xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus
301 Moved Permanently 41 B URL User Request GET HTTP/2 xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus
IP
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with no line terminators
Hash 3d93d825d5000154d0c882d6f05d9245
2ac5191d366e0fdc77540ce1b56acaffcdd870f9
1e8e79fecc4ef5577df415ca4ebaff73c742277990e1b9d927ea7a09f704667d
GET /05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 28 Nov 2023 09:45:14 GMT
content-type: text/html; charset=UTF-8
location: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
x-pingback: https://xtapes.to/xmlrpc.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K93PtJI%2FlafcmlmkQW8%2BgK7hahF%2Fbu2CCL96qbVc8O8DJ%2FDikTX2ZtFmU0Rnkc8ujd0la%2BdXJnoi8E3Gx2dwTJ%2BC4R%2BwL15Isvb8x8su1VxshffnuPuMJwUTvV8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad46b97fb52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xtapes.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
200 OK 4.4 kB URL GET HTTP/3 xtapes.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type gzip compressed data, from Unix\012- data
Hash 5820a829bb5e602b30e0c11afeb283f6
7e67fc6f9dd02c2fa4f09049d77a156c677dcb84
99a74eb37db2ab60d29fde7860e7554d3707e1d59040225a3da1ae9d9e7cfa54
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
etag: W/"65568fe4-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zc37SDB8mhxlV%2FRdLu7hJYxVpw6C6sIzBl8Tuymmn4Ef5Qgeb6tnj86GJSRsoeHn9TU4fPI6P9CoHw6ag4JxOx8Tm%2BiK6mP81RtvHtwunUwoJ84dhmE2OcSQHyA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50a98f56bd-OSL
x-frame-options: DENY
expires: Thu, 30 Nov 2023 09:45:15 GMT
cache-control: max-age=172800, public
content-encoding: gzip
www.xtapes.io/pic/anna_de_ville_lyna_cypher_interracial_gangbang_2017.jpg
200 OK 13 kB URL GET HTTP/2 www.xtapes.io/pic/anna_de_ville_lyna_cypher_interracial_gangbang_2017.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 600x600, segment length 16, baseline, precision 8, 313x187, components 3\012- data
Hash 67bd38607483fc0f018e3f9d28284166
8640ac6c930d07b9813b4177638181d05f347c55
6067e82c1585e81a164fb6fda1eed0d1cbc5e227efcc514ae625a062c71470e0
GET /pic/anna_de_ville_lyna_cypher_interracial_gangbang_2017.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Mon, 06 Mar 2023 08:14:32 GMT
cache-control: public, max-age=290304000
expires: Fri, 08 Dec 2023 14:13:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 329519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boOHvUXLb6rXH5wwN3jYIiEK%2BmpxNWPHjTgbzx9rGM7CWlXtO4xHs6LAf3EY1p1oriKGzjP5t9b72Y4Np3Z7HtPJbpOFAlMy4KiGy7j9QWwzk6%2BKIlGlRCp5xqgg5iZx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50ea400b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.xtapes.io/i/5841017.jpg
200 OK 46 kB URL GET HTTP/2 www.xtapes.io/i/5841017.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x434, components 3\012- data
Hash 9a49c0dab5242295575525dd12c9d39c
4545204f1d2f4fbea2e2adcf83c9fc4a6d610ea4
7ce37813b62f2a46d5bcfe363299e2254ad67fba0a26f471d38ee1c73f66d1e6
GET /i/5841017.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Mon, 12 Jun 2023 08:01:08 GMT
cache-control: public, max-age=290304000
expires: Sat, 09 Dec 2023 13:23:11 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 246124
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKEXxkFS8aU49FNaFY1zoM6%2F%2F6Mi84DIuN1fSZWmpdmL2E4UXUfR%2B9dxjj1Nyuy6ByW6RANPi0mN3pr7rnbdHJ00JKzKBuySroJu3MIVHY3vHbdFwUFpHIQV8lfBQUxU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50ea370b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xtapes.io/img/chessie_kay_dona_bell_valentines_day_groupsex.jpg
200 OK 22 kB URL GET HTTP/3 xtapes.io/img/chessie_kay_dona_bell_valentines_day_groupsex.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 400x270, components 3\012- data
Hash 6b144e297c9b98fd0d152ed1dcec82f6
327a2bc46ddc4d6c7a2f4f9cde02746ef34246b0
e60f84a82494d8678708401a60ccbaf332fe99a8cc0d64d372eeaf09548634ad
GET /img/chessie_kay_dona_bell_valentines_day_groupsex.jpg HTTP/1.1
Host: xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: image/jpeg
last-modified: Mon, 06 Mar 2023 08:14:32 GMT
cache-control: public, max-age=290304000
expires: Thu, 07 Dec 2023 11:29:45 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 425731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVXlQbbM%2BlUpoxUfL9oCdhY%2Bb%2BcPW%2FoGa0HPFrypE%2B9e%2F%2BPCvePRJdaBJ0g8J%2Bh3zxPKpRKLVkzGemO4GWbOI2WkdIZgQkuV202lIGTGhBLH6N3gC3L6UHfez8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad53f9fa56c0-OSL
alt-svc: h3=":443"; ma=86400
www.xtapes.io/i/tghz7t8dr5s2.jpg
200 OK 20 kB URL GET HTTP/2 www.xtapes.io/i/tghz7t8dr5s2.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Optimized by JPEGmini 3.16.14.91282135 0x0d9a3bc4", baseline, precision 8, 400x269, components 3\012- data
Hash d2202429ec9e0b49d9143873e0756215
0043ee2dc57f740cdb0c2e17e98835ecd88130ef
1a674a9df7390b60f77dec0bbe61bb43a6c88d5acf9f51c1ef36b7ee963eb402
GET /i/tghz7t8dr5s2.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: image/jpeg
last-modified: Mon, 06 Mar 2023 08:13:45 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 09:45:15 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pe3I9GgmevejioP%2BlorZr0SjQJrGG2457LDLxBvJGiVEuCHGX74hZYtfiQo1oCy%2BP55hffO9jBx1Gffl8wXHuXtnkh7%2Bq8NsFCnpNR5ehdnpypTKKQblA3M902swYqKF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50ea380b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xtapes.to/wp-content/themes/xtapes/css/colors.php?color=bd1515&ver=4.2.36
200 OK 1.4 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/css/colors.php?color=bd1515&ver=4.2.36
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with CRLF line terminators
Hash 8912f994eb9a4f1f11aecfda0fe38a48
819ad789c43ffdf5af91d96eba44f9848540e871
c5430150cbd5e229308632000d2f4a0968fc5f7dab3de82d4f14fdbfdd148a3c
GET /wp-content/themes/xtapes/css/colors.php?color=bd1515&ver=4.2.36 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: text/css;charset=UTF-8
cache-control: max-age=1209600
expires: Tue, 12 Dec 2023 09:45:15 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkplrTZglVKjKq3mMCCG0DUBhJ16kwDHnrmc7K3EULz8AuEnnnQzZgu3sljnYXamftfOItTEGofK%2FP6h3j%2BlKBgssP6CjlNq5EUl25gA73uA36vTRPnfczx0FvU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50391a56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
200 OK 9.6 kB URL GET HTTP/2 fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 9588, version 1.0\012- data
Hash 55d912c794126956bb1e8f41597c131f
f7ade582dbe9d0efe97ae105cab313c6e45904d4
8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699
GET /s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xtapes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:06:07 GMT
expires: Fri, 22 Nov 2024 05:06:07 GMT
cache-control: public, max-age=31536000
age: 448749
last-modified: Tue, 19 Apr 2022 18:29:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.xtapes.io/i/952584125.jpg
200 OK 116 kB URL GET HTTP/2 www.xtapes.io/i/952584125.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 600x401, components 3\012- data
Size 116 kB (115584 bytes)
Hash 22ba4dd98de8062987f80b262a6d1644
91e90efd233a19283d1b2cbd51831eb9afbac6c3
105251f51f7075ee53667710ddbfe6c69950b275b80767e8a925a9cb6839a580
GET /i/952584125.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Tue, 28 Nov 2023 09:13:46 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 09:23:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1298
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBQsnVnV2dLBj69thTUX77YP2H7hgfYhQx%2FZDKU%2BGiiwQbFiHMaKC1sbmlFLL2wgtEGdzPPzsYjabzN1DUicoacZiXxo%2Bwkc%2BaOlrq6atFU0dbQyGb7rEWz0LlmsJOVR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad511a630b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.xtapes.io/i/3610741014.jpg
200 OK 40 kB URL GET HTTP/2 www.xtapes.io/i/3610741014.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, comment: "{"Copyright":"NF Busty","PromoThumbPk":"779186","OwnerObj":"Videoset:174368","Crop":{"x":0,"y":0,"width":1920,"height":1080},"", baseline, precision 8, 600x387, components 3\012- data
Hash 462c99f54e01a98e6a1ca2ddd84e780e
8ee345cd56c0cc135883bc1e4fa5f5eaea042a00
0576edb43d97e88ecd82f8d31734edc04a9c70a04d216c7a4c333c20c9ea26ed
GET /i/3610741014.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Tue, 28 Nov 2023 09:08:14 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 09:09:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2153
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMWsI3SrMK2KAAsIyDaMFC5%2FFyluPaLJSb05HrXL9is%2FFoHGH4lkLwbYF7%2BL%2Fp9aP2uXzYFRXa3qx1m6xWmhujeoaSEtMjWDxjzX%2BQbI5pUKcnxPHYnZQsvykheGXxyQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad511a620b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xtapes.to/wp-content/themes/xtapes/images/play.png
200 OK 1.7 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/images/play.png
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type PNG image data, 46 x 46, 8-bit colormap, non-interlaced\012- data
Hash 3238a0d3b162c0416e2a859591392999
4383f3e3783bf8e19900217d647544b6fd241b53
85862b3604ca9ba215aea958a93583694514bc0f9fd7f28452794dfb6a094212
GET /wp-content/themes/xtapes/images/play.png HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/wp-content/themes/xtapes/style.css?ver=4.2.36
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: image/png
last-modified: Fri, 24 Nov 2017 21:15:56 GMT
cache-control: max-age=1209600
expires: Mon, 27 Nov 2023 11:08:45 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 379577
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jIP8bFRjDGo%2BlomPLa%2BxamWID86cXRl3DZltxibS5bpmsg4UQCluNY3upTcRCQ9NqyatM%2F7FjowrQh2Ur8e3OMvubztJ%2FYBEJ1B4WDwVz5FklbDOD%2FFbn5zyrw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad563f1656bd-OSL
alt-svc: h3=":443"; ma=86400
a.o333o.com/api/spots/112165?p=1
200 OK 4.5 kB URL GET HTTP/2 a.o333o.com/api/spots/112165?p=1
IP
ASN #24940 Hetzner Online GmbH
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerSectigo Limited
Subjecta.o333o.com
Fingerprint26:C9:FD:E3:58:82:6B:6B:A8:2C:F1:57:98:22:F8:75:CC:2D:0C:18
ValiditySun, 29 Jan 2023 00:00:00 GMT - Mon, 12 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 9fa5a549170b16a6e717aac35adef2b5
204e3380469d90279c7e1c3767b10eac8d6280d2
234a0eccae0570ae8747d00407c44771fb3ff0ad00bc6b304f4fe4cc1568085b
GET /api/spots/112165?p=1 HTTP/1.1
Host: a.o333o.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=cpK8B5qOSfcMtgNl0JLA; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
www.xtapes.io/i/453684147410.jpg
200 OK 147 kB URL GET HTTP/2 www.xtapes.io/i/453684147410.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 662x429, components 3\012- data
Size 147 kB (146758 bytes)
Hash d61de96302f693eb9acd956db6552cd0
a25803946b708fb9592d63efff76abd4136c2733
998220d70ceadf0d77f88c5c4737729d8a3e3bc3cb2681c46ee3e7231d4782e8
GET /i/453684147410.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Tue, 28 Nov 2023 09:18:05 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 09:23:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1298
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24lRcgGHxlNSj7KrhI0xes5dE4IHm96cD5yWr4i4q3SVRBg66Z%2BZZm3byxETw3eJ48yVsiqEa1gPyvNuvUCc2%2Bjtd5X%2BXfuxKPoLH7Eszen7yDhP0r0WZEXL%2FRQTJQqs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad511a600b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xtapes.to/wp-includes/js/jquery/jquery.js?ver=1.11.2
200 OK 35 kB URL GET HTTP/3 xtapes.to/wp-includes/js/jquery/jquery.js?ver=1.11.2
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (32047)
Hash 4e2a6874f8b028fa23591492284a1643
1936ce684393234fec26197d7d7c61f6bba1ef36
9b1b195900c079b2a8859cb8ded918d2e179c49fbb2a3aab3491e68d33fbaa54
GET /wp-includes/js/jquery/jquery.js?ver=1.11.2 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript
last-modified: Mon, 24 Aug 2015 20:03:39 GMT
cache-control: max-age=604800, private
expires: Tue, 12 Dec 2023 09:45:16 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qS9KMCPIdIxzuzjBtD7kvGQuxgi0fws8AST%2F16mS04wmx6O1kX8YXj1cC5stDl0DIYfWLMio4ldSNnhI2s2BA4p10Cwv9xi39ZmTy9Qb5lym1lJdWMRaHTuYEic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad565f4156bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/images/rating-dark.png
200 OK 94 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/images/rating-dark.png
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 482837a9600fb2ff0fee473d1c5953da
04744a47dd98f7fa1df554bfbb1ce50c0ca952d9
dca8f89c95b0e60fee18812f0785c43e739837ea957dcea1f3f6a88ec2d296f3
GET /wp-content/themes/xtapes/images/rating-dark.png HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/wp-content/themes/xtapes/css/dark.css?ver=4.2.36
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: image/png
last-modified: Sat, 13 Sep 2014 10:40:56 GMT
cache-control: max-age=1209600
expires: Wed, 22 Nov 2023 15:34:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 585923
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQoItIE9vu%2FH%2Bg3JiVJzvDDXSf%2BLCcidIrT0EI5tmLyr8JffLTD50BhSjEoJ3VOlbYVJxSzg5%2Bdm20JtW8VH3vtkcUJQVQVthe5UdxSb3821ZiRIFEas0bu7wao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad563f1856bd-OSL
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
200 OK 3.5 kB URL GET HTTP/3 xtapes.to/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (7085), with CRLF line terminators
Hash 512b871a2830e44259bc3ce3343afcd0
875bce76a77590c3c438bbc6e014b39c23c8c88d
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript
last-modified: Fri, 13 Oct 2023 02:23:10 GMT
cache-control: max-age=604800, private
expires: Tue, 12 Dec 2023 09:45:16 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrZPb5eCeBnlq%2BKwLTCPZ%2FgzltH1R2qSkz5W71XRrjaRYX4mHjDmUU2FaEiLMJhXVmpmabjJmVwphxWecQa%2FYe%2FeYAkEJ5ihoIqP2hXgXuv3K69hZki9l8S55sY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad565f4056bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/scripts/jQuery.ba-resize.min.js?ver=1.0
200 OK 1.1 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/scripts/jQuery.ba-resize.min.js?ver=1.0
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (863), with CRLF line terminators
Hash bfc0e056668557eea0c0fd40d4d00f30
e70630149bdac7c651a029e80569f2d4a59eabbf
6f4689459ef10358f35d5849a47e2f623375803c7764719f5a205f4b3eaa0315
GET /wp-content/themes/xtapes/scripts/jQuery.ba-resize.min.js?ver=1.0 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:17 GMT
content-type: application/javascript
last-modified: Sat, 13 Sep 2014 10:40:38 GMT
cache-control: max-age=604800, private
expires: Tue, 12 Dec 2023 09:45:16 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuyb2IAaybHpGeOMr216iGU5wW139QirAjHeGt2TQBN8Q5nNXWcO3BuzmeAqgmp6yD4N5hiaxhopWsBXrrrQFuvvFMNPQ64etM3k1CLsv6uFyc3FAtvOaOO0bkk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad564f3856bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.google.com/recaptcha/api.js?render=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV
200 OK 584 B URL GET HTTP/2 www.google.com/recaptcha/api.js?render=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type ASCII text, with very long lines (884), with no line terminators
Hash caf2048740e607cf1faa4f1542f90fc5
b918acfc80501ef8984f1ff892a350d8d94593cf
6dde961a4921e7ca44187d9e65f61bd1d7d928d421a55d7b39cad1aaad11d9a3
GET /recaptcha/api.js?render=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 28 Nov 2023 09:45:16 GMT
date: Tue, 28 Nov 2023 09:45:16 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vid.xtapes.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=36773814
200 OK 2 B URL GET HTTP/3 vid.xtapes.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=36773814
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=36773814 HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Cookie: uid=Hh**1F7CSvPK9ynjsRp*RU7hDCHNomQS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:17 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
x-inferno-location: banner
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKGhgqar5tYdVrkLdHEiGYgw%2FJ%2FjYKkT0Jujqn5SsdOJFMpO%2Ffv%2F1rIB9MUTwjHLq3eGldXDAxuaOlw6x%2B2w6J1yOnj7iRp7r%2BN%2BC91IlsrCpWPdTfHiQuwqZLz1800u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad5edf2d56bd-OSL
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/scripts/main.js?ver=1.0
200 OK 2.5 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/scripts/main.js?ver=1.0
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with CRLF line terminators
Hash ab386da507dd7047295b34e232939c45
8420f5b01b9bb82fa5fabb137252dd090dc5fdde
212a2be8ddb6ea35e2b2470ed2e96e47e4ba6a17d29fe9e943a83a4e5f99e0e5
GET /wp-content/themes/xtapes/scripts/main.js?ver=1.0 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:17 GMT
content-type: application/javascript
last-modified: Sat, 13 Sep 2014 10:40:38 GMT
cache-control: max-age=604800, private
expires: Tue, 12 Dec 2023 09:45:16 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2Fvw6yVDYp28pAye8b7Ckn2ZV%2B5K5oAz44IOh%2FRCJhwdoa0umCpEVsFxjedb8IVJwAOV6RO%2FzxKzQwu7maSZZxyAYPrDcwe%2Bd7pFc8ilEUA%2B40cXdr9Esrc6lTs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad565f3a56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
r7nim14weg.sw-cdnstream.com/hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/master.m3u8?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304
200 OK 354 B URL GET HTTP/1.1 r7nim14weg.sw-cdnstream.com/hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/master.m3u8?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304
IP
ASN #49453 Global Layer B.V.
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGlobalSign nv-sa
Subject*.sw-cdnstream.com
FingerprintA7:65:73:FF:C1:DF:99:64:28:31:2A:8D:55:E3:E6:F9:76:0F:B9:D5
ValidityTue, 18 Apr 2023 08:29:36 GMT - Sun, 19 May 2024 08:29:35 GMT
Hash 73ed0dadd0654b18f9c94138608f216b
5b023a181f0c57b28168d6fb0e48a88fa5a7ddc3
7164c7d8924d3f5c0db5db2f2845a16bfe1d2f25095f7182ce005f0ef5c0061c
GET /hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/master.m3u8?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304 HTTP/1.1
Host: r7nim14weg.sw-cdnstream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55k.io
DNT: 1
Connection: keep-alive
Referer: https://55k.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 09:45:18 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Tue, 28 Nov 2023 09:45:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 06 Mar 2024 09:36:20 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Content-Encoding: gzip
r7nim14weg.sw-cdnstream.com/hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/index-f1-v1-a1.m3u8?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304
200 OK 1.0 kB URL GET HTTP/1.1 r7nim14weg.sw-cdnstream.com/hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/index-f1-v1-a1.m3u8?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304
IP
ASN #49453 Global Layer B.V.
