f1fad9eda2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3571
Cache-Control: max-age=144702
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:49 GMT
Etag: "638c8bfc-1d7"
Expires: Tue, 06 Dec 2022 13:00:31 GMT
Last-Modified: Sun, 04 Dec 2022 12:01:00 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
img.pornez.net/vtt/qQTNyYMSy1G.vtt
46.19.141.166200 OK 5.4 kB URL HTTP/1.1 img.pornez.net/vtt/qQTNyYMSy1G.vtt
IP 46.19.141.166:0
ASN #51852 Private Layer INC
File type ASCII text, with CRLF line terminators
Hash 4068bf2dfec5ccb4f5279b1ce994b4a9
8ef1e3cdf8d4cf3a491b8e1bb763b479c3a6e069
91ae3e11439d18429ed97942d1bf179516384f8111574a497c27a8e747d9eb00
GET /vtt/qQTNyYMSy1G.vtt HTTP/1.1
Host: img.pornez.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pornez.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 04 Dec 2022 20:48:49 GMT
Content-Type: application/octet-stream
Content-Length: 5436
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 02:38:57 GMT
ETag: "636c6441-153c"
Expires: Fri, 02 Jun 2023 20:48:49 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Cache-Control: max-age=15552000, public
X-Cache-Status: HIT
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15615
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Sun, 04 Dec 2022 20:48:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:02:47 GMT
age: 81962
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 82571
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 82562
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 48128
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 83088
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 82728
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stats.wp.com/e-202248.js
192.0.76.3200 OK 91 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash 110d62bddbf19e3536a14748935b6994
668414d6a34f10ed320af111368aa6ae0974b457
2f78d09ea03d3a7dfcefb632799a080813216a8a2860df8c44eae352a4fd4487
GET /e-202248.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:48 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Mon, 20 Nov 2023 01:50:03 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-D7FQ1B1D0R>m=2oebu0&_p=1656346508&gdid=dZTNiMT&cid=902243214.1670186927&ul=en-us&sr=1280x1024&_s=1&sid=1670186927&sct=1&seg=0&dl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&dt=The%20Mechanics%20Messy%20Wife%20Gianna%20Dior%20Bella%20Rolland%20Alex%20Mack%201080p%20full%20video%20-%20OKxxx.cam%20is%20New%20Brazzers%20latest%20porn%20video%20website%20best%20xxxnx%20HD%20ok.xxx&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 68 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-D7FQ1B1D0R>m=2oebu0&_p=1656346508&gdid=dZTNiMT&cid=902243214.1670186927&ul=en-us&sr=1280x1024&_s=1&sid=1670186927&sct=1&seg=0&dl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&dt=The%20Mechanics%20Messy%20Wife%20Gianna%20Dior%20Bella%20Rolland%20Alex%20Mack%201080p%20full%20video%20-%20OKxxx.cam%20is%20New%20Brazzers%20latest%20porn%20video%20website%20best%20xxxnx%20HD%20ok.xxx&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d4e1fd4d13274e597e21b8fe91819775
dab90fff2d61b4fd04797778873562a30da6f899
c155158ddc7af341b228115b2ba55cef1f5ed2f505c320ff929c163757a3a115
POST /g/collect?v=2&tid=G-D7FQ1B1D0R>m=2oebu0&_p=1656346508&gdid=dZTNiMT&cid=902243214.1670186927&ul=en-us&sr=1280x1024&_s=1&sid=1670186927&sct=1&seg=0&dl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&dt=The%20Mechanics%20Messy%20Wife%20Gianna%20Dior%20Bella%20Rolland%20Alex%20Mack%201080p%20full%20video%20-%20OKxxx.cam%20is%20New%20Brazzers%20latest%20porn%20video%20website%20best%20xxxnx%20HD%20ok.xxx&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://okxxx.cam
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://okxxx.cam
date: Sun, 04 Dec 2022 20:48:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.pornez.net/img/qQTNyYMSy1G_2.jpg
46.19.141.166200 OK 106 kB URL HTTP/1.1 img.pornez.net/img/qQTNyYMSy1G_2.jpg
IP 46.19.141.166:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 1920x1080, components 3\012- data
Size 106 kB (106150 bytes)
Hash 6163742842708d2b2bb4233bd9f1150a
ed7f62ea8e9fdf235d4c46ed1161fcbd546ed3b0
6fe1f1482f92e1498b067cdca61e223a2d1ebd57896c50e32a19e8e9db207c28
GET /img/qQTNyYMSy1G_2.jpg HTTP/1.1
Host: img.pornez.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 04 Dec 2022 20:48:50 GMT
Content-Type: image/jpeg
Content-Length: 106150
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 02:35:43 GMT
ETag: "6369c07f-19ea6"
Expires: Fri, 02 Jun 2023 20:48:50 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Cache-Control: max-age=15552000, public
X-Cache-Status: HIT
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 873 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 754827130379ac006bc4c2199cbfb23c
60ba10003d4069f09c40f9a045a165b0f15dd964
fac66b900fd29122203223205734918cf8563dfd8751fa87b4d0bbee1628714d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F36ABEACE40DEA3471231ED766B8F6A9A80FCE7179E8B737698EDAF30D8F9E3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15952
Expires: Mon, 05 Dec 2022 01:14:42 GMT
Date: Sun, 04 Dec 2022 20:48:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f440ab4c78acfab557992f75a7389e31
44099c0aa1cf570a83678e35c9bcf1d719b3ae1f
6e2df8a8cd476b6f533878d21f8363fa3a1bf5e932e75ae56a74887d3dfa17f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6E2DF8A8CD476B6F533878D21F8363FA3A1BF5E932E75AE56A74887D3DFA17F2"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5072
