vivud.com/
104.21.92.169301 Moved Permanently 0 B IP 104.21.92.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: vivud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 04:11:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 05 Dec 2022 05:11:19 GMT
Location: https://vivud.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPoaOhEd%2FGf1ZZa1jRSvdrsD%2BmTAtHWi4KoHkkUuEkEeeC%2FIwx8oYnUr%2BrJkgfGxzt0jhPX0eAuLe%2FXnhsH%2BiA0rTWiuJR02UPRWk5mIdVdUPm0zmUSPhPueh1Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7749efe7d86eb4f4-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3291
Expires: Mon, 05 Dec 2022 05:06:10 GMT
Date: Mon, 05 Dec 2022 04:11:19 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2350
Cache-Control: max-age=111548
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:19 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:10:27 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4389
Expires: Mon, 05 Dec 2022 05:24:28 GMT
Date: Mon, 05 Dec 2022 04:11:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 03:20:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3067
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bf4be25b422fdbd928082ca9f82836df
26b986ef378bc2384d365ba459bfa2092a9b3c29
cfc1b55f16122ccf546d358da83d3c1cefed24c5cd98c16d5d98de4faf525767
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5487
Cache-Control: max-age=122240
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:19 GMT
Etag: "638c9478-117"
Expires: Tue, 06 Dec 2022 14:08:39 GMT
Last-Modified: Sun, 04 Dec 2022 12:37:12 GMT
Server: ECS (amb/6B71)
X-Cache: HIT
Content-Length: 279
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hyNp7UXbnxSqnvmZ7gdagg9ceRCfngbu6PWL/1hFrDdjbmagpH2/pPYljYU77x8vKU44+8aZCOA=
x-amz-request-id: ZT90G68CWMKNDH00
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 03:47:49 GMT
age: 1411
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:11:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bf4be25b422fdbd928082ca9f82836df
26b986ef378bc2384d365ba459bfa2092a9b3c29
cfc1b55f16122ccf546d358da83d3c1cefed24c5cd98c16d5d98de4faf525767
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5488
Cache-Control: max-age=122240
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:20 GMT
Etag: "638c9478-117"
Expires: Tue, 06 Dec 2022 14:08:40 GMT
Last-Modified: Sun, 04 Dec 2022 12:37:12 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 04:11:19 GMT
cache-control: public,max-age=3600
age: 1
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash deee5ad0a1dd1375208c1f6ce84eb9d0
bc809d5110e1b48d78480578dbac7f74dc29e896
288f7fc9989a2ed8f0920943e21d6975c15ece127aaf9ac0b5749b43cf5c7bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "288F7FC9989A2ED8F0920943E21D6975C15ECE127AAF9AC0B5749B43CF5C7BD8"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13913
Expires: Mon, 05 Dec 2022 08:03:13 GMT
Date: Mon, 05 Dec 2022 04:11:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash deee5ad0a1dd1375208c1f6ce84eb9d0
bc809d5110e1b48d78480578dbac7f74dc29e896
288f7fc9989a2ed8f0920943e21d6975c15ece127aaf9ac0b5749b43cf5c7bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "288F7FC9989A2ED8F0920943E21D6975C15ECE127AAF9AC0B5749B43CF5C7BD8"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13913
Expires: Mon, 05 Dec 2022 08:03:13 GMT
Date: Mon, 05 Dec 2022 04:11:20 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2361
Cache-Control: max-age=106492
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:20 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:46:12 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
crisistuesdayartillery.com/36/7f/42/367f420de7c0141ff3c8b701a6a2b135.js
173.233.137.60200 OK 13 kB URL HTTP/1.1 crisistuesdayartillery.com/36/7f/42/367f420de7c0141ff3c8b701a6a2b135.js
IP 173.233.137.60:0
File type ASCII text, with very long lines (37188), with no line terminators
Hash 696743c7416f94c3bd9d81c2f0bf7fb4
9ec6479b1689835de2f9a040cc8e22c51a55bbda
f87debe048c2c830aff48c90b7526ca4df6df525766349276942ca56fb7de615
GET /36/7f/42/367f420de7c0141ff3c8b701a6a2b135.js HTTP/1.1
Host: crisistuesdayartillery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:11:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2a287416310749f07470e7f03015ab73
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
crisistuesdayartillery.com/b8/7f/75/b87f75bdc1aa1522b4120b0ac9406b1d.js
173.233.137.60200 OK 21 kB URL HTTP/1.1 crisistuesdayartillery.com/b8/7f/75/b87f75bdc1aa1522b4120b0ac9406b1d.js
IP 173.233.137.60:0
File type HTML document, ASCII text, with very long lines (60148), with no line terminators
Hash 4fa2288707bc82318801eede852c20a7
f2c987a9d4532bf84793bab3d9d9e79f0ed688d4
8fcfdaf86509ea8a1c5f1db823f24e9b6c2390c174af8e3da0f543aa337d9eb0
GET /b8/7f/75/b87f75bdc1aa1522b4120b0ac9406b1d.js HTTP/1.1
Host: crisistuesdayartillery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:11:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 272eb4e4f4991398a00d4b6562597572
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
push.services.mozilla.com/
44.238.3.246101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.3.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yTB+2P8gS1rPfVZV/3vEEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6BUrD1fz+uWtH/mb7MCdPhUl5Fk=
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4190c26f01184c51aed2d771ad1429ec
35e2db991eaca4dbe44e4158feb9eddbccba0a4c
4dfbbd61f47a45a39622f70938f29114fe41648e5f74c0aad269d4a0252de5e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4DFBBD61F47A45A39622F70938F29114FE41648E5F74C0AAD269D4A0252DE5E6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12753
Expires: Mon, 05 Dec 2022 07:43:54 GMT
Date: Mon, 05 Dec 2022 04:11:21 GMT
Connection: keep-alive
cdn.o333o.com/asg_embed.js
205.185.216.42200 OK 52 kB URL HTTP/1.1 cdn.o333o.com/asg_embed.js
IP 205.185.216.42:0
File type Unicode text, UTF-8 text, with very long lines (65467), with no line terminators
Hash 2cc3dbc2ed4b871bafca793ef56bc336
9b2b19b96ca2b9989b4976a8934070b1ef4efe78
03015f097efb01d8572b62f6b573fb115bcad04ad52c947f59014304d96da493
GET /asg_embed.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:11:21 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 51578
Content-Type: application/javascript
Last-Modified: Thu, 17 Nov 2022 11:24:59 GMT
Accept-Ranges: bytes
Server: nginx
ETag: "63761a0b-c97a"
Cache-Control: max-age=315360000, public
X-HW: 1670213481.dop013.sk1.t,1670213481.cds241.sk1.shn,1670213481.dop013.sk1.t,1670213481.cds255.sk1.c
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ceeb594915fea2dfbf170577fe92c2b
c094d24a077a622f592685c95ba0bd97c08f2bf3
6a50428563ef65d45257fa2a6cc1bfe7273d08dbc4fefdeb5761f204613a4f3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A50428563EF65D45257FA2A6CC1BFE7273D08DBC4FEFDEB5761F204613A4F3A"
Last-Modified: Mon, 05 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10849
Expires: Mon, 05 Dec 2022 07:12:10 GMT
Date: Mon, 05 Dec 2022 04:11:21 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121624
Date: Mon, 05 Dec 2022 04:11:21 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 13:58:25 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DOOC7yD-bYj4go_UmkjjI3SYOJgt0i2i0O1EYbf-Q4GX6MSwSHbIBw==
Age: 1637
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121628
Date: Mon, 05 Dec 2022 04:11:21 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 13:58:29 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GC1RLPQ5It3LTxruVuAqt_r5K-YtXlm8Lkt9Xg-grAYBUDo3zb2uXQ==
Age: 1641
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 6713d94cde9541290a273116d8b61cf1
3593d00802d77ddcb7abec3c30e76003d918e106
16efe14b7b24ff0ea8ce2bb2f9b6506e188e1899e56560c77dc08dd29e6a4233
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:21 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vivud.com
access-control-allow-credentials: true
set-cookie: uid_id2=9d85658b-e773-4b38-878c-1854db2f7e41:3:1; expires=Thu, 02 Dec 2032 04:11:21 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 9d5d3bc0b1d3a58c68046309ea7a5839
305e71857602f06e297d0d82a7ac8d72f6fbc7f5
41260233cefe3c793c641492513e399272570c3060f909e30e29a2c8654ee4b5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:21 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vivud.com
access-control-allow-credentials: true
set-cookie: uid_id2=721739ec-218f-4337-8aeb-2c5fb0492a81:2:1; expires=Thu, 02 Dec 2032 04:11:21 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4190c26f01184c51aed2d771ad1429ec
35e2db991eaca4dbe44e4158feb9eddbccba0a4c
4dfbbd61f47a45a39622f70938f29114fe41648e5f74c0aad269d4a0252de5e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4DFBBD61F47A45A39622F70938F29114FE41648E5F74C0AAD269D4A0252DE5E6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12753
Expires: Mon, 05 Dec 2022 07:43:54 GMT
Date: Mon, 05 Dec 2022 04:11:21 GMT
Connection: keep-alive
a.shukriya90.com/api/settings/309164
135.181.208.216404 Not Found 9 B URL HTTP/2 a.shukriya90.com/api/settings/309164
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 9e076f5885f5cc16a4b5aeb8de4adff5
475c848673a3f79fa778f01c2bd5a721d4c41707
e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31
GET /api/settings/309164 HTTP/1.1
Host: a.shukriya90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vivud.com/
Origin: https://vivud.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Dec 2022 04:11:21 GMT
content-type: text/plain; charset=utf-8
content-length: 9
access-control-allow-origin: *
X-Firefox-Spdy: h2
gratertiedbubble.com/pixel/purst?dl=0&th=0&sc=0&rs=1564&rd=1564&fd=981&bv=22.10.v.9&tmpl=70
173.233.137.52200 OK 0 B URL HTTP/1.1 gratertiedbubble.com/pixel/purst?dl=0&th=0&sc=0&rs=1564&rd=1564&fd=981&bv=22.10.v.9&tmpl=70
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=1564&rd=1564&fd=981&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: gratertiedbubble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:11:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ddd743262cc2727e40e84514b13c68a
a9e579263bdb29ebc08ed46d9af5d8308f0bf6ea
e927bd50b4fad2320c331c115457c053cf542096113a7668afe3590e1635d911
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E927BD50B4FAD2320C331C115457C053CF542096113A7668AFE3590E1635D911"
Last-Modified: Sun, 04 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7912
Expires: Mon, 05 Dec 2022 06:23:13 GMT
Date: Mon, 05 Dec 2022 04:11:21 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash e0a1002eb2d6c0d5cdf277db888a942c
c2d172f91c4dd67e8b69fc88252ddf26097d611a
f91b83a7d96d19945071f65e35673f3205683c0f4a9dfcbafb4d5a8f136652be
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:11:21 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Fri, 09 Dec 2022 02:32:01 GMT
ETag: "c2d172f91c4dd67e8b69fc88252ddf26097d611a"
Last-Modified: Mon, 05 Dec 2022 02:32:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2884
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7749eff4cc37b51d-OSL
www.googletagservices.com/tag/js/gpt.js
142.250.74.162200 OK 28 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (40252)
Hash 3131220ea3a8626d2e648c73fa44af93
452bbdecb14b53d33f5ed5c2b5bb5d775adb23e0
f7c686c7b13fc8fb4df9198ed597519cf487c74dfc661df07155dacd8e484579
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27500
date: Mon, 05 Dec 2022 04:11:21 GMT
expires: Mon, 05 Dec 2022 04:11:21 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1412 / 0 of 1000 / last-modified: 1670022376"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 630 B IP 216.58.211.3:0
Hash 62ed736e176e4e2d0391d91af1301e29
4548ae73a6193f80f7bc603ad7bd024b2785c0f1
69a0b579938876bc736e0986b6384131a4fa45bd6aaff29b3e3ed9500588e1ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/watch.js
77.88.21.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (553)
Hash 69d8fb977b5f11ff2f42caaf9acae0f5
c68a1a8a921d9ca906a20a838458b48d33f0a6b1
197becd55ad37f6cdbdd1b1fc334a34a795359b805639f8311d42ac0abeedf34
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57635
date: Mon, 05 Dec 2022 04:11:21 GMT
access-control-allow-origin: *
etag: "6388ac0c-e123"
expires: Mon, 05 Dec 2022 05:11:21 GMT
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ce48a4450bc9ac5b2d58787e83c002c7
a5d9e7f7227f496bcac66b6c4671cee438efa0dd
e3df452f4397b612584e550d519dc205d4826eb38a4232a5ea15cc7dd3108021
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3DF452F4397B612584E550D519DC205D4826EB38A4232A5EA15CC7DD3108021"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14367
Expires: Mon, 05 Dec 2022 08:10:48 GMT
Date: Mon, 05 Dec 2022 04:11:21 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
192.243.59.20200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 04:11:21 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 68440c07ed93ddaa7fb7e4f7b8d29082
Strict-Transport-Security: max-age=0; includeSubdomains
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vivud.com
142.250.74.130200 OK 35 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vivud.com
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0a7452eba02d2e9119ba13d21dbd6a56
f3dca0c484ab848eb1bf3644327b4a50e2e21f34
796422200f4b598128e8343b48d7e00e0539fedfd74c2d50b3eb69f8b50cb7d3
GET /pagead/ppub_config?ippd=vivud.com HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Mon, 05 Dec 2022 04:11:22 GMT
expires: Mon, 05 Dec 2022 04:11:22 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 35
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 04:26:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
142.250.74.130200 OK 133 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (65395)
Size 133 kB (133261 bytes)
Hash 28036597aca2cffc3078c528f5e12edf
0087fe2ab1d7580a251f579f55bb5cb9348239c9
d130cb132fa7ebc97308c096baa66db137c8e3c45eb4105f7bf47c8760f726b3
GET /gpt/pubads_impl_2022112901.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 133261
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 11:32:04 GMT
expires: Wed, 29 Nov 2023 11:32:04 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:37:49 GMT
content-type: text/javascript
age: 491958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/33879989/1?wmode=7&page-url=https%3A%2F%2Fvivud.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afp%3A930%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A443423874303%3Ahid%3A295708275%3Az%3A0%3Ai%3A20221205041119%3Aet%3A1670213479%3Ac%3A1%3Arn%3A70199107%3Arqn%3A1%3Au%3A1670213479673742101%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C87%2C10%2C1%2C381%2C0%2C%2C1126%2C9%2C%2C%2C%2C1623%3Aco%3A0%3Ans%3A1670213477015%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670213479%3At%3AFree%20Porn%2C%20Sex%20Videos%20-%20VIVUD.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
77.88.21.119200 OK 434 B URL HTTP/2 mc.yandex.ru/watch/33879989/1?wmode=7&page-url=https%3A%2F%2Fvivud.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afp%3A930%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A443423874303%3Ahid%3A295708275%3Az%3A0%3Ai%3A20221205041119%3Aet%3A1670213479%3Ac%3A1%3Arn%3A70199107%3Arqn%3A1%3Au%3A1670213479673742101%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C87%2C10%2C1%2C381%2C0%2C%2C1126%2C9%2C%2C%2C%2C1623%3Aco%3A0%3Ans%3A1670213477015%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670213479%3At%3AFree%20Porn%2C%20Sex%20Videos%20-%20VIVUD.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (434), with no line terminators
Hash ec841927ea0afd9e21fec3c93f9d046d
7fa2086d335d252a39b1e744d927dec2f2b1fa0d
aa772224f0f8576411bfa8b1fccd38a16dee9232ccff426998c575cbc858ef94
GET /watch/33879989/1?wmode=7&page-url=https%3A%2F%2Fvivud.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afp%3A930%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A443423874303%3Ahid%3A295708275%3Az%3A0%3Ai%3A20221205041119%3Aet%3A1670213479%3Ac%3A1%3Arn%3A70199107%3Arqn%3A1%3Au%3A1670213479673742101%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C87%2C10%2C1%2C381%2C0%2C%2C1126%2C9%2C%2C%2C%2C1623%3Aco%3A0%3Ans%3A1670213477015%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670213479%3At%3AFree%20Porn%2C%20Sex%20Videos%20-%20VIVUD.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Referer: https://vivud.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 434
date: Mon, 05 Dec 2022 04:11:22 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://vivud.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 05-Dec-2022 04:11:22 GMT
last-modified: Mon, 05-Dec-2022 04:11:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
whiskerssituationdisturb.com/sbar.json?key=367f420de7c0141ff3c8b701a6a2b135
192.243.61.225200 OK 2.7 kB URL HTTP/1.1 whiskerssituationdisturb.com/sbar.json?key=367f420de7c0141ff3c8b701a6a2b135
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (7060), with no line terminators
Hash a8d8acc48319c9fc12ce57887be62bcb
9603b883e6e95e91d3df914218280632de065c8f
246b581a1f99f186c12b560cd166dc0c5d3e210aa1a3a5e13368fba113d7310e
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=367f420de7c0141ff3c8b701a6a2b135 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:11:22 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://vivud.com
Access-Control-Allow-Origin: https://vivud.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15736095; expires=Tue, 06 Dec 2022 04:11:22 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 04:11:22 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 04:11:22 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 06 Dec 2022 04:11:22 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 06 Dec 2022 04:11:22 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 329ebc0da6283b9841438ab99c693484
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8564