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGlobalSign nv-sa
Subject*.sw-cdnstream.com
FingerprintA7:65:73:FF:C1:DF:99:64:28:31:2A:8D:55:E3:E6:F9:76:0F:B9:D5
ValidityTue, 18 Apr 2023 08:29:36 GMT - Sun, 19 May 2024 08:29:35 GMT
Hash fc44df74753f4b8be225f05a9d52da5d
0155038b78548f9f73e97e99d236bfea6b43df92
73ee5c20a7a1bc99308e993f39b63744ceaec160228e3ba77a3d8985049f347c
GET /hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/index-f1-v1-a1.m3u8?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304 HTTP/1.1
Host: r7nim14weg.sw-cdnstream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55k.io
DNT: 1
Connection: keep-alive
Referer: https://55k.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 09:45:18 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Tue, 28 Nov 2023 09:45:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 06 Mar 2024 09:36:20 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Content-Encoding: gzip
alleviatepracticableaddicted.com/a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js
200 OK 14 kB URL GET HTTP/1.1 alleviatepracticableaddicted.com/a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectalleviatepracticableaddicted.com
FingerprintED:76:D1:B6:BE:61:8A:98:95:2B:12:51:D5:59:4B:2A:4E:E6:C9:BD
ValiditySun, 29 Oct 2023 06:03:48 GMT - Sat, 27 Jan 2024 06:03:47 GMT
File type ASCII text, with very long lines (37815), with no line terminators
Hash 754a13ba1bad36a68b6d5d03d0a989fb
58222c95edc9a46c3a574d7f03afec12c2ff1275
753a12c0a81f2995fc5bfdda3bbc57a9a0103cef468c16cf72d6628793e7d0e6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js HTTP/1.1
Host: alleviatepracticableaddicted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 09:45:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2e258f2d009e58ef88cc07ab48f84c19
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash ab08b21b37480bf609deaf73dcbf1e34
4121333c3a37ff481b30918ce3a1aa643cf813c2
d8c99d9c9d12731615d29afd9aba86e213ce6c7dfb8938334de50d3edfd78fcd
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 Nov 2023 09:45:20 GMT
Last-Modified: Tue, 28 Nov 2023 08:05:38 GMT
Server: ECAcc (ska/F73A)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pzt6IxEPBKdJpty1VmJdAk-Oih1KUckEjqjuyRFE8YQOOzSTWv5yrQ==
Age: 5982
cdn.o333o.com/vast-im.js
200 OK 78 kB IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerSectigo Limited
Subjectcdn.o333o.com
Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC
ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Hash 6b4984dd977acd1a8e3350f22b7297ce
176f1ebd8361a32a00d07143149419f11d76006a
2a5c9bdabbd7c997e5e2f4d24f34160351567a015343cf45033d17ef79cb56c9
GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 27 Nov 2023 07:18:54 GMT
last-modified: Mon, 27 Nov 2023 07:10:46 GMT
etag: W/"656440f6-4acfa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: EGcSbk427gPdqBymUs_f0lHOp4c3LdTVNltMaVRvf9ATeKOkk3zKUg==
age: 95182
X-Firefox-Spdy: h2
www.xtapes.io/i/58414741258.jpg
200 OK 76 kB URL GET HTTP/2 www.xtapes.io/i/58414741258.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, height=900, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], baseline, precision 8, 666x428, components 3\012- data
Hash 74f2a5d8c8faa77e07f03b1c63d22b23
39b15afe1fcc7db8ca10b7cec159d246c0ae2c8a
1136b4a17cc25234741092d7fc420ce90de9511ce10dda06a3498cb032bb593e
GET /i/58414741258.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Tue, 28 Nov 2023 09:20:59 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 09:23:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1298
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgR67cFqaUzFzhvVIOsCtKGs8QFqW8cbMrZ6wL7Z%2FjafcWmHbcKePftolztzm982cXSz556bmq0Q8IIig0Srn0WcpxVqnetuV1Wr%2BaIcjCkblPP6Y0xK3P5ernzQQ5zG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad511a5f0b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
proceedglad.com/0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js
200 OK 23 kB URL GET HTTP/1.1 proceedglad.com/0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT
File type ASCII text, with very long lines (59633), with no line terminators
Hash 1009ca3b71454f1256a920ed943ee3a1
1a15e1db88c954550176e4a8c76c2b0de29f26a5
5e5fce0ee7cd0bcd040bb5a58ce5f0df9df3bb4c62521567a0c312d420ad7746
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 09:45:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a81f9aa125b439557cd396c134235a7b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
proceedglad.com/sbar.json?key=a6b0b8925d9b3a4154c035c24b4ed97e&uuid=8b7d021f-db35-4a28-bb1c-06ebf3ac71c1%3A1%3A1
200 OK 4.5 kB URL GET HTTP/1.1 proceedglad.com/sbar.json?key=a6b0b8925d9b3a4154c035c24b4ed97e&uuid=8b7d021f-db35-4a28-bb1c-06ebf3ac71c1%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6286), with no line terminators
Hash 0726621bde3f897f0de88ddad96feb01
71ba94cb425e2cf030b5b403ced8f38bd9e24153
cf388485b9d139d1f8fe1ea7e89fe0798bdcffc710e037cec3e475d1bbae642e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=a6b0b8925d9b3a4154c035c24b4ed97e&uuid=8b7d021f-db35-4a28-bb1c-06ebf3ac71c1%3A1%3A1 HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vid.xtapes.to
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 09:45:21 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://vid.xtapes.to
Access-Control-Allow-Origin: https://vid.xtapes.to
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17334956; expires=Wed, 29 Nov 2023 09:45:20 GMT; secure; SameSite=None
uid_id2=8b7d021f-db35-4a28-bb1c-06ebf3ac71c1:1:1; expires=Tue, 05 Dec 2023 09:45:20 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 29 Nov 2023 09:45:21 GMT; secure; SameSite=None
uncs=1; expires=Wed, 29 Nov 2023 09:45:21 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 29 Nov 2023 09:45:21 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 29 Nov 2023 09:45:21 GMT; secure; SameSite=None
sleca6b0b8925d9b3a4154c035c24b4ed97e=[4243974]; expires=Tue, 28 Nov 2023 09:45:26 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 62daadf8316a3766cffb87eb749e90d9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
proceedglad.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuIPyEXFi6AwoAcFd7Z7pntnxhyiMUaCMVmSSE4e6lfPllvT1anqnp7d05KA5Dh68hR6v9nNoi7iXrwFpNeLLARtD7Ki%2B08IuQkyswOjD6ree%2FW9w%2Fd9rz7fzk%2BIj5wer35sNpXWdDlq%2Bo0376hEmMI1rt9uBH7Tv9C4o5KV8EJjNL3s8J3Aj5r%2BW40PJV83yy0%2F8P3ADxpXlJWxGS3PUKh0vxc0e34zbDWDKMTI%2Fr93uQdHPYjhCXkJStTPrP18AMUrJIPvL0u3npn07Q8GuaaZsRiKvU%2BS9cQUCQaLMrYe4mRvPg3jakK%2BOgOT7M0VwAx3pgrAVE283wOwZG9OE2y4e8qUacgETJxHMawgdQVFK3BzH0r8SgAucP0GksGj68YWdOMUpVO0Juee%2Fg1V1OTcXy8jGXx3SatR45bReaZM4jCKS6hRBdWvkOaHyDY9qOIQPLsHJZ6Q5afXkAx2bjhtoMTxG13WEX4riJcEa0dLIW11lxgL%2BJK%2FIlncprwT8GBmkVIVVFxByzGo85BPj%2FKQxx7y1MNAHDdo1It9vxOzuN3uhpzzdpvzqLsiItEOu7GPnE81jJGlY3A9BrdbSO0W1tWXNSEPH9aE%2FLEKm%2F8It1bCCQ8uIxiKEoUkKBxBQQkKRVBkBMWw3BXatVz5SGiXs2CeW%2FPcLicm62%2FTXZP1ZUK20xPy4tRC7%2Fl7%2B1iXxw26wnzW7bUi0WNtGgZRyP12xFshC6XodSScKqHcmZngTVWTVx83kaqaPPfpn2D0EE4fgqsXQPPXQItJp%2BWDrk3Cro%2FNZJ%2BKXGdLa3fvNjMDYUqk2TlkG962PiGvzFb5bvUsJD%2B6%2BAuZBbgtkdoSn6mfCPr6weSmKcjOTVM4cnAjzdRAbdLpmm9lNJNnv%2FlIbhTGiquX3fjr9%2FgUmJb7t6XLrtFEqKTvyLeXlBDSXjGWS%2FL4qrsj2Wru1i7lNsnTa6vvX7k6SK10TpmkAlU1IdVdcFWT8%2F88mX3h162GshVsXmKQH5F5QJlD8HQLLl3wd4bA6sUMSz0UeTmxLbZ41IpAy0VPWQn3n54t6m33AH3rgWb3kQxKDG2JoS5B9RguPzvJUnt08bf2LMC0N2HaejtMW%2F3FqblOHTdkFPux9FuSxT0Wd6gvenHYY7QXyA6LaIDM1VL%2BcPAvAAAA%2F%2F8BAAD%2F%2F0902GqaBAAA
200 OK 7 B URL GET HTTP/1.1 proceedglad.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuIPyEXFi6AwoAcFd7Z7pntnxhyiMUaCMVmSSE4e6lfPllvT1anqnp7d05KA5Dh68hR6v9nNoi7iXrwFpNeLLARtD7Ki%2B08IuQkyswOjD6ree%2FW9w%2Fd9rz7fzk%2BIj5wer35sNpXWdDlq%2Bo0376hEmMI1rt9uBH7Tv9C4o5KV8EJjNL3s8J3Aj5r%2BW40PJV83yy0%2F8P3ADxpXlJWxGS3PUKh0vxc0e34zbDWDKMTI%2Fr93uQdHPYjhCXkJStTPrP18AMUrJIPvL0u3npn07Q8GuaaZsRiKvU%2BS9cQUCQaLMrYe4mRvPg3jakK%2BOgOT7M0VwAx3pgrAVE283wOwZG9OE2y4e8qUacgETJxHMawgdQVFK3BzH0r8SgAucP0GksGj68YWdOMUpVO0Juee%2Fg1V1OTcXy8jGXx3SatR45bReaZM4jCKS6hRBdWvkOaHyDY9qOIQPLsHJZ6Q5afXkAx2bjhtoMTxG13WEX4riJcEa0dLIW11lxgL%2BJK%2FIlncprwT8GBmkVIVVFxByzGo85BPj%2FKQxx7y1MNAHDdo1It9vxOzuN3uhpzzdpvzqLsiItEOu7GPnE81jJGlY3A9BrdbSO0W1tWXNSEPH9aE%2FLEKm%2F8It1bCCQ8uIxiKEoUkKBxBQQkKRVBkBMWw3BXatVz5SGiXs2CeW%2FPcLicm62%2FTXZP1ZUK20xPy4tRC7%2Fl7%2B1iXxw26wnzW7bUi0WNtGgZRyP12xFshC6XodSScKqHcmZngTVWTVx83kaqaPPfpn2D0EE4fgqsXQPPXQItJp%2BWDrk3Cro%2FNZJ%2BKXGdLa3fvNjMDYUqk2TlkG962PiGvzFb5bvUsJD%2B6%2BAuZBbgtkdoSn6mfCPr6weSmKcjOTVM4cnAjzdRAbdLpmm9lNJNnv%2FlIbhTGiquX3fjr9%2FgUmJb7t6XLrtFEqKTvyLeXlBDSXjGWS%2FL4qrsj2Wru1i7lNsnTa6vvX7k6SK10TpmkAlU1IdVdcFWT8%2F88mX3h162GshVsXmKQH5F5QJlD8HQLLl3wd4bA6sUMSz0UeTmxLbZ41IpAy0VPWQn3n54t6m33AH3rgWb3kQxKDG2JoS5B9RguPzvJUnt08bf2LMC0N2HaejtMW%2F3FqblOHTdkFPux9FuSxT0Wd6gvenHYY7QXyA6LaIDM1VL%2BcPAvAAAA%2F%2F8BAAD%2F%2F0902GqaBAAA
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuIPyEXFi6AwoAcFd7Z7pntnxhyiMUaCMVmSSE4e6lfPllvT1anqnp7d05KA5Dh68hR6v9nNoi7iXrwFpNeLLARtD7Ki%2B08IuQkyswOjD6ree%2FW9w%2Fd9rz7fzk%2BIj5wer35sNpXWdDlq%2Bo0376hEmMI1rt9uBH7Tv9C4o5KV8EJjNL3s8J3Aj5r%2BW40PJV83yy0%2F8P3ADxpXlJWxGS3PUKh0vxc0e34zbDWDKMTI%2Fr93uQdHPYjhCXkJStTPrP18AMUrJIPvL0u3npn07Q8GuaaZsRiKvU%2BS9cQUCQaLMrYe4mRvPg3jakK%2BOgOT7M0VwAx3pgrAVE283wOwZG9OE2y4e8qUacgETJxHMawgdQVFK3BzH0r8SgAucP0GksGj68YWdOMUpVO0Juee%2Fg1V1OTcXy8jGXx3SatR45bReaZM4jCKS6hRBdWvkOaHyDY9qOIQPLsHJZ6Q5afXkAx2bjhtoMTxG13WEX4riJcEa0dLIW11lxgL%2BJK%2FIlncprwT8GBmkVIVVFxByzGo85BPj%2FKQxx7y1MNAHDdo1It9vxOzuN3uhpzzdpvzqLsiItEOu7GPnE81jJGlY3A9BrdbSO0W1tWXNSEPH9aE%2FLEKm%2F8It1bCCQ8uIxiKEoUkKBxBQQkKRVBkBMWw3BXatVz5SGiXs2CeW%2FPcLicm62%2FTXZP1ZUK20xPy4tRC7%2Fl7%2B1iXxw26wnzW7bUi0WNtGgZRyP12xFshC6XodSScKqHcmZngTVWTVx83kaqaPPfpn2D0EE4fgqsXQPPXQItJp%2BWDrk3Cro%2FNZJ%2BKXGdLa3fvNjMDYUqk2TlkG962PiGvzFb5bvUsJD%2B6%2BAuZBbgtkdoSn6mfCPr6weSmKcjOTVM4cnAjzdRAbdLpmm9lNJNnv%2FlIbhTGiquX3fjr9%2FgUmJb7t6XLrtFEqKTvyLeXlBDSXjGWS%2FL4qrsj2Wru1i7lNsnTa6vvX7k6SK10TpmkAlU1IdVdcFWT8%2F88mX3h162GshVsXmKQH5F5QJlD8HQLLl3wd4bA6sUMSz0UeTmxLbZ41IpAy0VPWQn3n54t6m33AH3rgWb3kQxKDG2JoS5B9RguPzvJUnt08bf2LMC0N2HaejtMW%2F3FqblOHTdkFPux9FuSxT0Wd6gvenHYY7QXyA6LaIDM1VL%2BcPAvAAAA%2F%2F8BAAD%2F%2F0902GqaBAAA HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Cookie: u_pl=17334956; uid_id2=8b7d021f-db35-4a28-bb1c-06ebf3ac71c1:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca6b0b8925d9b3a4154c035c24b4ed97e=[4243974]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 09:45:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 582c154a9662b6c8ba4222a9027fed0e
Strict-Transport-Security: max-age=0; includeSubdomains
proceedglad.com/pixel/purst?dl=0&th=0&sc=0&rs=5333&rd=5333&fd=611&bv=23.11.v.8&tmpl=136
200 OK 0 B URL GET HTTP/1.1 proceedglad.com/pixel/purst?dl=0&th=0&sc=0&rs=5333&rd=5333&fd=611&bv=23.11.v.8&tmpl=136
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=5333&rd=5333&fd=611&bv=23.11.v.8&tmpl=136 HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 09:45:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/img/close.png
200 OK 4.0 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/img/close.png
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type PNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced\012- data
Hash 23e9690b0e7ac26868363a6248f44467
d7ad0eae64e0c1e65b12eda0aa9d2b91996dd64f
f362c67320d739ccf3bea21f857b9620075bd20ceacda8c51261b9612fe28395
GET /sb/notifications/dating/default/us/desk-all/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:21 GMT
content-type: image/png
content-length: 4022
last-modified: Tue, 14 Apr 2020 14:09:22 GMT
etag: "5e95c412-fb6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1556042
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlu7ygJx6e%2BRKjWPeLUH0k1SRlb2iX9iqoCFuWZH9N3QtRBAfI6Em8MQ27bAf6hwNRSFie2cgaZpR%2FVRBCTXQAhT%2FtZC9s08Q2OxdWOJO5PKNan%2BPchmpLGQ81oTu0Y%2FMtpvKID52q68"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad74dd1353a5-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xtapes.to/wp-content/themes/xtapes/images/textures/pattern16.png
200 OK 1.8 MB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/images/textures/pattern16.png
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type PNG image data, 96 x 96, 8-bit colormap, non-interlaced\012- data
Size 1.8 MB (1772165 bytes)
Hash 2b88e3932bdbdb5cf5020af09e4ec7fa
b40bcc7b98eea27adfa406c647a5b8eeaf0f1cf1
ca0098b0b909ac808cda5d1fe51fc24fcea7238e55e2ecfff4092c8f725cab93
GET /wp-content/themes/xtapes/images/textures/pattern16.png HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: image/png
last-modified: Mon, 30 Mar 2015 23:59:29 GMT
cache-control: max-age=1209600
expires: Wed, 29 Nov 2023 10:37:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 451762
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvwJKp%2FrKx%2F7jxnSMbVaFnBx%2B2d13CUiJEcBrr%2Bx%2B%2BFTER4fZYFlKxM%2BJ5Im1al8qI9ZIRi9W2WGG1qgfFsmHaPbCXUqfpEzmMLxpNxr9hSgcWrbFFaC9Tylqd0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad561ef856bd-OSL
alt-svc: h3=":443"; ma=86400
cdn.cloudimagesb.com/si/05/c8/20/05c820d9ce67af6dea2e5441dbe3e8f9/1683231080.png
200 OK 39 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/05/c8/20/05c820d9ce67af6dea2e5441dbe3e8f9/1683231080.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 6451b63b68b5068db02571051f6f6a30
32badef5d69090b4d2ea7b300bb5264938e198ef
b1b0a314a2d4924b2849fec48b7863ccc68413e58330d99f6ad901bfa6282819
GET /si/05/c8/20/05c820d9ce67af6dea2e5441dbe3e8f9/1683231080.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:21 GMT
content-type: image/png
content-length: 39220
server: nginx/1.21.6
last-modified: Thu, 04 May 2023 20:11:29 GMT
etag: "64541171-9934"
expires: Thu, 30 Nov 2023 09:45:21 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/b3/dd/fd/b3ddfd7cf6f212b3bce3129fb7a007fc/1683231156.png
200 OK 65 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/b3/dd/fd/b3ddfd7cf6f212b3bce3129fb7a007fc/1683231156.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 887812a53b8ea2dbad33f6ae105b8c2d
f83d97ef46827200fa62093ed09b4b6fa25b26d8
9443edf293511b0732211234002c799508a2bfc63a3e28a57d7b12ee30f277e9
GET /si/b3/dd/fd/b3ddfd7cf6f212b3bce3129fb7a007fc/1683231156.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:21 GMT
content-type: image/png
content-length: 64601
server: nginx/1.21.6
last-modified: Thu, 04 May 2023 20:12:45 GMT
etag: "645411bd-fc59"
expires: Thu, 30 Nov 2023 09:45:21 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r7nim14weg.sw-cdnstream.com/hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/index-f2-v1-a1.m3u8?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304
200 OK 1.0 kB URL GET HTTP/1.1 r7nim14weg.sw-cdnstream.com/hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/index-f2-v1-a1.m3u8?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304
IP
ASN #49453 Global Layer B.V.