Expires: Sun, 04 Dec 2022 22:13:22 GMT
Date: Sun, 04 Dec 2022 20:48:50 GMT
Connection: keep-alive
okxxx.cam/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
104.21.9.220200 OK 12 kB URL HTTP/2 okxxx.cam/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 104.21.9.220:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash 9e1c917a2bfd63352ae8588cfb944958
0fe3c874310c17427f945d8536ac0ad6463949ea
43407cb33aee098fe9c03b95e191e6978c412c58f3e295ae09b112fe1c8de7e9
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: okxxx.cam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:48 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 02 Nov 2023 06:05:21 GMT
etag: W/"5f735862-2bf8"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2817807
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJJzErQ08C9JH%2FVF06j2fI3pYGuxuTckh020qvkdanhvhGdOMDm6cpcf4k3xsZ%2B9rCQ4RzhAWM9iu32aZY554ewqoZFvp0QnxzIyezcj2Ibh7j4dAhFaKfTYBas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774767b0a9ddb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
104.21.9.220200 OK 21 kB URL HTTP/2 okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
IP 104.21.9.220:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 679b95c51345fc2d35707658872b61be
10f84d04647fff985f464b6622d38e0593ab3af0
15f83e57764d5841ba08826068d0b96bbadedbc073ee6e4ababa11c0da4c648e
GET /the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/ HTTP/1.1
Host: okxxx.cam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:48 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.26, PleskLin
link: <https://okxxx.cam/wp-json/>; rel="https://api.w.org/", <https://okxxx.cam/wp-json/wp/v2/posts/27981>; rel="alternate"; type="application/json", <https://okxxx.cam/?p=27981>; rel=shortlink
vary: Accept-Encoding
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhlqsL08CDZ090%2BYwT52yK84zQGH0QK3FmAcMwruvj9vkmkGPWSKCIv3sqSnE%2Bgc9zaACyvY7Jpdl5cxVlZAd2me4xytAHBpxu4b%2B74JG1oiH1y2f6d09qYcL%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774767ab6816b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=a2076a2478a74fe197c3ab619cd9feb2
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=a2076a2478a74fe197c3ab619cd9feb2
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7618913c08e1259d04c0c6ff15ded7ed
97406b5d7198bdfa36992348a5fa50cf135ac497
fe76f9900e8fb929d245c27f7172dc595b624e7b88eab943efc5ed1656dc4098
GET /gid.js?userId=a2076a2478a74fe197c3ab619cd9feb2 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://okxxx.cam
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:50 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://okxxx.cam
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a2076a2478a74fe197c3ab619cd9feb2; expires=Mon, 04 Dec 2023 20:48:50 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ibrapush.com/zone?pub=0&zone_id=5201150&is_mobile=false&domain=okxxx.cam&var=&ymid=&var_3=
139.45.197.250200 OK 705 B URL HTTP/2 ibrapush.com/zone?pub=0&zone_id=5201150&is_mobile=false&domain=okxxx.cam&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (704)
Hash 8b8e113c1ac954f6e46ff5b8ba8a8d4d
62905d0caaaa3b23f0b7da2a32daa221388b2b0a
c047229cd4dfeffb5d225751df26257c08508c1f7e62bdb634682cfc0cbfb462
GET /zone?pub=0&zone_id=5201150&is_mobile=false&domain=okxxx.cam&var=&ymid=&var_3= HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://okxxx.cam
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:50 GMT
content-type: application/json; charset=utf-8
content-length: 705
x-trace-id: 4592813884469dadb26e5b7ca36575df
access-control-allow-origin: https://okxxx.cam
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 791af1d2c062c4081d2631131553e28f
55851199bb8b1ec3359c7b0cff5819143087229d
cb918e321ae3fd08c37070bfe8d16376fc8862713adf7d8cadebfc787ac09446
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB918E321AE3FD08C37070BFE8D16376FC8862713ADF7D8CADEBFC787AC09446"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3719
Expires: Sun, 04 Dec 2022 21:50:49 GMT
Date: Sun, 04 Dec 2022 20:48:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3b37e9e4dc5c39c8fb6aba1ddd4ddc4e
2a3653d905b34824efded08cbb4c400f80d73526
c2855a99d6c1522d57a8224193527da72bf97c139541d1e010a51762fb1ab73e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:50 GMT
Last-Modified: Sun, 04 Dec 2022 19:37:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3b37e9e4dc5c39c8fb6aba1ddd4ddc4e
2a3653d905b34824efded08cbb4c400f80d73526
c2855a99d6c1522d57a8224193527da72bf97c139541d1e010a51762fb1ab73e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3970
Cache-Control: max-age=131775
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:50 GMT
Etag: "638c57ef-116"
Expires: Tue, 06 Dec 2022 09:25:05 GMT
Last-Modified: Sun, 04 Dec 2022 08:18:55 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 278
ibrapush.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://okxxx.cam/
Origin: https://okxxx.cam
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:50 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://okxxx.cam
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://okxxx.cam/
Origin: https://okxxx.cam
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:50 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://okxxx.cam
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://okxxx.cam
Content-Length: 435
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:50 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 2daa90f93ff2c49178687d67c1367427
access-control-allow-origin: https://okxxx.cam