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:11:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8564
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:11:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8564
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:11:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8564
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:11:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8564
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:11:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6079166a1ed5bac7373183f03f33b84e
b0c9391b87a4560598e43d5084dda41e267974a9
3e2faccbc3e14a10da4a433d789068cdc3fb2d3e2a04a7e2b7ea5f6f6313dcd4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13647
x-amzn-requestid: 36276b12-9e02-4d00-a100-9aa5c794fc79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ueEWUoAMFj7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1329-7abb45a85c6bc2235c25d61e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oXeR8DTpEoK8E-BiI7gT4JEIdVBfiimfydNYIC62_rNLlTdem9Buig==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 23136
etag: "b0c9391b87a4560598e43d5084dda41e267974a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GS4yLzXiIZt-eL9T7gjbf2-vMu8i30WKPDmc2EQDxv0CELjdW1gMVA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:46:51 GMT
age: 23071
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8d76ec668361348eb17d54001fd2e6c6
534299a20a76ea6e3250f0fb35fe772cac04ef51
22676fae3909acf18e6cd4f505ec718fdac156990edb20926afdae2a359a2859
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 682056d5-7815-4fd1-b05b-723619128d8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXF5eoAMFRvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-6df5d866267739212832ee66;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TUn27-HAzSq5FHhr2K7W377QRIQqOh9owE1xVL6BQetiK9U-jtwbsg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:45:47 GMT
age: 1535
etag: "534299a20a76ea6e3250f0fb35fe772cac04ef51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8e6f84dff61fedd8ff9baa9bb648883
f8d5cc7b315879b66a11b403463da1330617d2fa
025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ee7Rihwq-F-zcJWcnxZtfzfmhrn0w3mub_5F4j8u0r2Uc91oXrKPzA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 04:17:01 GMT
age: 86061
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 22101
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RwhNdxS-EBTraqzS_TnCNXj3JXgz5NkO8oLyQaHOhHdtnvBbg4vsRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:13 GMT
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
age: 5169
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 05 Dec 2022 04:11:22 GMT
access-control-allow-origin: *
etag: "6388ac0c-2b"
expires: Mon, 05 Dec 2022 05:11:22 GMT
accept-ranges: bytes
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 9d5d3bc0b1d3a58c68046309ea7a5839
305e71857602f06e297d0d82a7ac8d72f6fbc7f5
41260233cefe3c793c641492513e399272570c3060f909e30e29a2c8654ee4b5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Cookie: uid_id2=721739ec-218f-4337-8aeb-2c5fb0492a81:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vivud.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
gratertiedbubble.com/pixel/pure
173.233.137.52204 No Content 0 B URL HTTP/1.1 gratertiedbubble.com/pixel/pure
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /pixel/pure HTTP/1.1
Host: gratertiedbubble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://vivud.com/
Origin: https://vivud.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:11:22 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=vivud.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=vivud.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=vivud.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Dec 2022 04:11:22 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gratertiedbubble.com/pixel/pure
173.233.137.52204 No Content 0 B URL HTTP/1.1 gratertiedbubble.com/pixel/pure
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /pixel/pure HTTP/1.1
Host: gratertiedbubble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://vivud.com/
Origin: https://vivud.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:11:22 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
gratertiedbubble.com/pixel/pure
173.233.137.52200 OK 0 B URL HTTP/1.1 gratertiedbubble.com/pixel/pure
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pixel/pure HTTP/1.1
Host: gratertiedbubble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:11:22 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
whiskerssituationdisturb.com/ren.gif?sid=H4sIAAAAAAAC%2F6xST2hcRRifVysIXqz0olB8uFAUZPPe%2FskmKSWkTVrXpkmaRAp6KPNm5m2mO2%2FmMTNv3yanYEV6qaQiqL305UvSWFv65%2BDBgyi7epCAkhWVPZiT4EkIFnoQEdlNpHoQPPjBzPf7%2BM3w%2FX4z31uryQ7yIMHdmbNqiQuBB8p5z33hPJdUpcadmnd9L%2B8dc89zOVg65jZ7m26M%2BF45773onmakrgYKnu95vue7p7hmoWoO9Fng8e1hPz%2Fs5UuFvF8uQVP%2FszaJAwY7QBs76GngtPP4wlf3gZMWyOjeODN1q%2BKXJqJEYKs0NOjmq7IuVSohegRD7UAoN%2FdPgzIdhN4%2FAEpu7jsA1VjvOYCAd5Dzgw%2BB3NyXCUFjY09pIIBJCOiTkDZawEQLOG4BUZeA020EQChMTYOMbkwpneLFPRb32A46%2BPAB8LSDDv54GGR054TgTXdOicRyJQ00wwx4swW81oI4aYNdcoCnbSD2DeD0azTwcBJktD5thAJOs757zlvAwxYItgLYOJD0FncgCR1IYgci2nVxeTj0vEoYhMXiUIkQUiwSUh4apGVaLA2FHiSkJ28FbLwCRKwA0csQ62Wo86vbo5%2BBTj4Hs5CBoQ4Y20HOuWVo0AxShiA1CFKMIOUIUosgbWQbVJiCyW5QYZLA38%2BF%2FVzM1pStreINZWtMotV4Bx3qP83ukeegzrpucbASlgoeZRXi%2BSU%2FDItkKKh4Ph7EhcAvlsHwDLg50He7xDvowJ1NiPn2oVsQ4DYY0QbCnwKcHAGcrlUKHuCFtdKQB0vyboPVcD5WWtZUnqgIqMogtgfBLjqrYgc90xdS%2BOUPYGRr9Nefvwu%2FGXsARGcQ6wwu8i8Q1MTltVmVovVZlRp0fzq2POJLuPd%2FcxZbhj46wxZTpWl13KzcHCM9ogdvzzNjJ7GkXNYMunWCU8r0KaUJQ59WzXkWzCRm4USiZRJPzpw8VY1izYzhSrYA8%2B3ma0B4Bz3x8c3%2BZD47dgW4boNOuuML1sYjAwNEcFLPx0TU8xJHbK8eNQzb4%2BViebBYOYopp39hfnx6SZjmTM2emz93wYMo2Rr95INeXAOuWkDiNz%2FM5aonp6dyue7sv7SwC0kUSMzFf21zlEc1e5wTJW%2FmcvPV%2BcmJXK47sHv93Y15Tk3AappJw6xruQgSOuL6nue5U9Nn3FBpl7Kau3v92vLdXG58Yu7kbHVmvtqX9%2FxcfVHSPt%2FecMP2httgoq4iYwMlE7N7%2FZ17d3O5ybHZ0xMXqmfHTveavvx%2FWQITb6H9AKMQaPGoDmIH0iRb04Vga%2FRy4ffbby%2F8BIJ30Ig%2BDIJtjX75%2Bnvfv%2FLbNuAgA8P%2BdvERXjWXoaYdwPYSyCiDhs6gITLAYgVM8tiajfXW6LfFfkAgnLVAaGc9EFpc3Ztkw7suK4deyLwCC8LhIKxgjw6HpeEAD%2FusEpSxD9Z0yBV18U8AAAD%2F%2FwEAAP%2F%2F9SxxtOAFAAA%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 whiskerssituationdisturb.com/ren.gif?sid=H4sIAAAAAAAC%2F6xST2hcRRifVysIXqz0olB8uFAUZPPe%2FskmKSWkTVrXpkmaRAp6KPNm5m2mO2%2FmMTNv3yanYEV6qaQiqL305UvSWFv65%2BDBgyi7epCAkhWVPZiT4EkIFnoQEdlNpHoQPPjBzPf7%2BM3w%2FX4z31uryQ7yIMHdmbNqiQuBB8p5z33hPJdUpcadmnd9L%2B8dc89zOVg65jZ7m26M%2BF45773onmakrgYKnu95vue7p7hmoWoO9Fng8e1hPz%2Fs5UuFvF8uQVP%2FszaJAwY7QBs76GngtPP4wlf3gZMWyOjeODN1q%2BKXJqJEYKs0NOjmq7IuVSohegRD7UAoN%2FdPgzIdhN4%2FAEpu7jsA1VjvOYCAd5Dzgw%2BB3NyXCUFjY09pIIBJCOiTkDZawEQLOG4BUZeA020EQChMTYOMbkwpneLFPRb32A46%2BPAB8LSDDv54GGR054TgTXdOicRyJQ00wwx4swW81oI4aYNdcoCnbSD2DeD0azTwcBJktD5thAJOs757zlvAwxYItgLYOJD0FncgCR1IYgci2nVxeTj0vEoYhMXiUIkQUiwSUh4apGVaLA2FHiSkJ28FbLwCRKwA0csQ62Wo86vbo5%2BBTj4Hs5CBoQ4Y20HOuWVo0AxShiA1CFKMIOUIUosgbWQbVJiCyW5QYZLA38%2BF%2FVzM1pStreINZWtMotV4Bx3qP83ukeegzrpucbASlgoeZRXi%2BSU%2FDItkKKh4Ph7EhcAvlsHwDLg50He7xDvowJ1NiPn2oVsQ4DYY0QbCnwKcHAGcrlUKHuCFtdKQB0vyboPVcD5WWtZUnqgIqMogtgfBLjqrYgc90xdS%2BOUPYGRr9Nefvwu%2FGXsARGcQ6wwu8i8Q1MTltVmVovVZlRp0fzq2POJLuPd%2FcxZbhj46wxZTpWl13KzcHCM9ogdvzzNjJ7GkXNYMunWCU8r0KaUJQ59WzXkWzCRm4USiZRJPzpw8VY1izYzhSrYA8%2B3ma0B4Bz3x8c3%2BZD47dgW4boNOuuML1sYjAwNEcFLPx0TU8xJHbK8eNQzb4%2BViebBYOYopp39hfnx6SZjmTM2emz93wYMo2Rr95INeXAOuWkDiNz%2FM5aonp6dyue7sv7SwC0kUSMzFf21zlEc1e5wTJW%2FmcvPV%2BcmJXK47sHv93Y15Tk3AappJw6xruQgSOuL6nue5U9Nn3FBpl7Kau3v92vLdXG58Yu7kbHVmvtqX9%2FxcfVHSPt%2FecMP2httgoq4iYwMlE7N7%2FZ17d3O5ybHZ0xMXqmfHTveavvx%2FWQITb6H9AKMQaPGoDmIH0iRb04Vga%2FRy4ffbby%2F8BIJ30Ig%2BDIJtjX75%2Bnvfv%2FLbNuAgA8P%2BdvERXjWXoaYdwPYSyCiDhs6gITLAYgVM8tiajfXW6LfFfkAgnLVAaGc9EFpc3Ztkw7suK4deyLwCC8LhIKxgjw6HpeEAD%2FusEpSxD9Z0yBV18U8AAAD%2F%2FwEAAP%2F%2F9SxxtOAFAAA%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F6xST2hcRRifVysIXqz0olB8uFAUZPPe%2FskmKSWkTVrXpkmaRAp6KPNm5m2mO2%2FmMTNv3yanYEV6qaQiqL305UvSWFv65%2BDBgyi7epCAkhWVPZiT4EkIFnoQEdlNpHoQPPjBzPf7%2BM3w%2FX4z31uryQ7yIMHdmbNqiQuBB8p5z33hPJdUpcadmnd9L%2B8dc89zOVg65jZ7m26M%2BF45773onmakrgYKnu95vue7p7hmoWoO9Fng8e1hPz%2Fs5UuFvF8uQVP%2FszaJAwY7QBs76GngtPP4wlf3gZMWyOjeODN1q%2BKXJqJEYKs0NOjmq7IuVSohegRD7UAoN%2FdPgzIdhN4%2FAEpu7jsA1VjvOYCAd5Dzgw%2BB3NyXCUFjY09pIIBJCOiTkDZawEQLOG4BUZeA020EQChMTYOMbkwpneLFPRb32A46%2BPAB8LSDDv54GGR054TgTXdOicRyJQ00wwx4swW81oI4aYNdcoCnbSD2DeD0azTwcBJktD5thAJOs757zlvAwxYItgLYOJD0FncgCR1IYgci2nVxeTj0vEoYhMXiUIkQUiwSUh4apGVaLA2FHiSkJ28FbLwCRKwA0csQ62Wo86vbo5%2BBTj4Hs5CBoQ4Y20HOuWVo0AxShiA1CFKMIOUIUosgbWQbVJiCyW5QYZLA38%2BF%2FVzM1pStreINZWtMotV4Bx3qP83ukeegzrpucbASlgoeZRXi%2BSU%2FDItkKKh4Ph7EhcAvlsHwDLg50He7xDvowJ1NiPn2oVsQ4DYY0QbCnwKcHAGcrlUKHuCFtdKQB0vyboPVcD5WWtZUnqgIqMogtgfBLjqrYgc90xdS%2BOUPYGRr9Nefvwu%2FGXsARGcQ6wwu8i8Q1MTltVmVovVZlRp0fzq2POJLuPd%2FcxZbhj46wxZTpWl13KzcHCM9ogdvzzNjJ7GkXNYMunWCU8r0KaUJQ59WzXkWzCRm4USiZRJPzpw8VY1izYzhSrYA8%2B3ma0B4Bz3x8c3%2BZD47dgW4boNOuuML1sYjAwNEcFLPx0TU8xJHbK8eNQzb4%2BViebBYOYopp39hfnx6SZjmTM2emz93wYMo2Rr95INeXAOuWkDiNz%2FM5aonp6dyue7sv7SwC0kUSMzFf21zlEc1e5wTJW%2FmcvPV%2BcmJXK47sHv93Y15Tk3AappJw6xruQgSOuL6nue5U9Nn3FBpl7Kau3v92vLdXG58Yu7kbHVmvtqX9%2FxcfVHSPt%2FecMP2httgoq4iYwMlE7N7%2FZ17d3O5ybHZ0xMXqmfHTveavvx%2FWQITb6H9AKMQaPGoDmIH0iRb04Vga%2FRy4ffbby%2F8BIJ30Ig%2BDIJtjX75%2Bnvfv%2FLbNuAgA8P%2BdvERXjWXoaYdwPYSyCiDhs6gITLAYgVM8tiajfXW6LfFfkAgnLVAaGc9EFpc3Ztkw7suK4deyLwCC8LhIKxgjw6HpeEAD%2FusEpSxD9Z0yBV18U8AAAD%2F%2FwEAAP%2F%2F9SxxtOAFAAA%3D HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Cookie: u_pl=15736095; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:11:22 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1c016c5324ffe2a48cc509f426638a6a
Strict-Transport-Security: max-age=0; includeSubdomains
adservice.google.com/adsid/integrator.js?domain=vivud.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=vivud.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=vivud.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Dec 2022 04:11:22 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gratertiedbubble.com/pixel/pure
173.233.137.52200 OK 0 B URL HTTP/1.1 gratertiedbubble.com/pixel/pure
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pixel/pure HTTP/1.1
Host: gratertiedbubble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:11:22 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 06006986c4a348dd333e49e76202c262
594c59997bc85d6a7e9411d1314977cf73cf59e5
0e0ca581fe01e111ebba357be474626834fc3dd80c2dde716d1029fff2201ec6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=91510
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:22 GMT
Etag: "638c31e0-117"
Expires: Tue, 06 Dec 2022 05:36:32 GMT
Last-Modified: Sun, 04 Dec 2022 05:36:32 GMT
Server: nginx
Content-Length: 279
upsetmilitary.com/preview/83712/medium/1.jpg
172.67.152.192200 OK 21 kB URL HTTP/2 upsetmilitary.com/preview/83712/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash a4f14880246d081788999d22947a2ecb
4891a211aff3281dea08c0469f89190ed554c046
e7eb6510276be04849589ca3d739393bbac2377edbb1400d559461301e28cd88
GET /preview/83712/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 20720
last-modified: Wed, 20 Sep 2017 10:05:10 GMT
etag: "59c23d56-50f0"
expires: Wed, 15 Nov 2017 10:05:10 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOGwF1tK02Cn3e7wg396QAEHf26gj6KlGMAUjjhV7jCUN6Qwof2aXwPLMQQvzM1R7VjiJV9bFmGFya1q1d4Zg69Dt9dwsve8spYTTmzhJdK8zcRSf5xOTntNDLLn%2BCVEKlx0Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb7e31b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/39510/medium/1.jpg
172.67.152.192200 OK 23 kB URL HTTP/2 upsetmilitary.com/preview/39510/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 203x270, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash ad90b25eea149ed841089fc5d7253bdc
1708376005ebf9d0a1d5945884ab21d7b388d742
0d762ed80712b3ff6ca94cebb066d7f2be71423dacb863cc11f748ec3ff198a1
GET /preview/39510/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 22677
last-modified: Wed, 07 Jun 2017 03:26:34 GMT
etag: "5937726a-5895"
expires: Wed, 02 Aug 2017 03:26:34 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 225820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mnn07aZS9UqoOIED4G6Z9rBkSFsTKxh9WSICBKPM55oZkQLaEAFCDBff08BZlmHf%2FnnraqeTKMJ4dc3tYPz3XplfNetygO5UyboOM1qJySORO2yWE0hIARJcLttLqWsd8w8Xkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb7e32b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/19710/medium/1.jpg
172.67.152.192200 OK 25 kB URL HTTP/2 upsetmilitary.com/preview/19710/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 372x210, components 3\012- data
Hash 14682a9685df60e0ab16a8537ddd2a6d
84daf7ec2ea60ea898d59eae22c53ea990755dce
18ac4a6dddd8dccc4f51d2632e7ad48ccffe8ff124b23d2cd6178060bf59b526
GET /preview/19710/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 24599
last-modified: Tue, 06 Jun 2017 19:31:31 GMT
etag: "59370313-6017"
expires: Tue, 01 Aug 2017 19:31:31 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 225820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGqBU4A6g%2BVWuv4W9%2BOeLGGptnEq%2BfmfCccbjFilj4o0kjXa1fjFqc6SgjKuVt03wbeWCJk3aRYjYLXIItoPyXOs1092c%2BzzOcOwh6aY4xrTJRz7oOmCOJ4yn%2F8hJSbAjL%2FDIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb7e35b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/1077/medium/1.jpg
172.67.152.192200 OK 11 kB URL HTTP/2 upsetmilitary.com/preview/1077/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 372x210, components 3\012- data
Hash 5559b9a386493ede7ab41a31f3745ebf
8a0d60bffaa38ab5d1479d019fef47b4ed3c4726
e9be44551dbf34730a50f5e1560228f24dabdf4812e3b954893f5e2e0620a7b2
GET /preview/1077/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 10941
last-modified: Tue, 06 Jun 2017 09:21:19 GMT
etag: "5936740f-2abd"
expires: Tue, 01 Aug 2017 09:21:19 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1439970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zx1iyKjnnMUSHI5%2FhgN8YCpeeVG5OFchGiBmJfXcCclfhspRkk0vjG2nbbOLaLrqzeO7Lza4NiQdGv%2BmM3KBqkfI2rpHlOBHUFXvr1U7TRwRYuK0XCi4xRF7UTq4y5Qx%2FnQHNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb7e33b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/29742/medium/1.jpg
172.67.152.192200 OK 27 kB URL HTTP/2 upsetmilitary.com/preview/29742/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 372x210, components 3\012- data
Hash 78799b1ca80528c61f1ce161d16e8929
898dda0f559cf13e942ad3e93c94f3350e89be24
37f3b3d12f8553dcf48da77404e02e8f0a43577433655cf993fd3f75f6a7cd5c
GET /preview/29742/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 26580
last-modified: Tue, 06 Jun 2017 22:20:49 GMT
etag: "59372ac1-67d4"
expires: Tue, 01 Aug 2017 22:20:49 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlM0J4IbddG6NS0xjPFNRSp%2Fn3yMkT8QpqfDO%2FGMDmmbivSHB1q25mt2b%2Bb8hMdISwm9DLx%2B%2BIJc7xYpNVQeQk4hIIKHK9%2F9Mf%2FaAK0mCUSsqF2Doe7dcNsuF9hiVXm%2FfXdTdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb7e38b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/53996/medium/1.jpg
172.67.152.192200 OK 14 kB URL HTTP/2 upsetmilitary.com/preview/53996/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 406x405, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 231472c94a4a17be5e8495fabf06fd61
94a6165e640b7418ea58db159d64f1ad9ec27d5c
f43bc83a4603804c7f899d63775d60406220948d543997103ee15cd997c24684
GET /preview/53996/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 14357
last-modified: Wed, 07 Jun 2017 12:57:19 GMT
etag: "5937f82f-3815"
expires: Wed, 02 Aug 2017 12:57:19 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PY1yj8PRnHSRLSACT5o8hvknTDtgdsorEddgwlBGcEH82wZJWIBOL%2BYN%2F3F1BT3ixKeL4vyT7c4oF%2BparQ1kNdnzB4H%2BlrhUmONsleDt6jZVYEQIJhR3ZOKXtkv7TC5XLkJpYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb7e39b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/40972/medium/1.jpg
172.67.152.192200 OK 42 kB URL HTTP/2 upsetmilitary.com/preview/40972/medium/1.jpg
IP 172.67.152.192:0
Hash 8051d2ccbfa39b5bc912d4465f1dfeb7
8a686da27d92f38468d8e32227919abe4040827c
17933bc00789d8fb0649f0c01f2564dfd7be1996d15185d0b784f3061ff16cc8
GET /preview/40972/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 15264
last-modified: Wed, 07 Jun 2017 10:48:29 GMT
etag: "5937d9fd-3ba0"
expires: Wed, 02 Aug 2017 10:48:29 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwnW01UfrzU%2FYV1VlJlORPeRl2%2BALPXb1nbaJgokLw%2FwNP0lTrHXMC8dvwxLcB2kIIbrShsyTrqGOWPn7kMOdFJTy9HbfehI%2Ftqc8RV4TwyWeXJ1jjeELkG2sH52ha0hiM%2FVyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb7e37b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/29216/medium/1.jpg
172.67.152.192200 OK 25 kB URL HTTP/2 upsetmilitary.com/preview/29216/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 372x210, components 3\012- data
Hash e6b63c00a5a68f13567c7d5301674b01
b1b67aca674d09efe1f077eac33ebb704ce96315
c2e63afcd4b0c43ddb167dff259ca958fc58c387cd40ee5df595c3c03e55910c
GET /preview/29216/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 24933
last-modified: Tue, 06 Jun 2017 22:12:13 GMT
etag: "593728bd-6165"
expires: Tue, 01 Aug 2017 22:12:13 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRG5EuLMRcyJFXt5ITXVei2ziY0DTYs4YGpX4Grgc0KNMebE5PBjsfzMzJ3RN%2F2wkfdH%2FcyTa88b16rPKeJhxXBpp0ht5LTwpYDW6SNi6p28L7MpLkgmReWphxCe9EnGtr4vQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb7e3cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tracot.com/jSRCB4E5NA7oZtdxoUWUMWYX08kOuMeHe_tRMsqTIJgVNJ6JotxM9c_rUtJpetWRlYxszPV9hVDx2DRwHDWceY8VIQ?_=1670213477895
88.208.59.103200 OK 32 kB URL HTTP/2 tracot.com/jSRCB4E5NA7oZtdxoUWUMWYX08kOuMeHe_tRMsqTIJgVNJ6JotxM9c_rUtJpetWRlYxszPV9hVDx2DRwHDWceY8VIQ?_=1670213477895
IP 88.208.59.103:0
ASN #39572 DataWeb Global Group B.V.