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGlobalSign nv-sa
Subject*.sw-cdnstream.com
FingerprintA7:65:73:FF:C1:DF:99:64:28:31:2A:8D:55:E3:E6:F9:76:0F:B9:D5
ValidityTue, 18 Apr 2023 08:29:36 GMT - Sun, 19 May 2024 08:29:35 GMT
Hash 036bedc9a6b664f9478f9a424bcc3532
c067ebf6e843eec9343aca6062a16368a4b97e07
aa7d099f9c646393bb899b58c14347832a0e3978e52542565ed5c8d8e6316216
GET /hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/index-f2-v1-a1.m3u8?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304 HTTP/1.1
Host: r7nim14weg.sw-cdnstream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55k.io
DNT: 1
Connection: keep-alive
Referer: https://55k.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 09:45:21 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Tue, 28 Nov 2023 09:45:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 06 Mar 2024 09:56:35 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Content-Encoding: gzip
proceedglad.com/pixel/sbs?c=1
200 OK 0 B URL GET HTTP/1.1 proceedglad.com/pixel/sbs?c=1
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Cookie: u_pl=17334956; uid_id2=8b7d021f-db35-4a28-bb1c-06ebf3ac71c1:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca6b0b8925d9b3a4154c035c24b4ed97e=[4243974]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 09:45:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 701 B URL GET HTTP/3 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash 22380e1a2a53c82d46b0f02c0864e606
533ef8469b24020c3f44dd6f598f0d546ec349bf
d0c362cbc5f3c5fdcdcabab4cdb48a5fa5368086836188c36e30d9e1a2d5aa5d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 09:45:21 GMT
date: Tue, 28 Nov 2023 09:45:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
74.hevc.site/junHeQ8.js
200 OK 39 kB IP
ASN #24940 Hetzner Online GmbH
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subject6969.javher.com
FingerprintBC:39:B5:BA:F4:EC:D0:DD:F9:40:7A:8A:6D:05:DA:63:F6:3C:3A:82
ValidityWed, 15 Nov 2023 01:27:08 GMT - Tue, 13 Feb 2024 01:27:07 GMT
File type Unicode text, UTF-8 text, with very long lines (65467), with no line terminators
Hash 3349d3e1054b194b4d9af15f88215434
752290ad1a21d2d3cf7c585224bb99a0be42f9ac
1e0d68380661757ab505c4b8b40dbd5cdec9a886e4e7e3afb7af0f84964eb9a8
GET /junHeQ8.js HTTP/1.1
Host: 74.hevc.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:45:21 GMT
content-type: application/javascript
content-length: 38613
last-modified: Mon, 27 Nov 2023 07:10:46 GMT
vary: Accept-Encoding
etag: "656440f6-96d5"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 123
cf-ray: 82c89c93dee2df68-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
74.hevc.site/7Jxdfg3.js
200 OK 76 kB IP
ASN #24940 Hetzner Online GmbH
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subject6969.javher.com
FingerprintBC:39:B5:BA:F4:EC:D0:DD:F9:40:7A:8A:6D:05:DA:63:F6:3C:3A:82
ValidityWed, 15 Nov 2023 01:27:08 GMT - Tue, 13 Feb 2024 01:27:07 GMT
File type Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Hash 519b032751547884fd5d2e6e166ad119
c82d285f32bd3eaa4d84bad8efd79f9377d529dc
48e8b22f691fbdb884c0056ba6629545071794cb51d3e79661d17e4d8c716626
GET /7Jxdfg3.js HTTP/1.1
Host: 74.hevc.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:45:22 GMT
content-type: application/javascript
content-length: 76041
last-modified: Mon, 27 Nov 2023 07:10:46 GMT
vary: Accept-Encoding
etag: "656440f6-12909"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 30
cf-ray: 82c89a8c5ba8d912-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
74.hevc.site/api/settings/213681
200 OK 874 B URL GET HTTP/2 74.hevc.site/api/settings/213681
IP
ASN #24940 Hetzner Online GmbH
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subject6969.javher.com
FingerprintBC:39:B5:BA:F4:EC:D0:DD:F9:40:7A:8A:6D:05:DA:63:F6:3C:3A:82
ValidityWed, 15 Nov 2023 01:27:08 GMT - Tue, 13 Feb 2024 01:27:07 GMT
File type JSON data\012- , ASCII text, with very long lines (2070), with no line terminators
Hash a88d12132219b97e32f41bd6e54d32e0
1749f27288667bf03de22792ace1f66263be2f01
97978d8247d1dac9b7d2853bd396f97ff3c36768040e7ac7dd3b0c96a4345328
GET /api/settings/213681 HTTP/1.1
Host: 74.hevc.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xtapes.to/
Origin: https://xtapes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:45:22 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
vid.xtapes.to/images/adblock.jpg
200 OK 33 kB URL GET HTTP/3 vid.xtapes.to/images/adblock.jpg
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 545x324, components 3\012- data
Hash 8c8415d1e207c7e23c4efb3cd0ea42f4
1ef20a347d35a06dff1ca15d208fb88d911d769f
f6786969d1707bda98bbc0f6511db12cd28ef9e6d1add7ce60ecb16607e464db
GET /images/adblock.jpg HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Cookie: uid=Hh**1F7CSvPK9ynjsRp*RU7hDCHNomQS; dom3ic8zudi28v8lr6fgphwffqoz0j6c=8b7d021f-db35-4a28-bb1c-06ebf3ac71c1%3A1%3A1; sb_main_a6b0b8925d9b3a4154c035c24b4ed97e=1; sb_count_a6b0b8925d9b3a4154c035c24b4ed97e=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=proceedglad.com; _ga_X28T4HL97N=GS1.1.1701164725.1.0.1701164725.0.0.0; _ga=GA1.1.650077720.1701164726
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:22 GMT
content-type: image/jpeg
content-length: 32607
last-modified: Wed, 11 Sep 2019 18:43:55 GMT
etag: "5d79406b-7f5f"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 371506
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VfXZ30HE6kg0V2WvhdZ9Xt8r4mj%2Bhqxq5608KuyH89LjHP8PZF9%2F4%2BM4eDVt9h76xunrfi2UY2hVHWda5CMXTi4GAaIclqKPOlQN1I3vpV6Am2otUih8MGnXqpDFK7J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad7a29f856bd-OSL
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vid.xtapes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:52:12 GMT
expires: Thu, 21 Nov 2024 21:52:12 GMT
cache-control: public, max-age=31536000
age: 474790
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.o333o.com/api/spots/184707?v2=1&fill=0&i=1&url=https%3A%2F%2Fxtapes.to%2F05415%2Fevermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus%2F
200 OK 17 kB URL GET HTTP/2 a.o333o.com/api/spots/184707?v2=1&fill=0&i=1&url=https%3A%2F%2Fxtapes.to%2F05415%2Fevermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus%2F
IP
ASN #24940 Hetzner Online GmbH
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerSectigo Limited
Subjecta.o333o.com
Fingerprint26:C9:FD:E3:58:82:6B:6B:A8:2C:F1:57:98:22:F8:75:CC:2D:0C:18
ValiditySun, 29 Jan 2023 00:00:00 GMT - Mon, 12 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash ca9264c076f95de3dd82863c3c4f93c4
d27eb8b279ec2889c3225cba8adbb508afc78146
c200f6b64eea2c0b0685feaa0450140335da73cd3cbdd6b03d070e687947cfb5
GET /api/spots/184707?v2=1&fill=0&i=1&url=https%3A%2F%2Fxtapes.to%2F05415%2Fevermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus%2F HTTP/1.1
Host: a.o333o.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xtapes.to/
Origin: https://xtapes.to
DNT: 1
Connection: keep-alive
Cookie: nauid=tHhIGbnmyMBwUHA7WGSt
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:45:22 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://xtapes.to
access-control-expose-headers: X-Asg-Config, X-t
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
vid.xtapes.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=72348360
200 OK 2 B URL GET HTTP/3 vid.xtapes.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=72348360
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=72348360 HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Cookie: uid=Hh**1F7CSvPK9ynjsRp*RU7hDCHNomQS; dom3ic8zudi28v8lr6fgphwffqoz0j6c=8b7d021f-db35-4a28-bb1c-06ebf3ac71c1%3A1%3A1; sb_main_a6b0b8925d9b3a4154c035c24b4ed97e=1; sb_count_a6b0b8925d9b3a4154c035c24b4ed97e=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=proceedglad.com; _ga_X28T4HL97N=GS1.1.1701164725.1.0.1701164725.0.0.0; _ga=GA1.1.650077720.1701164726
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:22 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
x-inferno-location: banner
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FX4TMQaD5w3%2B9CzIGkwAFahwhwZC334Bh0QU9tq6Jzu7qJ1peb0boMCbMYlhE9Zxf%2FcRI5%2BR3CtHQc%2FL3gHrdCwH5fc%2FxNGUqWW9IsKJN9u9PHsWCJS7sZ%2BW358YwF4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad7aaa7f56bd-OSL
alt-svc: h3=":443"; ma=86400
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xtapes.to
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 17:15:26 GMT
expires: Sun, 24 Nov 2024 17:15:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 232196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i0.wp.com/cdn-s13.cfglobalcdn.com/flv/api/files/thumbs_new/2023/11/27/17010576954gbzx/17010576954gbzx-640x480-1.jpg
200 OK 23 kB URL GET HTTP/2 i0.wp.com/cdn-s13.cfglobalcdn.com/flv/api/files/thumbs_new/2023/11/27/17010576954gbzx/17010576954gbzx-640x480-1.jpg
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1440x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 696fcb648a97a1b500197091792b1e7d
05f2af283d67afc19f86f3ae2c7afa873fbd54c2
2c0b7f68798b47637000a6522d4495c767607619faf0bcc2af14f6757e2fced1
GET /cdn-s13.cfglobalcdn.com/flv/api/files/thumbs_new/2023/11/27/17010576954gbzx/17010576954gbzx-640x480-1.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:45:22 GMT
content-type: image/webp
content-length: 23252
last-modified: Mon, 27 Nov 2023 04:17:38 GMT
expires: Wed, 26 Nov 2025 16:17:38 GMT
cache-control: public, max-age=63115200
link: <http://cdn-s13.cfglobalcdn.com/flv/api/files/thumbs_new/2023/11/27/17010576954gbzx/17010576954gbzx-640x480-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "154bc180d74f0064"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV&co=aHR0cHM6Ly94dGFwZXMudG86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=n4jc9zres8md
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 23:14:50 GMT
expires: Sun, 24 Nov 2024 23:14:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 210632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
s.magsrv.com/splash.php?idzone=3556441
200 OK 72 B URL GET HTTP/1.1 s.magsrv.com/splash.php?idzone=3556441
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type XML 1.0 document text\012- XML document, ASCII text
Hash e835de2c3ac0f8c0a4d5d5b650fbc48e
10631ba8d435ad3b537fc0d3f16178a056631eac
0bca11b67cc31b14d949f5d2d086b468439869e5e351e0cadb52e44f11089805
GET /splash.php?idzone=3556441 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xtapes.to/
Origin: https://xtapes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 09:45:22 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226565b6b2d819d4.082827761468362564%22%3B%7D; expires=Thu, 27 Nov 2025 09:45:22 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://xtapes.to
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 17:15:26 GMT
expires: Sun, 24 Nov 2024 17:15:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 232196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.o333o.com/api/users/10284790502106658095/162854?fill=0
200 OK 34 kB URL GET HTTP/2 a.o333o.com/api/users/10284790502106658095/162854?fill=0
IP
ASN #24940 Hetzner Online GmbH
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerSectigo Limited
Subjecta.o333o.com
Fingerprint26:C9:FD:E3:58:82:6B:6B:A8:2C:F1:57:98:22:F8:75:CC:2D:0C:18
ValiditySun, 29 Jan 2023 00:00:00 GMT - Mon, 12 Feb 2024 23:59:59 GMT
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52015)
Hash b6092264899696276541b03b42ef0547
a531765454ce4c1c8cef2613a5a3f5770ebd1204
a023341ca7d91dbf30ffe2be6cf25db9c47ecffb44a03e551be2998dc6f9bdce
GET /api/users/10284790502106658095/162854?fill=0 HTTP/1.1
Host: a.o333o.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xtapes.to/
Origin: https://xtapes.to
DNT: 1
Connection: keep-alive
Cookie: nauid=tHhIGbnmyMBwUHA7WGSt
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:45:22 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://xtapes.to
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
74.hevc.site/api/spots/213681?i=1&url=https%3A%2F%2Fxtapes.to%2F05415%2Fevermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus%2F
200 OK 16 kB URL GET HTTP/2 74.hevc.site/api/spots/213681?i=1&url=https%3A%2F%2Fxtapes.to%2F05415%2Fevermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus%2F
IP
ASN #24940 Hetzner Online GmbH
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subject6969.javher.com
FingerprintBC:39:B5:BA:F4:EC:D0:DD:F9:40:7A:8A:6D:05:DA:63:F6:3C:3A:82
ValidityWed, 15 Nov 2023 01:27:08 GMT - Tue, 13 Feb 2024 01:27:07 GMT
File type gzip compressed data, from Unix\012- data
Hash 438a2d5c81d3fcbfb05350bb10a0d121
c30d099336750cb9a0fc94c6f7f54bfdc6c4b0cf
0c64e3899af1c075b382c3e12415becfb78f4351d27d7d37be461b42b8704b80
GET /api/spots/213681?i=1&url=https%3A%2F%2Fxtapes.to%2F05415%2Fevermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus%2F HTTP/1.1
Host: 74.hevc.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:45:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=TDKgfDV8tC6eafs26pL6; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV&co=aHR0cHM6Ly94dGFwZXMudG86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=n4jc9zres8md
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Nov 2023 23:42:20 GMT
expires: Tue, 26 Nov 2024 23:42:20 GMT
cache-control: public, max-age=31536000
age: 36183
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV&co=aHR0cHM6Ly94dGFwZXMudG86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=n4jc9zres8md
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:37:43 GMT
expires: Wed, 29 Nov 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 475660
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 17:15:26 GMT
expires: Sun, 24 Nov 2024 17:15:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 232197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
r7nim14weg.sw-cdnstream.com/hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/seg-2-f2-v1-a1.ts?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304
200 OK 2.0 MB URL GET HTTP/1.1 r7nim14weg.sw-cdnstream.com/hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/seg-2-f2-v1-a1.ts?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304
IP
ASN #49453 Global Layer B.V.
