www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
104.21.83.6200 OK 17 kB URL User Request GET HTTP/1.1 www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
IP 104.21.83.6:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7475)
Hash 6adccccc59385a1e1b2b67ba3d7367c3
ceb56ed4d9acf3f688f31c7e9a4d5fc14a4f10d9
213d0cf8c4752b46a320f14c5a2edb129adae1f763573f28c9bfa274d0570362
GET /videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:45 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; path=/; domain=.xxxfiles.tv; SameSite=Lax
kt_rt_ts=643600; expires=Mon, 29-Apr-2024 08:52:45 GMT; Max-Age=31104000; path=/; domain=.xxxfiles.tv; SameSite=Lax
kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; expires=Sat, 06-May-2023 08:52:45 GMT; Max-Age=86400; path=/; domain=.xxxfiles.tv; SameSite=Lax
kt_ips=91.90.42.154; expires=Sat, 06-May-2023 08:52:45 GMT; Max-Age=86400; path=/; domain=.xxxfiles.tv; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coeVFLuCUVRIFGvC%2FSBFwaxoUeXGSULtGncFJ1l9g69gdeB2waV6WCe03vT4OOFI1tqdn9IsiKt%2BIGCJgeJTpOlROnHtICEf26HVjy2sey5WcqnAWoHmeWdvml8dyQIEXIk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c27bfc5bc63b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.xxxfiles.tv/vpaid/videojs_5.vast.vpaid.min.js
104.21.83.6200 OK 32 kB URL GET HTTP/1.1 www.xxxfiles.tv/vpaid/videojs_5.vast.vpaid.min.js
IP 104.21.83.6:80
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type ASCII text, with very long lines (32057)
Hash 560633af767972e3920012cbf83c148b
7f4848825c8237cdac326b8ee74ef20fe1531c83
cc2f218efee95ea1599ff2c3879cc93bcf23e974210aef7f56694fa83861e9fa
GET /vpaid/videojs_5.vast.vpaid.min.js HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Nov 2019 11:59:07 GMT
Vary: Accept-Encoding
ETag: W/"5dd52a8b-19ebe"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 2131984
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZ8Xt%2FJr78m0fY5O8QSifPp2R4UHnDElr6CogoZf3sjdSlG28pDM6Cddc6pZ9LNxE%2BfiCe1E3vpjRjvXFL8Mvl3aELJpP1yXM8ULcAZgzaywEVFrTExsmpSSNHfVoseT7xo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c27bfc6cdceb4fa-OSL
alt-svc: h2=":443"; ma=60
www.xxxfiles.tv/vpaid/videojs.vast.vpaid.min.css
172.67.210.53200 OK 773 B URL GET HTTP/1.1 www.xxxfiles.tv/vpaid/videojs.vast.vpaid.min.css
IP 172.67.210.53:80
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type ASCII text, with very long lines (1935)
Hash 6845152df80dd7d9aeb046f4e4a31772
5cd1f9eb1e2d19f7b0f46ccecf12d658a62ad324
937976cc423649a6506d474e36ee37a9c6dae07ec617296369f106a32159813e
GET /vpaid/videojs.vast.vpaid.min.css HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:45 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Nov 2019 10:54:23 GMT
Vary: Accept-Encoding
ETag: W/"5dd51b5f-7c7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7600374
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvRE6m%2Bgr0UoGq8ekcMr6EPGjNAX%2BnJiXpDbISpuolVcak4B7%2F2vVd44D4PUT9oSf07vEBZdbDIBIz%2FQ4hMSa8iCfsAbdSRTPpcha4kC6xHmnrdIMErYLbBfByVAxAi6R%2Fs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c27bfc71d8ab527-OSL
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js
104.17.25.14200 OK 1.7 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js
IP 104.17.25.14:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
Hash 25262966b8186937356da73b4437077e
119334d19971c98dbb41ed0a074df6f9ee76414c
550053ac2111a284edfc27b8c6ed672dea9d9ae72e389e555620e1ab53e3fd78
GET /ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 1675
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04020-18dd"
last-modified: Mon, 04 May 2020 16:17:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 21913304
expires: Wed, 24 Apr 2024 08:52:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGcktx2e%2B9sWv42f6A5RlmEAvEY5kpro%2BkKtD%2FB4fYFNDPlLS7NAo195H6A0y4FgSZEKyS1mdgR7YrcSx%2BotFEgmK88jiRIv0tb%2FevuDWB3MgUlbvlIzSXAfi5ztHtBbos7nnhDj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c27bfc76f25fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css
104.17.25.14200 OK 256 B URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css
IP 104.17.25.14:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
Hash 098110bd3ec60e725e6ac659dec292f3
2079d41c25bec276e4dcd4dcbc3c2cdd5c8cad25
13a4726b6560cb70580a6535e9b165bf3c0a447ea054c844043668d1e2ef5e6e
GET /ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: text/css; charset=utf-8
content-length: 256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04020-36a"
last-modified: Mon, 04 May 2020 16:17:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8503016
expires: Wed, 24 Apr 2024 08:52:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icH7bCvEN3c3cJs9%2Fss9x%2FlV9pDnQ%2Fo0G9G2ZWvfnieptFQFIdlVMCtPeWNTCggwRJiVasIDTOLNIOYgiy2sGV34wHKwnpADJMAHz5jvQLZ4ELUUbcnTQKQ3staBLP0GY8hiY%2Bn4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c27bfc77f32fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css
151.101.129.229200 OK 375 B URL GET HTTP/2 cdn.jsdelivr.net/npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css
IP 151.101.129.229:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type ASCII text, with very long lines (449)
Hash fbee40477e7809313d67c319f6e37207
8d1b0f7bd1ef8c80d03b44e6163ba7943fcefe96
382c00fcf41cf8def634c66b83a204657e7aad57485c880277b27e62c2b457cd
GET /npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.1.2
x-jsd-version-type: version
etag: W/"299-rLWKZXMtTX2vbGY6rnhXUEYaKx8"
content-encoding: br
accept-ranges: bytes
date: Fri, 05 May 2023 08:52:45 GMT
age: 4391579
x-served-by: cache-fra-eddf8230075-FRA, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 375
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/cZAjeQ7.js
135.181.208.216200 OK 53 kB URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/cZAjeQ7.js
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type Unicode text, UTF-8 text, with very long lines (65472), with no line terminators
Hash 9ed7d287590f193c89d8a63d423a7b91
696489b43237b89c23307740d67648802a8dd407
8271b03b3c2bbf3b048ab27244501d7dd42397947f1888bd3c2c0be4065e4b27
GET /cZAjeQ7.js HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:45 GMT
Content-Type: application/javascript
Content-Length: 53079
Connection: keep-alive
Last-Modified: Wed, 03 May 2023 10:53:04 GMT
Vary: Accept-Encoding
ETag: "64523d10-cf57"
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: public, max-age=315360000
CF-Cache-Status: HIT
Age: 167
CF-RAY: 7c17ff11cd92fe3c-HEL
Accept-Ranges: bytes
uacabilqlgpw.cdnvideo3.com/PXXlKV5.js
135.181.208.216200 OK 53 kB URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/PXXlKV5.js
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type Unicode text, UTF-8 text, with very long lines (65472), with no line terminators
Hash 9ed7d287590f193c89d8a63d423a7b91
696489b43237b89c23307740d67648802a8dd407
8271b03b3c2bbf3b048ab27244501d7dd42397947f1888bd3c2c0be4065e4b27
GET /PXXlKV5.js HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:45 GMT
Content-Type: application/javascript
Content-Length: 53079
Connection: keep-alive
Last-Modified: Wed, 03 May 2023 10:53:04 GMT
Vary: Accept-Encoding
ETag: "64523d10-cf57"
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: public, max-age=315360000
CF-Cache-Status: HIT
Age: 167
CF-RAY: 7c17ff11cd92fe3c-HEL
Accept-Ranges: bytes
uacabilqlgpw.cdnvideo3.com/Ka0q1Ad.js
135.181.208.216200 OK 84 kB URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/Ka0q1Ad.js
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type Unicode text, UTF-8 text, with very long lines (65472), with no line terminators
Hash 8a8c9c458239547753f284483adeea55
9e0b50b2493e3a3640928945ebadb3fdbe8bad47
f4bea037324de639af511af7d66b7ccb9f4cd3aca2ece851461de4faf6393d55
GET /Ka0q1Ad.js HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:45 GMT
Content-Type: application/javascript
Content-Length: 84035
Connection: keep-alive
Last-Modified: Wed, 03 May 2023 10:53:04 GMT
Vary: Accept-Encoding
ETag: "64523d10-14843"
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: public, max-age=315360000
CF-Cache-Status: HIT
Age: 63
CF-RAY: 7c17fc8319e39028-FRA
Accept-Ranges: bytes
vjs.zencdn.net/7.5.5/video-js.css
151.101.194.217200 OK 10 kB URL GET HTTP/2 vjs.zencdn.net/7.5.5/video-js.css
IP 151.101.194.217:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGlobalSign nv-sa
Subjectvjs.zencdn.net
FingerprintF1:9D:59:01:F6:51:96:37:CE:E1:24:CD:15:E5:5E:AA:56:F0:05:7E
ValidityTue, 30 Aug 2022 21:42:19 GMT - Sun, 01 Oct 2023 21:42:18 GMT
File type ASCII text, with very long lines (5636)
Hash 63ef1aa5ef8f1bb4fcb8019a9ad157cd
9cbb2b320cce447d40e3af5118042587263158d5
d5b5c765198056aece9fbee1b43a9873a8a6e0fe6a954f48d001bc030e106146
GET /7.5.5/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 13 Jun 2019 18:18:21 GMT
etag: "29daa9b197765c0111b16939ce1264a9"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Fri, 05 May 2023 08:52:45 GMT
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 2088
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10533
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
151.101.129.229200 OK 1.1 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
IP 151.101.129.229:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type ASCII text, with very long lines (1619)
Hash a51b89be0e1cbd1b4d1f4e512117fa08