Hash c24710f2e93fc2f3875ae97a3633138a
8db4bfb816bcee77f4cb4a5b03c5d5628e42d8f1
a003e38a73f788bec8e1c3c06c86d871de912b8ceea68b93820432cbb095215b
GET /jSRCB4E5NA7oZtdxoUWUMWYX08kOuMeHe_tRMsqTIJgVNJ6JotxM9c_rUtJpetWRlYxszPV9hVDx2DRwHDWceY8VIQ?_=1670213477895 HTTP/1.1
Host: tracot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
content-encoding: gzip
X-Firefox-Spdy: h2
upsetmilitary.com/preview/87193/medium/1.jpg
172.67.152.192200 OK 15 kB URL HTTP/2 upsetmilitary.com/preview/87193/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 5157cf43b90e5c439abc6ed9a1f8793d
39486e2e5a76835ee83b10a6e37cc155070bb6ae
6d18643241df435b7714bb4e0fe1ccb83835fa297f59e19ffa7c3c0143415556
GET /preview/87193/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 14792
last-modified: Wed, 20 Sep 2017 19:00:15 GMT
etag: "59c2babf-39c8"
expires: Wed, 15 Nov 2017 19:00:15 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1152547
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szTtj6HdPGfzITuORrHJayh9Sn4MoL%2Bbdk21lm63ZBujX408nVnvIUr562gyfANiHTOjNbLeUBuNyb8eZJPsIcjAu3xIJEKOzMXADTyIze1%2FOGlTZJ0gbCAqUyRFpqOOnzaAAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb7e3db511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/8861/medium/1.jpg
172.67.152.192200 OK 27 kB URL HTTP/2 upsetmilitary.com/preview/8861/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 372x210, components 3\012- data
Hash 4de9870bc19a08654bb4fab5af340ad0
8be9c9241193c634ae7368af392cc4ad809f3388
939bccd054becbff8705068e525fb47db2f3e6d6acc509683c358eefb19ef36d
GET /preview/8861/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 27329
last-modified: Tue, 06 Jun 2017 14:42:51 GMT
etag: "5936bf6b-6ac1"
expires: Tue, 01 Aug 2017 14:42:51 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1439970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24wQd6nYu8yyEXPdBcRqJU7T6MeyBRY%2BnRpjGeY7gS1Qyw9G7BPCWKQR5vmEvchIlUt9qPzPTj4E2ffh%2FmH2s33wMCKlU%2B3k6UOIAdJwy03DtR5kZS8x1R%2B1dRDupYKV0RW%2FdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb7e3eb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/63130/medium/1.jpg
172.67.152.192200 OK 12 kB URL HTTP/2 upsetmilitary.com/preview/63130/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 406x405, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash e426ee5c9ca58d1b782f1eee30257808
e1092718b27066752a486de1633f33f93ee11c3f
51c5d05fe6e57ff9001c8b5df9d4c220f6b239970700e27fe9694fad4c8cf61b
GET /preview/63130/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 12450
last-modified: Fri, 02 Jun 2017 14:03:33 GMT
etag: "59317035-30a2"
expires: Fri, 28 Jul 2017 14:03:33 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGWQHwhqw833zYlWsZrfYJRPIxQArCSj7lfXwxfmBEtCnvMyYr0EKlfKaAZ621O8sqG5QwiVDVpUP4SarePsY190REnGCJKImwnIbDbr4qvXnwFrdaGCnSSdFt1I0Dku8sHmqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb7e36b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/77052/medium/1.jpg
172.67.152.192200 OK 20 kB URL HTTP/2 upsetmilitary.com/preview/77052/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash da4a8b324b9b7d4a46026b320f47c102
4bc27240c6215e67a326a2fed0783057562ce473
451e97e302879a5d738f51cfa418167c2644c902e984677cd814ad58fd1e9a81
GET /preview/77052/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 19488
last-modified: Mon, 24 Jul 2017 21:04:16 GMT
etag: "597660d0-4c20"
expires: Mon, 18 Sep 2017 21:04:16 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1439970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLsacoee915ygTnrWzBYHOOtBLyiUIWXURLSAuKTL1m%2BSDge9MpDKAaxFmr1pK7mjNUzQiqzjUsW4ZjlYQoV5EJLDyuHi8eXNhhmYaOvZYoEqttkIAdJwcsRmbThqHXbYNQ%2BUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb7e3bb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/37071/medium/1.jpg
172.67.152.192200 OK 26 kB URL HTTP/2 upsetmilitary.com/preview/37071/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 372x210, components 3\012- data
Hash 7ff6d55cecfcb87d98e5c7de1ccc5463
4a58449ae12b20d831bc26ab64ed7bf56207f467
4eec589da7ba633d15dee2f9ba6973ee7817456febc34af70dd011fe4c6669b8
GET /preview/37071/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 25777
last-modified: Wed, 07 Jun 2017 01:20:08 GMT
etag: "593754c8-64b1"
expires: Wed, 02 Aug 2017 01:20:08 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 225820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8k8VDI5T9FpN4uBmOyzjgmDPbnzTzY%2B%2BFglvKJbWKkGmEVb5Mq3k3fXnecnpba7GyPp2oFZ1TPxjo9pIU1%2BHJhsBvad8rsUTW1vJMun6pKpukBazJI94wbWMKmzqyVcXZUecVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e47b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/36483/medium/1.jpg
172.67.152.192200 OK 26 kB URL HTTP/2 upsetmilitary.com/preview/36483/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 372x210, components 3\012- data
Hash d3b65df365270708c7616f2d19fcfae1
7d6b82a50385cc99b9e499f8a2c477ef1ffea84f
d5e2163b5e722be4e1ba84becefbc927bae2b2991ea25c7fbefb9554c0696d88
GET /preview/36483/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 25958
last-modified: Wed, 07 Jun 2017 00:50:45 GMT
etag: "59374de5-6566"
expires: Wed, 02 Aug 2017 00:50:45 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1439969
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oG4sIFtwazRRzpE4TRywyyGS5eOepHJ3KoBimBTQZoOX%2FS0cxzdiCmte7C2yq0Q8I6X9Elz3eE6%2BAoJ4Hs92HkqmJ0IPBk52X4wHGTFRxcuvO%2Bso9UU6xsb4IvAxJ8jFFWC9YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e49b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/36415/medium/1.jpg
172.67.152.192200 OK 31 kB URL HTTP/2 upsetmilitary.com/preview/36415/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 372x210, components 3\012- data
Hash a7683c2f9bb4f7a7eb0b6248ea15f66e
f241a8b53583cb692527f53479a5c9f62cc9b39e
4effdafafa63ac8eb0d690625a3df0670494e945ce4145a38be77a6f70dabf14
GET /preview/36415/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 30957
last-modified: Wed, 07 Jun 2017 00:47:28 GMT
etag: "59374d20-78ed"
expires: Wed, 02 Aug 2017 00:47:28 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrzF9wlYs5CWtSMP2Vwa%2BX4Nq%2FFR%2F4FZ%2BCpTmnfPcwmy%2FuR%2F152AKyk9qFBs1q4HeabISe2aToDnD9lkg0rhaNzV6ZneqVFxQsIwueqbQjJRz98%2BP3vZT4YPHTuc%2F8uiyyCwOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e4ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/49478/medium/1.jpg
172.67.152.192200 OK 15 kB URL HTTP/2 upsetmilitary.com/preview/49478/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash ef9cfbc0e3d8ab63330a67295ad76757
a36fc8aada7bf14c8c42b9138767ee14ca3b50a6
558e3594ef6c2717d951af2e8b52658c436e0a28a7f3238619468c372eda6e47
GET /preview/49478/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 14813
last-modified: Wed, 07 Jun 2017 11:03:28 GMT
etag: "5937dd80-39dd"
expires: Wed, 02 Aug 2017 11:03:28 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuuEG9NvVOlv82Sz3nFYGgiALHbZRTyZJnmx%2FcJTr%2BT9Cxd1asy9eS%2FZYe1QkN0Vv%2BxFCJcYHubSacgoDuxZFWJsdezkFfMIMlvoNH1xzQ6T2i84uZrXp%2B7w3RZSojhSUMZmeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e4db511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/34951/medium/1.jpg
172.67.152.192200 OK 26 kB URL HTTP/2 upsetmilitary.com/preview/34951/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 372x210, components 3\012- data
Hash 141f88f747a1e00e9c146865bdd65d36
3c5c475a0d7f56f25e5f4c843f174f6099340a6b
5280157b68843e86c061f0a993ab00c5b1e067fcfed3309a7fbef728ba5adb90
GET /preview/34951/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 26532
last-modified: Tue, 06 Jun 2017 23:47:14 GMT
etag: "59373f02-67a4"
expires: Tue, 01 Aug 2017 23:47:14 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 225820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTwjj3DDM6edLw2U1aCnz4c6tXrPPWtUXZKtFVrqFPBdaOOJmQBRKuzj22EXY%2BeHm5spyZ2xNjwZnlGHUuleYCii09vKNHfsR07ileQcNmdubA%2Ft8gSiBVCPytBFtmgV0RZF6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e4cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.upsetmilitary.com/preview/233109/medium/1.jpg
172.67.152.192200 OK 13 kB URL HTTP/2 3.upsetmilitary.com/preview/233109/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 79x80, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 16d70b2ed5a604d37d3bac3fb25894ab
1e482002b67ee4f194c3050c0d26b7eb0eaee57f
c6295bd9edab21fece466f75c9057597d16bb4a7a1786380b20c12ce93b54235
GET /preview/233109/medium/1.jpg HTTP/1.1
Host: 3.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 13209
last-modified: Wed, 16 May 2018 01:12:53 GMT
etag: "5afb8595-3399"
expires: Wed, 11 Jul 2018 01:12:53 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1439970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYx2WLIPWc3XL4v4AzEZLDCWP9MHuMpXLepPms6wrpOvB8j%2FRaEx6ILpVYG10JDk3iZTGWAUHDAEb9QlqOI%2BCc5%2Bv53pdYZeIEpkCHY3vNlH%2BV31HLzifnWN3um7NIH71ZkXJTVN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e5ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.upsetmilitary.com/preview/245325/medium/1.jpg
172.67.152.192200 OK 14 kB URL HTTP/2 3.upsetmilitary.com/preview/245325/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 962f91987a4605007acd0d9de9138dcc
cd4e86e4b0e8d70e2906ce6f511e021a97bf8fe2
155b958f4eb5ca78988a4e1ca80f9e47e0aba6225a6e9671339e4b4e9a6848c9
GET /preview/245325/medium/1.jpg HTTP/1.1
Host: 3.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 13542
last-modified: Sat, 02 Jun 2018 19:18:43 GMT
etag: "5b12ed93-34e6"
expires: Sat, 28 Jul 2018 19:18:43 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4pbSJ0uZeeLnJOvOJealErBXmW4sWGfb6KjzR%2FVaTSD51%2FD%2BKTKgYaANGY7NsVI4JpowsA%2BbwFSp14ljtr0jnXKI8NuZN%2FBAfv5p5FII%2F8EoKArrsNYOiAuzjRPNfZ76AlIBs6J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e57b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/36039/medium/1.jpg
172.67.152.192200 OK 26 kB URL HTTP/2 upsetmilitary.com/preview/36039/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 372x210, components 3\012- data
Hash d1611b23cd2cd3e534ed5ca60f8e6cca
fbb08533c96cf92282dd3bbc29f9444deacf6012
ab99e0bb07b88fab377dfe7bb68dfaa68984c2930741f461f61195ec832d3982
GET /preview/36039/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 25982
last-modified: Wed, 07 Jun 2017 00:29:29 GMT
etag: "593748e9-657e"
expires: Wed, 02 Aug 2017 00:29:29 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 225820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFZmZITfDfsYDMk7m%2FMTTYLSq%2F%2BNDOOARIk3KgTCwT6kPLDNUOKEmcGwh2Q7hSQqdRYU9D6VHtyZgtXJT8yKUAhRsbiBdGLv%2F5Lye00h64Zw6%2BAadOSCBCiujMx8RAJBnZjIfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e4bb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/2107/medium/1.jpg
172.67.152.192200 OK 18 kB URL HTTP/2 upsetmilitary.com/preview/2107/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 372x210, components 3\012- data
Hash 37cd50c3aa35b304ab2836b8e19a20cf
47d80b1dff3d4724a829f8d5ffc86aa65bb46c49
0cb841b6b2d5a4173a99a8930abeb8bae4dd11be290af08b1036975ec4a80912
GET /preview/2107/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 18402
last-modified: Tue, 06 Jun 2017 10:18:37 GMT
etag: "5936817d-47e2"
expires: Tue, 01 Aug 2017 10:18:37 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1152547
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUW12Zd60dSpV2MV9LxcwfmTzLlmBtKIKAfo%2F0%2FUxF6vGs4a4Wug0MojPN%2F7DCaMKPVVTStp1l0%2Bjj%2BDrsQ0M1MevoxaLtuy9dAH6a%2Bs9IdEXND9xe4yLYCrpRn6zvufYFw4YA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e4eb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.upsetmilitary.com/preview/231029/medium/1.jpg
172.67.152.192200 OK 16 kB URL HTTP/2 3.upsetmilitary.com/preview/231029/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 79x80, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash dc39104a98e548e49f3708aacb9dfd85
badfc0b24015f6013a414cf47fc61aa659799d1e
a2415873253232814f32a0204e516ca8cb26aef253f4c4b693a66e14e9de4fab
GET /preview/231029/medium/1.jpg HTTP/1.1
Host: 3.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 16164
last-modified: Sun, 13 May 2018 22:11:39 GMT
etag: "5af8b81b-3f24"
expires: Sun, 08 Jul 2018 22:11:39 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1OTLQNae4FcKqcvFnJWYWgrfPmN0fhsMdTRfFWlhnNkS3x96ONyC%2BHjRCX8gg86xeOtVg6hD9BtlxqBi0UFdh7r1XIyethB9cZ6SyujDW4lCIqEMjB5kpfwVl1H7ezOWYztN6UK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e50b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.upsetmilitary.com/preview/237680/medium/1.jpg
172.67.152.192200 OK 18 kB URL HTTP/2 3.upsetmilitary.com/preview/237680/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 5631adc3c5b457ac3c774eed9d8369e1
64454e534d586a6faf0eb373fd354f6e93edd51e
c647f1ec7af7c99c567d8fd99c32638047c826deaabbefe1e637b0be1a7cf137
GET /preview/237680/medium/1.jpg HTTP/1.1
Host: 3.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 17580
last-modified: Mon, 21 May 2018 16:08:21 GMT
etag: "5b02eef5-44ac"
expires: Mon, 16 Jul 2018 16:08:21 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1152791
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgsMevuiNCBhSMtRkp0T%2BnNpn4A88IGHFNX%2B%2F%2Byeew54WeCD5usy7JaJuMTwIPJCrYQ%2B4J3Gui8TEAb78UDDgSSCwudOY5QwhBVg1oruvG6llJ0rW2pAVS7lHZannmlT3hRQtjVb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e4fb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.upsetmilitary.com/preview/269554/medium/1.jpg
172.67.152.192200 OK 17 kB URL HTTP/2 3.upsetmilitary.com/preview/269554/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 10759x10755, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash e00b265fc3d74236303a8d1025f1ee5f
3403ae56f06e52bd685f6d96ab508d44060c27cd
e9faabd607387980ab0262eff6beca60c7ec8aa2a40455794d8cad2885534885
GET /preview/269554/medium/1.jpg HTTP/1.1
Host: 3.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 16898
last-modified: Sun, 24 Jun 2018 13:00:17 GMT
etag: "5b2f95e1-4202"
expires: Sun, 19 Aug 2018 13:00:17 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FratWcetTaFq9APhluI9bz874232ak7mvaT3l%2BrCRPBGlOyIdKuuV9TIWVp8eukJkokFXZTQOSU7rAkLJBrZ5bwjn82D3O6eXfLKewWpYFnNX7VxB72i8YgnORcN3qiKwi0yMks"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e58b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.upsetmilitary.com/preview/234000/medium/1.jpg
172.67.152.192200 OK 16 kB URL HTTP/2 3.upsetmilitary.com/preview/234000/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 79x80, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 8d1a82b50776a7027bba86f29c4d1102
d10e648586eaa22b85970781162a45e0e3d44aa7
383d33a784fae18e8a9f341b331b8f6c2b77e7123e3e84b1b362b857215af480
GET /preview/234000/medium/1.jpg HTTP/1.1
Host: 3.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 16477
last-modified: Wed, 16 May 2018 16:14:45 GMT
etag: "5afc58f5-405d"
expires: Wed, 11 Jul 2018 16:14:45 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 225820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8BSLMX%2Fyq3c6dBLob5GkxuevGUSwWheHKuuYCdQt4yviRkqglDmkCowFtgmRXXDrFJJGQ4rmFuDMuRnOGclg1%2BjzbLrZ%2B7hgmoMpBD8ZUWCgqP86hVzLX94mbyiAzMG6uv1Br%2Bj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e54b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/161132/medium/1.jpg
172.67.152.192200 OK 16 kB URL HTTP/2 2.upsetmilitary.com/preview/161132/medium/1.jpg
IP 172.67.152.192:0
Hash 6c6dc74a9c07ae939d50b70cce522aba
acd540e65260ac7d752110f3fdb69be7228fe0e8
2fb588dd493afc4a08ae243b00821bec72d71178fa3a0c385881e9935799f46c
GET /preview/161132/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 11209
last-modified: Tue, 23 Jan 2018 11:00:31 GMT
etag: "5a6715cf-2bc9"
expires: Tue, 20 Mar 2018 11:00:31 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZA253Fi8BOunbqdz7WQUz1y7p2WG5SW6hjw%2FnR7ipWq29rawtFTK3fWO04zvcRLfybw7bdcFJV4aayxxfjD1ghUY%2BQbCAmcSwACNyZ%2F1USCru1T1NoDNeqkqA6USTnsrJDPwFYpW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e5cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/206271/medium/1.jpg
172.67.152.192200 OK 12 kB URL HTTP/2 2.upsetmilitary.com/preview/206271/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 86d400c745d765a2533d18960d302474
c7dde5b7ae72b74b3f0dc63d71808f60397fb369
c5a7af0123b5a08f5a10f5ddf0b995ab577d20392a095dc8c8cfe1a99543eee1
GET /preview/206271/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 12512
last-modified: Mon, 02 Apr 2018 01:02:22 GMT
etag: "5ac1811e-30e0"
expires: Mon, 28 May 2018 01:02:22 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 225820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQEXCzsqto%2BjZOAXcWroH%2FnoLKWPKw2LZEDyk7U3HIS69IBGcKat%2Fg2h0z4UTgp2XqP4UpEDarwLXndygmaksU1PCKcMLH67dS4PR5qdKG8Nbkt0sp8eg9tiUjkeM30ohArzGi8B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e62b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.upsetmilitary.com/preview/247221/medium/1.jpg
172.67.152.192200 OK 16 kB URL HTTP/2 3.upsetmilitary.com/preview/247221/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 20c20cfd468d78a84d512c5f38d3609b
7cb71a6a3dfd0aee10cd4ccf864b24acc9a9836b
86888776da08ad17dbe0ab397f6a251a5aa84df1b58089388b79b071fd3a694c
GET /preview/247221/medium/1.jpg HTTP/1.1
Host: 3.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 16355
last-modified: Sun, 03 Jun 2018 19:15:46 GMT
etag: "5b143e62-3fe3"
expires: Sun, 29 Jul 2018 19:15:46 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8NFYg4RIjfHJpQURjMyyS%2F%2Fj%2BLgqf2ZWWhTJ6Dv44WVvXX0wV3UNZxC0IAwv4GWkBhIbtcNZFR4sHJbL0830fn9VU6pkosNCSC1a2%2FuA7NzJclrv5E8PjQM1rpndcPajtnO3S3I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e55b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/219628/medium/1.jpg
172.67.152.192200 OK 14 kB URL HTTP/2 2.upsetmilitary.com/preview/219628/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash d66ff04acfc83327a8b6ee476a16211f
3c1ff7a812359bc414a8d5f3f453f8c915cad3ae
58f8e49ab1c26eb83b1a8f3436569876ebf55543b6831ffdf7de0cf792b84df8
GET /preview/219628/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 14374
last-modified: Thu, 26 Apr 2018 10:10:46 GMT
etag: "5ae1a5a6-3826"
expires: Thu, 21 Jun 2018 10:10:46 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1152547
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBBKi9Jh3H9ZnjM4kD8oIzSYG0ZNwWLz12b3ffX9KgvFBpGRQjTKfSJK3NIlIYNKVh85p1OfkZMffLkOGDgMur%2FOBltOJh6AsvQtmNFW5qgmoKem2xsPeYZHHSv6aWaAJ%2BcEmaUP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e61b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.upsetmilitary.com/preview/255625/medium/1.jpg