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGlobalSign nv-sa
Subject*.sw-cdnstream.com
FingerprintA7:65:73:FF:C1:DF:99:64:28:31:2A:8D:55:E3:E6:F9:76:0F:B9:D5
ValidityTue, 18 Apr 2023 08:29:36 GMT - Sun, 19 May 2024 08:29:35 GMT
File type MPEG transport stream data\012- TeX font metric data (\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377)\012- data
Size 2.0 MB (1991672 bytes)
Hash a02d6c2485bf2ca8d024c36469908f28
8415219e21143faabf0e9914f814317c5658068a
aca002e4d0697c0108289fe763be6987415f5f9ee2eff6d991ac5348ea34498b
GET /hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/seg-2-f2-v1-a1.ts?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304 HTTP/1.1
Host: r7nim14weg.sw-cdnstream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55k.io
DNT: 1
Connection: keep-alive
Referer: https://55k.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 09:45:21 GMT
Content-Type: video/MP2T
Content-Length: 1991672
Connection: keep-alive
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Expires: Wed, 06 Mar 2024 09:57:01 GMT
ETag: "5f693e80-1e63f8"
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Accept-Ranges: bytes
vid.xtapes.to/player/get_player_image.php
200 OK 21 kB URL POST HTTP/3 vid.xtapes.to/player/get_player_image.php
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type JSON data\012- , ASCII text, with very long lines (21277), with no line terminators
Hash 18bb4fcd4d937d4d108d0cc630e2ae32
26feaa0a70fac12ed8cb07b0cd572d9d6d8a83c1
260707ddac06e509cfe9d5fc74b4237502eeed86413157273324675d2e0ff0fd
POST /player/get_player_image.php HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 73
Origin: https://vid.xtapes.to
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Cookie: uid=Hh**1F7CSvPK9ynjsRp*RU7hDCHNomQS; dom3ic8zudi28v8lr6fgphwffqoz0j6c=8b7d021f-db35-4a28-bb1c-06ebf3ac71c1%3A1%3A1; sb_main_a6b0b8925d9b3a4154c035c24b4ed97e=1; sb_count_a6b0b8925d9b3a4154c035c24b4ed97e=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=proceedglad.com; _ga_X28T4HL97N=GS1.1.1701164725.1.0.1701164725.0.0.0; _ga=GA1.1.650077720.1701164726
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:22 GMT
content-type: application/json
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
pragma: no-cache
x-image-colors-src: 0
x-file-located: temp, filename:../files/temp/video_images/x/z/17010576954gbzx-1.jpg
x-clickarr-add-e: 1
x-image-size: 46125
x-image-colors: 0
x-img-cr: j
x-origin-location: get_image
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-inferno-location: player
x-inferno-limit-req: PASSED
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXJY2AHeIPgGcwrtGdR%2BCFTVMYQnzVM1qa1vrDHx3ffb08wv3xhY7KUSWz%2Blll8HPHD6U1QtUPMCp%2BmS77bGwdrBy6yZPTmgSpQhQxUnIQBTkqrMD38qAl8MLcSXQ1rD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad7bbb6256bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV&co=aHR0cHM6Ly94dGFwZXMudG86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=n4jc9zres8md
200 OK 60 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV&co=aHR0cHM6Ly94dGFwZXMudG86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=n4jc9zres8md
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52015)
Hash 927d1d6e38fcc4983ddb0cc580d0701a
10e1dfd86f8b87215cc5b6d49b1294a463fe1b90
ed2f656f124d63207e542f5be407339cff091edfbfb3e1bec253b0e8e427cb3d
GET /recaptcha/api2/anchor?ar=1&k=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV&co=aHR0cHM6Ly94dGFwZXMudG86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=n4jc9zres8md HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Nov 2023 09:45:22 GMT
content-security-policy: script-src 'nonce-evOnlobh4rjXLtD1jyB9vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.o333o.com/api/click/15782938704025040095?c=60&data[error]=303
200 OK 0 B URL GET HTTP/2 a.o333o.com/api/click/15782938704025040095?c=60&data[error]=303
IP
ASN #24940 Hetzner Online GmbH
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerSectigo Limited
Subjecta.o333o.com
Fingerprint26:C9:FD:E3:58:82:6B:6B:A8:2C:F1:57:98:22:F8:75:CC:2D:0C:18
ValiditySun, 29 Jan 2023 00:00:00 GMT - Mon, 12 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/15782938704025040095?c=60&data[error]=303 HTTP/1.1
Host: a.o333o.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Cookie: nauid=tHhIGbnmyMBwUHA7WGSt; asgfp=e19e1989b72653a7152c87a7240d524a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:45:22 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV&co=aHR0cHM6Ly94dGFwZXMudG86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=n4jc9zres8md
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:51:07 GMT
expires: Thu, 21 Nov 2024 21:51:07 GMT
cache-control: public, max-age=31536000
age: 474856
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
55k.io/js/boxad.js?advertiser=popup&ads=DisplayAd&m=partnerad
200 OK 36 B URL GET HTTP/3 55k.io/js/boxad.js?advertiser=popup&ads=DisplayAd&m=partnerad
IP
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGoogle Trust Services LLC
Subject55k.io
Fingerprint8B:F5:10:8B:91:2D:61:98:27:4B:9B:7C:5B:3C:AC:0D:0B:93:C4:36
ValiditySun, 26 Nov 2023 06:12:41 GMT - Sat, 24 Feb 2024 06:12:40 GMT
File type ASCII text, with no line terminators
Hash d1e40d1e3f519d090bb9986a51a60831
441a375fa252fd581b01ed7bfb837a527b7e1927
41afc39a38ad2d21db7fa723343f25469659a80ee57cff434378b17e18827518
GET /js/boxad.js?advertiser=popup&ads=DisplayAd&m=partnerad HTTP/1.1
Host: 55k.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55k.io/e/oev5b2irs3p9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 36
last-modified: Thu, 14 May 2015 19:57:00 GMT
etag: "5554fe0c-24"
expires: Tue, 05 Dec 2023 02:35:15 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 25801
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96LhBbRsYERIOAHzMpiOmUMF9e%2FYBbFutw16UsPjPxiB1Sg8edJWwc2EK3RpZratDZIYDkddIaA1lIfEhHk4EQZ4vy%2B73tBOTPny3oG0Ktf%2FZdI0eO9SRJI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad577b697128-OSL
alt-svc: h3=":443"; ma=86400
vid.xtapes.to/js/adv/fuckadblock.js?2
200 OK 11 kB URL GET HTTP/3 vid.xtapes.to/js/adv/fuckadblock.js?2
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (1083)
Hash c9e86b5930eedc59dcfc55b6a53adec6
b7186971885ce8c7fd3dad0a9c237975ac91a700
0af5adee16771304d6b8f8e340493c7f546f174cc67271b33b195cf62814c847
GET /js/adv/fuckadblock.js?2 HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
cf-bgj: minify
cf-polished: origSize=13982
access-control-allow-credentials: true
access-control-allow-origin: *
accessing-static: 1
etag: W/"5d656ab8-369e"
last-modified: Tue, 27 Aug 2019 17:39:04 GMT
pragma: cache
vary: Accept-Encoding
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 461079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4VeGcXyz2HxsEcnRPE3LR8M88y%2BsMYRvNfgT4Iei4hjQtguKLN2bKZ3lWa9%2FhdKkUZLS9OVB9nXA%2Fn3JpBnzVyjVzcIl3rLM52kCT1xTZuqCxI3n%2FRn%2FmDitPXDaeEZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad57b85b56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
vid.xtapes.to/js/video.counters.2.js?117
200 OK 610 B URL GET HTTP/3 vid.xtapes.to/js/video.counters.2.js?117
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (637), with no line terminators
Hash 64438a06b7e326c42a912b58786e05a8
7a7eab1bf5182196a141a96bfec4ad5bbd2a458d
5dc741d221bf91a11b37d257e9ef31115d6318b80e5af964f78e1bd35430945b
GET /js/video.counters.2.js?117 HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Cookie: uid=Hh**1F7CSvPK9ynjsRp*RU7hDCHNomQS
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
cf-bgj: minify
cf-polished: origSize=696
access-control-allow-credentials: true
access-control-allow-origin: *
accessing-static: 1
etag: W/"6200231c-2b8"
last-modified: Sun, 06 Feb 2022 19:35:56 GMT
pragma: cache
vary: Accept-Encoding
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 191727
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tggqJakEULPPdwYHTzW7o1%2Fx%2F6myS5ft9ABM2rmko2ubKI%2Fl5JibdBLRFyXCujZAXpQ4zxquA2mWe5bIbE4IOh8u10iybgNiC6pl0%2B%2FIewrxhJFQJDT7SzY7VRdDbSZk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad5ecf1c56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.xtapes.io/i/69840254100.jpg
200 OK 47 kB URL GET HTTP/2 www.xtapes.io/i/69840254100.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 600x400, components 3\012- data
Hash 024bcb62e4a29bf5ee8710b12f4230a3
3d804786888a073cc2ab2302ef3347e46c01aa56
501753676a99108f83709f1748725883a2d60ec068610ac61c22367ce32e464f
GET /i/69840254100.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Fri, 22 Sep 2023 08:02:21 GMT
cache-control: public, max-age=290304000
expires: Fri, 08 Dec 2023 12:31:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 335602
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbTaV8oyC4Z9wRhTQWAnAMa0hlN0akyl4EXURIv1hkOOJJFF4ESnOFDgWzG0JS5YUVVDCl%2F36iwGt81gL1pUeqHWtmz6LF%2FiJr%2FOta5vgkCL4u7DyaoetOOoG9FZcKoS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50ea390b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xtapes.to/favicon.ico
200 OK 506 B IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type PNG image data, 20 x 20, 8-bit/color RGB, non-interlaced\012- data
Hash f73040ca5f08def60eda82946aa783af
efaf022d6b963d3bcd03a771da37801a9542530a
13b2c132120f7a79b7bbbe27a74dc2a8a301e3f0f4a7587b03257940c67ff8d8
GET /favicon.ico HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:17 GMT
content-type: image/x-icon
last-modified: Mon, 24 Aug 2015 14:32:35 GMT
cache-control: max-age=1209600
expires: Fri, 24 Nov 2023 08:35:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 592485
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kk9eW971YW73i44HECvz5WruXS0uzrqkXfa7vgecBWNKv0WN1Sp57kzSdEefqrH1kmAFqmlbWl3xBDg8XHYCxXMoR677CZ9RrBwNIveCOcSg1JUmpnOZyE9OOVw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad5bfcb456bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/images/loading-dark-video.gif
200 OK 13 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/images/loading-dark-video.gif
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type GIF image data, version 89a, 150 x 150\012- data
Hash 1c6e9a8b312da279ea27c0c693c8a468
da62eb47cbec1653048eedc335e692a58e6db437
aee208e25d321cbf85b59b625217d7b111f1e9ec41e8a18bc6e73dc59cdc5202
GET /wp-content/themes/xtapes/images/loading-dark-video.gif HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/wp-content/themes/xtapes/css/dark.css?ver=4.2.36
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: image/gif
last-modified: Sat, 13 Sep 2014 10:40:56 GMT
cache-control: max-age=1209600
expires: Wed, 22 Nov 2023 12:38:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 530738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfjAQ9Wnd5jR6ukpKpsjnkzAH0TqqVYe%2FzbOjvULG72Kl1E9xznYInz8zwL58lC8YGjx5rY4fsvWTywaw81UEvs6Scsh%2F3GuQKmgsMqISdODPybO5km77ORYwwE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad561efc56bd-OSL
alt-svc: h3=":443"; ma=86400
cdn.barscreative1.com/sb/au/24/54/4e/24544ed07f7394384bbb75023b9b0b3a/1591713925.html
200 OK 1.3 kB URL GET HTTP/2 cdn.barscreative1.com/sb/au/24/54/4e/24544ed07f7394384bbb75023b9b0b3a/1591713925.html
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint55:06:B7:F1:EF:E9:55:FB:7C:8C:4F:5D:DB:05:C9:15:19:90:9B:2F
ValiditySat, 11 Nov 2023 03:00:51 GMT - Fri, 09 Feb 2024 03:00:50 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (1388), with no line terminators
Hash 1e11fba825d4244ebfc11b9784c9744f
86f24edfd397e9f4d65e589ceb97196b71d2d828
7737a119c12f495c4f32f75686c087c59387d5f851ec8c5443a385dda8c5df76
GET /sb/au/24/54/4e/24544ed07f7394384bbb75023b9b0b3a/1591713925.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vid.xtapes.to
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:21 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 28 Nov 2023 10:45:21 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
200 OK 76 kB URL User Request GET HTTP/2 xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
IP
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/ HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
x-pingback: https://xtapes.to/xmlrpc.php
link: <https://xtapes.to/?p=124513>; rel=shortlink
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aa1RP0HnwV2wH5OjEhDK%2FhwuVCBZ2Wf%2FwH94KmaQfxeR2KtqKitNvD8pjE4%2BZqiXo2cwzQ6tAi142UZV2tSN8fK7gfkM4yvPE9RPryqNxRvBKEGSffAfCPmeno%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad48ab6db52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xtapes.to/wp-content/themes/xtapes/style.css?ver=4.2.36
200 OK 21 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/style.css?ver=4.2.36
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (21063), with no line terminators
Hash 6319226f7b6fe38f76f3f7eca501a63c
3b3e97b52dee85ba68b7705886a2c00891a6f443
66994777d7caa9784dc530af6794fd1107ea782adb5f7e9d0964e43997a8238a
GET /wp-content/themes/xtapes/style.css?ver=4.2.36 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: text/css
cache-control: max-age=1209600
cf-bgj: minify
cf-polished: origSize=35344
expires: Mon, 27 Nov 2023 11:28:32 GMT
last-modified: Sat, 13 Sep 2014 10:40:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 181600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dw59WF40HxEVSm06%2BkaaY8lXL5fqSdU%2F%2Bt2H3reutll7eKqbgPoKVS9h0yRnugYZ9cbev1A6q3391emQ%2BZ%2FrQ2vXmul1yLCJO%2F%2F1VG%2BQssH6IWh%2BX9vO1BJ%2FXOY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad5018fc56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.xtapes.io/i/4852581025.jpg
200 OK 46 kB URL GET HTTP/2 www.xtapes.io/i/4852581025.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 654x429, components 3\012- data
Hash 529cbc0b84cde0e655f288938c62772f
6c03f5a6b2541a3ca15b6f0889bd78f3617f8a6f
26ce1ea7cb07e2ffb2d2e2510c1a810f277363afa9e34f788df6c490e8501439
GET /i/4852581025.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Tue, 28 Nov 2023 09:16:06 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 09:23:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1298
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAW7Lc98j%2FYxMopBuoU%2FcWiTKig9LzQMUoRXKyqoRbNX%2BzxpG5%2FPc%2BOQzxQNLhzlKhqOFM2K248qbXhD%2BwW01%2BQVA4pMjVNe%2BSCOlRqapcaaD0QFX2G5%2FBec3bEl1eSO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad511a610b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-2TL7NH453R
200 OK 280 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-2TL7NH453R
IP
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (5955)
Size 280 kB (279826 bytes)
Hash 07d9e417ebd9000f34631333d842ed64
3ad3cc4c5b30132cab0150ed390ed2e8950abf7e
43426d22695b395a51face44f96fc37563e515f4cfe38f5c28ad0252039f8fe1
GET /gtag/js?id=G-2TL7NH453R HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55k.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 09:45:17 GMT
expires: Tue, 28 Nov 2023 09:45:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92904
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
xtapes.to/wp-content/uploads/2015/02/g98z49rr-210x142.jpg
200 OK 9.3 kB URL GET HTTP/3 xtapes.to/wp-content/uploads/2015/02/g98z49rr-210x142.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 210x142, components 3\012- data
Hash 6fbff7432cf5856720294974b575766a
3ba6dbc6c4cad3ccc4a27f6d69e78483d0d015d3
9cf39e4255710c448a3160b6bee15c09e794b4b4bac8ade1d419bfdf88f73f1b
GET /wp-content/uploads/2015/02/g98z49rr-210x142.jpg HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Mon, 24 Aug 2015 15:32:26 GMT
cache-control: max-age=1209600
expires: Wed, 29 Nov 2023 11:30:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 335641
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IP%2F%2FW69qZeFFOzB1FJj%2Fpv7fFDE%2FKd75c%2By5xnbaxyO1zNyUSnzTOa4cdHIU8Z72GVy3pQJ2NkHUnSgjX%2B3SKI%2FHOj2qBdkCue%2FzPL8WvOZX9PTTLY2oowb731I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50896d56bd-OSL
alt-svc: h3=":443"; ma=86400
55k.io/e/oev5b2irs3p9
200 OK 14 kB IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerGoogle Trust Services LLC
Subject55k.io
Fingerprint8B:F5:10:8B:91:2D:61:98:27:4B:9B:7C:5B:3C:AC:0D:0B:93:C4:36
ValiditySun, 26 Nov 2023 06:12:41 GMT - Sat, 24 Feb 2024 06:12:40 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1264)
Hash c88c50bbbe73212299d0d3dd5c01151d
b87a042e40651782d40f6da4357e1722b58d5ed1
97db9a1d6ccfaa7e9270d839861b1384939eac906be20fce31c4b0249a717068
GET /e/oev5b2irs3p9 HTTP/1.1
Host: 55k.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: text/html; charset=UTF-8
expires: Mon, 27 Nov 2023 09:45:15 GMT
set-cookie: lang=1; domain=.55k.io; path=/; HttpOnly
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AkavaZv%2FqxZQa68Hr1kNOWPrWw05Xi3TPsYi%2Fb9LXGZedjrHzQoxDWhz2p8tNOjVqS07H%2FNMgJaP5wdXNOrpmEv4z3Z%2BLT9rBAv4FyB7FPuNGlb3CDuwH4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad514ae9b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
55k.io/js/jquery.cookie.js
200 OK 4.3 kB URL GET HTTP/3 55k.io/js/jquery.cookie.js
IP
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGoogle Trust Services LLC
Subject55k.io
Fingerprint8B:F5:10:8B:91:2D:61:98:27:4B:9B:7C:5B:3C:AC:0D:0B:93:C4:36
ValiditySun, 26 Nov 2023 06:12:41 GMT - Sat, 24 Feb 2024 06:12:40 GMT
File type ASCII text, with very long lines (4427), with no line terminators
Hash c8a0b7f16c38377537c6ab251cb5bc72
528e37de81abf523b92ce0b457cb593983ed347a
e31179e4a4fffc7faee4f95d4f67ce056d12a57c451dee1dae3e9062b126a00e
GET /js/jquery.cookie.js HTTP/1.1
Host: 55k.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55k.io/e/oev5b2irs3p9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 31 May 2011 13:53:00 GMT
etag: W/"4de4f2bc-10eb"
expires: Fri, 01 Dec 2023 00:21:28 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 379428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nFemrlYEctb3icNYi56WiHEu8v38qv25CnxcZhXJuDqbltqfCULauhobAk9UMChFZ%2Fe1eDoqgExTHR6LTeq8w3%2F37thST8s5KTSAQod830x06ZcSAiCXvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad577b647128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
55k.io/player/jw8/jwplayer.core.controls.js
200 OK 333 kB URL GET HTTP/3 55k.io/player/jw8/jwplayer.core.controls.js
IP
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGoogle Trust Services LLC
Subject55k.io
Fingerprint8B:F5:10:8B:91:2D:61:98:27:4B:9B:7C:5B:3C:AC:0D:0B:93:C4:36
ValiditySun, 26 Nov 2023 06:12:41 GMT - Sat, 24 Feb 2024 06:12:40 GMT
Size 333 kB (333095 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player/jw8/jwplayer.core.controls.js HTTP/1.1
Host: 55k.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55k.io/e/oev5b2irs3p9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 07 Dec 2022 04:16:32 GMT
etag: W/"51527-5ef352f742800"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 365
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZ2fhhy2MBz%2FNBfWjWctV%2BwKi9ZbMe%2BZF7dvhyyhM6d2YM8COlZiLShiMuLpbCsqRpxCZOzurUYp4bzjPjMz651ERs8icsD7H8ccV%2B801G260BCvHWedklc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad5bff2d7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/css/responsive.css?ver=4.2.36
200 OK 10 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/css/responsive.css?ver=4.2.36