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://okxxx.cam
Content-Length: 802
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:50 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 165fe0de099c10f488822641666e8b12
access-control-allow-origin: https://okxxx.cam
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
nanouwho.com/9?z=5201149&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&sah=1002&drf=&hil=1&ist=0&oaid=a2076a2478a74fe197c3ab619cd9feb2
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=5201149&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&sah=1002&drf=&hil=1&ist=0&oaid=a2076a2478a74fe197c3ab619cd9feb2
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5201149&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&sah=1002&drf=&hil=1&ist=0&oaid=a2076a2478a74fe197c3ab619cd9feb2 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://okxxx.cam/
Origin: https://okxxx.cam
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Dec 2022 20:48:50 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://okxxx.cam
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
betotodilea.com/500/5201148?excludes=&oaid=a2076a2478a74fe197c3ab619cd9feb2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5201148?excludes=&oaid=a2076a2478a74fe197c3ab619cd9feb2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5201148?excludes=&oaid=a2076a2478a74fe197c3ab619cd9feb2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://okxxx.cam/
Origin: https://okxxx.cam
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:50 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://okxxx.cam
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e7f182bc423c8e0b694072f316dfbf3c
cea3572598e1b5c8c5249cabf5ea99e56dc7e02d
02b4ac24bfa51f27fc2e507fb5d923751a9f6566eb98f3b8255a7d05f42d85c5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 20:48:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 12:52:22 GMT
Expires: Thu, 08 Dec 2022 12:52:21 GMT
Etag: "cea3572598e1b5c8c5249cabf5ea99e56dc7e02d"
Cache-Control: max-age=316410,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774767bdbb07b50f-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8793362110fd7d1e37a5e386c7034550
9f397c7f45f301929d97f48c95aa86462f1ae1ae
3dfbea9a6fd11c56e4c6f0ced98aaeb035b5bdbc1cbd2face672c83a8bbc12f9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4606
Cache-Control: max-age=106486
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:51 GMT
Etag: "638bf2ab-116"
Expires: Tue, 06 Dec 2022 02:23:37 GMT
Last-Modified: Sun, 04 Dec 2022 01:06:51 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 278
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 969
Origin: https://okxxx.cam
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 04 Dec 2022 20:48:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://okxxx.cam
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
betotodilea.com/500/5201148?excludes=&oaid=a2076a2478a74fe197c3ab619cd9feb2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 12 kB URL HTTP/2 betotodilea.com/500/5201148?excludes=&oaid=a2076a2478a74fe197c3ab619cd9feb2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash a11da90651ff2f7cba4e53ba25f2c61a
37b022cf096e4315701792742204b69c2e926c7c
b2bdd6dd566586d9e56635061bb41ab8003c783031c9911261487901c9c68b6c
GET /500/5201148?excludes=&oaid=a2076a2478a74fe197c3ab619cd9feb2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://okxxx.cam
Connection: keep-alive
Referer: https://okxxx.cam/
Cookie: OAID=e3cf2b1e174745e2a87727f00c686dc5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:50 GMT
content-type: application/javascript
x-trace-id: 098b31d8b046d7728204ab335311814f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://okxxx.cam
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=a2076a2478a74fe197c3ab619cd9feb2; expires=Mon, 04 Dec 2023 20:48:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=3679631772&z=5201149&b=15969479&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=tU648hrxB6D-ME9FMyW6iMXpGCLnostm-aYEaqm9ou0vmJL9vW3nCN1-j0KxGTKj-6v82163Wr1P04J_o0i2235CK96kEFsXOYBCtWKMO0ge0UQKd4JkhD_C051lwbDNo42InAfEvgRqbVe02OlJinHSotriPy857j61unYuB6OqZLRA6Ai5tPnuj342ld65PXdgHSw91blFsPXeeB2amAUP1m1sDa4JiTLarmPdV7k2FwO00UHHYNn3lyyzvNMlHl2fWEi2kLFja_uwVn32CLJFlYBqffZBMcp0O3aGV8BViTclO4ZZjnEaa3Zf1unyCwfQNJDFoBQUOiSX1ufPgF_R5cTHAifJfjUQ9XE7hXaM4P_yEmMlUAZz_88prdFWpUACWH5rp1zE3MBJEU0fIHJxArSZNVUQ0FQ-n3ut43ddE9cT-L9nrnumB8lCQreGFLnmO8vasrmn3_6jD0aefYb0ZFOTlFTK4xRnnDfZt1YEP4UBtW5ZxdeWwpPAklx0FczhofIuVMV5W-yZs48iRcPU1ZUYTIXLzvZo0aiZb5VDSC_YnkIsz5b_tUUF-3z-XeF49r7WAWJ8IoY6fP_THbCIclfCCWLx901siLBqCVF4dJ8rlPRdQTx2mrVJmXtkmEbNTa22Ld_ZSptHcICvEQ==&ruid=ea10e497-e297-4720-9b3a-dea6d46e040c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&sah=1002&drf=&hil=1&ist=0&ot=435
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=3679631772&z=5201149&b=15969479&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=tU648hrxB6D-ME9FMyW6iMXpGCLnostm-aYEaqm9ou0vmJL9vW3nCN1-j0KxGTKj-6v82163Wr1P04J_o0i2235CK96kEFsXOYBCtWKMO0ge0UQKd4JkhD_C051lwbDNo42InAfEvgRqbVe02OlJinHSotriPy857j61unYuB6OqZLRA6Ai5tPnuj342ld65PXdgHSw91blFsPXeeB2amAUP1m1sDa4JiTLarmPdV7k2FwO00UHHYNn3lyyzvNMlHl2fWEi2kLFja_uwVn32CLJFlYBqffZBMcp0O3aGV8BViTclO4ZZjnEaa3Zf1unyCwfQNJDFoBQUOiSX1ufPgF_R5cTHAifJfjUQ9XE7hXaM4P_yEmMlUAZz_88prdFWpUACWH5rp1zE3MBJEU0fIHJxArSZNVUQ0FQ-n3ut43ddE9cT-L9nrnumB8lCQreGFLnmO8vasrmn3_6jD0aefYb0ZFOTlFTK4xRnnDfZt1YEP4UBtW5ZxdeWwpPAklx0FczhofIuVMV5W-yZs48iRcPU1ZUYTIXLzvZo0aiZb5VDSC_YnkIsz5b_tUUF-3z-XeF49r7WAWJ8IoY6fP_THbCIclfCCWLx901siLBqCVF4dJ8rlPRdQTx2mrVJmXtkmEbNTa22Ld_ZSptHcICvEQ==&ruid=ea10e497-e297-4720-9b3a-dea6d46e040c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&sah=1002&drf=&hil=1&ist=0&ot=435