172.67.152.192200 OK 15 kB URL HTTP/2 3.upsetmilitary.com/preview/255625/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 971baaf7c8848f27305108b045985650
d3bf2b379be726608d71f5b286b39f8a36d8076d
6936eea91c8d0903eb94e431465ea7e69012030a7894ed5ab033c384c56a84bc
GET /preview/255625/medium/1.jpg HTTP/1.1
Host: 3.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 14759
last-modified: Sat, 09 Jun 2018 10:18:38 GMT
etag: "5b1ba97e-39a7"
expires: Sat, 04 Aug 2018 10:18:38 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krR0TPpD6xdzlhusB%2ByD8mOfZZHVbmLPn9GJnV%2BLcHDStD4OhQOyTTGDSgPyIlfrrSZ%2FbTpQAdPzlt%2BvO3DUpWYKxFSMzIX02AgJxReuggKyMibC%2BxUuaAA4a3TW6CwdH1oq1i0y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e59b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/218005/medium/1.jpg
172.67.152.192200 OK 17 kB URL HTTP/2 2.upsetmilitary.com/preview/218005/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 79x80, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 78ac80d8a720f11dc9987046b0209a4a
ac1804710b95f373da0ceed07d0813cf565413a6
3e02d3769741a67675c7eb51fe8d0f784c9841f85cc4ad69c545ca64815ebfac
GET /preview/218005/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 17010
last-modified: Tue, 07 Apr 2020 16:05:29 GMT
etag: "5e8ca4c9-4272"
expires: Tue, 02 Jun 2020 16:05:29 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FnZVd6srneLlGFt4j6sFxgDl%2F2xg5Dtg%2B9UgG7eBuW9X1NocaVWAV9GiaA3Jdw4pBZAbxzolXotpBcLZm9uad%2BDvs8CvjssEjVadCo1U4A4PdHD2MtXiXI5KtC3Qlch2CULG1mJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e64b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.upsetmilitary.com/preview/257585/medium/1.jpg
172.67.152.192200 OK 17 kB URL HTTP/2 3.upsetmilitary.com/preview/257585/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash da292afaab65dd8da68e76eaec4267da
a7fa2ec30efc703fd3b5973f3904babb5f074ac3
bf7f6fec429e3edf6ca0bedac91e11a330f71b5b905bfef1de1c151f5c02bf18
GET /preview/257585/medium/1.jpg HTTP/1.1
Host: 3.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 16937
last-modified: Mon, 11 Jun 2018 13:00:17 GMT
etag: "5b1e7261-4229"
expires: Mon, 06 Aug 2018 13:00:17 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1152547
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fhn7ZdyGk75JasAfd0kwgCWi4YuEEbGXy97QkeR97iNmGlMWyJFYHUgt57PQl6AsmIoUcpt1y8PniR1scVsceaUn4hXKv9xtlMAtwXnGxkeZLMhEBp2Vr8kXm3QnwRvl2dcE1zxg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e53b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/118849/medium/1.jpg
172.67.152.192200 OK 15 kB URL HTTP/2 2.upsetmilitary.com/preview/118849/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 406x405, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 9716394a3e7694c7db252eec2d8f1783
ca11d37b3f4437b365c875f00da2133c4e961b29
3e5da72055d69df9aba4e0055ccadf44cb819351a3d31ddb5957a4c780a14777
GET /preview/118849/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 15322
last-modified: Sun, 19 Nov 2017 17:02:07 GMT
etag: "5a11b90f-3bda"
expires: Sun, 14 Jan 2018 17:02:07 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1152547
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OY%2BHRkKD1xemWP5t79LqyQqFE2KE0UK3XKQiuTgHjkyz0CBrCsBoCC76SsrIE8j0A2maC8GNBMxb%2BIkjui%2BCfgLe7vQn6tLrUN9XM7nBgMGuA9P920xGuHGxxWirx7CXwx2MqUnD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e65b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.upsetmilitary.com/preview/230663/medium/1.jpg
172.67.152.192200 OK 18 kB URL HTTP/2 3.upsetmilitary.com/preview/230663/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash aefb99c6b9419724ae5dc4d8063e1eed
f9d065cba9b91b96f404c553fb5fa609b4e9c044
1bdfe1caf352789d49dcc8dd12144b791b07d02939d7ebfafe3c86e8d5d08f6c
GET /preview/230663/medium/1.jpg HTTP/1.1
Host: 3.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 17873
last-modified: Sun, 13 May 2018 01:14:14 GMT
etag: "5af79166-45d1"
expires: Sun, 08 Jul 2018 01:14:14 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lFvz9mlIi%2Fm1sLczbT0ZDLI2XdYHfTlWZFLjoHEzUkz0yyyjnyZcWMa%2B7TFJpEpWiMtfk2nUi4CRT%2F7gRiSz5RXerzVbYUqR64cdscyKGv%2FvUvfHMk4Nw53%2FrqUvlqjYcVVbBFF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e56b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/224801/medium/1.jpg
172.67.152.192200 OK 11 kB URL HTTP/2 2.upsetmilitary.com/preview/224801/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 406x405, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 699e6c8eb62b07e661fba109f7082250
d5012a28e4e35335699df3c8be459a3b2bba3718
24460dea18ae178537f0800a03c83d48d2d85021edbad2661ff6b33140bb18c6
GET /preview/224801/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 10708
last-modified: Tue, 07 Apr 2020 15:54:21 GMT
etag: "5e8ca22d-29d4"
expires: Tue, 02 Jun 2020 15:54:21 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1439970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jm0RVdAz9bNDfnjcNJa3518LyCxI2PWTKCcKz%2B5Rk%2FZgGJG4Mq79yVGMeXpUVmoy18FroxTGZ5M2%2F%2FQd%2BylRCA1%2F9OSYWCALSysIblRhgwShDmM6UrSqGbZ2iMJB1DxtFL%2FnByrX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e5eb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/213862/medium/1.jpg
172.67.152.192200 OK 17 kB URL HTTP/2 2.upsetmilitary.com/preview/213862/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 79x80, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 534a62b3a3c2d7ea39b44076cb114790
8ce31d66b05d2b692b5ad60f01e0f291e5874149
a11990044e3cdf394da66485c246b597f750b553fe0091345b2390d5f850ab24
GET /preview/213862/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 16786
last-modified: Tue, 07 Apr 2020 16:04:32 GMT
etag: "5e8ca490-4192"
expires: Tue, 02 Jun 2020 16:04:32 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 448731
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNcRggp82BEGt2Y4yw54XB5N1pbr5v64fbGOCjDp3dBsZR2%2F1I5P9mS8AqNVZnANma4duJFdRpCMTTdiZwEnBpcILryFmTiWs5Q48Ihy2sSPzIczV%2BsQQUZgp1rr1O14lpi%2FuZSw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb9e68b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/214226/medium/1.jpg
172.67.152.192200 OK 11 kB URL HTTP/2 2.upsetmilitary.com/preview/214226/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 406x405, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 3e0cbcdc15bed6d46e20d0b48242c75d
ced1218a467c7f965fa94b801785bd535623a34a
4e99544b6cf0fe8613f3670141d8f363865a38a909c0257e91cc6a755be409b0
GET /preview/214226/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 11248
last-modified: Tue, 07 Apr 2020 16:04:27 GMT
etag: "5e8ca48b-2bf0"
expires: Tue, 02 Jun 2020 16:04:27 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObsPIwAz3Wk69XiOLVa4jpiXJleSPYbVO4%2BZYPuI2faL64GhgpP4v78e2TzP%2FCm3fO6C1%2FxTK6uoJ59afAlz4c%2FLCJS7wXtqZWsvN744UdUpNscoZTG4Hb9ZoUboQSTvb1Pa%2BYZ6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e67b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/193687/medium/1.jpg
172.67.152.192200 OK 16 kB URL HTTP/2 2.upsetmilitary.com/preview/193687/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 137634cb644ebf541123b7660ee64dd4
6a8324e8af03611218c4365ba94ae94de30ce889
7908e909dd9e02757c0325a7c615466c1ed5399b2a0c1d5efcfa01a1af8e1484
GET /preview/193687/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 16292
last-modified: Sat, 10 Mar 2018 14:01:16 GMT
etag: "5aa3e52c-3fa4"
expires: Sat, 05 May 2018 14:01:16 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1439970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yV%2BQUjJOTaOHMLTkq4kFW3oANZUcGhi1rridQWmlfhseNxD9e41PbRHVmc5CGj7LcEJWFkT81tlDejsKuSFV%2BRSmMPqvO5NBW%2BPujSAKnBZqoQAlStoqD1LKzwmiEFm4bd5GENCV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e60b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/212836/medium/1.jpg
172.67.152.192200 OK 12 kB URL HTTP/2 2.upsetmilitary.com/preview/212836/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 406x405, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 169f865a3204f740c2209b377ef21193
cd7c0ea19466b332dfbb2f05f1555df6fa817286
e5c1de60421a02a294646914baff79b8b00032eaf5efc706ec9d52d933f69bcc
GET /preview/212836/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 12370
last-modified: Tue, 07 Apr 2020 15:54:21 GMT
etag: "5e8ca22d-3052"
expires: Tue, 02 Jun 2020 15:54:21 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlLblV5yHcTcgX9WNpewv8gumuvUjkMvjECkLRY1I%2FGMD2jbBuzjfozt%2Bmb%2FoHhZ35eQIWoFXe9789O%2FnZT%2F8vVmGWm52xLpAYA9C%2BuKp1YmWZGGFQQDTiTkpGTSBdJx69dlmndE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e5db511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/156501/medium/1.jpg
172.67.152.192200 OK 16 kB URL HTTP/2 2.upsetmilitary.com/preview/156501/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 8602569c49a51127c647ccabf6930674
88f13f55dfc4b105cb2b2c138509a239265b0a6d
68819333202f54df07d74cb78d78973a06cd6d53336e1d1436f82f46bd82c770
GET /preview/156501/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 15918
last-modified: Sun, 21 Jan 2018 17:00:15 GMT
etag: "5a64c71f-3e2e"
expires: Sun, 18 Mar 2018 17:00:15 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1439970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaV51PC3lid35GGa%2Bcsg2J1K0cPmZR3d9NvIp0RvV1tMUee9VrTTyuHmETHtolibH0alGEYC3MYHhnGo6rBR9ohHA76WM9zzHBdjAk4Nj9AzXxPVXq404UNAMsIFuBZdYmxCdjfG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb9e6cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/146575/medium/1.jpg
172.67.152.192200 OK 11 kB URL HTTP/2 2.upsetmilitary.com/preview/146575/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 6293x6075, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash b9781b960a241364c3f1be1c8500360c
5fdd1d7ca0e40867a825be72461a67514dfc4485
fb8efd8b7e404e20db3792c4914a67e3a040d51f01a2937314c46a850dffbd77
GET /preview/146575/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 11370
last-modified: Tue, 16 Jan 2018 20:03:11 GMT
etag: "5a5e5a7f-2c6a"
expires: Tue, 13 Mar 2018 20:03:11 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 225820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ExnLMtYy%2B1BYRppJ0shbV%2BuyDnHY%2FEepIuqCmEUSmG4xMTbu1QpEclZRybIrDNEjFVmXcF1v5lmoQLpgw5qHdhxPhSoTqnu0zfqfZtHDRQVvCtyfNtzUptgF3Tn4svnlz9y8rsP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb9e6bb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/209965/medium/1.jpg
172.67.152.192200 OK 13 kB URL HTTP/2 2.upsetmilitary.com/preview/209965/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 406x405, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash dd9b01810b480734b1b4176ec75547fa
60282031a490f3c3fd5326048a40ee91f285e26a
34c95fd2d3534d3ad8ea0ae033c3eb7f57d299cdbe484fb2d9ae6331c42ef89f
GET /preview/209965/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 12638
last-modified: Fri, 06 Apr 2018 04:01:06 GMT
etag: "5ac6f102-315e"
expires: Fri, 01 Jun 2018 04:01:06 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHdMv9MuDaXAIdBu3OBVjCTkciBHp3z%2Fp%2BqZIqo77Lin7OAfh8DXePNiZVkefdhxraNq49FGbKNk%2BrcbGdFktL88fLhZmt7VyPlJ2hvcq%2F96lmAaFjOu7q%2BJCjSTzHixivF%2BAb2U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb9e69b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/213633/medium/1.jpg
172.67.152.192200 OK 14 kB URL HTTP/2 2.upsetmilitary.com/preview/213633/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 95a9c6b70800216c1420afb82a4abdec
7db6531abd3ff8c7f14c8ed07ecf74bbf3d661d8
6266b078fb0b73c4717b78e79b0bcd50e66b16c76a3760d4ab97eefa0718c073
GET /preview/213633/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 13458
last-modified: Tue, 07 Apr 2020 15:54:21 GMT
etag: "5e8ca22d-3492"
expires: Tue, 02 Jun 2020 15:54:21 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hgm7uIN9aDp4nIsUR1i%2F7Hrgm%2B3ZKPLKAP%2FG%2BVm%2BDcoSvk6UExfnBmV0ru1BX%2FFuNPl5wNpNpD%2FsRWEfR9yE%2BF8cuFs3Bx5Kz8yPxvC8kKaYHpQiEBqAr6OD%2BmsMclTX3qFMbq%2FX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e63b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.upsetmilitary.com/preview/225182/medium/1.jpg
172.67.152.192200 OK 25 kB URL HTTP/2 3.upsetmilitary.com/preview/225182/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 406x405, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 422b8d1482ed4e8a9e09f75ab1147315
f610976def86d8ac7d28fcb5eaa024fad77a4ae5
9383d698641219cf0e340d92ba93186964fdd04e55186f86f4e3639406c0d4f2
GET /preview/225182/medium/1.jpg HTTP/1.1
Host: 3.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 24555
last-modified: Mon, 07 May 2018 22:14:03 GMT
etag: "5af0cfab-5feb"
expires: Mon, 02 Jul 2018 22:14:03 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TyFID32Qfvw5036rszUzZmXNGLctnqI6BLMX415lE1P91XyvimiLUNlqVWcDeBuc7Ra698cf17OkdF4KIVORRr0NPZjhiSPxKEDucONJBCZyQbRXDkznugBjKkTJSksBx%2BVBXir"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e52b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/116319/medium/1.jpg
172.67.152.192200 OK 22 kB URL HTTP/2 2.upsetmilitary.com/preview/116319/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 79x80, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash dfb229ebe259cc8682f8c50994633d12
53d64c0cb775a9473e3109ba51e6f3afafa4d8e7
c459c0a425e9ae9cb1a8380b03b028b1b911a60ca44a443d5aa11cc4a7180d97
GET /preview/116319/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 22205
last-modified: Sat, 18 Nov 2017 20:00:11 GMT
etag: "5a10914b-56bd"
expires: Sat, 13 Jan 2018 20:00:11 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jo15Y74WWermSzsaLmFdBGi5tct1uuZemShztQ9cD4uVbuA8QRJl1LODfJfHnFEQkopG92b2WFu%2F%2BbtgPYi8GbSh1iv1LsE5UcLoGpzPghTiYhkTXhTOns8w0U%2BMRICkuChYEtlK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb9e6fb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/144512/medium/1.jpg
172.67.152.192200 OK 16 kB URL HTTP/2 2.upsetmilitary.com/preview/144512/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 1c19c9d730ca2c8723fcd4121e2fc4b4
bdfbac586e40290b5d61f2639f71e8fe1fc7722b
7947ff58cb317f988041004ce02d1adf3b9c8956a2a9689b87a612e4af682feb
GET /preview/144512/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 15760
last-modified: Sun, 14 Jan 2018 20:03:22 GMT
etag: "5a5bb78a-3d90"
expires: Sun, 11 Mar 2018 20:03:22 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1439970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKJignbHS5m0IhBH9j8DeC5g9qCAFU8UgwQfHWfxqto%2FsfgpgB8WEMNjyS6yWissjLSolnE90OPoY%2BgAB%2FI7%2BzcyK%2BKMTei6X655frT7vxuXLgZaldURkpkUljpdhLMlgsj11zTD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb9e6ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/213205/medium/1.jpg
172.67.152.192200 OK 13 kB URL HTTP/2 2.upsetmilitary.com/preview/213205/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 0ec1f8d3042d1482b1bca387cebbb25d
72a19a4b71a959725724b2ca602945dca78862ca
175a5f150f766e87d9da52cde0ba8b4950db2061060797e0eb582afefadf062d
GET /preview/213205/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 13198
last-modified: Thu, 26 Apr 2018 10:01:54 GMT
etag: "5ae1a392-338e"
expires: Thu, 21 Jun 2018 10:01:54 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 290850
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CW47r7%2B6vUxNUefUM0LtqfW0FKuus21BaGtS8rZQm4aIyqdL2lQ2WVsBfbRqHCRIUuSRyLRSUKhB5dnYcpgKxEh1xExZ1ltc0%2BOfNhySFidjIey8RrjigU6A%2FhWLTk68IQ7UI405"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb8e5fb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/201417/medium/1.jpg
172.67.152.192200 OK 23 kB URL HTTP/2 2.upsetmilitary.com/preview/201417/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash e975d376465a723eaf680b51dfae6346
5e353e9327d1195941e61ab37af2d49c914675c6
9a43c9cb461180baf834b1f9a0aa7d6860230e065c6bd25f9424fc5aaff7159b
GET /preview/201417/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 22689
last-modified: Sat, 24 Mar 2018 20:00:25 GMT
etag: "5ab6ae59-58a1"
expires: Sat, 19 May 2018 20:00:25 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 290850
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BBFnlo2uULoU2841rAJLU3O5BpUwO2Bcji79LXDs%2FVoo3WQZD80ePu%2FrCrT1iLOICjbpb%2BWaQaFNlIoYBl0iDHtSPhaFiVtz8hBNRF1oFBorjI%2BS%2F3pHwnmAiJCrq6HvaCN%2F%2F5b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb9e6eb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/206290/medium/1.jpg
172.67.152.192200 OK 13 kB URL HTTP/2 2.upsetmilitary.com/preview/206290/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 2d6770f0cc403c6bd501730a08b22462
3da0caa593ae9aeaee09a7b13e5766564f527cd6
32d1a64149442fab51daccd00ee42ac5122bb2cfa9c010773fd553adca9a2a69
GET /preview/206290/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 12565
last-modified: Mon, 02 Apr 2018 01:02:25 GMT
etag: "5ac18121-3115"
expires: Mon, 28 May 2018 01:02:25 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1439970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sklji8hzOvg6EZe%2BgtmU0hKHih1z%2Bm6smv8fsEN6mFzEPGQnGWP%2FqiGFGzl7FiXy4OweLCBc9sAazm6amHSl9f3W1rxMMbSI1EKP4C5dDWRF8vGf4ElwaAFG9sW1UtoI4vHKHwiw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb9e6db511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upsetmilitary.com/preview/39379/medium/1.jpg
172.67.152.192200 OK 24 kB URL HTTP/2 upsetmilitary.com/preview/39379/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 406x405, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 89bbaca6db3214075cbf4dda67138b10
8f9eeb55627201e79a5cac3b9c4b662945ada2d4
1107435dfe15d32772128090534fd470d3873f3bf993c226da4fab043d96b356
GET /preview/39379/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 24206
last-modified: Wed, 07 Jun 2017 03:17:20 GMT
etag: "59377040-5e8e"
expires: Wed, 02 Aug 2017 03:17:20 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1441866
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6h1agRTdjHmszYnndFGroSN%2Ff8PrIZDYDcGv7LTeXjCtx38PLtjdXkTglpo1Nkh4CUzZ9kX3GStts5luZlAvOtxJCaPqU%2BBEVx3INtxo47d9yUocg13cKeIF%2B0a9q8aCWi83jg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effb9e74b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 06006986c4a348dd333e49e76202c262
594c59997bc85d6a7e9411d1314977cf73cf59e5
0e0ca581fe01e111ebba357be474626834fc3dd80c2dde716d1029fff2201ec6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=91510
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:22 GMT
Etag: "638c31e0-117"
Expires: Tue, 06 Dec 2022 05:36:32 GMT
Last-Modified: Sun, 04 Dec 2022 05:36:32 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 06006986c4a348dd333e49e76202c262
594c59997bc85d6a7e9411d1314977cf73cf59e5