5c10e719fe19d0213007f25994390d2efeccc7f0
bd91d3ab1d1f1789802d083132beb160a8b462f1ebcb1d61cb03ddbcf63323f2
GET /npm/js-cookie@2/src/js.cookie.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.2.1
x-jsd-version-type: version
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
content-encoding: br
accept-ranges: bytes
date: Fri, 05 May 2023 08:52:45 GMT
age: 28371
x-served-by: cache-fra-eddf8230099-FRA, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1078
X-Firefox-Spdy: h2
vjs.zencdn.net/7.5.5/video.min.js
151.101.194.217200 OK 139 kB URL GET HTTP/2 vjs.zencdn.net/7.5.5/video.min.js
IP 151.101.194.217:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGlobalSign nv-sa
Subjectvjs.zencdn.net
FingerprintF1:9D:59:01:F6:51:96:37:CE:E1:24:CD:15:E5:5E:AA:56:F0:05:7E
ValidityTue, 30 Aug 2022 21:42:19 GMT - Sun, 01 Oct 2023 21:42:18 GMT
File type Unicode text, UTF-8 text, with very long lines (65133)
Size 139 kB (139372 bytes)
Hash 741643d714b183c3f826744c3bbfcd80
d1fa740fe9a65586e7429185fb29b7429ae1c8ed
b98fafac4d965c8cb9a83c5ce00e723466a6a08f51455a67298a7492b06e0e87
GET /7.5.5/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 13 Jun 2019 18:18:22 GMT
etag: "abf127b5ab0bb498119a93890119a660"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Fri, 05 May 2023 08:52:45 GMT
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 139372
X-Firefox-Spdy: h2
img.xxxfiles.tv/183000/183894/medium@2x/1.jpg
104.21.83.6200 OK 60 kB URL GET HTTP/3 img.xxxfiles.tv/183000/183894/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 409b195efb1e4300305a80999c52bc6e
6bed1c79c729f5636f88ede26ac95d5723f173ca
f9115d930a78b5c233da675565523728df3f5bfc8b3df09b1ed7e01b401a05a6
GET /183000/183894/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 59471
last-modified: Wed, 15 Jan 2020 19:08:04 GMT
etag: "5e1f6314-e84f"
expires: Fri, 05 May 2023 09:22:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBdN5rHi7%2FGGXboZrKowzvbvJO3OX6Wh%2BWAuYEyOQ5kUI0JlR0TeQjAZpnt3tdIXzJgQ1BVz%2FrsWKmD%2BtMdHo%2BhuYtKXsmorw8vfYXnysZXKJ1Fqe1Q%2Fe22cGmM6%2BMqG2gY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80eab1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/55492000/55492292/medium@2x/1.jpg
104.21.83.6200 OK 37 kB URL GET HTTP/3 img.xxxfiles.tv/55492000/55492292/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Hash b4299301054bfcb229311650c91a8319
17687101b4e71d1ab69e347316e7a83e8e36b221
d8ca2235ee1f9f122b2097a6c165c3a709b68caae61912edcef1926d9048b347
GET /55492000/55492292/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 36622
last-modified: Fri, 24 Jun 2022 21:26:26 GMT
etag: "62b62c02-8f0e"
expires: Fri, 05 May 2023 09:40:20 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWUPf4H886nApSoNtVI8KS2wHsvHhhDmWTGMVgYcbilM77VMKenIACqWktb3NDRy8%2FAoB2JuO7RfG069dwnZIZ3WTw2r8fkq0DkMAB0LXaH6GxmqyKvSruH9knE6ZPe6fY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea41bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/341000/341806/medium@2x/1.jpg
104.21.83.6200 OK 47 kB URL GET HTTP/3 img.xxxfiles.tv/341000/341806/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 7b3c30314d5d4a774ec504e65f018f59
eb09c7c9b966120e87c5dd1011e6aabcdb0931cc
3856e7c2beb11c6e3eeac35f3b496d54a07406da802cd53faf9926580b9a604a
GET /341000/341806/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 46960
last-modified: Sun, 23 Jun 2019 00:37:59 GMT
etag: "5d0ec9e7-b770"
expires: Fri, 05 May 2023 09:22:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOy%2Fq4hASwrRlLC9XXAN%2Bh%2BmvPNZPENmiSo5AELQ%2FvO1kcgugAi2XxGhAyYCkvapaoRLeCsxx%2Bt6h4vr4XWEJBrQsNxqezeg576aZxviIR3IXJXhv%2FpsNOF1CWweeSHqUp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea71bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/249000/249894/medium@2x/1.jpg
104.21.83.6200 OK 35 kB URL GET HTTP/3 img.xxxfiles.tv/249000/249894/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 204da2b9b9a1ede0c7d55d6c8aa55454
6347ce203edaf42a277110642a5cd6e8905fdda3
6b8724bdc28c0976b23d7b1fcac266d75addb301d37e993c1e5deab2f097afc8
GET /249000/249894/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 35050
last-modified: Mon, 13 May 2019 07:13:22 GMT
etag: "5cd91912-88ea"
expires: Fri, 05 May 2023 09:30:42 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1323
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUCfxdLlEX3lB1Ds4v3Qjxejr%2B5ysU9aKwA75xvRHenRRe349WUylHv3AVJelSHW8CpZqnGi9M02bSqbvA7DuMhsTjsSjLvPdBmLfL28lS%2FVbDi1bUjbRmkg34kh7IzdfwU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec11bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/233000/233003/medium@2x/1.jpg
104.21.83.6200 OK 34 kB URL GET HTTP/3 img.xxxfiles.tv/233000/233003/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 49e62066bffa1d5cafa63007a56b14c4
7d8345f6006ba69e6daa77fba0e14ee8554bec02
f6f961a7ff9e26fecccc9917a519fa2dea2d08ca4be1aaceee424f598415192f
GET /233000/233003/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 34211
last-modified: Fri, 07 Feb 2020 21:05:30 GMT
etag: "5e3dd11a-85a3"
expires: Fri, 05 May 2023 09:43:55 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 530
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSZJU%2BcI8L6D5SjxSgAaVALuHf4l8ibC1VPJAIVkB4%2Bm85I82LvEhv7afJwkuzzjgbtMOWSL6THTJ0R8x5NwYKF%2FQhch2R0OjhOZY1KtO7h9MLlKND%2BWcdz19Ad81UZrAfg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ebf1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/197000/197323/medium@2x/1.jpg
104.21.83.6200 OK 45 kB URL GET HTTP/3 img.xxxfiles.tv/197000/197323/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 694b04031cd62d14a03271f3b62858c1
4cc4e063d236e9f43570ad5600b2d1bb18f44801
e7adb95e85553c65e8cc93726939ce15671a85983efc5c51e917b878e7905714
GET /197000/197323/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 44889
last-modified: Wed, 22 Jan 2020 14:08:45 GMT
etag: "5e28576d-af59"
expires: Fri, 05 May 2023 08:54:14 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3511
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJbpJuzTemHiKll9lB2Yvm%2B1U6Y46XhVzw6PWJ6LRvNpgkQXyfIWW4WAS6HP3ZfQNbX%2BGSXElDln4PE%2Bm7ekXZQTY8LwmiJzqaXzaJOPjqUtlDNh7qtyMOtZzXpHcmBb32A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec61bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/341000/341548/medium@2x/1.jpg
104.21.83.6200 OK 43 kB URL GET HTTP/3 img.xxxfiles.tv/341000/341548/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 8f31bc85f3bce3d52bd8dbe51f43b58a
97a4d95fd34e63c93d42c3e05ed95eab575737c6
47caeca6f822a980fe5dc8e7215bcedad351977f4c956568b34f75988e1b85b1
GET /341000/341548/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 43006
last-modified: Mon, 27 May 2019 11:11:53 GMT
etag: "5cebc5f9-a7fe"
expires: Fri, 05 May 2023 09:30:42 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1323
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAoHYUoDFwdodyXBgAXdQ8lMlZZyX4yFQqpc9pFJHjDsap4K6o%2FXhVksRdW8Gm4%2BheZf7UtHrdG%2BbFb2m7CAOmZXtvzz9xtPoHNZh3tHmDW7PH9%2B0S%2F8szRDCnadwsMmDzM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec31bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/341000/341235/medium@2x/1.jpg
104.21.83.6200 OK 57 kB URL GET HTTP/3 img.xxxfiles.tv/341000/341235/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 94b52d23577d98bcef21fac912549126
e85b7431582ba655d342b02e6cb226a1e37f2272
2c1ea5cd009d5ea731cfbb52fc40289f3f311631f47952017f68149b1b70b108
GET /341000/341235/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 56628
last-modified: Tue, 18 Jun 2019 21:49:38 GMT
etag: "5d095c72-dd34"
expires: Fri, 05 May 2023 09:07:45 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiOUxHsYHOtJSF%2Br4JzwixJi9yb9sTdzcWl5uEKHvgWRVABfjis04KVON%2F1h%2BN3Nixz5yf9Y4fmILBUE3SwyiAtcybSwQJXq%2BpP8g0Nj%2BYBPB%2BYj%2B03dlz7JX4OL0xuMfCU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea81bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/235000/235313/medium@2x/1.jpg
104.21.83.6200 OK 41 kB URL GET HTTP/3 img.xxxfiles.tv/235000/235313/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash cda3e3cbee1cae281ef1e7c7e92b684f
7218c66a2ed11ab9120cb2b3fc8e35573a1af8e7
c89cfef1c4b9221e31d280e80d678fc427ca4f2e705e6d87c9ef252bc5ebd3e4
GET /235000/235313/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 40715
last-modified: Sun, 09 Feb 2020 18:49:54 GMT
etag: "5e405452-9f0b"
expires: Fri, 05 May 2023 09:30:37 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1328
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08qdpC7yHaGbzzfwq363PDaAXJoBAx81Yodtx1XQge50hU8sWRjbYJtZm632MycSo1qRbDY2Po0DxamlNTi8kNzUIOb0Bm%2BWhgrsqjuK%2FtEv9Uyscj9ZUf8J4nljNYHh24g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec01bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/710000/710819/medium@2x/1.jpg
104.21.83.6200 OK 42 kB URL GET HTTP/3 img.xxxfiles.tv/710000/710819/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Hash 8a92613abf822de4d96dcd8b21c9d18d
b7492631bc67418b4792d7a40e5c70d0bc717b45
1bcb0bc7fee196a8ec63c2b7d94e017969006be1c6744cf5d4c5b441d358e29a
GET /710000/710819/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 42465
last-modified: Mon, 09 Nov 2020 11:26:42 GMT
etag: "5fa92772-a5e1"
expires: Fri, 05 May 2023 09:52:45 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLyCoabRwgsvRM35lZCsryNqkhupeX8qbf0FlUs0JGBQrU2vEH27XoDB9i8TO64R6iswAmsGmibwsyHsNnnPObkiLDIfpTH7FC8Hu1Yzt9Z5QsnXQ2ObGOIxDeIRE8PnemU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea31bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/145000/145493/medium@2x/1.jpg