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (9982), with no line terminators
Hash 6d6f7596b08ccd228e42080341f46927
f619b497ec08f2c9466dbbbd0b1c6cc8074bc369
1f74352e6d8affb01762ab184b01fbdf71b46ddc4a44fd8c08ae55ad3d976406
GET /wp-content/themes/xtapes/css/responsive.css?ver=4.2.36 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: text/css
cache-control: max-age=1209600
cf-bgj: minify
cf-polished: origSize=18179
expires: Thu, 30 Nov 2023 10:36:30 GMT
last-modified: Sat, 05 Dec 2020 20:04:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 179898
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Jh7bMMEWSsbsfz4kcFPC6NUipHg365OGQYktTRwZWtZZc3eYTxx8NIiWecrv%2Fct4safSU55edfUSwMDsA0cnGsVY2wyJnmt0LLEW71k1GkEIQ9FSs8FFFDKuqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50391d56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
55k.io/player/jw8/vast.js
200 OK 107 kB URL GET HTTP/3 55k.io/player/jw8/vast.js
IP
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGoogle Trust Services LLC
Subject55k.io
Fingerprint8B:F5:10:8B:91:2D:61:98:27:4B:9B:7C:5B:3C:AC:0D:0B:93:C4:36
ValiditySun, 26 Nov 2023 06:12:41 GMT - Sat, 24 Feb 2024 06:12:40 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 107 kB (107076 bytes)
Hash dd6a95bd5040dc45ace7e5625eb38185
1eed0dea68948895ab0f386116120fbda31148e3
8353196622f9b60682bb8e408724d5a045e137b3c75486279b9cd28008e4d68f
GET /player/jw8/vast.js HTTP/1.1
Host: 55k.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55k.io/e/oev5b2irs3p9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 07 Dec 2022 04:28:57 GMT
etag: W/"1a244-5ef355bdbf440"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4657
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bfXeTSHbjkd9qg%2BlCsLp1pgMUmTutoWqNVIQ7L%2Bd4HZ2Zgg9EehyvNd%2FU9HPSSaWKk%2FZ9NGof7dc9XEwsXI9jTfqExbwgvZP4S7U3HHfA0PXCIbHEYpNJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad5bff277128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
streamwish.com/js/dnsads.js?adslot=1&AdType=-adimage-&x=-panel_ad_&clicktag=http
200 OK 40 B URL GET HTTP/2 streamwish.com/js/dnsads.js?adslot=1&AdType=-adimage-&x=-panel_ad_&clicktag=http
IP
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerLet's Encrypt
Subjectstreamwish.com
Fingerprint5C:97:4B:63:57:56:09:34:05:E0:58:45:F7:5C:23:4C:77:BE:DE:A5
ValidityWed, 04 Oct 2023 17:20:43 GMT - Tue, 02 Jan 2024 17:20:42 GMT
File type ASCII text, with no line terminators
Hash e2e8f59c6d054536d966c5c580ecf6e7
3aebd54bd54195a22618be15568961496cb1f638
8ab900a61b99f0c692329de80561c186f037903de0cc9053e049ebe2999476b6
GET /js/dnsads.js?adslot=1&AdType=-adimage-&x=-panel_ad_&clicktag=http HTTP/1.1
Host: streamwish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55k.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 40
last-modified: Tue, 15 Nov 2022 09:47:00 GMT
etag: "63736014-28"
expires: Sat, 02 Dec 2023 03:28:42 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 281794
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4sOF2NsiZcFXo2lTfEL1ZPdilBIk7ieayhpkpAUz%2F6aU6Q1bfjzc0RjY1u0VyYe1zaIsZhr147FZMjqmnNncUsA1CQwN1Sg%2BXyww5%2BUlQkTD%2F5u%2FSnL7uLds9wttGRHDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad588f03b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vid.xtapes.to/ad/top/popunder.js
200 OK 19 B URL GET HTTP/3 vid.xtapes.to/ad/top/popunder.js
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with no line terminators
Hash 48cb024ffdb6fa64e658096016a52088
f087bfd15fb2e0212824f8402096c8521f3d57db
42bb8bf6df8989c882f575e07cb92ebdfcb68711e27c9d76666d5f96a483195a
GET /ad/top/popunder.js HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=UTF-8
content-length: 19
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
cf-bgj: minify
cf-polished: origSize=21
access-control-allow-credentials: true
access-control-allow-origin: *
accessing-static: 1
etag: "6141fdde-15"
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
pragma: cache
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 193846
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvbFNTIMk6BQfK2i0VFCRDTrl2%2F%2Fg9shMZzhxhw7GllMUZ3Ka%2BMjWLXR%2BLnxDFugN%2FTWp5uvE8n81alYUYAF%2BUEHKgCf9Cj55y6Z5pu4o8HQisaAcaAZtk2FsfMrQ7XM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad57a84f56bd-OSL
alt-svc: h3=":443"; ma=86400
www.xtapes.io/i/741695258.jpg
200 OK 40 kB URL GET HTTP/2 www.xtapes.io/i/741695258.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, baseline, precision 8, 600x406, components 3\012- data
Hash 9f63e5d9a8b42b45d493b7d3a37d9370
a25c7abdf06ad53b5ba76bd6c6183bf8f523fdb1
856183f3b2977fd2941c0b5e83763fe720cd12136e0cbf22a03b6303920243a5
GET /i/741695258.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Tue, 28 Nov 2023 08:01:16 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 08:08:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5791
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIk2VoW%2BYWcHdbsMliIyks4%2B3S8IPtjAT%2Fp7YGRaILUxynB3BwkCqktc1gfhk47MYmuqd%2B9f10AD82zFa7bhsNLS2uC2fgXsf7U6P%2B6q0Zx0gkXQ4WOWQDB1w9eaFUY%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50fa4e0b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico
0 B URL GET duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
vid.xtapes.to/styles/global/embed_player.3.css?130
200 OK 4.5 kB URL GET HTTP/3 vid.xtapes.to/styles/global/embed_player.3.css?130
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (4495), with no line terminators
Hash 7f58b9027359fc05c3873c0c68b9abe7
649643ddcc6a3bd748de9ebe579ce31c77a419bc
c9190c55a43f22a3ac3a368b98a1010d3c7f44d1a4e29aff7c8b49d2a884261e
GET /styles/global/embed_player.3.css?130 HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
cf-bgj: minify
cf-polished: origSize=5889
access-control-allow-credentials: true
access-control-allow-origin: *
accessing-static: 1
etag: W/"5fd14cc5-1701"
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
pragma: cache
vary: Accept-Encoding
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 440029
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BY9lQkOKomjT2xdyFCQVc4ga84CqOXz6uy1kQazdnEFHG41e0uDCU2G%2BbjsRLflzrIqw%2F9iPfG1CpOfHuRl%2BCM2WQsOWfZOQ55rL9B7LjjAlbg%2FZxL5MFQSo8Cvm1SK2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad57983156bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/css/right.css?ver=4.2.36
200 OK 41 B URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/css/right.css?ver=4.2.36
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with no line terminators
Hash 3d93d825d5000154d0c882d6f05d9245
2ac5191d366e0fdc77540ce1b56acaffcdd870f9
1e8e79fecc4ef5577df415ca4ebaff73c742277990e1b9d927ea7a09f704667d
GET /wp-content/themes/xtapes/css/right.css?ver=4.2.36 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: text/css
content-length: 41
cache-control: max-age=1209600
cf-bgj: minify
cf-polished: origSize=297
expires: Thu, 23 Nov 2023 14:53:14 GMT
last-modified: Sat, 13 Sep 2014 10:40:50 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 453513
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wauOuTY1DNZtqnHFgqk%2F6pwLjufGukXdyZcWbh9Ln9sivOiHo0RFCc4AjEjoqsIxZoGnI3csJKrGSH%2FiA0W1SW%2B8UASjW4cjDRP9WljrhbNm4EQyP7djNCyCZZs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50291056bd-OSL
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/images/views-dark.png
200 OK 1.2 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/images/views-dark.png
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type PNG image data, 18 x 16, 8-bit gray+alpha, non-interlaced\012- data
Hash 415ef1889dec4796dcdc638dc63393b5
fa1bbbc39cc0c9a1e6d098d1c402cf27bc27b490
12c0450a9b9680459bf6a391a64b91869d6e731a989d37e3c8a5881bbfa6884e
GET /wp-content/themes/xtapes/images/views-dark.png HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/wp-content/themes/xtapes/css/dark.css?ver=4.2.36
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: image/png
last-modified: Mon, 30 Mar 2015 23:59:52 GMT
cache-control: max-age=1209600
expires: Thu, 30 Nov 2023 07:00:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 91660
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jW3o4NYZw9qdDN%2FW4e8a94pJETwL%2F3buFYf9DkZQCU2xIN6x4LdlnIGQ2FBHZnzcMo66JpOSRRfCQTyKAU8P%2FCZOZMpPh%2F4KpHH2dHsmbhOcCYVjA7U1wotbXc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad562f0456bd-OSL
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/scripts/scrollToTop.min.js?ver=1.0
200 OK 1.2 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/scripts/scrollToTop.min.js?ver=1.0
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (1166), with no line terminators
Hash 43e85df903d0b891391f3d5fe7f3e2d7
2b533d5786a8bb4b87c9be9f5d58e0500041152e
254722bc66012f1692b984f03c74eb540a0c007c1541c2fd54eb411ca526b2a6
GET /wp-content/themes/xtapes/scripts/scrollToTop.min.js?ver=1.0 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript
last-modified: Sat, 13 Sep 2014 10:40:38 GMT
cache-control: max-age=604800, private
expires: Tue, 12 Dec 2023 09:45:16 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HTdzcgqJQVIjivu%2FQZx36K8CjwQU7nAbxXmkHHr3dI2sC3AvTMnzsvMKE2Ic7BWhqUPu0FrUvxPqWF3kW2PWdYS0oOh5XMtN%2BdHi7OHUTAKNEfAsJ3XOpK9wQU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad563f2356bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
55k.io/player/jw8/provider.hlsjs.js
200 OK 386 kB URL GET HTTP/3 55k.io/player/jw8/provider.hlsjs.js
IP
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGoogle Trust Services LLC
Subject55k.io
Fingerprint8B:F5:10:8B:91:2D:61:98:27:4B:9B:7C:5B:3C:AC:0D:0B:93:C4:36
ValiditySun, 26 Nov 2023 06:12:41 GMT - Sat, 24 Feb 2024 06:12:40 GMT
Size 386 kB (386462 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player/jw8/provider.hlsjs.js HTTP/1.1
Host: 55k.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55k.io/e/oev5b2irs3p9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Nov 2022 13:44:16 GMT
etag: W/"5e59e-5edbee6d76c00"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 365
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLSrZzqRM08E2emiCcNw8cRizOG8wfMoPRyf3f9xGgm2wBL3WdFCKy33jrOIBRbHE%2F1Y4zOQj92s24gbIL0DPyJuxomoOdcWk%2BVMyNbKbt08IZ2kBWS6SdQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad5c0f367128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/css/large.php?responsive=yes&ver=4.2.36
200 OK 5.6 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/css/large.php?responsive=yes&ver=4.2.36
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (6100), with no line terminators
Hash 9a27fa086fb18812f478beaa986bf12a
fb84e0dcc54d0a116c8c5e13b5e4fb2f41d702fb
ddd9b70d6ff70e2586843ca61c229bb1f937d8c6f584c2f9c3ce009cb5b813b7
GET /wp-content/themes/xtapes/css/large.php?responsive=yes&ver=4.2.36 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: text/css;charset=UTF-8
cache-control: max-age=1209600
expires: Tue, 12 Dec 2023 09:45:15 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFGYvJJOsTjO%2BbvUZnXWW4Jk1ecOJT8uA%2FjJ4JZOn2U3a9tm9DT8rtAeK0feLBqEOD6XYZy80ChjvE1lDBwvkUey2UugLKvIgyW4%2FdZ9JWqyYOnHpxjBySluZ5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50190a56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.xtapes.io/i/8520258.jpg
200 OK 49 kB URL GET HTTP/2 www.xtapes.io/i/8520258.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, baseline, precision 8, 600x403, components 3\012- data
Hash a4c86beefa511810f382dad3f645619f
ab62b331549da3d8ec6549191e3e24b626877bb2
75bdd964a5569ea38abc6a2f25f0dfdbe839dcf3ea3a6cf98a070cb5ecdbe63c
GET /i/8520258.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Tue, 28 Nov 2023 08:08:11 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 08:08:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5791
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLUTbF3lPGfWoyr8C4RNu8NKkStIm6ePXwlhhX%2BCh%2BNTuZZMYAEvhchkRflXXBouNVdKzwNe40iTNiTUdy1f0Q6b945o4XBWpPGoys1fHgOFsxpvZI%2BWESwiNJkPn09j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50ea440b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
200 OK 146 kB URL GET HTTP/3 vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
Size 146 kB (145924 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09 HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//vid.xtapes.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//wss.commentsmodule.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//a.labadena.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
pragma: no-cache
x-origin-location: player
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdpZiVS1Pjmva8bnuLX3sbIgWo68AP4QGD79xGyssXy5%2BmLe0QbVdqwaE0NSrBEb8vW7u6uIFIniKVprAiwu68%2FGfNtJgQ63tXla8xgzHevWWloWtKf0QRj4KkY05PNa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50fa0256bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
200 OK 30 kB URL GET HTTP/2 unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (29325)
Hash 013916ab61482481d8de9742a0f95bee
546bb742502faa36f8c2bb954c2f028187660404
73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7
GET /progressbar.js@1.1.0/dist/progressbar.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
via: 1.1 fly.io
fly-request-id: 01HFTT9KCTZ41V3VWBXBAR6DX1-arn
cf-cache-status: HIT
age: 531415
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad58392156b5-OSL
content-encoding: br
X-Firefox-Spdy: h2
xtapes.to/wp-content/themes/xtapes/images/backtotop.png
200 OK 1.3 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/images/backtotop.png
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash b5c8554d1af907051ef0a3f50520cba3
308f20236f3fc3c200319d502fc6238186bb7906
1ecd8697c907e79a7e4bd42ee116975f4c28207e1b8d8afb52f3ef117c5b439a
GET /wp-content/themes/xtapes/images/backtotop.png HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/wp-content/themes/xtapes/style.css?ver=4.2.36
Cookie: _ga_X28T4HL97N=GS1.1.1701164725.1.0.1701164725.0.0.0; _ga=GA1.1.650077720.1701164726
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:22 GMT
content-type: image/png
last-modified: Sat, 13 Sep 2014 10:40:52 GMT
cache-control: max-age=1209600
expires: Wed, 06 Dec 2023 10:35:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 19208
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOkVBAA1ivXdCK9PLRmohckPtSRLpGxx8kJp0YrSV8x%2BfyhWytu9j0Jux%2B81CqjrVdle800wf4maU6hwflhAh5ltbITcOlTEuRaB8jskkzhC3BqVrfKTJOmPQn0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad7a3a1556bd-OSL
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vid.xtapes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Nov 2023 23:43:03 GMT
expires: Tue, 26 Nov 2024 23:43:03 GMT
cache-control: public, max-age=31536000
age: 36139
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
xtapes.to/wp-content/themes/xtapes/css/jquery.bxslider.css?ver=4.2.36
200 OK 2.5 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/css/jquery.bxslider.css?ver=4.2.36
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (2526), with no line terminators
Hash 8d4c9eb601f31dd47152cd3d19a919ba
43b0e2d7f22b9d27f7f7815cc9f1d073ed265c08
dd4e0a544c61d64ca19c36170b160fa4ece25c413c87cf64500fdd870a473a8c
GET /wp-content/themes/xtapes/css/jquery.bxslider.css?ver=4.2.36 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: text/css
cache-control: max-age=1209600
cf-bgj: minify
cf-polished: origSize=4067
expires: Sun, 26 Nov 2023 13:20:15 GMT
last-modified: Sat, 13 Sep 2014 10:40:50 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 188600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FoC70Nu2kyUU0vUbewVp0FDag66ydfgxlWl4QGjwT55TiLpCWrb0DucbBJzrpTfgfRA8sPxpBhiwekuScU0mLKrqJa9G97xhiu50ZNEiWqqN0jQcpJysxvjV%2Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50391b56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/images/px-middle.png
200 OK 105 B URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/images/px-middle.png
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e21162dc5fe2c8fae7fcbbcab3d1f677
d96e9c6a3466c53deb5894241122eacb2abdaf5e
96ab4523763217e2cdced1c84db63ada99cbe8465886dca77cd667604706bcb2
GET /wp-content/themes/xtapes/images/px-middle.png HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/wp-content/themes/xtapes/style.css?ver=4.2.36
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: image/png
last-modified: Mon, 30 Mar 2015 23:59:13 GMT
cache-control: max-age=1209600
expires: Fri, 24 Nov 2023 10:44:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 360051
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLaN25DbKv7xxXSWPO59CZoNLmj7KEfPqP3a1IX%2F6GuOVeXgNmElmmusBhht48o1Wu0oKdzWYgFzKfcGLyq9N1z1MX8AHQZGU5ULrSxoqoC5%2BG86pQJyj5KjUlk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad562f0e56bd-OSL
alt-svc: h3=":443"; ma=86400
unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
200 OK 3.1 kB URL GET HTTP/2 unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3441), with no line terminators
Hash c70a657c6ff1764a238929b6e46fb8e4
e2a8eb96b388abf14690ea14fe4af3f600296235
466840a5176a0d6bd70e2d5ade5928ad656ca6b9cd3040a241e33478c63f5813
GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01HFXFQD761P7QTCC22CPCK305-arn
cf-cache-status: HIT
age: 441835
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad5828fc56b5-OSL
content-encoding: br
X-Firefox-Spdy: h2
vid.xtapes.to/js/video.jquery_plugs/modernizr.js?12
200 OK 1.2 kB URL GET HTTP/3 vid.xtapes.to/js/video.jquery_plugs/modernizr.js?12
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (1245), with no line terminators
Hash 8daca638b6ea732f6375341d2dfe9811
73369521d8d8b5a3bbc30c158b2e9ca6ba37b9d1
23ae5f08dc1f05ecdb72298c9cf2eaf5670f088356903bec72f39520389dc0ba
GET /js/video.jquery_plugs/modernizr.js?12 HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
cf-bgj: minify
access-control-allow-credentials: true
access-control-allow-origin: *
accessing-static: 1
etag: W/"5b142327-4cb"
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
pragma: cache
vary: Accept-Encoding
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 369822
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApP0QScnlojN%2B8%2FPJO14adMcA6v9XAZw1nVKLIX46usV%2FygLG6GrvVhYQ2CXewCi8fKchvQTaQpFZ%2BarcBkqxuRHC1eGw6PkDNButJhvdmRpHSw8pmnJiLVeW2%2FgXD%2BS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad57a84156bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/jquery@2.2.4/dist/jquery.min.js
200 OK 86 kB URL GET HTTP/2 unpkg.com/jquery@2.2.4/dist/jquery.min.js
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01HG7A5H86SEST4VJG58SVVY7Z-arn
cf-cache-status: HIT
age: 112119
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad58493856b5-OSL
content-encoding: br
X-Firefox-Spdy: h2
duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico
0 B URL GET duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
55k.io/css/main.css
200 OK 49 kB IP
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGoogle Trust Services LLC
Subject55k.io
Fingerprint8B:F5:10:8B:91:2D:61:98:27:4B:9B:7C:5B:3C:AC:0D:0B:93:C4:36
ValiditySun, 26 Nov 2023 06:12:41 GMT - Sat, 24 Feb 2024 06:12:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/main.css HTTP/1.1
Host: 55k.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55k.io/e/oev5b2irs3p9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: text/css