0e0ca581fe01e111ebba357be474626834fc3dd80c2dde716d1029fff2201ec6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2166
Cache-Control: max-age=93676
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:22 GMT
Etag: "638c31e0-117"
Expires: Tue, 06 Dec 2022 06:12:38 GMT
Last-Modified: Sun, 04 Dec 2022 05:36:32 GMT
Server: ECS (amb/6B8D)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
galleryn0.awemdia.com/74cfb35aec71f4e2a7bc4cbbdcc5df7213/929eb029b6d9e20662b144b7c17cf598.jpg?pstool=421_1&psid=vivudgsm
93.93.51.190200 OK 20 kB URL HTTP/2 galleryn0.awemdia.com/74cfb35aec71f4e2a7bc4cbbdcc5df7213/929eb029b6d9e20662b144b7c17cf598.jpg?pstool=421_1&psid=vivudgsm
IP 93.93.51.190:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 300x169, components 3\012- data
Hash 48da485967c86b0a29b56852730adee3
5c146aac1dad79b5c066cf4759e1a32fed48cbe8
1bef9aee46b85c80f47671fe8887d735e2941fd50cb216697dce938e78d49576
GET /74cfb35aec71f4e2a7bc4cbbdcc5df7213/929eb029b6d9e20662b144b7c17cf598.jpg?pstool=421_1&psid=vivudgsm HTTP/1.1
Host: galleryn0.awemdia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 20330
last-modified: Fri, 14 Oct 2022 15:17:21 GMT
etag: "48da485967c86b0a29b56852730adee3"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Mon, 19 Dec 2022 04:11:22 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
galleryn0.awemdia.com/74cfb35aec71f4e2a7bc4cbbdcc5df7217/42f9125c1711eed0a3df8d58379fc7c8.jpg?pstool=421_1&psid=vivudgsm
93.93.51.190200 OK 23 kB URL HTTP/2 galleryn0.awemdia.com/74cfb35aec71f4e2a7bc4cbbdcc5df7217/42f9125c1711eed0a3df8d58379fc7c8.jpg?pstool=421_1&psid=vivudgsm
IP 93.93.51.190:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 300x169, components 3\012- data
Hash 10b4c5c655445c3727f9670382468e63
8bd4744529d2ad4df706e9c6670dfed910a8deaf
a2575e37835addfb1d9d1fa9991a4789594d6d218977ef659599ab5994af19cb
GET /74cfb35aec71f4e2a7bc4cbbdcc5df7217/42f9125c1711eed0a3df8d58379fc7c8.jpg?pstool=421_1&psid=vivudgsm HTTP/1.1
Host: galleryn0.awemdia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 23153
last-modified: Wed, 17 Aug 2022 11:58:30 GMT
etag: "10b4c5c655445c3727f9670382468e63"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Mon, 19 Dec 2022 04:11:22 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 06006986c4a348dd333e49e76202c262
594c59997bc85d6a7e9411d1314977cf73cf59e5
0e0ca581fe01e111ebba357be474626834fc3dd80c2dde716d1029fff2201ec6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=91510
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:22 GMT
Etag: "638c31e0-117"
Expires: Tue, 06 Dec 2022 05:36:32 GMT
Last-Modified: Sun, 04 Dec 2022 05:36:32 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
3.upsetmilitary.com/preview/251438/medium/1.jpg
172.67.152.192200 OK 18 kB URL HTTP/2 3.upsetmilitary.com/preview/251438/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash f6a570c8558d337c945c89a17e677c0a
1f66a7062058f43bb895d1ccf7ae241b86a66615
1df4ed99dc305709a192a3fb7d237c82c39c31379ea8e880d999b97f79127507
GET /preview/251438/medium/1.jpg HTTP/1.1
Host: 3.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 17459
last-modified: Tue, 05 Jun 2018 10:15:00 GMT
etag: "5b1662a4-4433"
expires: Tue, 31 Jul 2018 10:15:00 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1571590
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CT5g13pnF7U%2BltYQJOLVJ7C1gf5%2FIwacn7MyIFi%2BUx6Xmog3mNFs2LJ0xrjfiK30UEdVx9dfQHr9XfUI2bFKPj2i5OLwWJWqg1GGFTsXWE%2BP5HxnPgHKxHQlBc9SvmbMAQuTXfo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effc7ed5b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
galleryn0.awemdia.com/74cfb35aec71f4e2a7bc4cbbdcc5df7213/33474135e0dc68a73360af0265e38f12.jpg?pstool=421_1&psid=vivudgsm
93.93.51.190200 OK 17 kB URL HTTP/2 galleryn0.awemdia.com/74cfb35aec71f4e2a7bc4cbbdcc5df7213/33474135e0dc68a73360af0265e38f12.jpg?pstool=421_1&psid=vivudgsm
IP 93.93.51.190:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 300x169, components 3\012- data
Hash 7a0290d34ce3e482949a142f0d4af7fb
5e73877d71f1db46df286cdcba27848f8de9b10d
ad213a450c640a5bcccd1bb3e17ed25ae8ddcc24118066376b37bf17ffc688cd
GET /74cfb35aec71f4e2a7bc4cbbdcc5df7213/33474135e0dc68a73360af0265e38f12.jpg?pstool=421_1&psid=vivudgsm HTTP/1.1
Host: galleryn0.awemdia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 17388
last-modified: Mon, 16 May 2022 07:30:18 GMT
etag: "7a0290d34ce3e482949a142f0d4af7fb"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Mon, 19 Dec 2022 04:11:22 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/199151/medium/1.jpg
172.67.152.192200 OK 19 kB URL HTTP/2 2.upsetmilitary.com/preview/199151/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 0551ae9538d932eb59a72b669a6d4759
130c96336ca846c36388517813b698657e9e92e3
15f8afba71a1cf10d148de1cc4f7d28e5e78a2e244242330d7809873ca4ce0ca
GET /preview/199151/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 18846
last-modified: Wed, 21 Mar 2018 02:01:11 GMT
etag: "5ab1bce7-499e"
expires: Wed, 16 May 2018 02:01:11 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1152791
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3B0JHoc1rCdYb52BSkWJJ9ppqpn%2FKABs7q7i%2Fki4evO3vg7BwDvYgIDIQpcbSzmBHf1uQ4V71pxSS1s4ayfVH%2Bji0NJ%2Fav6ISq3yzG47BdiQtR9hOGkZu2GCL1afMMSrfvGhuDxR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effc7ed6b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.upsetmilitary.com/preview/245537/medium/1.jpg
172.67.152.192200 OK 16 kB URL HTTP/2 3.upsetmilitary.com/preview/245537/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 671a09efcfe510e62e92fec55ba20b94
75ffb96deee965779b878501fae905e9ec1587ce
0ffe8679ee5c06bf4e6039a81cd7abab31a01b6bb10385bbe912d2a70895ebea
GET /preview/245537/medium/1.jpg HTTP/1.1
Host: 3.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 16410
last-modified: Sat, 02 Jun 2018 19:13:59 GMT
etag: "5b12ec77-401a"
expires: Sat, 28 Jul 2018 19:13:59 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1439970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9VACYx4GYcUm9OFsflDSvAxfD4BBde8q0Epa%2FW7NUsEOOEWptR4b7%2B2xvGtiZYo9UmFZueJQcaQmujSfallJpO6T8cVB1JYi%2F4ZKZ6N9XVesoFrvuw5h2bSnJjvTx0iQhIEo%2BVs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effc7ed7b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
galleryn0.awemdia.com/74cfb35aec71f4e2a7bc4cbbdcc5df721e/9f70581e2c424b07ab734c4640e2dd9b.jpg?pstool=421_1&psid=vivudgsm
93.93.51.190200 OK 26 kB URL HTTP/2 galleryn0.awemdia.com/74cfb35aec71f4e2a7bc4cbbdcc5df721e/9f70581e2c424b07ab734c4640e2dd9b.jpg?pstool=421_1&psid=vivudgsm
IP 93.93.51.190:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 300x169, components 3\012- data
Hash 59a90d6dd13a51a2188240dc23985e35
4da98c065a69ee8496202fc5511560106b526ab6
fc5ed21c4cefcaf0e4b616779314982230427b765ee1ed6bc124c05416ddea21
GET /74cfb35aec71f4e2a7bc4cbbdcc5df721e/9f70581e2c424b07ab734c4640e2dd9b.jpg?pstool=421_1&psid=vivudgsm HTTP/1.1
Host: galleryn0.awemdia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 26330
last-modified: Wed, 20 Apr 2022 16:08:27 GMT
etag: "59a90d6dd13a51a2188240dc23985e35"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Mon, 19 Dec 2022 04:11:22 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
upsetmilitary.com/preview/29026/medium/1.jpg
172.67.152.192200 OK 26 kB URL HTTP/2 upsetmilitary.com/preview/29026/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 372x210, components 3\012- data
Hash 32d2006538e93f9aa10684488b26cedb
57e786f6b7aedd1e4cb534b545eddf72a216082c
afe5a8ad288033d9a80d4aa973e41f5d229f3012616498b3bb04240df7b10af3
GET /preview/29026/medium/1.jpg HTTP/1.1
Host: upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 25555
last-modified: Tue, 06 Jun 2017 22:08:57 GMT
etag: "593727f9-63d3"
expires: Tue, 01 Aug 2017 22:08:57 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hhLimyGukv6Hh3nHVn6jOD36Bzh0coel77CtUW%2BwZ2DdCxE8i9tDIyIYBvjHKqsGaC43ebQ64BhGZAt6x420%2FODsEIIAYg9AnBu83gy2a7USXpppQx6g3ESCqw%2BxInjt9on7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effc7ed3b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/151104/medium/1.jpg
172.67.152.192200 OK 15 kB URL HTTP/2 2.upsetmilitary.com/preview/151104/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 28688x28595, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash f8e974538850b427eef0760944c62203
941a6569018f0dd6e53292de51e40dce415e60dd
172466e21330180be10299057b4825dc11730e7221ea12673cd3f9cbf184bb39
GET /preview/151104/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: image/jpeg
content-length: 14925
last-modified: Fri, 19 Jan 2018 17:03:10 GMT
etag: "5a6224ce-3a4d"
expires: Fri, 16 Mar 2018 17:03:10 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 989291
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbaAHIvhP6dj4kZIGFNYUVeBPvSggZQtqAjchHB%2B8bRKk8e%2B8aj0yWP8Gk4anwr0R%2BKHdVrAHmsmJMviQ5Nd8SmfBqaIJHGd19N4kI6ehVH6PkMJoO67bQ%2BW3w6uW8clw10D4d8g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effc7ed4b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.shukriya90.com/api/spots/309164?host=vivud.com&ev=197&wh=939&ww=1280&uuid=&s1=%25subid1%25
135.181.208.216200 OK 28 kB URL HTTP/2 a.shukriya90.com/api/spots/309164?host=vivud.com&ev=197&wh=939&ww=1280&uuid=&s1=%25subid1%25
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 2e98ed32d3e5e853d843ef01978602ca
703972658e624679a6fc6be27aadf70427892d9f
7060f0c916ed642a9d91edfd806564ac7195d81bcb97d5f32abb3ad18235d6ab
GET /api/spots/309164?host=vivud.com&ev=197&wh=939&ww=1280&uuid=&s1=%25subid1%25 HTTP/1.1
Host: a.shukriya90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=FUEWKeVYbnnRLN3bmbUf; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/221636/medium/1.jpg
172.67.152.192200 OK 15 kB URL HTTP/2 2.upsetmilitary.com/preview/221636/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 6e1719f9e851bf6e640c16f908b2eecb
39e4cde17bd53f78e203ca33c1edaeacc5f761cd
7eb755bdedd48804c44acd6277d0143eab4241ac72e928af738fbf03c6bc986b
GET /preview/221636/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: image/jpeg
content-length: 14568
last-modified: Thu, 26 Apr 2018 10:15:44 GMT
etag: "5ae1a6d0-38e8"
expires: Thu, 21 Jun 2018 10:15:44 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1439971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2t1gOdcQH937iDjkjeBHFv8G7HdTHCwKDk%2F%2BHbKThz2l6Z6AvDIWoMaNMwx1Ar5s3azlQBnmgbFo%2FXRyxw%2Be3J5IxqexkbjqAQx%2FZS%2BxSo0m0LpN4wtZMxs8G%2FvECiRWHWC8bHS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effccef3b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 06006986c4a348dd333e49e76202c262
594c59997bc85d6a7e9411d1314977cf73cf59e5
0e0ca581fe01e111ebba357be474626834fc3dd80c2dde716d1029fff2201ec6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=91510
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Etag: "638c31e0-117"
Expires: Tue, 06 Dec 2022 05:36:33 GMT
Last-Modified: Sun, 04 Dec 2022 05:36:32 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 06006986c4a348dd333e49e76202c262
594c59997bc85d6a7e9411d1314977cf73cf59e5
0e0ca581fe01e111ebba357be474626834fc3dd80c2dde716d1029fff2201ec6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2167
Cache-Control: max-age=93676
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Etag: "638c31e0-117"
Expires: Tue, 06 Dec 2022 06:12:39 GMT
Last-Modified: Sun, 04 Dec 2022 05:36:32 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 91cf1caf5d662df9de8d658cac5b6513
5fc2a66b8681bb1e2ae29aa106a4f101ad31d4ca
5f51b547c0c938514c9ff19953f33c5d88091906b603564f632431d375bfd20e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F51B547C0C938514C9FF19953F33C5D88091906B603564F632431D375BFD20E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8309
Expires: Mon, 05 Dec 2022 06:29:52 GMT
Date: Mon, 05 Dec 2022 04:11:23 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.upsetmilitary.com/preview/216465/medium/1.jpg
172.67.152.192200 OK 15 kB URL HTTP/2 2.upsetmilitary.com/preview/216465/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 79x80, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash c1422d93dc634dd2ce7a7ffe70c88d76
2203a619a6b1d51f17fae813e7b1e3f8f1aa7594
c712e02ab8da40885d55034d0989500817ff23d996da7f07de1750154db20ed7
GET /preview/216465/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: image/jpeg
content-length: 14561
last-modified: Tue, 07 Apr 2020 15:54:27 GMT
etag: "5e8ca233-38e1"
expires: Tue, 02 Jun 2020 15:54:27 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1151453
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCjJy%2BoRb6KQsmHR3AZFx66TknvFJN0TFNPFq9Gon3%2F85stv1AwY4vBxeRrm0440zUU%2FzXRfAgvA%2Bs56gOLHfN3OIRi2xF5q2Z89WYAcvGcOF7cTs%2F6jcWjZ7oXIaXhpP3Zn3LJY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effcdefdb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
galleryn1.awemdia.com/74cfb35aec71f4e2a7bc4cbbdcc5df721a/8718ec58c1cb7184f86a3be1591c260a.jpg?pstool=421_1&psid=vivudgsm
93.93.51.190200 OK 10 kB URL HTTP/2 galleryn1.awemdia.com/74cfb35aec71f4e2a7bc4cbbdcc5df721a/8718ec58c1cb7184f86a3be1591c260a.jpg?pstool=421_1&psid=vivudgsm
IP 93.93.51.190:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x169, components 3\012- data
Hash d8eb0e5dc4bdec1b6a8d566cb4617023
5230e0f7c23885e2f1bcfd2b7a907078a0567936
f62ab07d461f8fc4627d013588f52741bb3d34019c005cd721bbee2632a29a6e
GET /74cfb35aec71f4e2a7bc4cbbdcc5df721a/8718ec58c1cb7184f86a3be1591c260a.jpg?pstool=421_1&psid=vivudgsm HTTP/1.1
Host: galleryn1.awemdia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: image/jpeg
content-length: 10062
last-modified: Wed, 06 Mar 2019 09:08:04 GMT
etag: "d8eb0e5dc4bdec1b6a8d566cb4617023"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1551861709/atime:1551861709/md5:d8eb0e5dc4bdec1b6a8d566cb4617023/ctime:1551861709
access-control-allow-origin: *
x-content-type-options: nosniff
cache-control: max-age=1209600
x-cache-source: Origin
x-cache-status: R-HIT
expires: Mon, 19 Dec 2022 04:11:23 GMT
server: unknown
x-cdn-node: sesto
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
2.upsetmilitary.com/preview/222533/medium/1.jpg
172.67.152.192200 OK 16 kB URL HTTP/2 2.upsetmilitary.com/preview/222533/medium/1.jpg
IP 172.67.152.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 80x81, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 372x210, components 3\012- data
Hash 4dec5ab8d242ff8010b7f5125df0975b
295581ba3c948a405ee5168b19e2082dd6076fee
9bfb89a45f714dfc9b3b8baa5b218deeefb6990bfecfb505cbf4217c72a096bb
GET /preview/222533/medium/1.jpg HTTP/1.1
Host: 2.upsetmilitary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: image/jpeg
content-length: 16349
last-modified: Tue, 07 Apr 2020 16:06:36 GMT
etag: "5e8ca50c-3fdd"
expires: Tue, 02 Jun 2020 16:06:36 GMT
cache-control: public, max-age=172800, must-revalidate
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 1124960
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qa%2F%2B23MyB4gxar8Kzb7K31hx2NC50pRZK50youzQQElsAw%2BSxm0RWgOlmTuOmfbJpJ9Cp3Kedm6rbXx7cO7A0UA%2FXNQ8FiH38y2cVtRS7RtxjpUVxs6ag0rX10UrtxYqX0xoZimn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effcdefeb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 06006986c4a348dd333e49e76202c262
594c59997bc85d6a7e9411d1314977cf73cf59e5
0e0ca581fe01e111ebba357be474626834fc3dd80c2dde716d1029fff2201ec6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=91510
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Etag: "638c31e0-117"
Expires: Tue, 06 Dec 2022 05:36:33 GMT
Last-Modified: Sun, 04 Dec 2022 05:36:32 GMT
Server: ECS (amb/6B71)
X-Cache: HIT
Content-Length: 279
2886a11abf147af2a877bb145edefaf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
172.217.21.161200 OK 2.7 kB URL HTTP/2 2886a11abf147af2a877bb145edefaf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 2886a11abf147af2a877bb145edefaf2.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Mon, 05 Dec 2022 04:11:23 GMT
expires: Tue, 05 Dec 2023 04:11:23 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.realsrv.com/splash.php?idzone=4223584&sub=%25subid1%25&tags=
95.211.229.248200 OK 751 B URL HTTP/1.1 syndication.realsrv.com/splash.php?idzone=4223584&sub=%25subid1%25&tags=
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (960), with no line terminators
Hash fea70a77788a292aff708015e12e2033
756c118e69005ee63858f2eb9d9a2fad6f350025
05a3ad788c2846a10cdab86e4d34c1bce845e5724e975f328ee7a538159ddde5
GET /splash.php?idzone=4223584&sub=%25subid1%25&tags= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.shukriya90.com
Connection: keep-alive
Referer: https://a.shukriya90.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 04:11:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.shukriya90.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22638d6f6b20fb78.36183885367629016%22%3B%7D; expires=Wed, 04 Dec 2024 04:11:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 33002e87ed87cec83ec76bdfe55cb33a
a2dafcefab949833412ab20508096c9974b9e359
f73d30247eb325d9dc9531381224e8942b39b56c264ade1618855f1fad9eda2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5646
Cache-Control: max-age=120223
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Etag: "638c8bfc-1d7"
Expires: Tue, 06 Dec 2022 13:35:06 GMT
Last-Modified: Sun, 04 Dec 2022 12:01:00 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 05 Dec 2022 02:41:08 GMT
expires: Mon, 05 Dec 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 5415
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022112901&st=env
216.58.207.194200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022112901&st=env
IP 216.58.207.194:0
File type JSON data\012- , ASCII text, with very long lines (14649), with no line terminators
Hash 2d8d53a3a55285f0d9bff6c9217c8590
f65473d32defbd80ea50a55442668b21b78cfca2
88a1c0ecc7bec03306fc0bd89d722ccdc92a28f44ec1552ff1106133db51a9b3
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022112901&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Mon, 05 Dec 2022 04:11:23 GMT
server: cafe
content-length: 11059
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tracot.com/jixHDow3NAziZtdxoUWUMX8L1ckOuMeHe_tRMsiTXMNBY8OZ5YcFoJWRFIwgZpDOxNU8IfByheHtQvSzG4K6ZR6Wm6zDuNOwYFZSoqxdsjeiKlE7ESOF?_=1670213477894
88.208.59.103200 OK 28 kB URL HTTP/2 tracot.com/jixHDow3NAziZtdxoUWUMX8L1ckOuMeHe_tRMsiTXMNBY8OZ5YcFoJWRFIwgZpDOxNU8IfByheHtQvSzG4K6ZR6Wm6zDuNOwYFZSoqxdsjeiKlE7ESOF?_=1670213477894
IP 88.208.59.103:0
ASN #39572 DataWeb Global Group B.V.