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=3679631772&z=5201149&b=15969479&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=tU648hrxB6D-ME9FMyW6iMXpGCLnostm-aYEaqm9ou0vmJL9vW3nCN1-j0KxGTKj-6v82163Wr1P04J_o0i2235CK96kEFsXOYBCtWKMO0ge0UQKd4JkhD_C051lwbDNo42InAfEvgRqbVe02OlJinHSotriPy857j61unYuB6OqZLRA6Ai5tPnuj342ld65PXdgHSw91blFsPXeeB2amAUP1m1sDa4JiTLarmPdV7k2FwO00UHHYNn3lyyzvNMlHl2fWEi2kLFja_uwVn32CLJFlYBqffZBMcp0O3aGV8BViTclO4ZZjnEaa3Zf1unyCwfQNJDFoBQUOiSX1ufPgF_R5cTHAifJfjUQ9XE7hXaM4P_yEmMlUAZz_88prdFWpUACWH5rp1zE3MBJEU0fIHJxArSZNVUQ0FQ-n3ut43ddE9cT-L9nrnumB8lCQreGFLnmO8vasrmn3_6jD0aefYb0ZFOTlFTK4xRnnDfZt1YEP4UBtW5ZxdeWwpPAklx0FczhofIuVMV5W-yZs48iRcPU1ZUYTIXLzvZo0aiZb5VDSC_YnkIsz5b_tUUF-3z-XeF49r7WAWJ8IoY6fP_THbCIclfCCWLx901siLBqCVF4dJ8rlPRdQTx2mrVJmXtkmEbNTa22Ld_ZSptHcICvEQ==&ruid=ea10e497-e297-4720-9b3a-dea6d46e040c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&sah=1002&drf=&hil=1&ist=0&ot=435 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://okxxx.cam
Connection: keep-alive
Referer: https://okxxx.cam/
Cookie: scm=1; OAID=a2076a2478a74fe197c3ab619cd9feb2; oaidts=1670186930
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:51 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://okxxx.cam
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: c1c6553c9244e80ac70551b43b69933f
access-control-expose-headers: X-Sc
set-cookie: OAID=a2076a2478a74fe197c3ab619cd9feb2; expires=Mon, 04 Dec 2023 20:48:51 GMT; secure; SameSite=None
oaidts=1670186930; expires=Mon, 04 Dec 2023 20:48:51 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a74368a7c1d63f980521996cab4df3d4
e63c9e94b1bf2766f45c500ea5bdd24419f171a2
cdf274e8573ed6cd2b341d343bf620cddcb4a1ac3e38b1e88b1b3b0be26d6fae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CDF274E8573ED6CD2B341D343BF620CDDCB4A1AC3E38B1E88B1B3B0BE26D6FAE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=854
Expires: Sun, 04 Dec 2022 21:03:05 GMT
Date: Sun, 04 Dec 2022 20:48:51 GMT
Connection: keep-alive
tzegilo.com/stattag.js
104.21.84.149200 OK 14 kB IP 104.21.84.149:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash 292e4c379439d84d19a0ae5082c824e7
097578f71c57e01a0e23e692a3492cd96032f77c
0bc4a80c43d3d6db6e43686b75c37ed0096618b45ffeb7ed3dad60452297077a
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:50 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1832
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ncbUtVLjm%2BvRG4wEy6cwppsW85I9BeeVXJEeI5EcHSqR11r7UDtbjnNrfrz539%2FJSj53A0Jbd39CATZuRJRw2CQ60Gn7WOVPLI14EjBnTgGCctvao634ryY6BEDvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774767bc8f431c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nanouwho.com/9?z=5201149&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&sah=1002&drf=&hil=1&ist=0&oaid=a2076a2478a74fe197c3ab619cd9feb2
139.45.197.242200 OK 3.2 kB URL HTTP/2 nanouwho.com/9?z=5201149&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&sah=1002&drf=&hil=1&ist=0&oaid=a2076a2478a74fe197c3ab619cd9feb2
IP 139.45.197.242:0
Hash 08bfb86f1954c50d5a5935d735b89ecf
a5af5cca1228a8cb2294ce7a6291baa1a90ff602
a0d77bcd89a025f65ab6fffc8db5a7c4440120eb31f2db92aca268e2b9be529a
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5201149&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&sah=1002&drf=&hil=1&ist=0&oaid=a2076a2478a74fe197c3ab619cd9feb2 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 353
Origin: https://okxxx.cam
Connection: keep-alive
Referer: https://okxxx.cam/
Cookie: scm=1; OAID=e40740576cfc45908842d4ae5f257c91; oaidts=1670186930
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:51 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://okxxx.cam
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 982a48a4af732b93d33d7df70766b6cf
access-control-expose-headers: X-Sc
set-cookie: OAID=a2076a2478a74fe197c3ab619cd9feb2; expires=Mon, 04 Dec 2023 20:48:51 GMT; secure; SameSite=None
oaidts=1670186930; expires=Mon, 04 Dec 2023 20:48:51 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg
139.45.197.153200 OK 30 kB URL HTTP/2 interstitial-07.com/contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 3213a8e6ac43e59294f402bbbe324953
3e66ba9e6978ca9fef50e07274bd9899e3fed9c3
f880d432fbedbe3a15e8fed32985860e84e8ec4425ad6ff3e6cae446be0a6714
GET /contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=jdLI6t06EwWxwUz&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2273218444%26z%3D5201149%26b%3D15969479%26c%3D6387621%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DtU648hrxB6D-ME9FMyW6iMXpGCLnostm-aYEaqm9ou0vmJL9vW3nCN1-j0KxGTKj-6v82163Wr1P04J_o0i2235CK96kEFsXOYBCtWKMO0ge0UQKd4JkhD_C051lwbDNo42InAfEvgRqbVe02OlJinHSotriPy857j61unYuB6OqZLRA6Ai5tPnuj342ld65PXdgHSw91blFsPXeeB2amAUP1m1sDa4JiTLarmPdV7k2FwO00UHHYNn3lyyzvNMlHl2fWEi2kLFja_uwVn32CLJFlYBqffZBMcp0O3aGV8BViTclO4ZZjnEaa3Zf1unyCwfQNJDFoBQUOiSX1ufPgF_R5cTHAifJfjUQ9XE7hXaM4P_yEmMlUAZz_88prdFWpUACWH5rp1zE3MBJEU0fIHJxArSZNVUQ0FQ-n3ut43ddE9cT-L9nrnumB8lCQreGFLnmO8vasrmn3_6jD0aefYb0ZFOTlFTK4xRnnDfZt1YEP4UBtW5ZxdeWwpPAklx0FczhofIuVMV5W-yZs48iRcPU1ZUYTIXLzvZo0aiZb5VDSC_YnkIsz5b_tUUF-3z-XeF49r7WAWJ8IoY6fP_THbCIclfCCWLx901siLBqCVF4dJ8rlPRdQTx2mrVJmXtkmEbNTa22Ld_ZSptHcICvEQ%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Dea10e497-e297-4720-9b3a-dea6d46e040c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fokxxx.cam%252Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D898%26wfc%3D5%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:51 GMT