104.21.83.6200 OK 52 kB URL GET HTTP/3 img.xxxfiles.tv/145000/145493/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.64.101", baseline, precision 8, 744x420, components 3\012- data
Hash 063fbfb220177d4c5d6177bc7ef78205
b6f7a0452aea72d6dbd37130ebe2afc2ae7261a2
8d6922a464ff228ef5d11b0e8a8fa58d53183f325453893f491eb5c83a294bb4
GET /145000/145493/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 52137
last-modified: Fri, 29 Nov 2019 18:38:01 GMT
etag: "5de16589-cba9"
expires: Fri, 05 May 2023 09:46:34 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 371
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pb3n7wJjKV0n63kAuVrnWDffM5wu2uE%2BQjx5QIgOVeArLQBC%2Fbs3AZriC8aopJwOpAr3aU%2Fckh01y4smWq3jrt029nIO%2FfG0jjU74uycMHc1jz2yYQj40iErxfcv9iSDpjQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea11bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/151000/151328/medium@2x/1.jpg
104.21.83.6200 OK 28 kB URL GET HTTP/3 img.xxxfiles.tv/151000/151328/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 851e256baf9d258c42bd6104cff9ff92
745aa8b8fc4db2edde5a1f82a5576bfe605a5160
baa00eaf9a52f95b56fee8cd096a9f85584f7db944311954f381c76c7c027044
GET /151000/151328/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 27809
last-modified: Fri, 27 Dec 2019 21:17:13 GMT
etag: "5e0674d9-6ca1"
expires: Fri, 05 May 2023 09:46:34 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 371
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMmYJ2VMFCVA3ZqXAaLUnbo8NPtToRUX%2F9xm9nZpTXVpMhRMJgfobGPUr%2FMRJNhh4qleo%2BU7uI96XdHQjd5j1l1cT2yXZzxM%2F86ReTWoFg66Ekm5LnTaMsKo5q6hgT0JkUM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea21bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/193000/193692/medium@2x/1.jpg
104.21.83.6200 OK 68 kB URL GET HTTP/3 img.xxxfiles.tv/193000/193692/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 2e606971868c198057fffcd0fdbe63c4
f956197643861c4332037a859ed59b30b1b450c9
22f2fed810c10e3236c412aef9e965c78e7f4c1a8537a361d5ee465317175271
GET /193000/193692/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 67716
last-modified: Sun, 19 Jan 2020 19:34:33 GMT
etag: "5e24af49-10884"
expires: Fri, 05 May 2023 08:54:14 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3511
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0nlabTSM1mDBw8KuhnQFfAvqO7tJtqUbjeww%2F3bf3%2FC1ayyEym9KrfHmtF0BJESKsAc%2F7oCHO1K4DAHWrYOoNrHS%2BouAYmVfcwfklZxevHyrmekT0B30j4Lka6zPsxp2Fk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea61bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/237000/237014/medium@2x/1.jpg
104.21.83.6200 OK 40 kB URL GET HTTP/3 img.xxxfiles.tv/237000/237014/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash e013a41afe74a24894105a70da553cd9
24e38e776e22e4dcffe4f44d6a5f6523b84856a4
b7b26712f3a1326d7912753e35021668c23ed80defda04c040c47f7a018dd077
GET /237000/237014/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 40316
last-modified: Sun, 09 Feb 2020 19:08:39 GMT
etag: "5e4058b7-9d7c"
expires: Fri, 05 May 2023 09:46:34 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 371
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CoaFZ4t8vgoeM9v%2BUdzrJbzad8IrPDTSusoxf%2FfykdpHQ%2FNH0u02Jd1eNFBRj9xrNdWjLECzsslmfTf0GbviIJa%2F5DIXdfcZOTwv8jolFLYdG0WD3FbpRALk8BJDWhSvUZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80eaf1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/139000/139160/medium@2x/1.jpg
104.21.83.6200 OK 37 kB URL GET HTTP/3 img.xxxfiles.tv/139000/139160/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 28d999d98837d9545ef3450255cd862d
fedfdd885140d0dc6ea1c90cca4310e1a0e36d4d
5cceaa5c93799242f7249d2476a9a3ca1c5772bd6db1a90772db657ac9d1a5e8
GET /139000/139160/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 37346
last-modified: Sat, 09 Nov 2019 10:52:42 GMT
etag: "5dc69a7a-91e2"
expires: Fri, 05 May 2023 09:40:20 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pf4rcqWmxD56RUAkDgJrBwq7mv1QtYDFo29yTvbfHdwsV%2FdZi%2BkUeXyxBLMszI7AzEJeLb1cqsmuU1PSKCjpVskW%2Bo0BGlR7O%2BYjX23%2FvYjNYi4cx3zT%2B2Ah%2BAwb7D4QeWM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea91bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/141000/141815/medium@2x/1.jpg
104.21.83.6200 OK 50 kB URL GET HTTP/3 img.xxxfiles.tv/141000/141815/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 8e864c110fe72768cefcca06569a5167
6f5a0f2b67ba0f7a5c26d387183cdf5d25a826ce
a30beea50335b987fd8cb086e0f38023829bd14830b206930abf1bf5f363963c
GET /141000/141815/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 49911
last-modified: Tue, 19 Nov 2019 19:02:27 GMT
etag: "5dd43c43-c2f7"
expires: Fri, 05 May 2023 09:38:44 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRrXGq0lrQLktE3OiobIJ3cJSK3I1aZMjMYYxFsLwxBQubyciqbIPdsNr3DA6K09sa7b93tqzcaGiD%2BcEAAtIl5YMvBwrEgJHmxxtdqy8epi0DmW6ovaLemIGnMj0mf7Bhg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ead1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/699000/699820/medium@2x/1.jpg
104.21.83.6200 OK 29 kB URL GET HTTP/3 img.xxxfiles.tv/699000/699820/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Hash fe965c166fd02279c6253a03635b3813
c7840c20991bcee024bcd3495b5660fecc6f2b26
7c09526fab8d68ba9b38e7f41f5fb2b592f54bc366e4e60ef13696360b717f76
GET /699000/699820/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 29197
last-modified: Sun, 08 Nov 2020 21:50:42 GMT
etag: "5fa86832-720d"
expires: Fri, 05 May 2023 09:22:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Bh8kmhwv3csckUL8TEStU%2B0zJq%2FCgLOvjAHym5kfoQDbdCqRQhpKNDXZdedBd5FSISOxYopGUkuS6tRBTcmrI6ZVqSgKoLBxDvuitSptGkZgse84sVC9xJA%2BQhNlzpDL5U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec71bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/340000/340004/medium@2x/1.jpg
104.21.83.6200 OK 49 kB URL GET HTTP/3 img.xxxfiles.tv/340000/340004/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 0d7033aab454709430d7429cfeff0a0e
bfcec8cd96ad344b03b0affbd16e4466184a0328
5d5a5e429d5be9eb91a9dabc81c2e840235846e9583567bab61a993a610eed85
GET /340000/340004/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 49329
last-modified: Wed, 05 Jun 2019 21:51:48 GMT
etag: "5cf83974-c0b1"
expires: Fri, 05 May 2023 09:34:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HE5Ve87jmeT9u%2FP%2FQyOxKIcvDQ9JF4B3ityqsd589y90xLMKoFWvRmeSYc426upUiyULsz8m6tQRHaQHZxk0uIG23OVn9%2BCXW52ZhlbarmFUFl43t9s8W8rLdWyYi0%2ByTeM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec81bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/55483000/55483442/medium@2x/1.jpg
104.21.83.6200 OK 36 kB URL GET HTTP/3 img.xxxfiles.tv/55483000/55483442/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Hash bfa863802968db555956e36dccf1e80e
48d3eacdde578c105b213c81fcc1ee1404fdddc3
7506841bd2d7759e110000d83ec0dfe024b5ba22f956d03af3cfeb1bd72c4a37
GET /55483000/55483442/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 36132
last-modified: Mon, 13 Jun 2022 18:03:27 GMT
etag: "62a77bef-8d24"
expires: Fri, 05 May 2023 09:22:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BJJ4P%2B14bOjPfm755XrjYV4V59SyX23ar5yFUbBI8StaNvlapM91ulwj54pRLni4VfZ%2F0BMMpDdxxWD3FFpZ0MsAgqGbMon1CydP1g8rHrTiNlC9Lp%2B2r9cv3hs5JTBClA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec51bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/152000/152275/medium@2x/1.jpg
104.21.83.6200 OK 26 kB URL GET HTTP/3 img.xxxfiles.tv/152000/152275/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 239x240, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash e9ffbc65a72c9d021f837448cc7bc848
50666d35188e1f155a782201d7ed76360e939230
5cba2540012ebe985ce1a466c2ce752a5e5ca99606e33d177ade5e16f2358c1d
GET /152000/152275/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 25576
last-modified: Sat, 28 Dec 2019 17:24:11 GMT
etag: "5e078fbb-63e8"
expires: Fri, 05 May 2023 09:37:52 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C53xNOeuWnEIkGPm9YXUszX3WAL0c8SPDQK5%2B5p27kr8wRBo%2Byj8KoK5Zuu%2FDGnqD%2FKz6g5AtPNqx4F7NT7Rjwte0AXlgCFc6e%2BxTUW9BUKT887xezTLVEStOYEgtjlr898%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec21bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.xxxfiles.tv/142000/142087/medium@2x/1.jpg
104.21.83.6200 OK 48 kB URL GET HTTP/3 img.xxxfiles.tv/142000/142087/medium@2x/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Hash 244f5fa055151011996aedafa2b30fd9
cd632ac9779ca7f027696b37660eee74b6cb1605
3d44add9372b322a833f74b298e981a79ab7b8263818cb65f0096ddc1df48d43
GET /142000/142087/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 47489
last-modified: Tue, 19 Nov 2019 19:52:43 GMT
etag: "5dd4480b-b981"
expires: Fri, 05 May 2023 09:46:34 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 371
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGzeHZVBqtRuFBZCbe%2B0mwJmY39fdAim5uuVnWRmT9A%2FFZLYEauYfI%2BresHXA6jenlOB9arEjPYKYwtaqeXMTo7yoC7SthC8HBOllKVEkeRYMEQQj3oG450VzFgdNrasLNw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec91bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
badgegirdle.com/63/d4/5b/63d45b685911cef3b8cc3d1d1550bf85.js
173.233.137.36200 OK 21 kB URL GET HTTP/1.1 badgegirdle.com/63/d4/5b/63d45b685911cef3b8cc3d1d1550bf85.js