Hash 60f4b20f30ff4c6334ccf938e52721f5
bdc0f5c2144e438030cd827ea225176d38c299d7
9aa839c636ac195bb4ed6b37ed4d6e2e18a24c095209d83b52196109ec59a509
GET /jixHDow3NAziZtdxoUWUMX8L1ckOuMeHe_tRMsiTXMNBY8OZ5YcFoJWRFIwgZpDOxNU8IfByheHtQvSzG4K6ZR6Wm6zDuNOwYFZSoqxdsjeiKlE7ESOF?_=1670213477894 HTTP/1.1
Host: tracot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8017f571df5727fe6f3e8c58e931076b
e09e55a3c306f2cb715e4ce1e2f0738ddf202c93
6478758dd37e708534996b23f8189e79637690d22edff70d5183a19ec66854db
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6478758DD37E708534996B23F8189E79637690D22EDFF70D5183A19EC66854DB"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5689
Expires: Mon, 05 Dec 2022 05:46:12 GMT
Date: Mon, 05 Dec 2022 04:11:23 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
whiskerssituationdisturb.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Findex.html&l=1317&fd=569
192.243.61.225200 OK 0 B URL HTTP/1.1 whiskerssituationdisturb.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Findex.html&l=1317&fd=569
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Findex.html&l=1317&fd=569 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Cookie: u_pl=15736095; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:11:23 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.221.35200 OK 28 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.221.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30478)
Hash d3f2750c86559bbb7d185e67fd132900
22cd1f37fe6d68f38a21ab554697ef086db2e187
e87f2041ab69f56c98720c90ee70b90994b809171778d0198793d53ffb00b6f6
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: xEdbJ/0J0SSb0J94R0KeNTlTfR22q7x6Lhj7Gv5rNuqMSmqWOuAwKZha6WRV2znW+jYX/XsuAk//wcDsUsMZyQ==
date: Mon, 05 Dec 2022 04:11:23 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
syndication.realsrv.com/iframe.php?url=H4sIAAAAAAAAAyWMy27bMBBF_8a7xhpSHJIFjCI7pwksN3JV1zuSM2yMmBJNSekD_fgq7u4C557zMk15_Lhe_xjufl3Ob4XKXRjSekyuTHnIa62RpWBHgmU0FtmISgpnyQXrgvTo0XjQdbCAqFhgDGCcjKy104Hsp3nk8kAbiMIRSuM9oOQqCvBgCYP3gZSplFfIXnvghQBoj6A0u0UCsKCCXY3DXAIvpVoIqUy9Spz8LT0MRLstPW0P..2ua.v7tsl9P1ynTKfucOxO5LCrIIzXkk_HrhVzTvQFU1eVfGzn_jrkTM.7w_P.0ODZpTOny4L6dr7Q42L.eX.loKoy1r_t1n4Wbw1.23_d6775_7h1bvNn_P5hlWGjZFVbW6.m4sJrE.MG_goJipk1VTUIaShAECZ4qTGS0FL_A8nnwIiKAQAA
95.211.229.248200 OK 992 B URL HTTP/1.1 syndication.realsrv.com/iframe.php?url=H4sIAAAAAAAAAyWMy27bMBBF_8a7xhpSHJIFjCI7pwksN3JV1zuSM2yMmBJNSekD_fgq7u4C557zMk15_Lhe_xjufl3Ob4XKXRjSekyuTHnIa62RpWBHgmU0FtmISgpnyQXrgvTo0XjQdbCAqFhgDGCcjKy104Hsp3nk8kAbiMIRSuM9oOQqCvBgCYP3gZSplFfIXnvghQBoj6A0u0UCsKCCXY3DXAIvpVoIqUy9Spz8LT0MRLstPW0P..2ua.v7tsl9P1ynTKfucOxO5LCrIIzXkk_HrhVzTvQFU1eVfGzn_jrkTM.7w_P.0ODZpTOny4L6dr7Q42L.eX.loKoy1r_t1n4Wbw1.23_d6775_7h1bvNn_P5hlWGjZFVbW6.m4sJrE.MG_goJipk1VTUIaShAECZ4qTGS0FL_A8nnwIiKAQAA
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (491)
Hash 11ba15726ddf9b5a7a3ab20b80cdbfad
336d5e6d4ef8e597bb25661e90ce922421d016e9
ce70264c216c2b7a5a47130f4bcc29eefa07eaa2f26b6fdae0ff9db39bd77c15
GET /iframe.php?url=H4sIAAAAAAAAAyWMy27bMBBF_8a7xhpSHJIFjCI7pwksN3JV1zuSM2yMmBJNSekD_fgq7u4C557zMk15_Lhe_xjufl3Ob4XKXRjSekyuTHnIa62RpWBHgmU0FtmISgpnyQXrgvTo0XjQdbCAqFhgDGCcjKy104Hsp3nk8kAbiMIRSuM9oOQqCvBgCYP3gZSplFfIXnvghQBoj6A0u0UCsKCCXY3DXAIvpVoIqUy9Spz8LT0MRLstPW0P..2ua.v7tsl9P1ynTKfucOxO5LCrIIzXkk_HrhVzTvQFU1eVfGzn_jrkTM.7w_P.0ODZpTOny4L6dr7Q42L.eX.loKoy1r_t1n4Wbw1.23_d6775_7h1bvNn_P5hlWGjZFVbW6.m4sJrE.MG_goJipk1VTUIaShAECZ4qTGS0FL_A8nnwIiKAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.shukriya90.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 04:11:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/splash.php?native-settings=1&idzone=4356930&cookieconsent=true&&p=https%3A%2F%2Fvivud.com%2F
95.211.229.248200 OK 4.7 kB URL HTTP/1.1 syndication.realsrv.com/splash.php?native-settings=1&idzone=4356930&cookieconsent=true&&p=https%3A%2F%2Fvivud.com%2F
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (9364), with no line terminators
Hash 2da9a23d619b22cbb956fe0fbbc42cc7
3b2a6fff194518dd4542f5720bfd13ff6a961645
3ccbb592d63ad1e20123f19b8addca864dd62ed16ea34addb87f8465ed8f2877
GET /splash.php?native-settings=1&idzone=4356930&cookieconsent=true&&p=https%3A%2F%2Fvivud.com%2F HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 04:11:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://vivud.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638d6f6b491054.194437703012249657%22%3B%7D; expires=Wed, 04 Dec 2024 04:11:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4356930%7C74493170%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cff49e723ee74c0931d664cd46ba95137%7C0%7Cvivud.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 06 Dec 2022 04:11:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4356930%7C74493152%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cff49e723ee74c0931d664cd46ba95137%7C0%7Cvivud.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 06 Dec 2022 04:11:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4356930%7C23975185%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cff49e723ee74c0931d664cd46ba95137%7C0%7Cvivud.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 06 Dec 2022 04:11:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4356930%7C76043140%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cff49e723ee74c0931d664cd46ba95137%7C0%7Cvivud.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 06 Dec 2022 04:11:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4356930%7C74493090%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cff49e723ee74c0931d664cd46ba95137%7C0%7Cvivud.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 06 Dec 2022 04:11:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ca20b22868f83d258c3424c2781dd1ce
b05abeced5046120a19a25cc81afad35d9fd2f1f
64b156fb7487e9228a06309481051507f616e2fc551856b05fdc97c169e353ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1796
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Last-Modified: Mon, 05 Dec 2022 03:41:27 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
go.xlivrdr.com/smartpop/776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&sourceId=4223584&memberId=ooddNHdLHTPHNVS4ASOpnnoqtpdZVTXVZda6V01csqrpZXVS2upmdQ6mV0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc50rs4y9H9J2vO6WPUP7nOldK6V0rpXSuldK6VwfY-&p1=5304994&trackOff=1
104.18.59.150302 Found 0 B URL HTTP/2 go.xlivrdr.com/smartpop/776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&sourceId=4223584&memberId=ooddNHdLHTPHNVS4ASOpnnoqtpdZVTXVZda6V01csqrpZXVS2upmdQ6mV0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc50rs4y9H9J2vO6WPUP7nOldK6V0rpXSuldK6VwfY-&p1=5304994&trackOff=1
IP 104.18.59.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&sourceId=4223584&memberId=ooddNHdLHTPHNVS4ASOpnnoqtpdZVTXVZda6V01csqrpZXVS2upmdQ6mV0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc50rs4y9H9J2vO6WPUP7nOldK6V0rpXSuldK6VwfY-&p1=5304994&trackOff=1 HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.realsrv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 04:11:23 GMT
content-length: 0
location: https://creative.xlivrdr.com/LPOmega?campaignId=776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9&campaignType=smartpop&creativeId=633bb8d1ab631f0d18f55cbad9062950670319710ea590924db3d0b48c41a3da&iterationId=276179&masterSmartpopId=1738&memberId=ooddNHdLHTPHNVS4ASOpnnoqtpdZVTXVZda6V01csqrpZXVS2upmdQ6mV0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc50rs4y9H9J2vO6WPUP7nOldK6V0rpXSuldK6VwfY-&p1=5304994&ruleId=12&smartpopId=7200&sourceId=4223584&trackOff=1&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=29658
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=67569847.29658; Path=/; HttpOnly; SameSite=Strict
__cflb=02DiuDfsBaY2bRYJiCeRWUB3HBu9a5K9WCKpEjWUXLCGU; SameSite=None; Secure; path=/; expires=Tue, 06-Dec-22 03:11:23 GMT; HttpOnly
server: cloudflare
cf-ray: 7749efff1b43b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ca20b22868f83d258c3424c2781dd1ce
b05abeced5046120a19a25cc81afad35d9fd2f1f
64b156fb7487e9228a06309481051507f616e2fc551856b05fdc97c169e353ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1796
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Last-Modified: Mon, 05 Dec 2022 03:41:27 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 227de73c2950d257905eda6128f90ea9
d700e7cbc5c620f274ec53c336dba15988f046d9
306cc0e4114a9e5b3f9125f9a6fe9746e2db74d94c7991c714e6abb2de046fbc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "306CC0E4114A9E5B3F9125F9A6FE9746E2DB74D94C7991C714E6ABB2DE046FBC"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13655
Expires: Mon, 05 Dec 2022 07:58:58 GMT
Date: Mon, 05 Dec 2022 04:11:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 227de73c2950d257905eda6128f90ea9
d700e7cbc5c620f274ec53c336dba15988f046d9
306cc0e4114a9e5b3f9125f9a6fe9746e2db74d94c7991c714e6abb2de046fbc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "306CC0E4114A9E5B3F9125F9A6FE9746E2DB74D94C7991C714E6ABB2DE046FBC"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13655
Expires: Mon, 05 Dec 2022 07:58:58 GMT
Date: Mon, 05 Dec 2022 04:11:23 GMT
Connection: keep-alive
s3t3d2y8.afcdn.net/library/802444/d12ccb590ad00f4923f36212a376a907910dcbf6.webp
185.76.9.21200 OK 9.0 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/802444/d12ccb590ad00f4923f36212a376a907910dcbf6.webp
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 03a466116a5e875e0bd4dfa768d88d94
d12ccb590ad00f4923f36212a376a907910dcbf6
1095a12ca3638c3d19f40704809776f1f6349a7b06e35cba865e2126ed6ba52c
GET /library/802444/d12ccb590ad00f4923f36212a376a907910dcbf6.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: image/webp
content-length: 9022
last-modified: Fri, 15 Jul 2022 11:08:07 GMT
etag: "62d14a97-233e"
expires: Sat, 15 Jul 2023 11:38:32 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1689476948
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCRRxjfr/l0O7AA
x-77-nzt-ray: af585630718fad796b6f8d63fda5e522
x-cache: HIT
x-age: 12272535
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/140058/e57cf07a049e49b51c156d752ea761aa0dcd4bda.webp
185.76.9.21200 OK 21 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/140058/e57cf07a049e49b51c156d752ea761aa0dcd4bda.webp
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Hash 08c5961e42807e8214a0ecd9cd419ab2
fe22ec4b6307c0110c1502206acae3553799ee1e
227e269a2e1f8f6657779c94d681b89d9881a1274144173953cf6c1d7b8b01c9
GET /library/140058/e57cf07a049e49b51c156d752ea761aa0dcd4bda.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: image/webp
content-length: 9202
last-modified: Wed, 03 Nov 2021 11:53:07 GMT
etag: "61827823-23f2"
expires: Fri, 30 Jun 2023 11:10:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195216
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCRQlEbP/W9LOAA
x-77-nzt-ray: af585630718fad796b6f8d637930a023
x-cache: HIT
x-age: 13554267
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8017f571df5727fe6f3e8c58e931076b
e09e55a3c306f2cb715e4ce1e2f0738ddf202c93
6478758dd37e708534996b23f8189e79637690d22edff70d5183a19ec66854db
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6478758DD37E708534996B23F8189E79637690D22EDFF70D5183A19EC66854DB"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5689
Expires: Mon, 05 Dec 2022 05:46:12 GMT
Date: Mon, 05 Dec 2022 04:11:23 GMT
Connection: keep-alive
s3t3d2y8.afcdn.net/library/802424/9adae5f4ae67a1541e8217da4ecefb783c89a87d.webp
185.76.9.21200 OK 6.6 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/802424/9adae5f4ae67a1541e8217da4ecefb783c89a87d.webp
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b11b88561683588d65cbee7c00b46da0
9adae5f4ae67a1541e8217da4ecefb783c89a87d
599119b6cfd5c2e97522035beb5f89859943b8133cc69d6b6ec7d626e75386e8
GET /library/802424/9adae5f4ae67a1541e8217da4ecefb783c89a87d.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: image/webp
content-length: 6600
last-modified: Fri, 30 Sep 2022 10:04:03 GMT
etag: "6336bf13-19c8"
expires: Sat, 30 Sep 2023 10:14:07 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1696071099
server: CDN77-Turbo
x-77-nzt: AblMCRQo1Or/MKVWAA
x-77-nzt-ray: af585630718fad796b6f8d63dcd01124
x-cache: HIT
x-age: 5678384
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
whiskerssituationdisturb.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fstyle.css&l=5338&fd=382
192.243.61.225200 OK 0 B URL HTTP/1.1 whiskerssituationdisturb.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fstyle.css&l=5338&fd=382
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fstyle.css&l=5338&fd=382 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Cookie: u_pl=15736095; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:11:23 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
s3t3d2y8.afcdn.net/library/802444/26d2e9758abed93dcb4846fb53753ea7548231ec.webp
185.76.9.21200 OK 6.8 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/802444/26d2e9758abed93dcb4846fb53753ea7548231ec.webp
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5d9325b7bae76ad2cfd7f5d8b6db322c
26d2e9758abed93dcb4846fb53753ea7548231ec
d6054a66b68c81d911b44b00bdffb9ee91a97e769c2bb83b1cbe396301ac48c1
GET /library/802444/26d2e9758abed93dcb4846fb53753ea7548231ec.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: image/webp
content-length: 6790
last-modified: Fri, 15 Jul 2022 11:08:07 GMT
etag: "62d14a97-1a86"
expires: Sat, 15 Jul 2023 11:43:05 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1689468529
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCRQf4nb/emS7AA
x-77-nzt-ray: af585630718fad796b6f8d6361e01724
x-cache: HIT
x-age: 12280954
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/802444/179ee3ab587e6094f27c3d5081fc701b07651398.webp
185.76.9.21200 OK 4.5 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/802444/179ee3ab587e6094f27c3d5081fc701b07651398.webp
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3a33d738939052a11a2ad76f9eade5d1
179ee3ab587e6094f27c3d5081fc701b07651398
fb72cfbb711af96a1abc7daab64778f7e9a21c0c5da3d5c6b07211e5f0ffb067
GET /library/802444/179ee3ab587e6094f27c3d5081fc701b07651398.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: image/webp
content-length: 4498
last-modified: Fri, 15 Jul 2022 11:08:07 GMT
etag: "62d14a97-1192"
expires: Sat, 15 Jul 2023 11:45:37 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1689468485
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCRSATxX/pmS7AA
x-77-nzt-ray: af585630718fad796b6f8d63bf80a924
x-cache: HIT
x-age: 12280998
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
whiskerssituationdisturb.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fanimate.css&l=79249&fd=386
192.243.61.225200 OK 0 B URL HTTP/1.1 whiskerssituationdisturb.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fanimate.css&l=79249&fd=386