content-type: image/jpeg
content-length: 29997
last-modified: Thu, 20 Oct 2022 03:21:02 GMT
vary: Accept-Encoding
etag: "6350be9e-752d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/?l=jdLI6t06EwWxwUz&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2273218444%26z%3D5201149%26b%3D15969479%26c%3D6387621%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DtU648hrxB6D-ME9FMyW6iMXpGCLnostm-aYEaqm9ou0vmJL9vW3nCN1-j0KxGTKj-6v82163Wr1P04J_o0i2235CK96kEFsXOYBCtWKMO0ge0UQKd4JkhD_C051lwbDNo42InAfEvgRqbVe02OlJinHSotriPy857j61unYuB6OqZLRA6Ai5tPnuj342ld65PXdgHSw91blFsPXeeB2amAUP1m1sDa4JiTLarmPdV7k2FwO00UHHYNn3lyyzvNMlHl2fWEi2kLFja_uwVn32CLJFlYBqffZBMcp0O3aGV8BViTclO4ZZjnEaa3Zf1unyCwfQNJDFoBQUOiSX1ufPgF_R5cTHAifJfjUQ9XE7hXaM4P_yEmMlUAZz_88prdFWpUACWH5rp1zE3MBJEU0fIHJxArSZNVUQ0FQ-n3ut43ddE9cT-L9nrnumB8lCQreGFLnmO8vasrmn3_6jD0aefYb0ZFOTlFTK4xRnnDfZt1YEP4UBtW5ZxdeWwpPAklx0FczhofIuVMV5W-yZs48iRcPU1ZUYTIXLzvZo0aiZb5VDSC_YnkIsz5b_tUUF-3z-XeF49r7WAWJ8IoY6fP_THbCIclfCCWLx901siLBqCVF4dJ8rlPRdQTx2mrVJmXtkmEbNTa22Ld_ZSptHcICvEQ%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Dea10e497-e297-4720-9b3a-dea6d46e040c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fokxxx.cam%252Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D898%26wfc%3D5%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
139.45.197.153200 OK 4.8 kB URL HTTP/2 interstitial-07.com/?l=jdLI6t06EwWxwUz&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2273218444%26z%3D5201149%26b%3D15969479%26c%3D6387621%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DtU648hrxB6D-ME9FMyW6iMXpGCLnostm-aYEaqm9ou0vmJL9vW3nCN1-j0KxGTKj-6v82163Wr1P04J_o0i2235CK96kEFsXOYBCtWKMO0ge0UQKd4JkhD_C051lwbDNo42InAfEvgRqbVe02OlJinHSotriPy857j61unYuB6OqZLRA6Ai5tPnuj342ld65PXdgHSw91blFsPXeeB2amAUP1m1sDa4JiTLarmPdV7k2FwO00UHHYNn3lyyzvNMlHl2fWEi2kLFja_uwVn32CLJFlYBqffZBMcp0O3aGV8BViTclO4ZZjnEaa3Zf1unyCwfQNJDFoBQUOiSX1ufPgF_R5cTHAifJfjUQ9XE7hXaM4P_yEmMlUAZz_88prdFWpUACWH5rp1zE3MBJEU0fIHJxArSZNVUQ0FQ-n3ut43ddE9cT-L9nrnumB8lCQreGFLnmO8vasrmn3_6jD0aefYb0ZFOTlFTK4xRnnDfZt1YEP4UBtW5ZxdeWwpPAklx0FczhofIuVMV5W-yZs48iRcPU1ZUYTIXLzvZo0aiZb5VDSC_YnkIsz5b_tUUF-3z-XeF49r7WAWJ8IoY6fP_THbCIclfCCWLx901siLBqCVF4dJ8rlPRdQTx2mrVJmXtkmEbNTa22Ld_ZSptHcICvEQ%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Dea10e497-e297-4720-9b3a-dea6d46e040c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fokxxx.cam%252Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D898%26wfc%3D5%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
IP 139.45.197.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1511)
Hash 4fc9b49fc1de74d921a84ba682935110
ca17820048b71915ea8d6e5a4d327a2f1ac034ae
24eeb3d33259e3bf1dc8fd23aee0b2c659cd584c34b74d4fa5ac7ce4d8dc2dcb
GET /?l=jdLI6t06EwWxwUz&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2273218444%26z%3D5201149%26b%3D15969479%26c%3D6387621%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DtU648hrxB6D-ME9FMyW6iMXpGCLnostm-aYEaqm9ou0vmJL9vW3nCN1-j0KxGTKj-6v82163Wr1P04J_o0i2235CK96kEFsXOYBCtWKMO0ge0UQKd4JkhD_C051lwbDNo42InAfEvgRqbVe02OlJinHSotriPy857j61unYuB6OqZLRA6Ai5tPnuj342ld65PXdgHSw91blFsPXeeB2amAUP1m1sDa4JiTLarmPdV7k2FwO00UHHYNn3lyyzvNMlHl2fWEi2kLFja_uwVn32CLJFlYBqffZBMcp0O3aGV8BViTclO4ZZjnEaa3Zf1unyCwfQNJDFoBQUOiSX1ufPgF_R5cTHAifJfjUQ9XE7hXaM4P_yEmMlUAZz_88prdFWpUACWH5rp1zE3MBJEU0fIHJxArSZNVUQ0FQ-n3ut43ddE9cT-L9nrnumB8lCQreGFLnmO8vasrmn3_6jD0aefYb0ZFOTlFTK4xRnnDfZt1YEP4UBtW5ZxdeWwpPAklx0FczhofIuVMV5W-yZs48iRcPU1ZUYTIXLzvZo0aiZb5VDSC_YnkIsz5b_tUUF-3z-XeF49r7WAWJ8IoY6fP_THbCIclfCCWLx901siLBqCVF4dJ8rlPRdQTx2mrVJmXtkmEbNTa22Ld_ZSptHcICvEQ%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Dea10e497-e297-4720-9b3a-dea6d46e040c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fokxxx.cam%252Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D898%26wfc%3D5%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=pe6xxG7LSPOHGAkAbPZ8yrz5CEY4uf_AK3f4Mj9F7SI; expires=Sun, 04-Dec-2022 21:48:51 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Dec 2022 20:48:52 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 46ef4ec840091e0e0cd306141fb3a6a7
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
betotodilea.com/impression/M6lwIWUl3B21gWZ8q9Spowl-VfGhsloYMD9F5mAqg5x96Wiv73hhL5E4iMWrrXm-tbTpRgQbHe9acjAX7VrlC3z4EtGCRE-DQz8m5uuXTSddC7kum84i4XHXu-fSf7DCesqwvS8FBQPEMUBSBfgv12llBNzcEiz8Ax891E3fMAMtEdka1JGa3H3f-NWx82w0TeyNXUSfe1RPfQGD7aeiAEssrjL3caaTcVrGJiFta4ihTRukNW6k5-EXCpdGXbeo_ALzzgcnmA3qyg7g2zMpZ4GqumQ7-XM-uoWBSvyl2sgEhCghRYqvlC9gsPvOngCNOCiTGW788qmi2zubbL0hEqqiVGnoapGgQDiugitYjF8yrpCGFSzKnLMrqFdqfSYwV-vdnHhjO1SI9FMTcCGkkCn_RDCW89bgON0G6eZdZChnR7GeDPpwsefXCwr_1YVIGLjx7xeoXwC2KtiiRgyCfYqTT52XAI7xgA1Ce5wC2s_4Fy8wDP8ZZ-XJEE3alQArdDEgp7bEmssAU2wDQtLgDgujXCm9zIpKGBUTnIIJiNETZ7xcImkQ4gjNt0gYD0yOORVkofU12SLN3Z2TZZhlnDEumyw=?_z=5201148&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=6&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL HTTP/2 betotodilea.com/impression/M6lwIWUl3B21gWZ8q9Spowl-VfGhsloYMD9F5mAqg5x96Wiv73hhL5E4iMWrrXm-tbTpRgQbHe9acjAX7VrlC3z4EtGCRE-DQz8m5uuXTSddC7kum84i4XHXu-fSf7DCesqwvS8FBQPEMUBSBfgv12llBNzcEiz8Ax891E3fMAMtEdka1JGa3H3f-NWx82w0TeyNXUSfe1RPfQGD7aeiAEssrjL3caaTcVrGJiFta4ihTRukNW6k5-EXCpdGXbeo_ALzzgcnmA3qyg7g2zMpZ4GqumQ7-XM-uoWBSvyl2sgEhCghRYqvlC9gsPvOngCNOCiTGW788qmi2zubbL0hEqqiVGnoapGgQDiugitYjF8yrpCGFSzKnLMrqFdqfSYwV-vdnHhjO1SI9FMTcCGkkCn_RDCW89bgON0G6eZdZChnR7GeDPpwsefXCwr_1YVIGLjx7xeoXwC2KtiiRgyCfYqTT52XAI7xgA1Ce5wC2s_4Fy8wDP8ZZ-XJEE3alQArdDEgp7bEmssAU2wDQtLgDgujXCm9zIpKGBUTnIIJiNETZ7xcImkQ4gjNt0gYD0yOORVkofU12SLN3Z2TZZhlnDEumyw=?