last-modified: Sat, 12 Nov 2022 15:05:00 GMT
etag: W/"636fb61c-c11b"
expires: Wed, 29 Nov 2023 06:35:15 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 529801
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZZoTjtDJk24arnDyr6TB4fSF8R3iB7GJnVYWoGd%2BxDHy5WyHm2qkvZ2YjQtG%2Fd0sVSqE6UzB6P7HL0X9DfIJlX6SWoB%2Bmew4sCFVWs%2Fa8YVwJJBPWLd89I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad576b4f7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
vid.xtapes.to/js/script_33.10.js?16
200 OK 5.2 kB URL GET HTTP/3 vid.xtapes.to/js/script_33.10.js?16
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (5300), with no line terminators
Hash a20e1faabf784630073b6dba15c85c6b
a325e5079c10ed5a81403ea33e3e58d199d5cf58
0ccb087b516dbc6f9bef13e853b92e65fca35d812b1f3edcd3ed878cd26ed720
GET /js/script_33.10.js?16 HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Cookie: uid=Hh**1F7CSvPK9ynjsRp*RU7hDCHNomQS
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
cf-bgj: minify
cf-polished: origSize=6972
access-control-allow-credentials: true
access-control-allow-origin: *
accessing-static: 1
etag: W/"652135ca-1b3c"
last-modified: Sat, 07 Oct 2023 10:41:14 GMT
pragma: cache
vary: Accept-Encoding
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 527713
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5e764Y0U5Y3Lh1JeR3kHSsbyZaisWtjkYx0Dln1IGjBvbnDmaSib%2FpVteqOUnKLvdvZEJcK%2FwpwyJGPOAlfVWO%2FmGNi4iRaT8Y9RKtqFEI6Z5uuL8XWeR%2Fwb%2F2CWKP4k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad5e0e6d56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.tapioni.com/adgpt.js
200 OK 2.0 kB IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint67:5F:F1:E0:0C:5E:00:4E:6A:BF:B1:5F:40:29:66:0E:3F:9C:24:5F
ValidityWed, 30 Aug 2023 00:00:00 GMT - Thu, 29 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (2139), with no line terminators
Hash 9c6381dd68067ab80cd5653cf07cff9e
83e863ac39936c9ce92ec2174d4434129828e404
06777c44837f0e9b13aa6171a44cfc99f80638df9692d96c610fc8a1f11d8280
GET /adgpt.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:22 GMT
content-type: application/javascript
content-length: 821
last-modified: Mon, 27 Nov 2023 07:10:46 GMT
vary: Accept-Encoding
etag: "656440f6-335"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 95192
accept-ranges: bytes
server: cloudflare
cf-ray: 82d1ad796ad5b4ed-OSL
X-Firefox-Spdy: h2
xtapes.to/wp-content/themes/xtapes/images/down.png
200 OK 1.2 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/images/down.png
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ac798bd955db40476068c1dfe39e0ee
0f087d8d867b008caa2367d99d1ec233f3cb384f
be63121ea9f6e23537d2beae015af9951bf2268ec7e1d8552976ad47b4f4cf2e
GET /wp-content/themes/xtapes/images/down.png HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/png
last-modified: Sat, 13 Sep 2014 10:40:54 GMT
cache-control: max-age=1209600
expires: Wed, 06 Dec 2023 07:02:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 193844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b97ij8IpOKAHtJIju7BoMFd8ugzAYGlDH7ktO1UjnyCvDOSuDRXJt%2FiRPifbERARJvkIqozIcPFIOFM2kqUhYbdcZjLvXkklyHUywfsiJ1J%2BCpSOiFG%2BR1oM7yI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50392556bd-OSL
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/css/horizontal.php?responsive=yes&ver=4.2.36
200 OK 2.5 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/css/horizontal.php?responsive=yes&ver=4.2.36
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (2715), with no line terminators
Hash 3bd48e91913adb9141d4a89d1244f7f7
9a35b91176ff09da79ddc93eecf46b75d71ca8a6
5da9540e8666c6552c6fbf29110104534af690a90dbe37aa441bcb8c9743ec92
GET /wp-content/themes/xtapes/css/horizontal.php?responsive=yes&ver=4.2.36 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: text/css;charset=UTF-8
cache-control: max-age=1209600
expires: Tue, 12 Dec 2023 09:45:15 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ippfxClIBcdyFhCaLqZ%2B5Zf0WloBTUhMLovahW4w8%2BMLSfCJOb9Rsdr7JEDD50kuAnRAb9jkNOikQ892VcX%2BzReV7Lu%2BIf0GYZq39cWbEpMd3Kw5ZVDlBXK0cV8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50291156bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
a.o333o.com/api/click/1452915390274822095?c=90
200 OK 0 B URL GET HTTP/2 a.o333o.com/api/click/1452915390274822095?c=90
IP
ASN #24940 Hetzner Online GmbH
Requested by https://a.o333o.com/api/spots/112165?p=1
Certificate IssuerSectigo Limited
Subjecta.o333o.com
Fingerprint26:C9:FD:E3:58:82:6B:6B:A8:2C:F1:57:98:22:F8:75:CC:2D:0C:18
ValiditySun, 29 Jan 2023 00:00:00 GMT - Mon, 12 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/1452915390274822095?c=90 HTTP/1.1
Host: a.o333o.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.o333o.com/api/spots/112165?p=1
Cookie: nauid=tHhIGbnmyMBwUHA7WGSt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:45:16 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/3 friendshipmale.com/sfp.js
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:21 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: fefd662f82c48232aa9b7e040d2631d7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 28 Nov 2023 09:45:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGXA7K63HvQQcXeM3E8B9jeAivHmyw%2BVwCh4XJk72jlA1Pp3O9w%2BktJOKWG9IYbFloQBnCVauvsv03YgqEOgiAcJGSCTo000sa73tXCYUcnoN2MTglb%2Br34frxCcsOzOeVIILd0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad719be05693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/animate.css
200 OK 79 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/animate.css
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
Hash 80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET /sb/notifications/dating/default/us/desk-all/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vid.xtapes.to
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:21 GMT
content-type: text/css
last-modified: Tue, 14 Apr 2020 14:09:21 GMT
etag: W/"5e95c411-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 556396
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZdlX4ehFzLVT7t4I8OPWAG180nra9D%2BYWg3GZWlZ%2FbkOeRnCF%2F5Ja8Tg56AnjVF4%2BPm9VdRfY84ui2QppXOgNzfEOyIbEcGiuzZONDs2bdQiMfDBDLFsS6mFdUibGL9sGNJNyp8tkK%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad74cd0253a5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.xtapes.io/pic/kg0hg7tf4d10e.jpg
200 OK 10 kB URL GET HTTP/2 www.xtapes.io/pic/kg0hg7tf4d10e.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x197, components 3\012- data
Hash 53ffb843d4c33e114fc7d65b40c3fd96
66ecc962339da3335097361b5d4a2d6e2659189c
dd73a83400c1b25c24cbc5ab7cedef9afabe6c042f418a46e0f4eb61c224974d
GET /pic/kg0hg7tf4d10e.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: image/jpeg
last-modified: Mon, 06 Mar 2023 08:13:52 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 09:45:15 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9wmG%2F9Xpjh4X0pzEnmhxd6dJ4WQ3RnTQu5zoIvlPD0Pqhu3oJ82WIAZulzRy2ItnSDfNgYrjKGEPUZzFByPbCaq5FaKeSkFTXgvj6wz3EEoixrVZSKhuQ%2B9XROqsEBC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50ea410b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vid.xtapes.to/js/websocket_ip.min.js
200 OK 4.6 kB URL GET HTTP/3 vid.xtapes.to/js/websocket_ip.min.js
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (4798), with no line terminators
Hash 7c354bd309d3152f26fd4c61b1f7eb2b
2dc50304cfaecb57148a5001827f8e0b19acb9ca
f88d924353140c3c8cbfd2ce7f128539408029907fadeaa0f5cb81c4fde1e1e8
GET /js/websocket_ip.min.js HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Jan 2023 13:44:36 GMT
etag: W/"63ca9ac4-121c"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 10375
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvM%2Bfb7Afeg9JENw25knM63EhNBYzCUkySihf22aN1mL94J3lLPN%2BsFjqwHdsYywk2f3VK9BAjPdsVFOoeuV1OGMertLM6LJdgAYepv7jk6YHd77sQpLkHF1O8GPhO4S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad57983056bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
55k.io/dl?op=get_slides&length=2014&url=https://sw-cdn-images.com/oev5b2irs3p90000.jpg
200 OK 9.9 kB URL GET HTTP/3 55k.io/dl?op=get_slides&length=2014&url=https://sw-cdn-images.com/oev5b2irs3p90000.jpg
IP
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGoogle Trust Services LLC
Subject55k.io
Fingerprint8B:F5:10:8B:91:2D:61:98:27:4B:9B:7C:5B:3C:AC:0D:0B:93:C4:36
ValiditySun, 26 Nov 2023 06:12:41 GMT - Sat, 24 Feb 2024 06:12:40 GMT
File type ASCII text, with very long lines (10230), with no line terminators
Hash 766f7f4dc19114642b1b716982438fd9
7095187a18c84f07acb229472b34cea7e6f10bde
5f33667bb7ab86b94d545aa3433b7963d5011f51f80e47c155a2b6d185ebaee6
GET /dl?op=get_slides&length=2014&url=https://sw-cdn-images.com/oev5b2irs3p90000.jpg HTTP/1.1
Host: 55k.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55k.io/e/oev5b2irs3p9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:18 GMT
content-type: text/vtt
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1TABhiE3zWiGdGakwnKl2a9X1GlovIg5ibg4z5h1pX7d8c9I6UM9REWzVNOZMhJIxkNFbTPu4JSqh0FBv2Sp1NLIrkaQbbEiWq%2BXSnDrEjx%2FJuvs%2FDM0y4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad5e28c07128-OSL
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/css/radius.css?ver=4.2.36
200 OK 3.1 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/css/radius.css?ver=4.2.36
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (3063), with no line terminators
Hash 789aa1fef4485358d926d3a7753645d1
4a9bd7a18352667b6b832b4c6e934dc34878be58
d2a12fba2b1ce85b1770ee382ea0081e70761f48c27c2ded2df3a91460f4c4f3
GET /wp-content/themes/xtapes/css/radius.css?ver=4.2.36 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: text/css
cache-control: max-age=1209600
cf-bgj: minify
cf-polished: origSize=4079
expires: Sat, 25 Nov 2023 11:10:58 GMT
last-modified: Sat, 13 Sep 2014 10:40:50 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 460635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfvFFqjPiLpbDPapj8NPG9oo5zb3ttbOosPH6z159X00rfyHFNedPd2D54RhI5b%2FEpzdDDhAbH%2BAIvkewmvsmpm8ZQ5y7MeOiTAMNJCxQh2BycyjWLGpj8KzE4c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50391c56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/images/search-icon.png
200 OK 719 B URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/images/search-icon.png
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 46a9ef4189723488cc807ab71685c6b8
e6e7322c15a851e0b2a270a2c1ee663ebeda48ae
5dad770e698c6847e04d636bb070704f12f3b4e527d819b5e0a0643138309b58
GET /wp-content/themes/xtapes/images/search-icon.png HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/wp-content/themes/xtapes/style.css?ver=4.2.36
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: image/png
last-modified: Sat, 13 Sep 2014 10:40:56 GMT
cache-control: max-age=1209600
expires: Tue, 28 Nov 2023 10:28:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 437388
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTMbHFWwtA9acA9srk50dhLIdLZ1EKA63G%2FAgPI01NEBDMFMTD9LM4dcr%2BwpnZDKp6s%2FyUxyC2W8MYY7bwbb5vh2tMVjF12SULbcvzjStdEjOpdyGwxvwp5x1qs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad561ef956bd-OSL
alt-svc: h3=":443"; ma=86400
vid.xtapes.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
200 OK 12 kB URL GET HTTP/3 vid.xtapes.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (12331)
Hash 88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Cookie: uid=Hh**1F7CSvPK9ynjsRp*RU7hDCHNomQS
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:17 GMT
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
etag: W/"65568fe4-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqkItNlvhijeLxp1z5RIjjKqY3M7heu3z1UjnCaQJrZyiQnusfgMmO%2FFcck6ZKM%2BPUCRtqJDz%2FxtrPf5iHyqxv5ZyAZrPwHlMT6s%2FR5Nhq72niu1v%2F0UJJsKEi8K5tjc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad5e2e8d56bd-OSL
x-frame-options: DENY
expires: Thu, 30 Nov 2023 09:45:17 GMT
cache-control: max-age=172800, public
content-encoding: gzip
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/style.css
200 OK 5.8 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/style.css
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type ASCII text, with very long lines (6136), with no line terminators
Hash 9f80fb73071a2440f4592b4422167a7a
bbd9cd5f77ec53153284f71655920f35815c6c4b
0a1eda0aa145d20b7434500ebb9087051733b0e11eb2187a237a2891b0973b9d
GET /sb/notifications/dating/default/us/desk-all/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vid.xtapes.to
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:21 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 11:38:00 GMT
etag: W/"6128ce98-169c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgPCPZCFkq%2FaPcJ049Pn2%2BldhnBItnoOdIuaHf75Urn9b38kjBFWhumDmWdb49ibI7osddjOXVY3w9AotBUmATotsHsTZEquHdnlwPqrbMzM%2Brb%2FUgSgCp%2F%2BwLdvcAdjMmIsHg%2BP%2FlEG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad74dd1153a5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.xtapes.io/i/5862025.jpg
200 OK 56 kB URL GET HTTP/2 www.xtapes.io/i/5862025.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x401, components 3\012- data
Hash 2d80e43a55a193e27639a9631f08dbcd
0bcc0e38d249cd70fe3f26e6c5e082c2cb6ed9b1
0d194e788826233025e1da6894ac4ef04a6f66dd23ac21aff52f0cd77e989d8c
GET /i/5862025.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Tue, 28 Nov 2023 08:41:58 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 08:42:55 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3739
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BXyjJTCW3jftTcZmqa4slxymaMHkC%2Bm7JH5OB7ItiO5OOKA8EK0WfrtT%2B9qa7HPyIwWob3%2Fy9kgLFYmpUXhF0OELnauMaOzXaKYMO1u223tiZivCKB417WniKcexs00"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50ea430b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
55k.io/js/jquery.min.js
200 OK 90 kB IP
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGoogle Trust Services LLC
Subject55k.io
Fingerprint8B:F5:10:8B:91:2D:61:98:27:4B:9B:7C:5B:3C:AC:0D:0B:93:C4:36
ValiditySun, 26 Nov 2023 06:12:41 GMT - Sat, 24 Feb 2024 06:12:40 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /js/jquery.min.js HTTP/1.1
Host: 55k.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55k.io/e/oev5b2irs3p9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 03 Mar 2021 00:27:00 GMT
etag: W/"603ed7d4-15d9d"
expires: Sat, 02 Dec 2023 04:17:46 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 278850
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JC8rCoDNhjkKvjCXxFqSTZorpp1GjNt3thSntT4lmBXKmDEVBcvBdwkNMp6mV%2BW%2FXm03qfVpGyYKx0zY6LmZXn9gyNmUt%2BpiCzThUbyvrL%2B%2BNa%2F3gb1UKVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad576b517128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:20 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 6340f73fe29dc2bb475a9b2eab54ffa5
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 28 Nov 2023 09:45:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBVEtctB%2Fk9ks2w0V4a7%2B8IXLu2N%2BsNSpD2AaKiJ6Xk2cP555mGtQXtWdP%2B5yqz0RsTNVgyva%2Bl38egvFCPaUkVsuHO4d3bw9KXQ4l4Iv1vOtU2Uj9OH7s82EA9y87fBoivd96Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad6e1d06b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xtapes.to/wp-content/themes/xtapes/images/up.png
200 OK 1.2 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/images/up.png
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 921853ec807e0cd6875cc5748400a069
4926f0c7adcd613f89dd255df826846cf1cc65fc
fd85c9cce4c1b25e220ad665682145a524f9e2e5bfc84423bab91de2cd4b6f85
GET /wp-content/themes/xtapes/images/up.png HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/png
last-modified: Sat, 13 Sep 2014 10:40:52 GMT
cache-control: max-age=1209600
expires: Wed, 29 Nov 2023 13:34:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 99372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhwHXprVG35IXvzdfp7OO3YXQK2Do0f4OnSJ9TQKbAjAOsLEJgm1bASUu22jPMOr1SxMkn6BEvbzUEz2WU6Bz42nn2l91PrFtULbdxc8Ae4tK7FEh7DhfPODwxo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50392256bd-OSL
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/scripts/selectnav.js?ver=1.0
200 OK 2.1 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/scripts/selectnav.js?ver=1.0
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type Unicode text, UTF-8 text, with very long lines (2122), with no line terminators
Hash 6c00ddaf9a2ae4388498be2ea517a54b
d75dd668ea473ebfa4c025e6b94bf6a9e5b39141
b7d388c35f41294a58dfdb1fd5b531aea7d07f7fc4042ada41cc5f29ef040b27
GET /wp-content/themes/xtapes/scripts/selectnav.js?ver=1.0 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3900
last-modified: Sat, 13 Sep 2014 10:40:38 GMT
cache-control: max-age=18000
cf-cache-status: HIT
age: 317971
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FJ62FpgOiL8b23hGKReFuLF%2BINNOao%2BIT1WsMKiLRzgw0V3P9d%2BqIyCV9MuzL1tLFc%2FesqFlD8fz5e1amEa9TXT0nN1EAcRdc3ygKk6piUC8eSoi4UgEXB5vZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad565f3b56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
74.hevc.site/api/users/231072?host=xtapes.to&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fxtapes.to%2F05415%2Fevermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus%2F&i=1
200 OK 2.4 kB URL GET HTTP/2 74.hevc.site/api/users/231072?host=xtapes.to&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fxtapes.to%2F05415%2Fevermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus%2F&i=1
IP
ASN #24940 Hetzner Online GmbH
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subject6969.javher.com
FingerprintBC:39:B5:BA:F4:EC:D0:DD:F9:40:7A:8A:6D:05:DA:63:F6:3C:3A:82
ValidityWed, 15 Nov 2023 01:27:08 GMT - Tue, 13 Feb 2024 01:27:07 GMT
File type Unicode text, UTF-8 text, with very long lines (2542), with no line terminators
Hash e9cfd487e92fdf3721079ba39b8146f6
b023824e6cea1cc074049a968980b847cf6ab759
ee14d2277bd75ccf13af77c173390ffcb5140f2e205885f8e316fcf0b6517aea
GET /api/users/231072?host=xtapes.to&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fxtapes.to%2F05415%2Fevermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus%2F&i=1 HTTP/1.1
Host: 74.hevc.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Cookie: nauid=TDKgfDV8tC6eafs26pL6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:45:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Abel
200 OK 380 B URL GET HTTP/2 fonts.googleapis.com/css?family=Abel
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (388), with no line terminators
Hash f41ae1e191bbcf142c9dcda8392fc5b8
740ab624fa5ccaf2950469b0ccdf0ef395212bdb
9f562f4c727d55920faab9289a829289506e4a77dc80014d1a50c87f8fb00beb
GET /css?family=Abel HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 09:45:16 GMT
date: Tue, 28 Nov 2023 09:45:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r7nim14weg.sw-cdnstream.com/hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/seg-1-f1-v1-a1.ts?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304
200 OK 1.8 MB URL GET HTTP/1.1 r7nim14weg.sw-cdnstream.com/hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/seg-1-f1-v1-a1.ts?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304
IP
ASN #49453 Global Layer B.V.