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fanimate.css&l=79249&fd=386 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Cookie: u_pl=15736095; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:11:23 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=721739ec-218f-4337-8aeb-2c5fb0492a81&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=b87f75bdc1aa1522b4120b0ac9406b1d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=721739ec-218f-4337-8aeb-2c5fb0492a81&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=b87f75bdc1aa1522b4120b0ac9406b1d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=721739ec-218f-4337-8aeb-2c5fb0492a81&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=b87f75bdc1aa1522b4120b0ac9406b1d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:11:23 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 09d35df04bb6cd900f0f49331a53a092
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash fc326602733e8b881028126ef0f5f120
c7c936d1b0aca79296e0ac265535525122b2f6cf
5da2a1576b70c6693d01d9106692d92829361f7f5faeb9935b25144df71cad88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1134
Cache-Control: max-age=168283
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Etag: "638d5958-118"
Expires: Wed, 07 Dec 2022 02:56:06 GMT
Last-Modified: Mon, 05 Dec 2022 02:37:12 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
unseenreport.com/pxf.gif?uuid=721739ec-218f-4337-8aeb-2c5fb0492a81&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=367f420de7c0141ff3c8b701a6a2b135&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=721739ec-218f-4337-8aeb-2c5fb0492a81&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=367f420de7c0141ff3c8b701a6a2b135&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=721739ec-218f-4337-8aeb-2c5fb0492a81&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=367f420de7c0141ff3c8b701a6a2b135&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:11:23 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 144ae12fb99d5feb36d8729b6de02501
Strict-Transport-Security: max-age=0; includeSubdomains
video.ktkjmp.com/adsbygoogle.js
104.18.59.150200 OK 16 B URL HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP 104.18.59.150:0
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlivrdr.com/
Origin: https://creative.xlivrdr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: umnGOMVCjminO+qe5UBV06OrSizh/U59KvaEibge5v1gMRbq/UnThpljPBepeh+5w7wEpQIcu/4=
x-amz-request-id: 3YW9SERF7DC7262X
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xlivrdr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 7190
expires: Mon, 05 Dec 2022 08:11:23 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749f001b9f3b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash fc326602733e8b881028126ef0f5f120
c7c936d1b0aca79296e0ac265535525122b2f6cf
5da2a1576b70c6693d01d9106692d92829361f7f5faeb9935b25144df71cad88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1134
Cache-Control: max-age=168283
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Etag: "638d5958-118"
Expires: Wed, 07 Dec 2022 02:56:06 GMT
Last-Modified: Mon, 05 Dec 2022 02:37:12 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 13dc85b9faf49e6a9bf32608b0fcf56d
2ded5a6b67364d3f7875ce1598683ac2c97937d0
7924016b948a369b3a0bcb336f32dd8f10b14893ba1d9437c4fc171190eb5899
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 1.0 kB IP 93.184.220.29:0
Hash 76c4b4b7341e0494299bfe6de9c7ede3
23b1c18327cd11a1b97fa356ee1e8e86d08fc2f4
5894b4bb0a03f8098725988c00ec1b7d50564269152c6894452c9a5a32cc9530
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 383
Cache-Control: max-age=149535
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Etag: "638d130b-117"
Expires: Tue, 06 Dec 2022 21:43:38 GMT
Last-Modified: Sun, 04 Dec 2022 21:37:15 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.strpst.com/thumbs/1670213101/7598957
104.18.63.124200 OK 31 kB URL HTTP/2 img.strpst.com/thumbs/1670213101/7598957
IP 104.18.63.124:0
Hash 194a4380a1e09d9b33d9586a338c8672
31f9aef32f667c102dfdb738f8a8687e08540612
3514063797e4dd2f48a891c688e333a6dc0d9c425cd70913aa515eb4f0401fe7
GET /thumbs/1670213101/7598957 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: image/jpeg
content-length: 30079
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=31121, status=webp_bigger
etag: "d0a4bf72caaee28594015f40572fc3e7"
last-modified: Mon, 05 Dec 2022 04:04:48 GMT
cf-cache-status: HIT
age: 240
expires: Mon, 05 Dec 2022 04:12:23 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749f002db2a1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dc0bb7cefd83bd30886b9d0d6c19a1a0
e3d1b94ed2ff0502a4748a3676ec8d6355adb8da
fb18ce8699ba8ac42365003f639284add895a1d750b98b99f2827f55380a738a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 383
Cache-Control: max-age=149535
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:11:23 GMT
Etag: "638d130b-117"
Expires: Tue, 06 Dec 2022 21:43:38 GMT
Last-Modified: Sun, 04 Dec 2022 21:37:15 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
whiskerssituationdisturb.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fjs%2Fjquery-3.2.1.min.js&l=129575&fd=697
192.243.61.225200 OK 0 B URL HTTP/1.1 whiskerssituationdisturb.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fjs%2Fjquery-3.2.1.min.js&l=129575&fd=697
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fjs%2Fjquery-3.2.1.min.js&l=129575&fd=697 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Cookie: u_pl=15736095; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:11:23 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
Hash e4a79371e31489d4d8f9be6614dd4e37
8ed8f8c1297f24b403d8680e79974f55ad7421ed
d588b683029011c65005d85058fde5c416341b404aa661530abd7f7ae1ec78ba
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 05 Dec 2022 04:11:23 GMT
date: Mon, 05 Dec 2022 04:11:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-RXhBZH6PLO8r4FZuvlPs-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
whiskerssituationdisturb.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fjs%2Fscript.js&l=749&fd=288
192.243.61.225200 OK 0 B URL HTTP/1.1 whiskerssituationdisturb.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fjs%2Fscript.js&l=749&fd=288
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fjs%2Fscript.js&l=749&fd=288 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Cookie: u_pl=15736095; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:11:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
whiskerssituationdisturb.com/impr.gif?sid=H4sIAAAAAAAC%2F6xST2hcRRifVysIXqz0olB8uFAUZPPe%2FsluUkpIm7SuTZM0iRT0UObNzNtMd97MY2bevk1OwYr0UklFUHvpy5eksbb0z8GDB1E2epCAkhWVPZiT4EkIFnoQEdlNpHoQPPjBzPf7%2BM3w%2FX4z31sryQ7yIMHd6bNqkQuBB8p5z33hPJdUpcadnHN9L%2B8dc89zOVg65rZ6m24O%2B145773onmakoQYKnu95vue7p7hmoWoN9Fng8e0hPz%2Fk5UuFvF8uQUv%2FszaJAwY7QJs76GngtPP4%2FFf3gZM2yOjeGDMNq%2BKXxqNEYKs0NOnGq7IhVSohegRD7UAoN%2FZPgzIdhN4%2FAEpu7DsA1VzrOYCAd5Dzgw%2BB3NiXCUFzfU9pIIBJCOiTkDbbwEQbOG4DUZeA020EQChMToGMbkwqneKFPRb32A46%2BPAB8LSDDv54GGR054TgLXdWicRyJQ20wgx4qw283oY42QS76ABPN4HYN4DTr9HAwwmQ0dqUEQo4zfruOW8DD9sg2DJg40DSW9yBJHQgiR2IaNfF5aHQ8yphEBaL1RIhpFgkpFwdpGVaLFVDDxLSk7cMNl4GIpaB6CWI9RI0%2BNXtkc9AJ5%2BDmc%2FAUAeM7SDn3BI0aQYpQ5AaBClGkHIEqUWQNrN1KkzBZDeoMEng7%2BfCfi5mq8rWV%2FC6snUm0Uq8gw71n2b3yHPQYF23OFgJSwWPsgrx%2FJIfhkVSDSqejwdxIfCLZTA8A24O9N0u8g46cGcDYr596BYEeBOM2ATCnwKcHAGcrlYKHuD51VLVg0V5t8nqOB8rLesqT1QEVGUQ24NgF5wVsYOe6Qsp%2FPIHMLI18uvP34XfjD4AojOIdQYX%2BRcI6uLy6oxK0dqMSg26PxVbHvFF3Pu%2FWYstQx%2BdYQup0rQ2ZpZvjpIe0YO355ixE1hSLusG3TrBKWX6lNKEoU9r5jwLphMzfyLRMoknpk%2BeqkWxZsZwJduA%2BXbrNSC8g574%2BGZ%2FMp8dvQJcb4JOumPz1sbDAwNEcNLIx0Q08hJHbK8eMQzb4%2BViebBYOYopp39hfnxqUZjWdN2emzt3wYMo2Rr55INeXAOu2kDiNz%2FM5WonpyZzue7Mv7Sw80kUSMzFf21zlEd1e5wTJW%2FmcnO1uYnxXK47sHv93fU5Tk3A6ppJw6xruQgSOuz6nue5k1Nn3FBpl7K6u3v92tLdXG5sfPbkTG16rtaX9%2FxsY0HSPr%2B57oab626TiYaKjA2UTMzu9Xfu3c3lJkZnTo9fqJ0dPd1r%2BvL%2FZQlMvIX2A4xCoMWjOogdSJNsVReCrZHLhd9vvz3%2FEwjeQcP6MAi2NfLl6%2B99%2F8pv24CDDAz728VHeMVchrp2ANtLIKMMmjqDpsgAi2UwyWOrNtZbI98W%2BwGBcFYDoZ21QGhxdW%2BSDe%2B6Zb%2FEqkG1QigNGKF%2BpVCsFj2vQGmpMsT8IbCmQ66oi38CAAD%2F%2FwEAAP%2F%2F4ST%2FUuAFAAA%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 whiskerssituationdisturb.com/impr.gif?sid=H4sIAAAAAAAC%2F6xST2hcRRifVysIXqz0olB8uFAUZPPe%2FsluUkpIm7SuTZM0iRT0UObNzNtMd97MY2bevk1OwYr0UklFUHvpy5eksbb0z8GDB1E2epCAkhWVPZiT4EkIFnoQEdlNpHoQPPjBzPf7%2BM3w%2FX4z31sryQ7yIMHd6bNqkQuBB8p5z33hPJdUpcadnHN9L%2B8dc89zOVg65rZ6m24O%2B145773onmakoQYKnu95vue7p7hmoWoN9Fng8e0hPz%2Fk5UuFvF8uQUv%2FszaJAwY7QJs76GngtPP4%2FFf3gZM2yOjeGDMNq%2BKXxqNEYKs0NOnGq7IhVSohegRD7UAoN%2FZPgzIdhN4%2FAEpu7DsA1VzrOYCAd5Dzgw%2BB3NiXCUFzfU9pIIBJCOiTkDbbwEQbOG4DUZeA020EQChMToGMbkwqneKFPRb32A46%2BPAB8LSDDv54GGR054TgLXdWicRyJQ20wgx4qw283oY42QS76ABPN4HYN4DTr9HAwwmQ0dqUEQo4zfruOW8DD9sg2DJg40DSW9yBJHQgiR2IaNfF5aHQ8yphEBaL1RIhpFgkpFwdpGVaLFVDDxLSk7cMNl4GIpaB6CWI9RI0%2BNXtkc9AJ5%2BDmc%2FAUAeM7SDn3BI0aQYpQ5AaBClGkHIEqUWQNrN1KkzBZDeoMEng7%2BfCfi5mq8rWV%2FC6snUm0Uq8gw71n2b3yHPQYF23OFgJSwWPsgrx%2FJIfhkVSDSqejwdxIfCLZTA8A24O9N0u8g46cGcDYr596BYEeBOM2ATCnwKcHAGcrlYKHuD51VLVg0V5t8nqOB8rLesqT1QEVGUQ24NgF5wVsYOe6Qsp%2FPIHMLI18uvP34XfjD4AojOIdQYX%2BRcI6uLy6oxK0dqMSg26PxVbHvFF3Pu%2FWYstQx%2BdYQup0rQ2ZpZvjpIe0YO355ixE1hSLusG3TrBKWX6lNKEoU9r5jwLphMzfyLRMoknpk%2BeqkWxZsZwJduA%2BXbrNSC8g574%2BGZ%2FMp8dvQJcb4JOumPz1sbDAwNEcNLIx0Q08hJHbK8eMQzb4%2BViebBYOYopp39hfnxqUZjWdN2emzt3wYMo2Rr55INeXAOu2kDiNz%2FM5WonpyZzue7Mv7Sw80kUSMzFf21zlEd1e5wTJW%2FmcnO1uYnxXK47sHv93fU5Tk3A6ppJw6xruQgSOuz6nue5k1Nn3FBpl7K6u3v92tLdXG5sfPbkTG16rtaX9%2FxsY0HSPr%2B57oab626TiYaKjA2UTMzu9Xfu3c3lJkZnTo9fqJ0dPd1r%2BvL%2FZQlMvIX2A4xCoMWjOogdSJNsVReCrZHLhd9vvz3%2FEwjeQcP6MAi2NfLl6%2B99%2F8pv24CDDAz728VHeMVchrp2ANtLIKMMmjqDpsgAi2UwyWOrNtZbI98W%2BwGBcFYDoZ21QGhxdW%2BSDe%2B6Zb%2FEqkG1QigNGKF%2BpVCsFj2vQGmpMsT8IbCmQ66oi38CAAD%2F%2FwEAAP%2F%2F4ST%2FUuAFAAA%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F6xST2hcRRifVysIXqz0olB8uFAUZPPe%2FsluUkpIm7SuTZM0iRT0UObNzNtMd97MY2bevk1OwYr0UklFUHvpy5eksbb0z8GDB1E2epCAkhWVPZiT4EkIFnoQEdlNpHoQPPjBzPf7%2BM3w%2FX4z31sryQ7yIMHd6bNqkQuBB8p5z33hPJdUpcadnHN9L%2B8dc89zOVg65rZ6m24O%2B145773onmakoQYKnu95vue7p7hmoWoN9Fng8e0hPz%2Fk5UuFvF8uQUv%2FszaJAwY7QJs76GngtPP4%2FFf3gZM2yOjeGDMNq%2BKXxqNEYKs0NOnGq7IhVSohegRD7UAoN%2FZPgzIdhN4%2FAEpu7DsA1VzrOYCAd5Dzgw%2BB3NiXCUFzfU9pIIBJCOiTkDbbwEQbOG4DUZeA020EQChMToGMbkwqneKFPRb32A46%2BPAB8LSDDv54GGR054TgLXdWicRyJQ20wgx4qw283oY42QS76ABPN4HYN4DTr9HAwwmQ0dqUEQo4zfruOW8DD9sg2DJg40DSW9yBJHQgiR2IaNfF5aHQ8yphEBaL1RIhpFgkpFwdpGVaLFVDDxLSk7cMNl4GIpaB6CWI9RI0%2BNXtkc9AJ5%2BDmc%2FAUAeM7SDn3BI0aQYpQ5AaBClGkHIEqUWQNrN1KkzBZDeoMEng7%2BfCfi5mq8rWV%2FC6snUm0Uq8gw71n2b3yHPQYF23OFgJSwWPsgrx%2FJIfhkVSDSqejwdxIfCLZTA8A24O9N0u8g46cGcDYr596BYEeBOM2ATCnwKcHAGcrlYKHuD51VLVg0V5t8nqOB8rLesqT1QEVGUQ24NgF5wVsYOe6Qsp%2FPIHMLI18uvP34XfjD4AojOIdQYX%2BRcI6uLy6oxK0dqMSg26PxVbHvFF3Pu%2FWYstQx%2BdYQup0rQ2ZpZvjpIe0YO355ixE1hSLusG3TrBKWX6lNKEoU9r5jwLphMzfyLRMoknpk%2BeqkWxZsZwJduA%2BXbrNSC8g574%2BGZ%2FMp8dvQJcb4JOumPz1sbDAwNEcNLIx0Q08hJHbK8eMQzb4%2BViebBYOYopp39hfnxqUZjWdN2emzt3wYMo2Rr55INeXAOu2kDiNz%2FM5WonpyZzue7Mv7Sw80kUSMzFf21zlEd1e5wTJW%2FmcnO1uYnxXK47sHv93fU5Tk3A6ppJw6xruQgSOuz6nue5k1Nn3FBpl7K6u3v92tLdXG5sfPbkTG16rtaX9%2FxsY0HSPr%2B57oab626TiYaKjA2UTMzu9Xfu3c3lJkZnTo9fqJ0dPd1r%2BvL%2FZQlMvIX2A4xCoMWjOogdSJNsVReCrZHLhd9vvz3%2FEwjeQcP6MAi2NfLl6%2B99%2F8pv24CDDAz728VHeMVchrp2ANtLIKMMmjqDpsgAi2UwyWOrNtZbI98W%2BwGBcFYDoZ21QGhxdW%2BSDe%2B6Zb%2FEqkG1QigNGKF%2BpVCsFj2vQGmpMsT8IbCmQ66oi38CAAD%2F%2FwEAAP%2F%2F4ST%2FUuAFAAA%3D HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Cookie: u_pl=15736095; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:11:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e6631286c86c1e8f38b30c8e18205b10
Strict-Transport-Security: max-age=0; includeSubdomains
whiskerssituationdisturb.com/pixel/sbs?c=1
192.243.61.225200 OK 0 B URL HTTP/1.1 whiskerssituationdisturb.com/pixel/sbs?c=1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Cookie: u_pl=15736095; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:11:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
p2997.nonotro.name/iSRDCIY0OwjoZtdxoEWUMWYX08lW-9qDcvlYfo_FTpdGNc6c9opRoJuNW95heNLKkdgHcvR2jvrqFui6Hea9aS6VmqTDpLiCbQEQLr0gJHtkv8xIrnKJ7EMubhZkA13TFn2SO5w?kws=free%2Cporn%2Csex%2Cvideos&abl=0&fsb=0&pageUri=https%3A%2F%2Fvivud.com%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221002%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%22939%22%2C%221268%22%2C%22939%22%2C%22false%22%2C%221%22%2C%2216%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Dec%2005%202022%2004%3A11%3A20%20GMT%2B0000%20(Coordinated%20Universal%20Time)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%221%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1
88.208.59.103307 Temporary Redirect 0 B URL HTTP/2 p2997.nonotro.name/iSRDCIY0OwjoZtdxoEWUMWYX08lW-9qDcvlYfo_FTpdGNc6c9opRoJuNW95heNLKkdgHcvR2jvrqFui6Hea9aS6VmqTDpLiCbQEQLr0gJHtkv8xIrnKJ7EMubhZkA13TFn2SO5w?kws=free%2Cporn%2Csex%2Cvideos&abl=0&fsb=0&pageUri=https%3A%2F%2Fvivud.com%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221002%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%22939%22%2C%221268%22%2C%22939%22%2C%22false%22%2C%221%22%2C%2216%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Dec%2005%202022%2004%3A11%3A20%20GMT%2B0000%20(Coordinated%20Universal%20Time)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%221%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1
IP 88.208.59.103:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iSRDCIY0OwjoZtdxoEWUMWYX08lW-9qDcvlYfo_FTpdGNc6c9opRoJuNW95heNLKkdgHcvR2jvrqFui6Hea9aS6VmqTDpLiCbQEQLr0gJHtkv8xIrnKJ7EMubhZkA13TFn2SO5w?kws=free%2Cporn%2Csex%2Cvideos&abl=0&fsb=0&pageUri=https%3A%2F%2Fvivud.com%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221002%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%22939%22%2C%221268%22%2C%22939%22%2C%22false%22%2C%221%22%2C%2216%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Dec%2005%202022%2004%3A11%3A20%20GMT%2B0000%20(Coordinated%20Universal%20Time)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%221%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 HTTP/1.1
Host: p2997.nonotro.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
server: nginx
date: Mon, 05 Dec 2022 04:11:25 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-origin: https://vivud.com
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
location: /iSRDCIY0OwjoZtdxoEWUMWYX08lW-9qDcvlYfo_FTpdGNc6c9opRoJuNW95heNLKkdgHcvR2jvrqFui6Hea9aS6VmqTDpLiCbQEQLr0gJHtkv8xIrnKJ7EMubhZkA13TFn2SO5w?kws=free%2Cporn%2Csex%2Cvideos&abl=0&fsb=0&pageUri=https%3A%2F%2Fvivud.com%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221002%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%22939%22%2C%221268%22%2C%22939%22%2C%22false%22%2C%221%22%2C%2216%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Dec%2005%202022%2004%3A11%3A20%20GMT%2B0000%20(Coordinated%20Universal%20Time)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%221%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1&_h=accept%3A+%2A%2F%2A%0Aaccept-language%3A+en-US%2Cen%3Bq%3D0.5%0Aaccept-encoding%3A+gzip%2C+deflate%2C+br%0Aorigin%3A+https%3A%2F%2Fvivud.com%0Asec-fetch-dest%3A+empty%0Asec-fetch-mode%3A+cors%0Asec-fetch-site%3A+cross-site%0A%0A
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Mon, 05 Dec 2022 04:11:25 UTC
expires: Mon, 05 Dec 2022 04:11:25 UTC