_z=5201148&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=6&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/M6lwIWUl3B21gWZ8q9Spowl-VfGhsloYMD9F5mAqg5x96Wiv73hhL5E4iMWrrXm-tbTpRgQbHe9acjAX7VrlC3z4EtGCRE-DQz8m5uuXTSddC7kum84i4XHXu-fSf7DCesqwvS8FBQPEMUBSBfgv12llBNzcEiz8Ax891E3fMAMtEdka1JGa3H3f-NWx82w0TeyNXUSfe1RPfQGD7aeiAEssrjL3caaTcVrGJiFta4ihTRukNW6k5-EXCpdGXbeo_ALzzgcnmA3qyg7g2zMpZ4GqumQ7-XM-uoWBSvyl2sgEhCghRYqvlC9gsPvOngCNOCiTGW788qmi2zubbL0hEqqiVGnoapGgQDiugitYjF8yrpCGFSzKnLMrqFdqfSYwV-vdnHhjO1SI9FMTcCGkkCn_RDCW89bgON0G6eZdZChnR7GeDPpwsefXCwr_1YVIGLjx7xeoXwC2KtiiRgyCfYqTT52XAI7xgA1Ce5wC2s_4Fy8wDP8ZZ-XJEE3alQArdDEgp7bEmssAU2wDQtLgDgujXCm9zIpKGBUTnIIJiNETZ7xcImkQ4gjNt0gYD0yOORVkofU12SLN3Z2TZZhlnDEumyw=?_z=5201148&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=6&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Cookie: OAID=a2076a2478a74fe197c3ab619cd9feb2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:55 GMT
content-type: image/gif
content-length: 43
x-trace-id: 560da7d6bc53e2ef6fcb705f16a330ae
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://okxxx.cam
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 350081
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
142.250.74.106200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP 142.250.74.106:0
Hash 3c74d4f5cfa54e017d9f7e8a2dc9044e
b5884c0de90de3eb1665625cfe24e3e3e4509aa1
c3d9b400c1dabc9958c0c59ed97077eb0eab3a527010b3c2ca452537231abff7
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 20:48:56 GMT
date: Sun, 04 Dec 2022 20:48:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec2e8dd-0603-4e77-a4c4-d12283344063.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec2e8dd-0603-4e77-a4c4-d12283344063.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d92ef24fca79a19de35e5f01b787fd01
1428e76ca8acfbf84d17c129df711d04e46e6560
ca68c585d243bcfd901caff5cf426b1bb8039656d1e13a8623d9ca37ef089454
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec2e8dd-0603-4e77-a4c4-d12283344063.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11453
x-amzn-requestid: bef4ead1-065b-44e2-beef-8ada5ed9a3da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsrtEE2oAMFwdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc17d-4743671c3ef34662260246ec;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZBZA_MGk_aEoDH6sRMJuMbim-YZ3FhlxgYt2LMiAxHKIOCOpeMI2gQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:06:02 GMT
age: 81774
etag: "1428e76ca8acfbf84d17c129df711d04e46e6560"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nanouwho.com/1?z=5201149
139.45.197.242200 OK 0 B IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5201149 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:50 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 7b912cd88c225443199af0cfc1b33eec
access-control-expose-headers: X-Sc
x-sc: c8e80sCK690o6jEwki5MK0F7MrrdOJRSjLWbryqDMItaqg-3slHPzSqI3BAIjO1HYXhUyZ_3auOknuQ63ocQDbs4U6I=
set-cookie: scm=1; expires=Mon, 04 Dec 2023 20:48:50 GMT; secure; SameSite=None
OAID=e40740576cfc45908842d4ae5f257c91; expires=Mon, 04 Dec 2023 20:48:50 GMT; secure; SameSite=None
oaidts=1670186930; expires=Mon, 04 Dec 2023 20:48:50 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
okxxx.cam/wp-content/themes/retrotube/style.css?ver=1.6.9.1659204731
104.21.9.220200 OK 0 B URL HTTP/2 okxxx.cam/wp-content/themes/retrotube/style.css?ver=1.6.9.1659204731
IP 104.21.9.220:0
GET /wp-content/themes/retrotube/style.css?ver=1.6.9.1659204731 HTTP/1.1
Host: okxxx.cam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:48 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 18:12:11 GMT
cache-control: max-age=31536000
expires: Sun, 29 Oct 2023 20:51:54 GMT
etag: W/"62e5747b-125d2"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 3110214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRj%2FNhGNsdZhwDsdVf13fsXm60A8CII2RUn%2BpoA5h8EfkHhjfmZgJ9Mx9MKkGMdqkVZssnYENqLnZ3q1n7NQqAXHsRHbUASjSi6mLZdAP9ZrIaF6b8koR9TLF8U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774767b0b9fcb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bedrapiona.com/5/5201151/?oo=1&js_build=iclick-v1.458.0
139.45.197.234200 OK 0 B URL HTTP/2 bedrapiona.com/5/5201151/?oo=1&js_build=iclick-v1.458.0
IP 139.45.197.234:0
GET /5/5201151/?oo=1&js_build=iclick-v1.458.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://okxxx.cam
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:49 GMT
content-type: application/json
x-trace-id: 0666265d9f47de745ba11b5e371726bc
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://okxxx.cam
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=a2076a2478a74fe197c3ab619cd9feb2; expires=Mon, 04 Dec 2023 20:48:49 GMT; path=/; secure; SameSite=None
oaidts=1670186929; expires=Mon, 04 Dec 2023 20:48:49 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiNDkiLCJzaWQiOiIxMDAwMjQ4NiIsIm5pZHMiOiIzNDYxOSIsImR5bl9kbW4iOiIiLCJjcmlkIjoiMTA0MjM2NiIsInN2IjoiNTA2IiwicmVmX2RtbiI6Im9reHh4LmNhbSIsImV4dF9jaWQiOiIiLCJ0c25hbWUiOiJBRkYiLCJjcmMiOiIzIiwiY24iOiIzMTVYMzAwX1JPTl9KQU4xOSIsIm5pZCI6IjM0NjE5IiwiZXh0X3B1YiI6IiIsImNycCI6IjUwIiwidGlkIjoiMiIsIml0IjoiMDRcL0RlY1wvMjAyMjoyMDo0ODo0OSArMDAwMCIsImNjIjoiMSIsInNuY2lkIjoiMzgwOTEiLCJjaWQiOiIyNjAyNSIsImV4dF91aWQiOiIiLCJjcCI6IjEwMCIsInNuY2NpZCI6IjE5NjcxMjciLCJpaWQiOiIwOWE0NzQxMzZlY2NiODJjZmQxZjVkYTY4M2UzZGQzMyIsImV4dF9paWQiOiIifQ==?unique_view=1