IP 173.233.137.36:80
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type HTML document, ASCII text, with very long lines (60168), with no line terminators
Hash f751971b7735640881b16c53d9103fe9
ed23a0afac9b9a8049c139eaa84c7c25ef84934e
845ef49a5db78c0a81d9d9d22c878fe596247e0817e021aa107847dfc8d6f096
Analyzer Verdict Alert quad9 Sinkholed
GET /63/d4/5b/63d45b685911cef3b8cc3d1d1550bf85.js HTTP/1.1
Host: badgegirdle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dc01e373ed0be9bb4957d289db88d5dc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226 1.5 kB URL ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash c9cc39eb129dd6aa10f02bb1e1431da3
76e4d6c6c8e99f5da8394455fe75e8f499575382
2e9c54e77135a30d02a72bef882a2e79fc5beb2f0ef5886b27a1ebad8f4c40d9
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "80C0D7158B13AD7146804EC70937AF6AE2B9EB1D"
Expires: Fri, 05 May 2023 19:00:00 GMT
Last-Modified: Fri, 05 May 2023 07:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3360
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c27bfcbfc3eb517-OSL
ubbfpm.com/av/1150082/inp3.js
95.216.206.230200 OK 203 kB URL GET HTTP/1.1 ubbfpm.com/av/1150082/inp3.js
IP 95.216.206.230:443
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectubbfpm.com
Fingerprint40:41:BB:9D:1E:48:39:57:4D:24:52:30:FC:28:75:D1:80:83:8D:84
ValidityWed, 29 Mar 2023 06:19:02 GMT - Tue, 27 Jun 2023 06:19:01 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 203 kB (202889 bytes)
Hash 893780687a38b1b8fc95901e54d4e8ea
3be88744c5cdb0e734be7b98cd01224798b3a69d
494abfa36407ce327f8e9bfeed121e1d533960f6e905397a1783a476d0f38232
GET /av/1150082/inp3.js HTTP/1.1
Host: ubbfpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: application/javascript
Content-Length: 202889
Last-Modified: Fri, 21 Apr 2023 15:45:14 GMT
Connection: keep-alive
ETag: "6442af8a-31889"
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Referrer-Policy: strict-origin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash b18fb02cad0a7b7bf0906c8f4cc05154
d5bc73974391f4a48a92353de2997eab0baebf66
b6bf2e82bd814dc0e24f1971c1d2d82554e20d25150774733c1541a1ab24644f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 05 May 2023 08:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,400,700
142.250.74.106200 OK 1.2 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700
IP 142.250.74.106:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
Hash 75117451b3a57708eb07b67da0ae1aec
060af0904f331e3863e6f07ad38667a4a0f42311
4de0be0cf3fcc081abddffa93fe0f141ef6442bde74bfd52e99d33cfd1e38e4e
GET /css?family=Roboto:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xxxfiles.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 05 May 2023 08:52:46 GMT
date: Fri, 05 May 2023 08:52:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/api/spots/329587?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 3.3 kB URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/spots/329587?p=1&s1=%subid1%&kw=
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Hash eb300729530ab89b6cf5889a162b0eae
644b9a3500ae4348e20fc9f1c1d31ca48eecca0c
7aabbfed9b2f411ab5d98059171dfbdd35cedaf8662c1197dedf85598252d050
GET /api/spots/329587?p=1&s1=%subid1%&kw= HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=Tiz8UaA9bP6n1WeAzS3z; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
unpkg.com/silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js
104.16.123.175200 OK 11 kB URL GET HTTP/2 unpkg.com/silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js
IP 104.16.123.175:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (21159)
Hash 3480c3b8ac1207df87e0070ae3ec911f
0fcaf24905289ef0fe206da1990bf6d09b9c0f0c
52ebfe08a195d45befaefb19df96ec9253fbe49c5902fc1543538ffd873d0bc7
GET /silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:46 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Wed, 10 Jan 2018 00:56:00 GMT
etag: W/"5329-e6FW82qZOTCVRh707R8p5aJnMuY"
via: 1.1 fly.io
fly-request-id: 01G7549ZE3WWN11S6HGDRQ6KSN-fra
cf-cache-status: HIT
age: 26320788
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c27bfcc8b3a1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 3.3 kB URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Hash cccbd852ede151976e06e91770b2a333
2b8be4f6f0a63e396a09f9b4a463f4439acbe735
9542a71f38b4e91a5c86a7d0d6415e66d00ed54ef14731cdc28be09d441095fb
GET /api/spots/329585?p=1&s1=%subid1%&kw= HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=Xxs4SzzXZQsJzn00JC36; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
www.xxxfiles.tv/img/logo.png?v=3
104.21.83.6200 OK 24 kB URL GET HTTP/3 www.xxxfiles.tv/img/logo.png?v=3
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type PNG image data, 520 x 156, 8-bit/color RGBA, non-interlaced\012- data
Hash 9822997e90cc16212365e3cb4ce8271c
abdbe5c5e45ce673d6544f560ad8ea38639b78a7
504871362cd7d2f604b1b6cb99ebf785c53ee84f4cf19d029ec9c99b07e9611b
GET /img/logo.png?v=3 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.xxxfiles.tv
Connection: keep-alive
Referer: https://www.xxxfiles.tv/css/main.css
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154; show_pops2=true2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:46 GMT
content-type: image/png
content-length: 23819
last-modified: Fri, 13 Dec 2019 13:17:37 GMT
etag: "5df38f71-5d0b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 5066455
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kfv6T4MqyqKGOMRmXqN2GYPsSkrfNRdiE1Jf0dVMElnd%2FhuzThPRnsWCZCXlncwFnlRcF9PyhfyYa4y9Y2oS%2Bg4kxbPLjM55THxQfgE2cERLKByyOYb6hzMmcRUwrTyZfrs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfce7d521bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 60f8ea1a6b07eb8279e8cdc9b91ae061
9e28f47e68c6904cf549703f0e2530d691794256
70fbd2078171f54b059fd27bf2a6890c40af1f752d1b02349d1d830d6f15cd4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 05 May 2023 08:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 60f8ea1a6b07eb8279e8cdc9b91ae061
9e28f47e68c6904cf549703f0e2530d691794256
70fbd2078171f54b059fd27bf2a6890c40af1f752d1b02349d1d830d6f15cd4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 05 May 2023 08:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 60f8ea1a6b07eb8279e8cdc9b91ae061
9e28f47e68c6904cf549703f0e2530d691794256
70fbd2078171f54b059fd27bf2a6890c40af1f752d1b02349d1d830d6f15cd4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 05 May 2023 08:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.xxxfiles.tv/js/videojs.persistvolume.js
104.21.83.6200 OK 17 kB URL GET HTTP/2 www.xxxfiles.tv/js/videojs.persistvolume.js
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
Hash 6da1dcf6a543d86ca7439474a80517c6
8dc6b188535acd33cb7122a8bb7fb988382cb004
39ca26a341c64b97b09e2d6a3efd83e6f26c22fceb686b138aeb77a4bcc11df0
GET /js/videojs.persistvolume.js HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: application/javascript
last-modified: Wed, 20 Nov 2019 11:00:42 GMT
vary: Accept-Encoding
etag: W/"5dd51cda-e5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 2131984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jk04%2F85AB%2FPEuvUqaDryZ79m%2FEieLJDGjEvZbdMiYHKjTmrxZB6T5wYwNGPZbh%2FrrpxYXOmmogGVL9iHB1iQyvojmzuuJWMecTDbbYJsUMCJlhQGvNXu6AmS7MpnLKfhk7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfc77da0b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL GET HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:80
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 20:50:05 GMT
expires: Sun, 28 Apr 2024 20:50:05 GMT
cache-control: public, max-age=31536000
age: 475361
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 20:35:32 GMT
expires: Sun, 28 Apr 2024 20:35:32 GMT
cache-control: public, max-age=31536000
age: 476234
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 3.3 kB URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Hash da95e35440fd6d4fcf4044b6b3f070be
5788d3a9a20d6aaaa27e5785cfe3dcbacc927759
b94e57b37d9517e0bc0ca2f68869a1d3566f25f81c98877285575afd8cf2ceca
GET /api/spots/329586?p=1&s1=%subid1%&kw= HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=aoO7M8D97SN5qckk7NoH; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 60f8ea1a6b07eb8279e8cdc9b91ae061
9e28f47e68c6904cf549703f0e2530d691794256
70fbd2078171f54b059fd27bf2a6890c40af1f752d1b02349d1d830d6f15cd4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 05 May 2023 08:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unpkg.com/silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js
104.16.123.175302 Found 3.6 kB URL GET HTTP/2 unpkg.com/silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js
IP 104.16.123.175:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash cdd8224e2cfcb96b08d97531c71347b0
ab6cc58f094df662ce0c7d7f02dbd16f50243e0e
dcf7cedc3a7a43e9dc52f4d0e7abe2385c01d295c0c0c14bffc4347e4721d0dc
GET /silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 05 May 2023 08:52:45 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GZNHASFNB4Z5PCJYV1X88EHY-fra
cf-cache-status: HIT
age: 505
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c27bfc77e051bfa-OSL
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/api/users/377391?v2=1&fill=0&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25&s2=%25subid2%25&i=1