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/33879989?wv-check=44699&wv-type=0&wmode=0&wv-part=1&wv-hit=295708275&page-url=https%3A%2F%2Fvivud.com%2F&rn=364441221&browser-info=et%3A1670213486%3Aw%3A1268x898%3Av%3A933%3Az%3A0%3Ai%3A20221205041125%3Au%3A1670213479673742101%3Avf%3Aslhejhys9ytpnba8eugac%3Ast%3A1670213486&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/33879989?wv-check=44699&wv-type=0&wmode=0&wv-part=1&wv-hit=295708275&page-url=https%3A%2F%2Fvivud.com%2F&rn=364441221&browser-info=et%3A1670213486%3Aw%3A1268x898%3Av%3A933%3Az%3A0%3Ai%3A20221205041125%3Au%3A1670213479673742101%3Avf%3Aslhejhys9ytpnba8eugac%3Ast%3A1670213486&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/33879989?wv-check=44699&wv-type=0&wmode=0&wv-part=1&wv-hit=295708275&page-url=https%3A%2F%2Fvivud.com%2F&rn=364441221&browser-info=et%3A1670213486%3Aw%3A1268x898%3Av%3A933%3Az%3A0%3Ai%3A20221205041125%3Au%3A1670213479673742101%3Avf%3Aslhejhys9ytpnba8eugac%3Ast%3A1670213486&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 100
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 05 Dec 2022 04:11:28 GMT
access-control-allow-origin: https://vivud.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 05-Dec-2022 04:11:28 GMT
last-modified: Mon, 05-Dec-2022 04:11:28 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/33879989?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=295708275&page-url=https%3A%2F%2Fvivud.com%2F&rn=74207134&browser-info=et%3A1670213486%3Aw%3A1268x898%3Av%3A933%3Az%3A0%3Ai%3A20221205041125%3Au%3A1670213479673742101%3Avf%3Aslhejhys9ytpnba8eugac%3Ast%3A1670213486&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/33879989?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=295708275&page-url=https%3A%2F%2Fvivud.com%2F&rn=74207134&browser-info=et%3A1670213486%3Aw%3A1268x898%3Av%3A933%3Az%3A0%3Ai%3A20221205041125%3Au%3A1670213479673742101%3Avf%3Aslhejhys9ytpnba8eugac%3Ast%3A1670213486&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/33879989?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=295708275&page-url=https%3A%2F%2Fvivud.com%2F&rn=74207134&browser-info=et%3A1670213486%3Aw%3A1268x898%3Av%3A933%3Az%3A0%3Ai%3A20221205041125%3Au%3A1670213479673742101%3Avf%3Aslhejhys9ytpnba8eugac%3Ast%3A1670213486&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 05 Dec 2022 04:11:28 GMT
access-control-allow-origin: https://vivud.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 05-Dec-2022 04:11:28 GMT
last-modified: Mon, 05-Dec-2022 04:11:28 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/33879989?wmode=7&page-url=https%3A%2F%2Fvivud.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afp%3A930%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A443423874303%3Ahid%3A295708275%3Az%3A0%3Ai%3A20221205041119%3Aet%3A1670213479%3Ac%3A1%3Arn%3A70199107%3Arqn%3A1%3Au%3A1670213479673742101%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C87%2C10%2C1%2C381%2C0%2C%2C1126%2C9%2C%2C%2C%2C1623%3Aco%3A0%3Ans%3A1670213477015%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670213479%3At%3AFree%20Porn%2C%20Sex%20Videos%20-%20VIVUD.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/33879989?wmode=7&page-url=https%3A%2F%2Fvivud.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afp%3A930%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A443423874303%3Ahid%3A295708275%3Az%3A0%3Ai%3A20221205041119%3Aet%3A1670213479%3Ac%3A1%3Arn%3A70199107%3Arqn%3A1%3Au%3A1670213479673742101%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C87%2C10%2C1%2C381%2C0%2C%2C1126%2C9%2C%2C%2C%2C1623%3Aco%3A0%3Ans%3A1670213477015%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670213479%3At%3AFree%20Porn%2C%20Sex%20Videos%20-%20VIVUD.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
GET /watch/33879989?wmode=7&page-url=https%3A%2F%2Fvivud.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afp%3A930%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A443423874303%3Ahid%3A295708275%3Az%3A0%3Ai%3A20221205041119%3Aet%3A1670213479%3Ac%3A1%3Arn%3A70199107%3Arqn%3A1%3Au%3A1670213479673742101%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C87%2C10%2C1%2C381%2C0%2C%2C1126%2C9%2C%2C%2C%2C1623%3Aco%3A0%3Ans%3A1670213477015%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670213479%3At%3AFree%20Porn%2C%20Sex%20Videos%20-%20VIVUD.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/33879989/1?wmode=7&page-url=https%3A%2F%2Fvivud.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afp%3A930%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A443423874303%3Ahid%3A295708275%3Az%3A0%3Ai%3A20221205041119%3Aet%3A1670213479%3Ac%3A1%3Arn%3A70199107%3Arqn%3A1%3Au%3A1670213479673742101%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C87%2C10%2C1%2C381%2C0%2C%2C1126%2C9%2C%2C%2C%2C1623%3Aco%3A0%3Ans%3A1670213477015%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670213479%3At%3AFree%20Porn%2C%20Sex%20Videos%20-%20VIVUD.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 05 Dec 2022 04:11:22 GMT
access-control-allow-origin: https://vivud.com
set-cookie: yabs-sid=1520228501670213482; Path=/; SameSite=None; Secure
i=hfMI62q7qywzZKAHYlOmlcn1K4Ba1m4scyOraVH4hS+tE/8mZj3BD8ofWBGzASWglkmHxAbpujqpNdRAsxVmwkdjuik=; Expires=Thu, 02-Dec-2032 04:11:11 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5936152361670213482; Expires=Tue, 05-Dec-2023 04:11:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5936152361670213482; Expires=Tue, 05-Dec-2023 04:11:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701749482.yc.1670213482#1701749482.yrts.1670213482#1701749482.yrtsi.1670213482; Expires=Tue, 05-Dec-2023 04:11:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 05-Dec-2022 04:11:22 GMT
last-modified: Mon, 05-Dec-2022 04:11:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/rtb/default/3/css/animate.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/rtb/default/3/css/animate.css
IP 172.64.108.13:0
GET /sb/interstitial/rtb/default/3/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: text/css
last-modified: Wed, 23 Jun 2021 13:33:20 GMT
etag: W/"60d33820-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PX0rXWIUka0R7GIz%2BuOD2S5zfoSeK71fp5iLEG1K0shlF4sMNSg%2F4rUzY4tq78xGxjz7Nm3pp6jw7aaoxiRPpaqWdnPbK6pI5gOgG9WlCPKN408FfjiO%2B%2BQcZA8AGguxQ%2BX7scdIlxN1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effe5f25f3e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vivud.com/
172.67.196.144200 OK 0 B IP 172.67.196.144:0
GET / HTTP/1.1
Host: vivud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:20 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=43200, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: HIT
age: 6681
last-modified: Mon, 05 Dec 2022 02:19:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJKyiEc2J0A6qhjBPXXRxApQMTv4bPE4%2Bd75j%2BQr0j4TpRO65XQ67fmNfQtojX%2FMN3xViYevNIDwldLG0eNLHpGBeU8VZyVmK4iim%2B1YUf25APy1WznshpX4his%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749efea2f8ab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/interstitial/rtb/default/3/index.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/interstitial/rtb/default/3/index.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/interstitial/rtb/default/3/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-525"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 05 Dec 2022 05:11:23 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/script.js
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/script.js
IP 172.64.108.13:0
GET /sb/interstitial/rtb/default/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:24 GMT
content-type: application/javascript
last-modified: Wed, 23 Jun 2021 13:33:24 GMT
etag: W/"60d33824-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OklQZCsOc6sFCMAmHjOm4G9a0KJmipbwtXW%2FgCYqIR%2BHgC1GqE1MmWgU6G%2FaPkXWoWB4yIr1kA1R1Ewc1OXAa0ifipze5LRfSLjWLuiUqe3PQIQyZfa6WT%2FHjuK4OJDGvAi7rktORSu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749f00268bef3e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stripchat.com/api/front/v2/models/username/sexgreat/chat
104.18.63.126200 OK 0 B URL HTTP/2 stripchat.com/api/front/v2/models/username/sexgreat/chat
IP 104.18.63.126:0
GET /api/front/v2/models/username/sexgreat/chat HTTP/1.1
Host: stripchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlivrdr.com/
Origin: https://creative.xlivrdr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: application/json
vary: Accept-Encoding
x-api-version: 10.47.1
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-backend: sc-backend-delta-yellow-09.novalocal
x-cache-status: HIT
access-control-allow-origin: https://creative.xlivrdr.com
last-modified: Mon, 05 Dec 2022 04:11:21 GMT
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 7749f002ab1b0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.realsrv.com/nativeads-v2.js?_=1670213477896
185.76.9.17200 OK 0 B URL HTTP/2 a.realsrv.com/nativeads-v2.js?_=1670213477896
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
GET /nativeads-v2.js?_=1670213477896 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: application/javascript
etag: W/"3eb4c0066ecfc78c36ab17afea4"
expires: Fri, 02 Dec 2022 12:50:47 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1670223090
server: CDN77-Turbo
x-77-nzt: AblMCQ3Tu3b/qQQAAA
x-77-nzt-ray: c0a4cc2855e0cf206b6f8d63a37ea003
x-cache: HIT
x-age: 1193
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
p2997.nonotro.name/iSRDCIY0OwjoZtdxoEWUMWYX08lW-9qDcvlYfo_FTpdGNc6c9opRoJuNW95heNLKkdgHcvR2jvrqFui6Hea9aS6VmqTDpLiCbQEQLr0gJHtkv8xIrnKJ7EMubhZkA13TFn2SO5w?kws=free%2Cporn%2Csex%2Cvideos&abl=0&fsb=0&pageUri=https%3A%2F%2Fvivud.com%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221002%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%22939%22%2C%221268%22%2C%22939%22%2C%22false%22%2C%221%22%2C%2216%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Dec%2005%202022%2004%3A11%3A20%20GMT%2B0000%20(Coordinated%20Universal%20Time)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%221%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1&_h=accept%3A+%2A%2F%2A%0Aaccept-language%3A+en-US%2Cen%3Bq%3D0.5%0Aaccept-encoding%3A+gzip%2C+deflate%2C+br%0Aorigin%3A+https%3A%2F%2Fvivud.com%0Asec-fetch-dest%3A+empty%0Asec-fetch-mode%3A+cors%0Asec-fetch-site%3A+cross-site%0A%0A
88.208.59.103200 OK 0 B URL HTTP/2 p2997.nonotro.name/iSRDCIY0OwjoZtdxoEWUMWYX08lW-9qDcvlYfo_FTpdGNc6c9opRoJuNW95heNLKkdgHcvR2jvrqFui6Hea9aS6VmqTDpLiCbQEQLr0gJHtkv8xIrnKJ7EMubhZkA13TFn2SO5w?kws=free%2Cporn%2Csex%2Cvideos&abl=0&fsb=0&pageUri=https%3A%2F%2Fvivud.com%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221002%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%22939%22%2C%221268%22%2C%22939%22%2C%22false%22%2C%221%22%2C%2216%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Dec%2005%202022%2004%3A11%3A20%20GMT%2B0000%20(Coordinated%20Universal%20Time)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%221%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1&_h=accept%3A+%2A%2F%2A%0Aaccept-language%3A+en-US%2Cen%3Bq%3D0.5%0Aaccept-encoding%3A+gzip%2C+deflate%2C+br%0Aorigin%3A+https%3A%2F%2Fvivud.com%0Asec-fetch-dest%3A+empty%0Asec-fetch-mode%3A+cors%0Asec-fetch-site%3A+cross-site%0A%0A
IP 88.208.59.103:0
ASN #39572 DataWeb Global Group B.V.
GET /iSRDCIY0OwjoZtdxoEWUMWYX08lW-9qDcvlYfo_FTpdGNc6c9opRoJuNW95heNLKkdgHcvR2jvrqFui6Hea9aS6VmqTDpLiCbQEQLr0gJHtkv8xIrnKJ7EMubhZkA13TFn2SO5w?kws=free%2Cporn%2Csex%2Cvideos&abl=0&fsb=0&pageUri=https%3A%2F%2Fvivud.com%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221002%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%22939%22%2C%221268%22%2C%22939%22%2C%22false%22%2C%221%22%2C%2216%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Dec%2005%202022%2004%3A11%3A20%20GMT%2B0000%20(Coordinated%20Universal%20Time)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%221%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1&_h=accept%3A+%2A%2F%2A%0Aaccept-language%3A+en-US%2Cen%3Bq%3D0.5%0Aaccept-encoding%3A+gzip%2C+deflate%2C+br%0Aorigin%3A+https%3A%2F%2Fvivud.com%0Asec-fetch-dest%3A+empty%0Asec-fetch-mode%3A+cors%0Asec-fetch-site%3A+cross-site%0A%0A HTTP/1.1
Host: p2997.nonotro.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:11:26 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://vivud.com
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Mon, 05 Dec 2022 04:11:26 UTC
expires: Mon, 05 Dec 2022 04:11:26 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.140.24200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.140.24:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:21 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 89fbeef16a65d1221d49b0767fe1b1e3
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 04:11:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzmobQos8kWGSua%2BgnTnTc91hKO4wTplaqWWSFTMSDUIHwwIufFMq9aGxQb6m8vXm%2FMAfV9lmL52t7gfIl2Wkb4RoCiLvBtIPQ5SrJWPrUucfvjW%2BuZZCqRNSaogtAnsqlRfEsU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749eff208ca72ac-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.74:0
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 04:11:23 GMT
date: Mon, 05 Dec 2022 04:11:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/jquery-3.2.1.min.js
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/jquery-3.2.1.min.js
IP 172.64.108.13:0
GET /sb/interstitial/rtb/default/3/js/jquery-3.2.1.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Wed, 23 Jun 2021 13:33:25 GMT
etag: W/"60d33825-1fa27"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KtV45AmK7ywoGhALIiICx5j37C3n2qdA4mDxmMkhScqoO2l8cVr%2FVXrpe41Y56A01Z6VSMsoSIGrkgaPCiHApdpzFklEQXSD6PKbKSX4AnKRmPDXky0yXWrh5bTVGwyIuUehd7bFa4%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effe5f20f3e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.shukriya90.com/api/click/10540946204682701095?s1=%25subid1%25&t=5&ab=0&keywords=&w=1280&h=1024&domain=vivud.com&rnd=0.39331245191266173
135.181.208.216200 OK 0 B URL HTTP/2 a.shukriya90.com/api/click/10540946204682701095?s1=%25subid1%25&t=5&ab=0&keywords=&w=1280&h=1024&domain=vivud.com&rnd=0.39331245191266173
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/click/10540946204682701095?s1=%25subid1%25&t=5&ab=0&keywords=&w=1280&h=1024&domain=vivud.com&rnd=0.39331245191266173 HTTP/1.1
Host: a.shukriya90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vivud.com/
Cookie: nauid=FUEWKeVYbnnRLN3bmbUf
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:11:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/rtb/default/3/css/style.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/rtb/default/3/css/style.css
IP 172.64.108.13:0
GET /sb/interstitial/rtb/default/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vivud.com
Connection: keep-alive
Referer: https://vivud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:11:23 GMT
content-type: text/css
last-modified: Wed, 23 Jun 2021 13:33:21 GMT
etag: W/"60d33821-14da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSvSj8TCaK5ANX4wOr1SH%2BTXAG%2F5ssXna%2BKc99qjKMX7DeNTHRSNM5tq543Dvdefy2TjEoKUbQdvWENtGxg6Xqzk3vM7CylVWvLok6e30zd2tlA75sxt6UAJBWb73DT8HptYE7pqGt%2B3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749effe5f26f3e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2