66.254.114.171200 OK 0 B URL HTTP/2 a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiNDkiLCJzaWQiOiIxMDAwMjQ4NiIsIm5pZHMiOiIzNDYxOSIsImR5bl9kbW4iOiIiLCJjcmlkIjoiMTA0MjM2NiIsInN2IjoiNTA2IiwicmVmX2RtbiI6Im9reHh4LmNhbSIsImV4dF9jaWQiOiIiLCJ0c25hbWUiOiJBRkYiLCJjcmMiOiIzIiwiY24iOiIzMTVYMzAwX1JPTl9KQU4xOSIsIm5pZCI6IjM0NjE5IiwiZXh0X3B1YiI6IiIsImNycCI6IjUwIiwidGlkIjoiMiIsIml0IjoiMDRcL0RlY1wvMjAyMjoyMDo0ODo0OSArMDAwMCIsImNjIjoiMSIsInNuY2lkIjoiMzgwOTEiLCJjaWQiOiIyNjAyNSIsImV4dF91aWQiOiIiLCJjcCI6IjEwMCIsInNuY2NpZCI6IjE5NjcxMjciLCJpaWQiOiIwOWE0NzQxMzZlY2NiODJjZmQxZjVkYTY4M2UzZGQzMyIsImV4dF9paWQiOiIifQ==?unique_view=1
IP 66.254.114.171:0
GET /track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiNDkiLCJzaWQiOiIxMDAwMjQ4NiIsIm5pZHMiOiIzNDYxOSIsImR5bl9kbW4iOiIiLCJjcmlkIjoiMTA0MjM2NiIsInN2IjoiNTA2IiwicmVmX2RtbiI6Im9reHh4LmNhbSIsImV4dF9jaWQiOiIiLCJ0c25hbWUiOiJBRkYiLCJjcmMiOiIzIiwiY24iOiIzMTVYMzAwX1JPTl9KQU4xOSIsIm5pZCI6IjM0NjE5IiwiZXh0X3B1YiI6IiIsImNycCI6IjUwIiwidGlkIjoiMiIsIml0IjoiMDRcL0RlY1wvMjAyMjoyMDo0ODo0OSArMDAwMCIsImNjIjoiMSIsInNuY2lkIjoiMzgwOTEiLCJjaWQiOiIyNjAyNSIsImV4dF91aWQiOiIiLCJjcCI6IjEwMCIsInNuY2NpZCI6IjE5NjcxMjciLCJpaWQiOiIwOWE0NzQxMzZlY2NiODJjZmQxZjVkYTY4M2UzZGQzMyIsImV4dF9paWQiOiIifQ==?unique_view=1 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/get/10002486?ata=Tisabd
Cookie: adtool_guid=Ch5KFmONB7GU+xV/PxgyAg==; RNLBSERVERID=ded7040
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 04 Dec 2022 20:48:49 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
x-request-id: 638D07B1-42FE72AB01BB5C96-6D25E4C
X-Firefox-Spdy: h2
nanouwho.com/27/1ead059fa749da4c72410ffa55976f24
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/27/1ead059fa749da4c72410ffa55976f24
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /27/1ead059fa749da4c72410ffa55976f24 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Cookie: scm=1; OAID=e40740576cfc45908842d4ae5f257c91; oaidts=1670186930
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:50 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 02 Dec 2022 03:31:44 GMT
expires: Fri, 01 Jan 2083 03:31:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=AptUZlYd2pWUJ9I4tFvpgFGlT-ASXH4jjJTWrZLvz3sI0w0s5A8SZUbOxT26o-RhcG-vjYTfVCCuZm3NsaPE7lfrENaVNebEAxF7aF3lifLdN4WAjwZcBvxfnNV-JF_Ot1BmEvXDJScoaZyLiItGjD3xdd3lYk18SkJ8NcEe2WL30jRaUmrKxilOUYDF0F6PFDsp7IstDUknWgErvMoeUoZ2zJ4V_tw-bB8-m-T31xk%3D&request_ab2=96001&zoneid=5201151&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=5&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=be42191c-9d63-4cdd-b791-c9fde31b3048&userId=a2076a2478a74fe197c3ab619cd9feb2&m=link
139.45.197.243200 OK 0 B URL HTTP/2 onmarshtompor.com/?rb=AptUZlYd2pWUJ9I4tFvpgFGlT-ASXH4jjJTWrZLvz3sI0w0s5A8SZUbOxT26o-RhcG-vjYTfVCCuZm3NsaPE7lfrENaVNebEAxF7aF3lifLdN4WAjwZcBvxfnNV-JF_Ot1BmEvXDJScoaZyLiItGjD3xdd3lYk18SkJ8NcEe2WL30jRaUmrKxilOUYDF0F6PFDsp7IstDUknWgErvMoeUoZ2zJ4V_tw-bB8-m-T31xk%3D&request_ab2=96001&zoneid=5201151&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=5&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=be42191c-9d63-4cdd-b791-c9fde31b3048&userId=a2076a2478a74fe197c3ab619cd9feb2&m=link
IP 139.45.197.243:0
GET /?rb=AptUZlYd2pWUJ9I4tFvpgFGlT-ASXH4jjJTWrZLvz3sI0w0s5A8SZUbOxT26o-RhcG-vjYTfVCCuZm3NsaPE7lfrENaVNebEAxF7aF3lifLdN4WAjwZcBvxfnNV-JF_Ot1BmEvXDJScoaZyLiItGjD3xdd3lYk18SkJ8NcEe2WL30jRaUmrKxilOUYDF0F6PFDsp7IstDUknWgErvMoeUoZ2zJ4V_tw-bB8-m-T31xk%3D&request_ab2=96001&zoneid=5201151&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=5&pl=https%3A%2F%2Fokxxx.cam%2Fthe-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=be42191c-9d63-4cdd-b791-c9fde31b3048&userId=a2076a2478a74fe197c3ab619cd9feb2&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://okxxx.cam
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:50 GMT
content-type: application/json
x-trace-id: 316146a34ff6a0a5fb654ef9061445b7
access-control-allow-origin: https://okxxx.cam
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=a2076a2478a74fe197c3ab619cd9feb2; expires=Mon, 04 Dec 2023 20:48:50 GMT; path=/; secure; SameSite=None
oaidts=1670186930; expires=Mon, 04 Dec 2023 20:48:50 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 11 Dec 2022 20:48:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
pornez.net/m4u8/qQTNyYMSy1G_1080.m3u8
81.17.22.116206 Partial Content 0 B URL HTTP/1.1 pornez.net/m4u8/qQTNyYMSy1G_1080.m3u8
IP 81.17.22.116:0
ASN #51852 Private Layer INC
GET /m4u8/qQTNyYMSy1G_1080.m3u8 HTTP/1.1
Host: pornez.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 04 Dec 2022 20:48:49 GMT
Content-Type: application/vnd.apple.mpegurl
Content-Length: 55144
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 12:52:04 GMT
ETag: "6374dcf4-d768"
X-Cache-Status: HIT
Content-Range: bytes 0-55143/55144
okxxx.cam/wp-includes/css/classic-themes.min.css?ver=1
104.21.9.220200 OK 0 B URL HTTP/2 okxxx.cam/wp-includes/css/classic-themes.min.css?ver=1
IP 104.21.9.220:0
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: okxxx.cam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:48 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Wed, 02 Nov 2022 02:51:34 GMT
etag: W/"d9-5ec73eb2ce67d-gzip"
vary: Accept-Encoding
cache-control: max-age=31536000
expires: Thu, 02 Nov 2023 06:05:21 GMT
referrer-policy: no-referrer-when-downgrade
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2817807
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mkt9gNsqtcfMW7092kr4x0NO5f8amtkRceiEEKwvEHHBOKW6CAC%2FD1OOxZ4Btcp2JkyaWvWZlFcPTCH4Z8H0e7bhpyWNcrXnTeAQMx2oDHbLWkadrKfNV3sKbhQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774767b0a9e4b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