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGlobalSign nv-sa
Subject*.sw-cdnstream.com
FingerprintA7:65:73:FF:C1:DF:99:64:28:31:2A:8D:55:E3:E6:F9:76:0F:B9:D5
ValidityTue, 18 Apr 2023 08:29:36 GMT - Sun, 19 May 2024 08:29:35 GMT
Size 1.8 MB (1766072 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hls2/01/02374/oev5b2irs3p9_,n,h,.urlset/seg-1-f1-v1-a1.ts?t=I89H1i5x4WEsEd9Yu_PuR1nErmUELLKWhfV3GkMWFOQ&s=1701164715&e=129600&f=11870340&srv=wmnctvnzzldw&i=0.4&sp=500&p1=wmnctvnzzldw&p2=wmnctvnzzldw&asn=50304 HTTP/1.1
Host: r7nim14weg.sw-cdnstream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55k.io
DNT: 1
Connection: keep-alive
Referer: https://55k.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 09:45:18 GMT
Content-Type: video/MP2T
Content-Length: 1766072
Connection: keep-alive
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Expires: Wed, 06 Mar 2024 09:36:20 GMT
ETag: "5f693e80-1af2b8"
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Accept-Ranges: bytes
www.xtapes.io/i/3651025841.jpg
200 OK 66 kB URL GET HTTP/2 www.xtapes.io/i/3651025841.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 735x478, components 3\012- data
Hash 551f4c6ff774b4f90aa72f9411b7bb2d
7f221f3fab6068ecd51e0806225c4d54cd480005
54ed80346e2390d17c58b225c295e4da1ea4880ac8a40a36b80edc8fd7d2dcb9
GET /i/3651025841.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Tue, 28 Nov 2023 07:57:04 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 08:08:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5791
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgbwHnGjPoejIg%2Fi2GqK5KR7EXQVVOTydaolKAN6yzr5CBRKIzqMWTPCUlJ3uC%2BmkH56iL9m%2BCbhSPRwJ9STxRglL%2BmnlIvvLwjrswKcg8LWOsoESUyBruR%2F%2FNr0uEga"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad511a5e0b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.xtapes.io/i/0g5t5rzsr.jpg
200 OK 18 kB URL GET HTTP/2 www.xtapes.io/i/0g5t5rzsr.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Optimized by JPEGmini 3.16.14.91282135 0xe3f3801c", baseline, precision 8, 400x282, components 3\012- data
Hash c73d07160bd803fe9db3acb1bb828577
26a0bc7f84e8f1b493d4aef53059b4f6bb8e9210
1decdd3aa240a0ce3e61e39d5829ac236108f8ff1f36e7c5c68ad8bf15a10720
GET /i/0g5t5rzsr.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: image/jpeg
last-modified: Mon, 06 Mar 2023 08:13:42 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 09:45:15 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vfCARP6vssYDbeUAsR80gty0M%2FFuCPkXvg8JJ7kjREqP5L5JDIBRdGy3cB%2Bl7Gvpe%2B7JLBOj32SNAVKjYA5PCDRAUFuYfApe2HvFX08CsVJdhB9Hhqqm1Sb%2FZHxbkKA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50ea3a0b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.xtapes.io/i/14586505882.jpg
200 OK 14 kB URL GET HTTP/2 www.xtapes.io/i/14586505882.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x262, components 3\012- data
Hash 6203f287a4ae32ca981a0890a3f3c2bc
d27305ec1d892084b1360618ddec1c8777a33900
635fb04ff5649b273f2d99d4f5e4dbed172bcbd0c18a3453cc1a5a57a5fe4a13
GET /i/14586505882.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Mon, 06 Mar 2023 08:13:44 GMT
cache-control: public, max-age=290304000
expires: Mon, 11 Dec 2023 14:30:35 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 69279
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lF6VqAXwdlpizKprfV2TIs5EPEzGhlkjUvklFPE1Jrbb4ZX578xEWkpypwGblv5tHtQ2rpmqV2MWoiw0CwpUDeO0cxZUHXsm3y0LXyDwCZiQZv4B00yQM9Wo3Gw6VWxS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50ea3b0b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-X28T4HL97N
200 OK 274 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-X28T4HL97N
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Size 274 kB (273952 bytes)
Hash ed1d6d0b459efc03d9fd41f1e917e62c
f2ffb5536388f5c32c3bfca0705846a072c63f09
60c663c2fb325d159981f6f54a8084613e58d45aad54877594ad559ddc768192
GET /gtag/js?id=G-X28T4HL97N HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 09:45:16 GMT
expires: Tue, 28 Nov 2023 09:45:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91428
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
55k.io/js/localstorage-slim.js
200 OK 2.1 kB URL GET HTTP/3 55k.io/js/localstorage-slim.js
IP
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGoogle Trust Services LLC
Subject55k.io
Fingerprint8B:F5:10:8B:91:2D:61:98:27:4B:9B:7C:5B:3C:AC:0D:0B:93:C4:36
ValiditySun, 26 Nov 2023 06:12:41 GMT - Sat, 24 Feb 2024 06:12:40 GMT
File type ASCII text, with very long lines (2081), with no line terminators
Hash 08a1ba68560486fde4d74f0ab0f313da
8f4068b45f2e731f146611d0d7b03d6bb0241876
9993f955d5c1239c7ec7a87a364032c892d0271761871b02b702eb2b632494f7
GET /js/localstorage-slim.js HTTP/1.1
Host: 55k.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55k.io/e/oev5b2irs3p9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 16 Nov 2021 13:32:00 GMT
etag: W/"6193b2d0-810"
expires: Wed, 29 Nov 2023 01:51:20 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 546836
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiyrbqoAuFT6AhfOuevM4vaV5tUkdahNkrpaO8yoebKJmbBxQhwfRUglR2LbYp1YMIV73mzKrb4hut4u7au6L1t0Vkbw88skQIR5Iq8W6B%2BpGltu%2FvnM7hc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad577b6c7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/themes/xtapes/css/dark.css?ver=4.2.36
200 OK 6.6 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/css/dark.css?ver=4.2.36
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (6617), with no line terminators
Hash dfadefab384b8a637ab9ad5d58eb8361
d3a7e76dd32552384f731b9761ba431e49fd641c
f3fc5eff4b014e69d61dd6e83af99a39de4fc9951b0f389635f936ac5322b436
GET /wp-content/themes/xtapes/css/dark.css?ver=4.2.36 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: text/css
cache-control: max-age=1209600
cf-bgj: minify
cf-polished: origSize=12711
expires: Fri, 08 Dec 2023 07:41:06 GMT
last-modified: Sat, 13 Sep 2014 10:40:50 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 181600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zK0pPW86b8a77Fe3CLBWKOdjCs8tTAdC%2B7XGs5WRZvStJMN5XjmcxbGcup0nuU%2FhQp%2FtNZnixRbXCPgNQaGqF632n0pg5Alur6k3DuofDeqygKK5x%2FCeHiwm80A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50190056bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
proftrafficcounter.com/stats
200 OK 40 B URL GET HTTP/2 proftrafficcounter.com/stats
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 7fcf0acc9f87d7ef26358cf14a36eab2
bd0982532136d7fb18338b81f5b0426d8908c6b0
c6425782697e0b322397b7e31badd3a99e12721bd950376a7032e533c32bfc77
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vid.xtapes.to
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:20 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vid.xtapes.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=8b7d021f-db35-4a28-bb1c-06ebf3ac71c1:1:1; expires=Fri, 25 Nov 2033 09:45:20 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/js/script.js
200 OK 386 B URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/js/script.js
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type ASCII text, with very long lines (399), with no line terminators
Hash 022602a468da44628060800173771da2
9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c
6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc
GET /sb/notifications/dating/default/us/desk-all/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vid.xtapes.to
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:21 GMT
content-type: application/javascript
last-modified: Tue, 14 Apr 2020 14:09:27 GMT
etag: W/"5e95c417-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 416081
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6p4DWkhcLD7Go%2FYfX7McDnP%2FdJWb9xlhbkt9esl1mqUWA70ePwO9Fxv1ksLuB1YJsaphnSTszNWoPH7GUUq4hN5Nquv7%2Fs1dOK2yOAduqhgUYVQZqimimdVz%2BntDtBdQaVlBWr4YO7xD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad74cd0a53a5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vid.xtapes.to/js/embed.232.js?736
200 OK 101 kB URL GET HTTP/3 vid.xtapes.to/js/embed.232.js?736
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
Size 101 kB (100846 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/embed.232.js?736 HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
cf-bgj: minify
cf-polished: origSize=173807
access-control-allow-credentials: true
access-control-allow-origin: *
accessing-static: 1
etag: W/"65590d29-2a6ef"
last-modified: Sat, 18 Nov 2023 19:14:49 GMT
pragma: cache
vary: Accept-Encoding
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 461079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJAP4Jx5C53iaWdJwtHIDRry3YhdghrSONSP5sXICy5DrdnhO8KtwG4vJjKNvcmKgfCsR4yGwXwCh%2B8QAiBi2DP5EDQIYYFUR%2F%2FyiH6NwYPZQmkVVGQm3mGmBWbldKG6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad57a84e56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
vid.xtapes.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
200 OK 12 kB URL GET HTTP/3 vid.xtapes.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (12331)
Hash 88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
etag: W/"65568fe4-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUQ408pwNI9%2BzxG57YBVw%2BMblQy6lxLsXVSd2CNXFOIEai5YBvFVjZkrs0pFU8aTFfdeCZ6nxuP%2FNWXkjayuv0kLVYiwBR1CB3h5AQJ%2ByRwRDxMUFEovLzR8hPCZ6xoo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad57b85956bd-OSL
x-frame-options: DENY
expires: Thu, 30 Nov 2023 09:45:16 GMT
cache-control: max-age=172800, public
content-encoding: gzip
xtapes.to/wp-content/plugins/anti-spam/js/anti-spam-5.4.js
200 OK 2.5 kB URL GET HTTP/3 xtapes.to/wp-content/plugins/anti-spam/js/anti-spam-5.4.js
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (2823), with no line terminators
Hash 27d114b003704b2044b1b1795d064a88
d2726240c588cfd93500dd226d2f2f351325aa48
d4de35770933366d0fb706b4303037c9c6949512822b8f313a4c63a3f5d7c4f3
GET /wp-content/plugins/anti-spam/js/anti-spam-5.4.js HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript
last-modified: Tue, 21 May 2019 13:33:05 GMT
cache-control: max-age=604800, private
expires: Tue, 12 Dec 2023 09:45:16 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBbisLM%2BmWfypYvGevsPBT4vQOveG%2BpYacBfBndrQwuR5gcyDygd4hO1WGoFON6hY%2BThlKyDSadnG9nLGU1HNuNXd19Z2jTKOQrO4fugwjnJFWYf0pRipkmQ6Xw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad563f2056bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
commentsmodule.com/js/js.load.1.js?6716944413270802
200 OK 0 B URL GET HTTP/2 commentsmodule.com/js/js.load.1.js?6716944413270802
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerGoogle Trust Services LLC
Subjectcommentsmodule.com
FingerprintFB:D4:66:A8:AE:18:5F:8C:FE:B0:5E:D5:8D:88:CA:1B:63:0A:16:67
ValidityThu, 12 Oct 2023 20:21:07 GMT - Wed, 10 Jan 2024 20:21:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/js.load.1.js?6716944413270802 HTTP/1.1
Host: commentsmodule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vid.xtapes.to/
Origin: https://vid.xtapes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:17 GMT
content-type: application/javascript; charset=UTF-8
content-length: 0
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
etag: "625811a4-0"
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 446163
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yS2qLUgqScgjbZLHC2qzWq4QLhc2gscP4lJTFePjRQb%2BR1ommcWlTZ%2BqKO3jE5LX4gk8ND6GXxV4kFY907lpdpzDjSHF%2BSe9DWJQEi3eJWRwKRG0WFBJCu2NSwAiZ8JL%2Bw79r4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 82d1ad5c4933b51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sadjklq.com/netu.php
200 OK 1.2 kB IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerGoogle Trust Services LLC
Subjectsadjklq.com
Fingerprint72:69:F9:BF:D9:20:23:59:4D:E4:C9:75:C9:BA:4F:D7:3D:E8:70:27
ValidityWed, 22 Nov 2023 23:37:41 GMT - Tue, 20 Feb 2024 23:37:40 GMT
File type ASCII text, with very long lines (1189), with no line terminators
Hash 13b0a09aa5b291f7dd6fc0ba8f31f5be
d04d79218633faf8299456a1737362dd87d0f439
ae6e57169c43ef9ac33d4cd95f5dbb87a38496cdcc5f0fae101679bcfe2841dd
GET /netu.php HTTP/1.1
Host: sadjklq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:18 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTtjr%2Fm%2FgAP13iKrPVNSdcrZMfUjFE8%2FCClvRFkBOL%2BEkbmN%2FffzN4AyidRUmD8VR4o4AP4tSe9UASOJ6CeNFxnzxPVYZ3SCICU7jlNd6imkHrn0Yz0pEnYDhwkizg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad5f1bc956cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/reload?k=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV
200 OK 35 kB URL POST HTTP/3 www.google.com/recaptcha/api2/reload?k=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV&co=aHR0cHM6Ly94dGFwZXMudG86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=n4jc9zres8md
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with very long lines (35120)
Hash 96cc5923bd6c98ff349999839d675ccc
c9e47cc7940cc26b82c7954728ce9346851f1f98
805ced36a0dc6a7ccdb682495439bf993c8278956604d5408ea93436d30fbef9
POST /recaptcha/api2/reload?k=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 9070
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV&co=aHR0cHM6Ly94dGFwZXMudG86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=n4jc9zres8md
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Tue, 28 Nov 2023 09:45:24 GMT
expires: Tue, 28 Nov 2023 09:45:24 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09AFcnIjgVgMFks_AFH6TUUtlA4v7uymkTSA_XlAMmsfmHTGMNt11oO8ZE2m0ftuSES12CMObHJvZMTYsJzhicYgE;Path=/recaptcha;Expires=Sun, 26-May-2024 09:45:24 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
xtapes.to/wp-content/uploads/xtapes2.png
200 OK 5.9 kB URL GET HTTP/3 xtapes.to/wp-content/uploads/xtapes2.png
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type PNG image data, 197 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash 026d6d9e8abe2dd0b2165f50d69429c9
30c15a811bd2291eb9b2a50ac4d52cb4b5fa317f
70cccdb483b30e6fcd7afd9738bc53296a8413216e3533b300077c8f839b41ca
GET /wp-content/uploads/xtapes2.png HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/png
last-modified: Sun, 30 Jul 2023 09:58:17 GMT
cache-control: max-age=1209600
expires: Thu, 07 Dec 2023 11:13:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 99390
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4U6lppwucY2LNi8LkaAL3fXRB2F9YfgNH7qAqRam%2B%2FwMaxWjiF0f%2F4ulhKSBPYp0vuei%2FqV2idRcmNX%2BLYPosekwgxbt7vT0MDuhgj5bOMH%2BHXYL0Rhimw0iIE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50392156bd-OSL
alt-svc: h3=":443"; ma=86400
www.xtapes.io/i/598414785014.jpg
200 OK 32 kB URL GET HTTP/2 www.xtapes.io/i/598414785014.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x334, components 3\012- data
Hash cac9296f52674cdba46e3958299ac4ea
a2de3ab4a6ccda084de8a5742fefc34c806bfbca
82bd80cce85ebce4481c43024e86209acb38cfa35aff406331aebc4b327dab31
GET /i/598414785014.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Mon, 06 Mar 2023 08:13:46 GMT
cache-control: public, max-age=290304000
expires: Mon, 11 Dec 2023 00:02:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 121343
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGt6bUZg%2BwqdvE%2FKsvSWqGgQ66ChRuoh05PkCumyKT47Q%2Fh%2Bkd1pGP4WMZVHnOIjLK6J8achjMFipgXgxw7riP%2Bre6xfaVpiy4eNhRmCt0ecFFIWpQCSa8ddYeXhItPb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50ea420b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xtapes.to/wp-content/themes/xtapes/images/time-dark.png
200 OK 1.3 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/images/time-dark.png
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 17917a6513d1fe81709eed6ea6b71eeb
4a03d873673a8b6d7e925c3402f133c601482b82
d7a601a588472461e3bd27881cdfa979350afa0649b92233f58e9089055bcb34
GET /wp-content/themes/xtapes/images/time-dark.png HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/wp-content/themes/xtapes/css/dark.css?ver=4.2.36
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: image/png
last-modified: Sat, 13 Sep 2014 10:40:54 GMT
cache-control: max-age=1209600
expires: Sun, 26 Nov 2023 09:56:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 276922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HoJjztAALbxxumQwPufUxbAQhFek%2Fwj%2BAMash6TzFXMNPBIexkUAty2DME66nvcEeT%2BgbIZlBz%2BrVfO2BF%2F3%2BO73dlYJp7cFvvj5is48b2u8OQQG2l4RnmB6xlc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad562f0956bd-OSL
alt-svc: h3=":443"; ma=86400
xtapes.to/wp-content/plugins/tabby-responsive-tabs/css/tabby.css?ver=1.2.1
200 OK 1.3 kB URL GET HTTP/3 xtapes.to/wp-content/plugins/tabby-responsive-tabs/css/tabby.css?ver=1.2.1
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (1252), with no line terminators
Hash 0268e66c85611ed30b2509017063a99e
bd39d4ee8d8fa2aedc8177bc11df059b317e4c8b
801e5a948fdbd28bf7607f2e44d9b6c97786144bb7093e07e0035ffb3cefd1db
GET /wp-content/plugins/tabby-responsive-tabs/css/tabby.css?ver=1.2.1 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: text/css
cache-control: max-age=1209600