135.181.208.216200 OK 658 B URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/users/377391?v2=1&fill=0&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25&s2=%25subid2%25&i=1
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (352)
Hash 01580c76c9277d48bf06fbd67f4a0a92
1edacb3f5fa6f4fe1b78b7b9dc10958b0bf547a6
3aae09f71c8698fb862d579655f738d96556483c1ee9c42784f85d0c5f204023
GET /api/users/377391?v2=1&fill=0&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25&s2=%25subid2%25&i=1 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Access-Control-Expose-Headers: X-Asg-Config, X-t
Set-Cookie: nauid=VjZNbw0uaSAipSU49lH2; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
X-T: 0
Cache-Control: private
Content-Encoding: gzip
img.xxxfiles.tv/710000/710819/player/1.jpg
104.21.83.6200 OK 6.0 kB URL GET HTTP/3 img.xxxfiles.tv/710000/710819/player/1.jpg
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 592x585, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 390x222, components 3\012- data
Hash 60be833c68112966a9e03bafd759b4aa
96fba9d9b65744ecccda07ba236af2a40191c570
234b652b6c7197e07dbc3d0046b59bf8b5faf39060067dd55f32a4d40c384490
GET /710000/710819/player/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: img.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:46 GMT
content-type: image/jpeg
content-length: 6042
last-modified: Sat, 27 Jun 2020 20:25:50 GMT
etag: "5ef7ab4e-179a"
expires: Fri, 05 May 2023 09:52:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vG30%2Fgepw4Mns4KGXNICD21lppHfWVuq2iXod87CLSMvz5ttuo1S1SygpueTAYsG0RjZHPNS9sdUlvcj3Ftk4s8Qfsfh5729YJBIunnk3XlAMJJpJKfQmNhnSB8UUCVkU5w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfcedda41bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn.tapioni.com/adgpt.js
172.67.31.117200 OK 817 B IP 172.67.31.117:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint98:6F:5C:E6:12:D1:E1:1F:BF:CE:7D:0C:FA:D2:F3:F0:AA:18:B7:66
ValidityThu, 23 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (2025), with no line terminators
Hash b2854a741a7bc120e829089178ad1993
b0b387267f943e100371fe7d282ee98e985a21cf
86a161f111913c3d0364b784d6c2bd7651445d3218526fc51b432c2874ffa8ae
GET /adgpt.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:46 GMT
content-type: application/javascript
content-length: 817
last-modified: Tue, 02 May 2023 11:31:29 GMT
vary: Accept-Encoding
etag: "6450f491-331"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 165347
accept-ranges: bytes
server: cloudflare
cf-ray: 7c27bfcfdcbf0afa-OSL
X-Firefox-Spdy: h2
cdn.tapioni.com/adgpt.js
172.67.31.117200 OK 817 B IP 172.67.31.117:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint98:6F:5C:E6:12:D1:E1:1F:BF:CE:7D:0C:FA:D2:F3:F0:AA:18:B7:66
ValidityThu, 23 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (2025), with no line terminators
Hash b2854a741a7bc120e829089178ad1993
b0b387267f943e100371fe7d282ee98e985a21cf
86a161f111913c3d0364b784d6c2bd7651445d3218526fc51b432c2874ffa8ae
GET /adgpt.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:46 GMT
content-type: application/javascript
content-length: 817
last-modified: Tue, 02 May 2023 11:31:29 GMT
vary: Accept-Encoding
etag: "6450f491-331"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 165347
accept-ranges: bytes
server: cloudflare
cf-ray: 7c27bfcfecc80afa-OSL
X-Firefox-Spdy: h2
cdn.tapioni.com/adgpt.js
172.67.31.117200 OK 817 B IP 172.67.31.117:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint98:6F:5C:E6:12:D1:E1:1F:BF:CE:7D:0C:FA:D2:F3:F0:AA:18:B7:66
ValidityThu, 23 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (2025), with no line terminators
Hash b2854a741a7bc120e829089178ad1993
b0b387267f943e100371fe7d282ee98e985a21cf
86a161f111913c3d0364b784d6c2bd7651445d3218526fc51b432c2874ffa8ae
GET /adgpt.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:46 GMT
content-type: application/javascript
content-length: 817
last-modified: Tue, 02 May 2023 11:31:29 GMT
vary: Accept-Encoding
etag: "6450f491-331"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 165347
accept-ranges: bytes
server: cloudflare
cf-ray: 7c27bfd0bda80afa-OSL
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/api/click/936276091769690095?c=90
135.181.208.216200 OK 0 B URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/click/936276091769690095?c=90
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://uacabilqlgpw.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/936276091769690095?c=90 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
adactioner.com/asset-12001469.mp4
213.133.98.241206 Partial Content 40 kB URL GET HTTP/2 adactioner.com/asset-12001469.mp4
IP 213.133.98.241:443
ASN #24940 Hetzner Online GmbH
Requested by http://uacabilqlgpw.cdnvideo3.com/api/spots/329587?p=1&s1=%subid1%&kw=
Certificate IssuerLet's Encrypt
Subjectadactioner.com
FingerprintA4:6D:E4:31:E8:7F:01:54:34:36:49:C5:E9:C8:E3:66:A2:1C:B9:7B
ValiditySat, 11 Mar 2023 23:27:07 GMT - Fri, 09 Jun 2023 23:27:06 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 3578a6f9664343294ad8fe62e73d0fe4
5e091562f43f82a559f76449b3c2b55059566713
3a6e4c7e113ef8c5f4436535791c17728b8361372b760f60b88c9c2e753e0163
GET /asset-12001469.mp4 HTTP/1.1
Host: adactioner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx
date: Fri, 05 May 2023 08:52:46 GMT
content-type: video/mp4
content-length: 39741
last-modified: Mon, 17 Apr 2023 08:03:05 GMT
etag: "643cfd39-9b3d"
expires: Sun, 04 Jun 2023 08:52:46 GMT
cache-control: max-age=2592000, public
content-range: bytes 0-39740/39741
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/api/click/17968622317115604095?c=90
135.181.208.216200 OK 0 B URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/click/17968622317115604095?c=90
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://uacabilqlgpw.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw=
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/17968622317115604095?c=90 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600&video_id=710819&mode=async&action=js_stats&rand=1683276779974
172.67.210.53200 OK 43 B URL GET HTTP/1.1 www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600&video_id=710819&mode=async&action=js_stats&rand=1683276779974
IP 172.67.210.53:80
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600&video_id=710819&mode=async&action=js_stats&rand=1683276779974 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154; show_pops2=true2; show_pops1=true1; ppu_show_on_63d45b685911cef3b8cc3d1d1550bf85=1; kt_tcookie=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: kt_is_visited=1; expires=Sat, 06-May-2023 08:52:46 GMT; Max-Age=86400; path=/; domain=.xxxfiles.tv; SameSite=Lax
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DJuLpVT7O%2BaUvrtGEJ%2BYwCK%2FdyqRXNBRlv2HQe%2FSOrPY8AhSGPizfRHnaqOhCNfE%2Bxt8Zo1a3YHknrisDtd%2FIVKzfpwHnhWbd12ozs4%2B%2BRo9hEO6tmqGCK2MZuEFjbulPE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c27bfd11c3cb527-OSL
alt-svc: h2=":443"; ma=60
www.xxxfiles.tv/get_country.php?v=0.11526282624174733.1683276779983
104.21.83.6200 OK 43 B URL GET HTTP/1.1 www.xxxfiles.tv/get_country.php?v=0.11526282624174733.1683276779983
IP 104.21.83.6:80
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type JSON data\012- , ASCII text, with no line terminators
Hash 674d6399d11ab9bf30ec1744d68b7b20
0b3be43fa2d41a618372a345d73558585d42b196
8173dcd03400243f1f760f7d0acf798a601443fe65e7862260a56c911e3ce1b8
GET /get_country.php?v=0.11526282624174733.1683276779983 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154; show_pops2=true2; show_pops1=true1; ppu_show_on_63d45b685911cef3b8cc3d1d1550bf85=1; kt_tcookie=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1M44kmc%2FpDu1L7JsVfklYUVeD0HjVZF6LFu5Tj7TJEysSLGU6O4P7xPCQCyyW%2F6OmUIOnY39RMs%2FSo90kFYvNq2F3vU2r9nAh6HZ2mTkD6nw%2FZJDpePMslQeg5ZcqNNT7c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c27bfd12bbeb4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
uacabilqlgpw.cdnvideo3.com/api/click/3177329877486409095?c=90
135.181.208.216200 OK 0 B URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/click/3177329877486409095?c=90
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://uacabilqlgpw.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/3177329877486409095?c=90 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
xngqoc.com/er?a=1
185.162.85.4200 OK 0 B IP 185.162.85.4:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectxngqoc.com
FingerprintAA:0F:34:6D:D4:2C:9F:AA:C2:02:97:C8:45:D5:EA:D5:DD:D0:F8:8A
ValidityFri, 03 Mar 2023 14:36:16 GMT - Thu, 01 Jun 2023 14:36:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /er?a=1 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 05 May 2023 08:52:46 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0NDU2NDMsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cDovL3d3dy54eHhmaWxlcy50di92aWRlb3MvNzEwODE5L2E2MWM2OGU1NTA3N2JlZTViMjEwMTJiMmMwMTJmZjgwLw==
185.162.85.4204 No Content 0 B URL GET HTTP/2 xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0NDU2NDMsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cDovL3d3dy54eHhmaWxlcy50di92aWRlb3MvNzEwODE5L2E2MWM2OGU1NTA3N2JlZTViMjEwMTJiMmMwMTJmZjgwLw==
IP 185.162.85.4:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectxngqoc.com
FingerprintAA:0F:34:6D:D4:2C:9F:AA:C2:02:97:C8:45:D5:EA:D5:DD:D0:F8:8A