okxxx.cam/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
104.21.9.220200 OK 0 B URL HTTP/2 okxxx.cam/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 104.21.9.220:0
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: okxxx.cam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:48 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 02:51:34 GMT
cache-control: max-age=31536000
expires: Thu, 02 Nov 2023 06:05:21 GMT
etag: W/"6361db36-15e54"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2817807
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpLLGbB%2F1BrNcvaolBu2hQG1CtFoLrzv%2BZH36YtePG7AdTEcyXH%2F%2BEGxlMRORqoxpzFERQjwgATn598v5IFrshN8a3kw2QuYtrQBVdcRvXZHlABNRuqJzwxHAr4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774767b0ba12b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
okxxx.cam/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
104.21.9.220200 OK 0 B URL HTTP/2 okxxx.cam/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 104.21.9.220:0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: okxxx.cam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:48 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
cache-control: max-age=31536000
expires: Sun, 29 Oct 2023 20:51:54 GMT
etag: W/"5fb4e3fe-2bd8"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 3110214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NuWJlmsdQhPGiPN9%2B4UDkBWwxhQarTdFrsFK0%2BCy%2FQ3RSYGLpqfYJmvDNCMEn9KYPhvVm4%2Btzp6Bi%2Fb4U2oRwIBUQUmHQ4rHR0xCHWuFmcv02wS154Ygb30wHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774767b0ba1bb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
okxxx.cam/wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0
104.21.9.220200 OK 0 B URL HTTP/2 okxxx.cam/wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 104.21.9.220:0
GET /wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: okxxx.cam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:48 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 18:12:11 GMT
cache-control: max-age=31536000
expires: Sat, 11 Nov 2023 19:53:55 GMT
etag: W/"62e5747b-7918"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1990493
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTfgr3w%2BZebzEUDD9l4RFHKSb6RF0mfg6t3aK%2FaiXdEQ%2FaUmw9fccYt2rcglXHOkez43stBus1JFiyXD0q7BpfS3CT4m1KAMniwXGdvMcJpBv7o3qbRsVzjHru4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774767b0b9ecb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.adtng.com/get/10002481?ata=Tisabd
66.254.114.171200 OK 0 B URL HTTP/2 a.adtng.com/get/10002481?ata=Tisabd
IP 66.254.114.171:0
GET /get/10002481?ata=Tisabd HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sun, 04 Dec 2022 20:48:49 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KJmONB7Gcdn/gZIXmAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded6742; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 638D07B0-42FE72AB01BB5C96-6D25D05
X-Firefox-Spdy: h2
a.adtng.com/get/10002808?ata=Tisabd
66.254.114.171200 OK 0 B URL HTTP/2 a.adtng.com/get/10002808?ata=Tisabd
IP 66.254.114.171:0
GET /get/10002808?ata=Tisabd HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sun, 04 Dec 2022 20:48:49 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KHmONB7FP3BFPn7duAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7078; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 638D07B1-42FE72AB01BB5C96-6D25D0B
X-Firefox-Spdy: h2
ibrapush.com/pfe/current/universal.min.js?v=3.1.409
139.45.197.250200 OK 0 B URL HTTP/2 ibrapush.com/pfe/current/universal.min.js?v=3.1.409
IP 139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.409 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://okxxx.cam
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:50 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-18c6c"
access-control-allow-origin: https://okxxx.cam
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
okxxx.cam/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
104.21.9.220200 OK 0 B URL HTTP/2 okxxx.cam/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 104.21.9.220:0
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: okxxx.cam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://okxxx.cam/the-mechanics-messy-wife-gianna-dior-bella-rolland-alex-mack-1080p-full-video-4/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:48:48 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 02:51:35 GMT
cache-control: max-age=31536000
expires: Thu, 16 Nov 2023 05:32:39 GMT
etag: W/"63745037-172a9"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1610169
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAiSVJY6ow3IokhRILi5ZGnbuHh4aIUoeYProuCGO%2FsrRDLW9%2B5jUkrtl7NZNH%2FiPJXPJe6XLHaTzMwu3tjs6sQEEe8MQGU0H6Aw3RQJM9ub3tB%2B0Aw1sP8RUX4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774767b0a9d8b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
betotodilea.com/400/5201148
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/5201148
IP 139.45.197.237:0
GET /400/5201148 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://okxxx.cam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:48:50 GMT
content-type: application/javascript
x-trace-id: 5c6c7ebda365309390ffd20588d8b0dd
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=e3cf2b1e174745e2a87727f00c686dc5; expires=Mon, 04 Dec 2023 20:48:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2