cf-bgj: minify
cf-polished: origSize=1508
expires: Thu, 23 Nov 2023 13:39:57 GMT
last-modified: Mon, 24 Aug 2015 14:50:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 593696
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LUaGbjjyAYBKpUwqtPh21QpZbJfk29Pr2uzKV4gRiHEB37xTlvdV6Us33QvSCBt9YNWPtwpyf1OPLoFYFvgzl%2FQWtcbzCYXt7lfIyw7SA46lHla%2BDLgpKZH1t0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50391e56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
proceedglad.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuIPyEXFi6AwoAcFd7Z%2Fzc6MOURjjARjsiSRnDzUr54tt6arU9U9PdlTSEByHD15Cr3fbLKoi5iLt4D0epGFoO1BVnT%2FCSE3QWZ2YPRB1Xuvvnf4vu%2FV59vFEfFR0MP1j82W0pqudtp%2B680bKhWmdK3L11uB3%2FbPtG6odC0%2B0xrPLjt6J%2FA7bf%2Bt1oeSb5rV0A98P%2FCD1gVlZWLGq3MUKtvrB%2B2%2B347DdtCJMbb%2F713hwVEPYnREXoISzTMbPz%2BC4jXS4ffnpdvMTfb2B8NC09xYjMTuJ%2BlmasoUw2WZWA9JuruYhnENIV%2BdgEl3FwpgRjszBWCqId7vAVi6u6AJNnpwzJRpyBRMnEY5qiF1DUVrcHMXSvxKAC5w%2BQrS4cPLxpb01jFKZ2hDTj39G6psyKm%2FXkY6%2FO6cVuPWNaOLXJnUYZxUUOMaalAjK%2FaRb3lQ5T54fgdKPCGrTy8hHe5ccdpAicM3eqwr%2FDBIVgSLOisxDXsrjAV8xV%2BTLIko7wY8mFukVA2V1NByAuo8FLOjPBSJhyLzMBSHLdrpJ77fTVgSRb2Ycx5FnHd6a6IjoriX%2BCj4TMMEeTYB1xNwexuZvY1N9WVDyP37DSF%2FrMMWP8JtVHDCg8sJRqJCKQlKR1BSglIRlDlBOaoeCO1CVz0U2hUsWORwkaNqavLBNn1g8oFMyXZ2RF6cWeg9f2cPm%2FKwRdeYz3r9sCP6LKJx0Im5H3V4GLNYin5XwqkKyp2YC95SDXn1cRuZashzn%2F4JRvfh9D64egG0eA20nHZDH3RjGvd8bKV7VBQ6X9m4ebOdGwhTIctPIb%2Flbesj8sp8le%2FWz0Lyg7O%2FkHmA2wqZrfCZ%2BolgoO9Nr5qS7Fw1pSOPrmS5GqotOlvztZzm8uQ3H8lbpbHi4nk3%2Bfo9PgNm5d516fJLNBUqHTjy7TklhLQXjOWSPL7obki2XriNc4VNi%2BzS%2BvsXLg4zK51TJq1BVUNIfRNcNeT0P0%2FmX%2Fh1q6FsDVtUGBYHZBFQZh88uw2XLfk7Q2D1coZlHsqimtqQLR%2B1ItBy2VNWwf2nZ8t6293DwHqg%2BV2kwwojW2GkK1A9gStOTvPMHpz9LZoHmPamTFtvh2mrvzg216nDVieIZY%2F1ulwIJrkIumHUi3w%2FFCLu9mXQR%2B4aKX949C8AAAD%2F%2FwEAAP%2F%2FW3xWjJoEAAA%3D
200 OK 0 B URL GET HTTP/1.1 proceedglad.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuIPyEXFi6AwoAcFd7Z%2Fzc6MOURjjARjsiSRnDzUr54tt6arU9U9PdlTSEByHD15Cr3fbLKoi5iLt4D0epGFoO1BVnT%2FCSE3QWZ2YPRB1Xuvvnf4vu%2FV59vFEfFR0MP1j82W0pqudtp%2B680bKhWmdK3L11uB3%2FbPtG6odC0%2B0xrPLjt6J%2FA7bf%2Bt1oeSb5rV0A98P%2FCD1gVlZWLGq3MUKtvrB%2B2%2B347DdtCJMbb%2F713hwVEPYnREXoISzTMbPz%2BC4jXS4ffnpdvMTfb2B8NC09xYjMTuJ%2BlmasoUw2WZWA9JuruYhnENIV%2BdgEl3FwpgRjszBWCqId7vAVi6u6AJNnpwzJRpyBRMnEY5qiF1DUVrcHMXSvxKAC5w%2BQrS4cPLxpb01jFKZ2hDTj39G6psyKm%2FXkY6%2FO6cVuPWNaOLXJnUYZxUUOMaalAjK%2FaRb3lQ5T54fgdKPCGrTy8hHe5ccdpAicM3eqwr%2FDBIVgSLOisxDXsrjAV8xV%2BTLIko7wY8mFukVA2V1NByAuo8FLOjPBSJhyLzMBSHLdrpJ77fTVgSRb2Ycx5FnHd6a6IjoriX%2BCj4TMMEeTYB1xNwexuZvY1N9WVDyP37DSF%2FrMMWP8JtVHDCg8sJRqJCKQlKR1BSglIRlDlBOaoeCO1CVz0U2hUsWORwkaNqavLBNn1g8oFMyXZ2RF6cWeg9f2cPm%2FKwRdeYz3r9sCP6LKJx0Im5H3V4GLNYin5XwqkKyp2YC95SDXn1cRuZashzn%2F4JRvfh9D64egG0eA20nHZDH3RjGvd8bKV7VBQ6X9m4ebOdGwhTIctPIb%2Flbesj8sp8le%2FWz0Lyg7O%2FkHmA2wqZrfCZ%2BolgoO9Nr5qS7Fw1pSOPrmS5GqotOlvztZzm8uQ3H8lbpbHi4nk3%2Bfo9PgNm5d516fJLNBUqHTjy7TklhLQXjOWSPL7obki2XriNc4VNi%2BzS%2BvsXLg4zK51TJq1BVUNIfRNcNeT0P0%2FmX%2Fh1q6FsDVtUGBYHZBFQZh88uw2XLfk7Q2D1coZlHsqimtqQLR%2B1ItBy2VNWwf2nZ8t6293DwHqg%2BV2kwwojW2GkK1A9gStOTvPMHpz9LZoHmPamTFtvh2mrvzg216nDVieIZY%2F1ulwIJrkIumHUi3w%2FFCLu9mXQR%2B4aKX949C8AAAD%2F%2FwEAAP%2F%2FW3xWjJoEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuIPyEXFi6AwoAcFd7Z%2Fzc6MOURjjARjsiSRnDzUr54tt6arU9U9PdlTSEByHD15Cr3fbLKoi5iLt4D0epGFoO1BVnT%2FCSE3QWZ2YPRB1Xuvvnf4vu%2FV59vFEfFR0MP1j82W0pqudtp%2B680bKhWmdK3L11uB3%2FbPtG6odC0%2B0xrPLjt6J%2FA7bf%2Bt1oeSb5rV0A98P%2FCD1gVlZWLGq3MUKtvrB%2B2%2B347DdtCJMbb%2F713hwVEPYnREXoISzTMbPz%2BC4jXS4ffnpdvMTfb2B8NC09xYjMTuJ%2BlmasoUw2WZWA9JuruYhnENIV%2BdgEl3FwpgRjszBWCqId7vAVi6u6AJNnpwzJRpyBRMnEY5qiF1DUVrcHMXSvxKAC5w%2BQrS4cPLxpb01jFKZ2hDTj39G6psyKm%2FXkY6%2FO6cVuPWNaOLXJnUYZxUUOMaalAjK%2FaRb3lQ5T54fgdKPCGrTy8hHe5ccdpAicM3eqwr%2FDBIVgSLOisxDXsrjAV8xV%2BTLIko7wY8mFukVA2V1NByAuo8FLOjPBSJhyLzMBSHLdrpJ77fTVgSRb2Ycx5FnHd6a6IjoriX%2BCj4TMMEeTYB1xNwexuZvY1N9WVDyP37DSF%2FrMMWP8JtVHDCg8sJRqJCKQlKR1BSglIRlDlBOaoeCO1CVz0U2hUsWORwkaNqavLBNn1g8oFMyXZ2RF6cWeg9f2cPm%2FKwRdeYz3r9sCP6LKJx0Im5H3V4GLNYin5XwqkKyp2YC95SDXn1cRuZashzn%2F4JRvfh9D64egG0eA20nHZDH3RjGvd8bKV7VBQ6X9m4ebOdGwhTIctPIb%2Flbesj8sp8le%2FWz0Lyg7O%2FkHmA2wqZrfCZ%2BolgoO9Nr5qS7Fw1pSOPrmS5GqotOlvztZzm8uQ3H8lbpbHi4nk3%2Bfo9PgNm5d516fJLNBUqHTjy7TklhLQXjOWSPL7obki2XriNc4VNi%2BzS%2BvsXLg4zK51TJq1BVUNIfRNcNeT0P0%2FmX%2Fh1q6FsDVtUGBYHZBFQZh88uw2XLfk7Q2D1coZlHsqimtqQLR%2B1ItBy2VNWwf2nZ8t6293DwHqg%2BV2kwwojW2GkK1A9gStOTvPMHpz9LZoHmPamTFtvh2mrvzg216nDVieIZY%2F1ulwIJrkIumHUi3w%2FFCLu9mXQR%2B4aKX949C8AAAD%2F%2FwEAAP%2F%2FW3xWjJoEAAA%3D HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Cookie: u_pl=17334956; uid_id2=8b7d021f-db35-4a28-bb1c-06ebf3ac71c1:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca6b0b8925d9b3a4154c035c24b4ed97e=[4243974]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 09:45:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2a9a78c9e78fe57893ec7da568493859
Strict-Transport-Security: max-age=0; includeSubdomains
www.xtapes.io/i/9840258410.jpg
200 OK 32 kB URL GET HTTP/2 www.xtapes.io/i/9840258410.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, baseline, precision 8, 600x411, components 3\012- data
Hash 4417c996d9e5dd7fbf9aebdfdf5c2853
c5fa65f17d5b10de42df75b3e3dde20cc010c3b2
25de804fc026467cf19ce5fb5bb95255419c7ed2115a2c730896ebe131a91516
GET /i/9840258410.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Tue, 28 Nov 2023 08:05:20 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 08:08:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5791
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLx6IL%2BaGVbeeWVOMpAtBRAfsY1iLAbJ6EfXSy2oY8BbGz0vEADYU4joLEAWoOlgCeotSj6LSDU9mzPDJ6C0sJw2kpgijAfyxdxKs057ylZvllR33wJWLL5VaMi0Z8pS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50ea450b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
55k.io/player/jw8/jwplayer.js?v=2
200 OK 121 kB URL GET HTTP/3 55k.io/player/jw8/jwplayer.js?v=2
IP
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGoogle Trust Services LLC
Subject55k.io
Fingerprint8B:F5:10:8B:91:2D:61:98:27:4B:9B:7C:5B:3C:AC:0D:0B:93:C4:36
ValiditySun, 26 Nov 2023 06:12:41 GMT - Sat, 24 Feb 2024 06:12:40 GMT
Size 121 kB (120878 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player/jw8/jwplayer.js?v=2 HTTP/1.1
Host: 55k.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55k.io/e/oev5b2irs3p9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 07 Dec 2022 04:33:26 GMT
etag: W/"1d82e-5ef356be49180"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4657
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsNFBCaRz1Fc65FuCOv963XIqW8O4v40Rj0kNqzVi9RxmBgv6jA3Ho9ja%2BfSu30jbDMsV0Dd2Ff%2BR2C%2BoXYul8nAp1S0%2Bm7tgg%2BZZM4rtOV%2Ftq0gqS%2Fr9QI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad577b6a7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
sw-cdn-images.com/oev5b2irs3p9_xt.jpg
200 OK 84 kB URL GET HTTP/2 sw-cdn-images.com/oev5b2irs3p9_xt.jpg
IP
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerLet's Encrypt
Subjectsw-cdn-images.com
Fingerprint0F:80:51:5F:A5:96:E5:13:59:11:E1:8A:AD:06:4B:E6:45:34:68:A2
ValiditySat, 07 Oct 2023 13:21:09 GMT - Fri, 05 Jan 2024 13:21:08 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 875x440, components 3\012- data
Hash ef91e6bd5bf8f35023a5a461a96a7e8d
fc955c70fec3d90a2acd298a9101608502e97ca4
82620e3c2c02a78a629e4191bd8d2424aa23d058662a25c3465724418a5df38b
GET /oev5b2irs3p9_xt.jpg HTTP/1.1
Host: sw-cdn-images.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55k.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: image/jpeg
content-length: 83545
last-modified: Mon, 27 Nov 2023 08:10:47 GMT
etag: "65644f07-14659"
expires: Mon, 04 Dec 2023 08:19:48 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 88907
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeJC7VK4zitX6IOE%2BVtyfkW1y3QoIQTwfRRUmjhNRTNa3w892m0GnGl%2Fd9Gca1T29o2GOLXU7CntoeYYnCt9czXPPnlDdheTiQIDm3%2B%2BLd3p4IB9skMFCBvMf7Jy8VKW0CSiRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad586a885688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xtapes.to/wp-content/themes/xtapes/scripts/jquery.bxslider.min.js?ver=1.0
200 OK 20 kB URL GET HTTP/3 xtapes.to/wp-content/themes/xtapes/scripts/jquery.bxslider.min.js?ver=1.0
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (19137), with CRLF line terminators
Hash b7408d4bd6fb58f0870b25e783abc183
238012a97e4a7d9d6dc4540122ecffb8684a9098
92cc37ab95008b66bf2cfb65f472a2923ed2d182e0026cb23418b0ae049cf081
GET /wp-content/themes/xtapes/scripts/jquery.bxslider.min.js?ver=1.0 HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:17 GMT
content-type: application/javascript
last-modified: Sat, 13 Sep 2014 10:40:38 GMT
cache-control: max-age=604800, private
expires: Tue, 12 Dec 2023 09:45:16 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJW1pe68yYmT86%2BVrk1XeT3ELhtHAQfBEwx55RyEcGtRJQ4rB85PMBhX08NK%2Fnfl%2FEuIO3F8didHmyKgIqDHzgU5mO9H49ngO3KPHX%2BIFHt9s5o8qvykkQ1UrK8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad563f2156bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
55k.io/js/xupload.js
200 OK 11 kB IP
Requested by https://55k.io/e/oev5b2irs3p9
Certificate IssuerGoogle Trust Services LLC
Subject55k.io
Fingerprint8B:F5:10:8B:91:2D:61:98:27:4B:9B:7C:5B:3C:AC:0D:0B:93:C4:36
ValiditySun, 26 Nov 2023 06:12:41 GMT - Sat, 24 Feb 2024 06:12:40 GMT
Hash 98f99724f09ee7524d3e2ad085f43332
3a1b48d327c1bb5c1675b5d63d7806006b18b671
90c38291318a91efee3b33b2ab5dcc4338fd5a85ff913afa631dfd26267a7eac
GET /js/xupload.js HTTP/1.1
Host: 55k.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55k.io/e/oev5b2irs3p9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 08 Oct 2021 17:16:00 GMT
etag: W/"61607cd0-29dc"
expires: Wed, 29 Nov 2023 05:44:50 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 532826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGrjCKV%2FWecu%2F8cyov4SId111YLdSRABkSpOCo5tyW5bN6%2BqlvnZHCcj2C%2FmKkD%2FyoPoaA%2Ft67vhd7339b6S%2FV%2BFjWU9yfApbJrAwrbY5xd0aInwR6CV8So%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1ad576b567128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.xtapes.io/i/6369414710.jpg
200 OK 32 kB URL GET HTTP/2 www.xtapes.io/i/6369414710.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x355, components 3\012- data
Hash 5ad886dbc587433197f91387329b593c
10ca00897f2f4405b374dab7abe8b2db1eab53e8
cafb0f73f6b779d6ff05e36e4e77ba3b0d980e5b6b676f713a4fd1db380a3268
GET /i/6369414710.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: image/jpeg
last-modified: Mon, 06 Mar 2023 08:13:44 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 09:45:15 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAX%2FJe2ZvyrvcnyLwLAxvO0IMdHNGq2U%2B02xUYn7gjOEoParDP1hPFGwj0%2FMy9dHEBWUCKS5Y5A4DwqaF4jY%2Fvzu%2FqJHO%2Bd%2FVcBCkyerSNWGx%2Bxqgwr4V0o39rjCZi1r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50ea3e0b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xtapes.to/wp-content/uploads/2015/02/546599r-210x142.jpg
200 OK 11 kB URL GET HTTP/3 xtapes.to/wp-content/uploads/2015/02/546599r-210x142.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 210x142, components 3\012- data
Hash 148301bc88a96152792758c262ed0836
bab730d6f975ea5e589a41f4ac9b273e9401172c
7e5d771cec2cfb9ad97bc32b61d28e0380124b3fd80a69d78a9bd2eb32459b18
GET /wp-content/uploads/2015/02/546599r-210x142.jpg HTTP/1.1
Host: xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Mon, 24 Aug 2015 15:08:54 GMT
cache-control: max-age=1209600
expires: Fri, 08 Dec 2023 10:47:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 215400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Hh7uiz01WEaB9Z8RpoxqugPvgMNh0bsEvAHPkYT3SvWQQLdEYz5zPQqhlZ%2BFFskqWwmCOLYYb6PEgBwzkxg%2FOYVY8IApmwiGSklNcJauLONNYt5SYBFjRhjzYU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad50695356bd-OSL
alt-svc: h3=":443"; ma=86400
vid.xtapes.to/js/d_check.js?35
200 OK 3.4 kB URL GET HTTP/3 vid.xtapes.to/js/d_check.js?35
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerLet's Encrypt
Subjectxtapes.to
Fingerprint0D:B7:CA:B7:AC:46:98:16:A8:DB:FD:FF:70:4B:06:F8:B4:45:90:F0
ValidityMon, 30 Oct 2023 09:39:29 GMT - Sun, 28 Jan 2024 09:39:28 GMT
File type ASCII text, with very long lines (3517), with no line terminators
Hash fe2d2eda190fc3b71c062b7e8dab0c49
40a2b4e16d787197add482763ecdb68c47ce453b
9ea58df3c632c7434851abcd23e163fbaee8453ec430ed69e72e58137f111a24
GET /js/d_check.js?35 HTTP/1.1
Host: vid.xtapes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:45:16 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
cf-bgj: minify
cf-polished: origSize=3456
access-control-allow-credentials: true
access-control-allow-origin: *
accessing-static: 1
etag: W/"65190d56-d80"
last-modified: Sun, 01 Oct 2023 06:10:30 GMT
pragma: cache
vary: Accept-Encoding
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 362874
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgoTZ1IEVtvbro1wdSeeYGZ%2F74InI8ce7zxrqc%2BUqy8%2FcKRLRgqXNfFbfZ8T8nlqjHQHG9FffEnuYkd8HidsVLePyGPFG5r0qk66Ycd%2BPkL3dVnrVKDr1Ch5q1y3OsPI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1ad57a84a56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
videocdnmetrika.com/f.php?sid=212040
200 OK 0 B URL GET HTTP/2 videocdnmetrika.com/f.php?sid=212040
IP
Requested by https://vid.xtapes.to/e/Y2oySzBKM1VMQ2JqbDJ4MnR3bU83UT09
Certificate IssuerGoogle Trust Services LLC
Subjectvideocdnmetrika.com
Fingerprint65:C2:6F:7C:ED:59:22:15:7F:47:FD:32:BD:2B:DB:FB:34:68:26:E6
ValiditySun, 26 Nov 2023 13:44:21 GMT - Sat, 24 Feb 2024 13:44:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f.php?sid=212040 HTTP/1.1
Host: videocdnmetrika.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid.xtapes.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:18 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2jhcYuovzFIJvie4KxNYN6dg0XkwV30Qqs1btSv3cYPCBYyf0XwLWiQQ%2BgZNpCiCV1L2alYZiQgQB3yhADJDaStC%2FUnh8VwEyJiQdHf970ZWrBnqDP4jYwnYN8jRHrFDy6xOD1l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad606e59b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
200 OK 102 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV&co=aHR0cHM6Ly94dGFwZXMudG86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=n4jc9zres8md
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with no line terminators
Hash b581f6e6ac7eb4d572233bdd384918f8
12a90cd14cfea2286982801538560f638670eaff
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldn4C0aAAAAAEVbfUotPQpkzG_iWMoC-3pwn6fV&co=aHR0cHM6Ly94dGFwZXMudG86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=n4jc9zres8md
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 28 Nov 2023 09:45:23 GMT
date: Tue, 28 Nov 2023 09:45:23 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.xtapes.io/i/98158410258.jpg
200 OK 48 kB URL GET HTTP/2 www.xtapes.io/i/98158410258.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, baseline, precision 8, 600x405, components 3\012- data
Hash bce8b6380868c3fe81247d49267285c9
f1c471ce47534ed78936725235165e05faa03d7d
ce581e58073785c56e19defc994c9b89cc6e35a82d74eb5e48f8a137acb08ea6
GET /i/98158410258.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Tue, 28 Nov 2023 08:03:20 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 08:08:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5791
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmyKEjxOJEkcb1bIPukoib5dtaCQxuGKYhfNYGNGAGtu2aA8WtNSUv7aYdKt87kfeQf74owNMBhcVb5BlXEVmh8HpElDNrf18%2FzWBnp5a159XFuRIBemNTF6O%2FZ49mmR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad50ea460b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.xtapes.io/i/985047.jpg
200 OK 30 kB URL GET HTTP/2 www.xtapes.io/i/985047.jpg
IP
Requested by https://xtapes.to/05415/evermore-episode-4-agatha-vega-sophie-reade-danny-d-xander-corvus/
Certificate IssuerLet's Encrypt
Subjectxtapes.io
FingerprintD3:6A:37:EE:8C:7A:5A:58:CB:F9:4B:E2:E9:51:53:52:CB:F8:EE:62
ValidityThu, 05 Oct 2023 11:36:02 GMT - Wed, 03 Jan 2024 11:36:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, baseline, precision 8, 600x412, components 3\012- data
Hash 471a4eb196dca8c7e51ddd59521c199c
d00901e7f6b8cee155b53edd3f7f2daa2211dcdc
3c8617b7098c7f3f69b0f35093bf36cbb8cb8ac3d3aab8ab5a634e1f44a50062
GET /i/985047.jpg HTTP/1.1
Host: www.xtapes.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtapes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:45:15 GMT
content-type: image/jpeg
last-modified: Tue, 28 Nov 2023 07:58:52 GMT
cache-control: public, max-age=290304000
expires: Tue, 12 Dec 2023 08:08:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5791
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZyd9sZtvyafnsSTAv2tmjW2Q4LWCXR0isAUd%2FaCuavDkNs8dY6kpknU%2FWTfcaXOoXEW7Ju6ni7ucvbOWIIcS1N%2Bz9xWdw%2BjtM%2BCym4JVNT%2BLL%2Ba4t67iXASNCDIVpBI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1ad511a5d0b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
188.114.96.1
104.16.124.175
45.133.44.10
213.152.174.104
135.181.208.216
18.185.201.157
0.0.0.0