ValidityFri, 03 Mar 2023 14:36:16 GMT - Thu, 01 Jun 2023 14:36:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0NDU2NDMsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cDovL3d3dy54eHhmaWxlcy50di92aWRlb3MvNzEwODE5L2E2MWM2OGU1NTA3N2JlZTViMjEwMTJiMmMwMTJmZjgwLw== HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.18.0
date: Fri, 05 May 2023 08:52:46 GMT
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
adactioner.com/asset-12001643.mp4
213.133.98.241206 Partial Content 66 kB URL GET HTTP/2 adactioner.com/asset-12001643.mp4
IP 213.133.98.241:443
ASN #24940 Hetzner Online GmbH
Requested by http://uacabilqlgpw.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=
Certificate IssuerLet's Encrypt
Subjectadactioner.com
FingerprintA4:6D:E4:31:E8:7F:01:54:34:36:49:C5:E9:C8:E3:66:A2:1C:B9:7B
ValiditySat, 11 Mar 2023 23:27:07 GMT - Fri, 09 Jun 2023 23:27:06 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash c099dbacc74f835a8dfb31c42c231fbf
9bd2e783cedc17d587703f8c1a2c0ea3268b6599
4dba1f45972fb29b47ed73457070f4cae4bfac6491d228f34ae200c6d66bace8
GET /asset-12001643.mp4 HTTP/1.1
Host: adactioner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx
date: Fri, 05 May 2023 08:52:46 GMT
content-type: video/mp4
content-length: 65754
last-modified: Mon, 17 Apr 2023 08:03:05 GMT
etag: "643cfd39-100da"
expires: Sun, 04 Jun 2023 08:52:46 GMT
cache-control: max-age=2592000, public
content-range: bytes 0-65753/65754
X-Firefox-Spdy: h2
adactioner.com/asset-12001465.mp4
213.133.98.241206 Partial Content 68 kB URL GET HTTP/2 adactioner.com/asset-12001465.mp4
IP 213.133.98.241:443
ASN #24940 Hetzner Online GmbH
Requested by http://uacabilqlgpw.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw=
Certificate IssuerLet's Encrypt
Subjectadactioner.com
FingerprintA4:6D:E4:31:E8:7F:01:54:34:36:49:C5:E9:C8:E3:66:A2:1C:B9:7B
ValiditySat, 11 Mar 2023 23:27:07 GMT - Fri, 09 Jun 2023 23:27:06 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash fd7938749c02899289c0a84a1f609c2d
6de73fc71e4239e05489a43d9c4e7bc2c85465f1
175758fe352b6570f8a5297ab7a70af9c8df5ddd74465e31f95dabc915ff0560
GET /asset-12001465.mp4 HTTP/1.1
Host: adactioner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx
date: Fri, 05 May 2023 08:52:46 GMT
content-type: video/mp4
content-length: 67887
last-modified: Mon, 17 Apr 2023 08:03:05 GMT
etag: "643cfd39-1092f"
expires: Sun, 04 Jun 2023 08:52:46 GMT
cache-control: max-age=2592000, public
content-range: bytes 0-67886/67887
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 286ad3af25908fdafc45c0858ab0140d
bfb0b8ec660fa11dd2722470a45a5d9df35ff666
93134bc60a7d06c28c661b538793ffaa09bd93afa56fbeb7cb6f8325e06715d7
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116654
Date: Fri, 05 May 2023 08:52:47 GMT
Etag: "6453ddcc-1d7"
Expires: Sat, 06 May 2023 17:17:01 GMT
Last-Modified: Thu, 04 May 2023 16:31:08 GMT
Server: ECAcc (nya/78CB)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _tx165tViyym51NOWwoQUXErZhOQj18IhzG4w88dMBTq57UPptY2wQ==
Age: 2753
syndication.realsrv.com/v1/api.php
95.211.229.248200 OK 1.2 kB URL POST HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.248:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by http://uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=
Certificate IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintC2:CA:14:12:90:2A:B3:84:F3:3C:B8:A9:E8:82:89:E0:CB:B9:EE:49
ValidityMon, 27 Feb 2023 07:33:27 GMT - Sun, 28 May 2023 07:33:26 GMT
File type JSON data\012- , ASCII text, with very long lines (1645), with no line terminators
Hash 12a853632a9c45bf7ba335ccb2db2a44
f6b3ca93f7934b5aab686667534b5f41f29fb495
f34c9d688738ea5d9c2d2662746d75e38d8eccba593924150aba87c67b17bf4c
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 324
Origin: http://uacabilqlgpw.cdnvideo3.com
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://uacabilqlgpw.cdnvideo3.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226454c3dee31449.329575181013573012%22%3B%7D; expires=Sun, 04-May-2025 08:52:47 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
simplewebanalysis.com/stats
18.192.155.180200 OK 40 B URL GET HTTP/2 simplewebanalysis.com/stats
IP 18.192.155.180:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 48078911cfc5e017cbd6c35594030cd7
46742b14734b88d3f738db94fbf5c911ff150cce
86a6a132eff0df0398b358f467464bdd18ae3b8101a3bb4d3f405024ff8cb7cf
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.xxxfiles.tv
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=072d53b9-779e-4e4d-8467-09208a0e96c9:2:1; expires=Mon, 02 May 2033 08:52:47 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW04DMQy8Chdo5Ocm6Tf8glTUA2SzoaoE3QICijSHJ7sV9fjDj7E9FhLdkHe/I9u6bC0ic8gUTAK74fFpB2Oc54/TYQ51foNZMmeIcoyCRDmlCFM2J4NTgvdGIkLq8ySRwA4FdYir2RIFIlZlxISH/Q775/teyxQjGExQoot4H1zPQwjWY7osO6Zmg2uJWYdBx6k1ltIov5gxpdildiK+Si3j8fX99XD+CXU6fR+nNusqn64I5Msx+c/RH1AxwYZviaEbYW2Xz99TBW70K3xd0MWZLWqRlaZYhUvUMtTBBqpusY6tTY2ajX83jwyubwEAAA==
95.211.229.248200 OK 20 B URL GET HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW04DMQy8Chdo5Ocm6Tf8glTUA2SzoaoE3QICijSHJ7sV9fjDj7E9FhLdkHe/I9u6bC0ic8gUTAK74fFpB2Oc54/TYQ51foNZMmeIcoyCRDmlCFM2J4NTgvdGIkLq8ySRwA4FdYir2RIFIlZlxISH/Q775/teyxQjGExQoot4H1zPQwjWY7osO6Zmg2uJWYdBx6k1ltIov5gxpdildiK+Si3j8fX99XD+CXU6fR+nNusqn64I5Msx+c/RH1AxwYZviaEbYW2Xz99TBW70K3xd0MWZLWqRlaZYhUvUMtTBBqpusY6tTY2ajX83jwyubwEAAA==
IP 95.211.229.248:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by http://uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=
Certificate IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintC2:CA:14:12:90:2A:B3:84:F3:3C:B8:A9:E8:82:89:E0:CB:B9:EE:49
ValidityMon, 27 Feb 2023 07:33:27 GMT - Sun, 28 May 2023 07:33:26 GMT
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PW04DMQy8Chdo5Ocm6Tf8glTUA2SzoaoE3QICijSHJ7sV9fjDj7E9FhLdkHe/I9u6bC0ic8gUTAK74fFpB2Oc54/TYQ51foNZMmeIcoyCRDmlCFM2J4NTgvdGIkLq8ySRwA4FdYir2RIFIlZlxISH/Q775/teyxQjGExQoot4H1zPQwjWY7osO6Zmg2uJWYdBx6k1ltIov5gxpdildiK+Si3j8fX99XD+CXU6fR+nNusqn64I5Msx+c/RH1AxwYZviaEbYW2Xz99TBW70K3xd0MWZLWqRlaZYhUvUMtTBBqpusY6tTY2ajX83jwyubwEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://uacabilqlgpw.cdnvideo3.com
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226454c3dee31449.329575181013573012%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://uacabilqlgpw.cdnvideo3.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sun, 04 May 2025 08:52:47 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/448451/c2229a4908d47f4e5433db72eb4d1ee18f1be36f.webp
185.76.9.22200 OK 9.6 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/448451/c2229a4908d47f4e5433db72eb4d1ee18f1be36f.webp
IP 185.76.9.22:443
ASN #60068 Datacamp Limited
Requested by http://uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint58:E2:EC:9A:A1:55:22:20:28:3E:43:7C:0D:B9:0A:67:84:6B:EA:FB
ValidityMon, 27 Feb 2023 07:22:15 GMT - Sun, 28 May 2023 07:22:14 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6f5420ea1c741ef3886d83e561f8ea98
c2229a4908d47f4e5433db72eb4d1ee18f1be36f
b9779dbf9e6d0d8e0c9a527a6845aaab82df1b92931e4d3f2a6af905c185d5bd
GET /library/448451/c2229a4908d47f4e5433db72eb4d1ee18f1be36f.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:47 GMT
content-type: image/webp
content-length: 9604
last-modified: Thu, 20 Apr 2023 14:20:29 GMT
etag: "64414a2d-2584"
expires: Fri, 19 Apr 2024 14:24:12 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCRRYSLz/znUTAA
x-77-nzt-ray: af5856306baa1b05dfc354640f45ae0b
x-accel-expires: @1713537425
x-accel-date: 1682001425
x-cache: HIT
x-age: 1275342
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
disdainkindle.com/pixel/purst?dl=0&th=0&sc=0&rs=890&rd=890&fd=749&bv=22.10.v.9&tmpl=70
173.233.137.44200 OK 0 B URL GET HTTP/1.1 disdainkindle.com/pixel/purst?dl=0&th=0&sc=0&rs=890&rd=890&fd=749&bv=22.10.v.9&tmpl=70
IP 173.233.137.44:80
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=890&rd=890&fd=749&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: disdainkindle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
disdainkindle.com/cc/48/f4/cc48f4cc72bd1ab0cd76dca8048a896c.js
173.233.137.44200 OK 13 kB URL GET HTTP/1.1 disdainkindle.com/cc/48/f4/cc48f4cc72bd1ab0cd76dca8048a896c.js
IP 173.233.137.44:80
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type ASCII text, with very long lines (37155), with no line terminators
Hash 2b122deccc42f1a19e93ba0fede44a95
279474bc923c99c5a88a81d6ffc33cf03ee9ed17
34d35ab46e8cabcabe571962f2af646c0a64883ae1dc2fe068a96039e748a468
Analyzer Verdict Alert quad9 Sinkholed
GET /cc/48/f4/cc48f4cc72bd1ab0cd76dca8048a896c.js HTTP/1.1
Host: disdainkindle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 72ccff601f61829feccceabe8d3485d4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
18.192.155.180200 OK 40 B URL GET HTTP/2 simplewebanalysis.com/stats
IP 18.192.155.180:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 48078911cfc5e017cbd6c35594030cd7
46742b14734b88d3f738db94fbf5c911ff150cce
86a6a132eff0df0398b358f467464bdd18ae3b8101a3bb4d3f405024ff8cb7cf
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: uid_id2=072d53b9-779e-4e4d-8467-09208a0e96c9:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.xxxfiles.tv
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
192.243.59.12200 OK 0 B URL GET HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.12:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3beb2e44a2134412092536f2c1055db4
Strict-Transport-Security: max-age=0; includeSubdomains
friendshipmale.com/sfp.js
172.64.108.35200 OK 28 kB URL GET HTTP/1.1 friendshipmale.com/sfp.js
IP 172.64.108.35:80
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 7c25fbbb8341dca22652f86259c9a50d
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Fri, 05 May 2023 08:52:47 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUHlVJTxgyg6uHE263mDQCzpiEbme0xjtBNBqxd4u0j9Zy%2F2aOlXkBA34dpWLBPTBvvqn4%2F8VIJOQJuiFfp2WOWD%2BqR1SMFEC4MVwQ1S3%2F%2FM0dNK1TEIVOv9yZNuw2ImRY47rGo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c27bfd44e60459b-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.xxxfiles.tv/apple-touch-icon.png
172.67.210.53200 OK 14 kB URL GET HTTP/1.1 www.xxxfiles.tv/apple-touch-icon.png
IP 172.67.210.53:80
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 302003967bcce57931c372aa26310c88
526045f535e90a6d7b19240532f9100c9535beee
117477b129e4ca959b0afd092f7edca8f460ff25120b8dbe2011a88d9f48bef8
GET /apple-touch-icon.png HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154; show_pops2=true2; show_pops1=true1; ppu_show_on_63d45b685911cef3b8cc3d1d1550bf85=1; kt_tcookie=1; kt_is_visited=1; ppu_main_63d45b685911cef3b8cc3d1d1550bf85=1; ppu_exp_63d45b685911cef3b8cc3d1d1550bf85=1683280380415
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: image/png
Content-Length: 13713
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 12:46:44 GMT
ETag: "6380b934-3591"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 7599935
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJvq5oTmdUFMI4ElFVKojPWp%2F8lB8WvLA0eXyrkQsJ84Par58v6i0XCadUjAz7mdB7vfj8sA8ibKvOjO5yIRQKPGA2dHyiSWhyCsg0ndoCy4AxG1CjCvTPbzmxB0QWogoLE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c27bfd58accb527-OSL
alt-svc: h2=":443"; ma=60
www.xxxfiles.tv/favicon-16x16.png
104.21.83.6200 OK 1.5 kB URL GET HTTP/1.1 www.xxxfiles.tv/favicon-16x16.png
IP 104.21.83.6:80
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 552872354755cb050014a9501cfec4fa
fd05b4d7002b52e705344db04db723495910e4c7
88ef331642f08aaee6990894bd8015032891181d446faa6c4bbec095a56aba8d
GET /favicon-16x16.png HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154; show_pops2=true2; show_pops1=true1; ppu_show_on_63d45b685911cef3b8cc3d1d1550bf85=1; kt_tcookie=1; kt_is_visited=1; ppu_main_63d45b685911cef3b8cc3d1d1550bf85=1; ppu_exp_63d45b685911cef3b8cc3d1d1550bf85=1683280380415
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: image/png
Content-Length: 1489
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 12:46:44 GMT
ETag: "6380b934-5d1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 7600370
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXEX5BVyXhB2y2d1j7MoKgIPhSZ9dqxw2K5VxXcEg1Is6ff1K7EWHpEmkEcHx1AZ0h1UFZ5e4rv8qoMY%2FFCjGCb6eau%2BWD1E%2BzlIL5fd3dTkatD8olrjwwewSImgaTo4x60%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c27bfd589d1b4fa-OSL
alt-svc: h2=":443"; ma=60
xngqoc.com/admc?a=2&pid=1150082&sid=1195199&wid=439938&fp=188e0523b921745c60844a7eb1ad8eb5&f=8&tz=0
185.162.85.4200 OK 0 B URL GET HTTP/2 xngqoc.com/admc?a=2&pid=1150082&sid=1195199&wid=439938&fp=188e0523b921745c60844a7eb1ad8eb5&f=8&tz=0
IP 185.162.85.4:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectxngqoc.com
FingerprintAA:0F:34:6D:D4:2C:9F:AA:C2:02:97:C8:45:D5:EA:D5:DD:D0:F8:8A
ValidityFri, 03 Mar 2023 14:36:16 GMT - Thu, 01 Jun 2023 14:36:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /admc?a=2&pid=1150082&sid=1195199&wid=439938&fp=188e0523b921745c60844a7eb1ad8eb5&f=8&tz=0 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 05 May 2023 08:52:47 GMT
content-length: 0
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.192.155.180200 OK 40 B URL GET HTTP/2 simplewebanalysis.com/stats
IP 18.192.155.180:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 48078911cfc5e017cbd6c35594030cd7
46742b14734b88d3f738db94fbf5c911ff150cce
86a6a132eff0df0398b358f467464bdd18ae3b8101a3bb4d3f405024ff8cb7cf
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: uid_id2=072d53b9-779e-4e4d-8467-09208a0e96c9:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.xxxfiles.tv
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
xngqoc.com/trt?a=1&t=909
185.162.85.4200 OK 0 B IP 185.162.85.4:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectxngqoc.com
FingerprintAA:0F:34:6D:D4:2C:9F:AA:C2:02:97:C8:45:D5:EA:D5:DD:D0:F8:8A
ValidityFri, 03 Mar 2023 14:36:16 GMT - Thu, 01 Jun 2023 14:36:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trt?a=1&t=909 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 05 May 2023 08:52:47 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/api/users/12153353110313291095/1635934?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora
135.181.208.216200 OK 626 B URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/users/12153353110313291095/1635934?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (348)
Hash e82637ef1d34570c1cdc44fb0b5ae069
9f7c4c6d03e5d161c4a0921b840fbf2ebea9582c
f609e5c5ff0d8b6c27e10149bc28ca2f3680c613c8b70d0fafe2298e6c276d91
GET /api/users/12153353110313291095/1635934?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Cache-Control: private
Content-Encoding: gzip
uacabilqlgpw.cdnvideo3.com/api/users/12153353110313291095/1636027?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora
135.181.208.216200 OK 888 B URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/users/12153353110313291095/1636027?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (652)
Hash ec273fe13b916861b19facc9c619ddf2
b24ec6b2c79f633850e52631b2c61994607ce2ed
36cfc9c2fa47133a23241860a5f7354ae34d5031eb172298d9e6b87323ade814
GET /api/users/12153353110313291095/1636027?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Cache-Control: private
Content-Encoding: gzip
uacabilqlgpw.cdnvideo3.com/api/users/12153353110313291095/1636039?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora
135.181.208.216200 OK 634 B URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/users/12153353110313291095/1636039?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (347)
Hash eed09c4159a7d1f5be08eaa6a2448add
fc8547ac5e1ce5c3760800b543bab62934e36420
ad092aecba83651dc8b6dae5cdab22bd0e5ebb543122e3ad98cf1e58a8e23c0b
GET /api/users/12153353110313291095/1636039?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Cache-Control: private
Content-Encoding: gzip
syndication.realsrv.com/splash.php?idzone=4646896
95.211.229.248200 OK 2.7 kB URL GET HTTP/1.1 syndication.realsrv.com/splash.php?idzone=4646896
IP 95.211.229.248:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintC2:CA:14:12:90:2A:B3:84:F3:3C:B8:A9:E8:82:89:E0:CB:B9:EE:49
ValidityMon, 27 Feb 2023 07:33:27 GMT - Sun, 28 May 2023 07:33:26 GMT
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1582)
Hash a6a81582533da21c0784aa9c47e0a1e5
ae8f4727549d8c1f9c8f42b858af5c81f4ec420f
c7c661e84dde9ae2c46d9be173eabeb74d04a270caeaa592a0a916631122821b
GET /splash.php?idzone=4646896 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226454c3dee31449.329575181013573012%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226454c3dee31449.329575181013573012%22%3B%7D; expires=Sun, 04 May 2025 08:52:47 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4646896%7C80573952%7C153896%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C6454c3dee31449.329575181013573012%7C%7C0%7Cxxxfiles.tv%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sat, 06 May 2023 08:52:47 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
u3y8v8u4.aucdn.net/library/461665/bf8e8d1ccb738f0fac62d3f60db746c47c910021.mp4
185.76.9.22206 Partial Content 3.5 MB URL GET HTTP/2 u3y8v8u4.aucdn.net/library/461665/bf8e8d1ccb738f0fac62d3f60db746c47c910021.mp4
IP 185.76.9.22:443
ASN #60068 Datacamp Limited
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint58:E2:EC:9A:A1:55:22:20:28:3E:43:7C:0D:B9:0A:67:84:6B:EA:FB
ValidityMon, 27 Feb 2023 07:22:15 GMT - Sun, 28 May 2023 07:22:14 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 3.5 MB (3502312 bytes)
Hash e7ba32e7de3b5eb5823f64baba32de65
bf8e8d1ccb738f0fac62d3f60db746c47c910021
67dfbafe13f4d581d53a945b651a669045ecbf42e412b316e0d0dc62073e3d88
GET /library/461665/bf8e8d1ccb738f0fac62d3f60db746c47c910021.mp4 HTTP/1.1
Host: u3y8v8u4.aucdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 05 May 2023 08:52:47 GMT
content-type: video/mp4
content-length: 3502312
last-modified: Thu, 16 Mar 2023 16:05:20 GMT
etag: "64133e40-3570e8"
expires: Fri, 15 Mar 2024 16:27:11 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCRQ8Ki7/QnxBAA
x-77-nzt-ray: af5856306baa1b05dfc3546497a58438
x-accel-expires: @1710521117
x-accel-date: 1678985117
x-cache: HIT
x-age: 4291650
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-3502311/3502312
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/api/click/11587615155989890095?c=60&data[error]=400
135.181.208.216200 OK 0 B URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/click/11587615155989890095?c=60&data[error]=400
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/11587615155989890095?c=60&data[error]=400 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
uacabilqlgpw.cdnvideo3.com/api/click/11587615155989890095?c=60&data[error]=3
135.181.208.216200 OK 0 B URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/click/11587615155989890095?c=60&data[error]=3
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/11587615155989890095?c=60&data[error]=3 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
syndication.realsrv.com/vregister.php?a=vview&errorcode=3&idzone=4646896&dg=5613726-NOR-80573952-3-0-0-InLine
95.211.229.248200 OK 20 B URL GET HTTP/1.1 syndication.realsrv.com/vregister.php?a=vview&errorcode=3&idzone=4646896&dg=5613726-NOR-80573952-3-0-0-InLine
IP 95.211.229.248:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintC2:CA:14:12:90:2A:B3:84:F3:3C:B8:A9:E8:82:89:E0:CB:B9:EE:49
ValidityMon, 27 Feb 2023 07:33:27 GMT - Sun, 28 May 2023 07:33:26 GMT
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /vregister.php?a=vview&errorcode=3&idzone=4646896&dg=5613726-NOR-80573952-3-0-0-InLine HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226454c3dee31449.329575181013573012%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4646896%7C80573952%7C153896%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C6454c3dee31449.329575181013573012%7C%7C0%7Cxxxfiles.tv%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/vregister.php?a=vview&errorcode=400&idzone=4646896&dg=5613726-NOR-80573952-3-0-0-InLine
95.211.229.248200 OK 20 B URL GET HTTP/1.1 syndication.realsrv.com/vregister.php?a=vview&errorcode=400&idzone=4646896&dg=5613726-NOR-80573952-3-0-0-InLine
IP 95.211.229.248:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintC2:CA:14:12:90:2A:B3:84:F3:3C:B8:A9:E8:82:89:E0:CB:B9:EE:49
ValidityMon, 27 Feb 2023 07:33:27 GMT - Sun, 28 May 2023 07:33:26 GMT
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /vregister.php?a=vview&errorcode=400&idzone=4646896&dg=5613726-NOR-80573952-3-0-0-InLine HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226454c3dee31449.329575181013573012%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4646896%7C80573952%7C153896%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C6454c3dee31449.329575181013573012%7C%7C0%7Cxxxfiles.tv%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
unseenreport.com/pxf.gif?uuid=072d53b9-779e-4e4d-8467-09208a0e96c9&eb=1825ffe812838d20280215b5ec6bf9db&te=188e0523b921745c60844a7eb1ad8eb5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2077&b_frame=0&pk=63d45b685911cef3b8cc3d1d1550bf85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
192.243.59.12200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=072d53b9-779e-4e4d-8467-09208a0e96c9&eb=1825ffe812838d20280215b5ec6bf9db&te=188e0523b921745c60844a7eb1ad8eb5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2077&b_frame=0&pk=63d45b685911cef3b8cc3d1d1550bf85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP 192.243.59.12:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=072d53b9-779e-4e4d-8467-09208a0e96c9&eb=1825ffe812838d20280215b5ec6bf9db&te=188e0523b921745c60844a7eb1ad8eb5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2077&b_frame=0&pk=63d45b685911cef3b8cc3d1d1550bf85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1fd14759e427b6ecba01ed6eec2db224
Strict-Transport-Security: max-age=0; includeSubdomains
prhzxq.com/wnrw?aid=15696559365627594424&a=1
185.162.85.3200 OK 0 B URL GET HTTP/2 prhzxq.com/wnrw?aid=15696559365627594424&a=1
IP 185.162.85.3:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectprhzxq.com
FingerprintE2:7B:B2:5A:29:BC:18:8B:54:42:18:94:DC:A8:70:6D:AC:91:62:83
ValidityTue, 21 Mar 2023 21:20:12 GMT - Mon, 19 Jun 2023 21:20:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wnrw?aid=15696559365627594424&a=1 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 05 May 2023 08:52:48 GMT
content-length: 0
access-control-allow-origin: http://www.xxxfiles.tv
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=072d53b9-779e-4e4d-8467-09208a0e96c9&eb=1825ffe812838d20280215b5ec6bf9db&te=188e0523b921745c60844a7eb1ad8eb5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2077&b_frame=0&pk=cc48f4cc72bd1ab0cd76dca8048a896c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
192.243.59.12200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=072d53b9-779e-4e4d-8467-09208a0e96c9&eb=1825ffe812838d20280215b5ec6bf9db&te=188e0523b921745c60844a7eb1ad8eb5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2077&b_frame=0&pk=cc48f4cc72bd1ab0cd76dca8048a896c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP 192.243.59.12:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=072d53b9-779e-4e4d-8467-09208a0e96c9&eb=1825ffe812838d20280215b5ec6bf9db&te=188e0523b921745c60844a7eb1ad8eb5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2077&b_frame=0&pk=cc48f4cc72bd1ab0cd76dca8048a896c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 80e2cb7f95aae2ed790a2f90ed0ded49
Strict-Transport-Security: max-age=0; includeSubdomains
icdns.net/b2/c/i/icon?cid=1&eid=561&nid=1&sid=3316712433VxWWhqrk&ts=1683276767&ttl=10800&v=v5.7.5
109.206.162.121302 Found 0 B URL GET HTTP/2 icdns.net/b2/c/i/icon?cid=1&eid=561&nid=1&sid=3316712433VxWWhqrk&ts=1683276767&ttl=10800&v=v5.7.5
IP 109.206.162.121:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjecticdns.net
Fingerprint87:2C:5B:68:65:6C:2E:3C:A3:94:0A:A6:2B:4A:A9:03:73:F8:56:3B
ValidityFri, 10 Mar 2023 11:31:42 GMT - Thu, 08 Jun 2023 11:31:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b2/c/i/icon?cid=1&eid=561&nid=1&sid=3316712433VxWWhqrk&ts=1683276767&ttl=10800&v=v5.7.5 HTTP/1.1
Host: icdns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: dspclick-v3.8.7
date: Fri, 05 May 2023 08:52:47 GMT
content-length: 0
location: https://s2ipp.xyz/t/r/0vmCe_IpuX25xVWGno2bw_u8deO4DiUdqmx_MiP8DzE/icn.png?e_tid=8NguZUp7TEekW3OJ7f2ntQ&e_ts=1683276767107
X-Firefox-Spdy: h2
go.xlviiirdr.com/smartpop/68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&xhVersion=1&memberId=81c6b0b1-d003-4b0b-bfa4-c50b589c00ff&sourceId=7003&p1=50168&p2=68073&contentType=video/mp4&no_bb=1
104.18.51.106302 Found 0 B URL GET HTTP/2 go.xlviiirdr.com/smartpop/68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&xhVersion=1&memberId=81c6b0b1-d003-4b0b-bfa4-c50b589c00ff&sourceId=7003&p1=50168&p2=68073&contentType=video/mp4&no_bb=1
IP 104.18.51.106:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerCloudflare, Inc.
Subjectxlviiirdr.com
FingerprintB6:46:B0:67:90:FC:66:01:63:19:AF:82:28:93:4D:EC:87:21:E8:16
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&xhVersion=1&memberId=81c6b0b1-d003-4b0b-bfa4-c50b589c00ff&sourceId=7003&p1=50168&p2=68073&contentType=video/mp4&no_bb=1 HTTP/1.1
Host: go.xlviiirdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 05 May 2023 08:52:48 GMT
content-length: 0
location: https://go.cambaddies.com/api/models/vast?campaignId=68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490&campaignType=smartpop&contentType=video%2Fmp4&creativeId=f57a5230d434e8fc16759afb2861bf3673729456c43a555cbf7c06ce17ef46e6&duration=00%3A00%3A30&iterationId=455592&masterSmartpopId=2683&memberId=81c6b0b1-d003-4b0b-bfa4-c50b589c00ff&no_bb=1&p1=50168&p2=68073&ruleId=29&skipOffset=00%3A00%3A05&smartpopId=3594&sourceId=7003&tag=-girls%2Findian&usePreroll=true&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=30739&xhVersion=1
set-cookie: _var=8782564.30739; Path=/; HttpOnly; SameSite=Strict
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7c27bfdbdc84b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s2ipp.xyz/t/r/0vmCe_IpuX25xVWGno2bw_u8deO4DiUdqmx_MiP8DzE/icn.png?e_tid=8NguZUp7TEekW3OJ7f2ntQ&e_ts=1683276767107
168.119.9.12302 Found 0 B URL GET HTTP/1.1 s2ipp.xyz/t/r/0vmCe_IpuX25xVWGno2bw_u8deO4DiUdqmx_MiP8DzE/icn.png?e_tid=8NguZUp7TEekW3OJ7f2ntQ&e_ts=1683276767107
IP 168.119.9.12:443
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjects2ipp.xyz
Fingerprint87:77:88:14:9C:F5:32:B0:62:70:FB:FF:58:D8:A6:9F:BC:F0:2D:10
ValidityWed, 26 Apr 2023 11:28:58 GMT - Tue, 25 Jul 2023 11:28:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/r/0vmCe_IpuX25xVWGno2bw_u8deO4DiUdqmx_MiP8DzE/icn.png?e_tid=8NguZUp7TEekW3OJ7f2ntQ&e_ts=1683276767107 HTTP/1.1
Host: s2ipp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
date: Fri, 5 May 2023 08:52:48 GMT
expires: 0
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: *
location: https://mpmant.com/dsp/ph/icm?aid=14190805676604542579&mid=0&sid=581&t=1683276767&subid=ZXADE55T75KSZTTITH6JZDBPWIUAS6AW
content-length: 0
x-response-time: 0ms
go.cambaddies.com/api/models/vast?campaignId=68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490&campaignType=smartpop&contentType=video%2Fmp4&creativeId=f57a5230d434e8fc16759afb2861bf3673729456c43a555cbf7c06ce17ef46e6&duration=00%3A00%3A30&iterationId=455592&masterSmartpopId=2683&memberId=81c6b0b1-d003-4b0b-bfa4-c50b589c00ff&no_bb=1&p1=50168&p2=68073&ruleId=29&skipOffset=00%3A00%3A05&smartpopId=3594&sourceId=7003&tag=-girls%2Findian&usePreroll=true&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=30739&xhVersion=1
88.208.29.90200 OK 2.0 kB URL GET HTTP/2 go.cambaddies.com/api/models/vast?campaignId=68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490&campaignType=smartpop&contentType=video%2Fmp4&creativeId=f57a5230d434e8fc16759afb2861bf3673729456c43a555cbf7c06ce17ef46e6&duration=00%3A00%3A30&iterationId=455592&masterSmartpopId=2683&memberId=81c6b0b1-d003-4b0b-bfa4-c50b589c00ff&no_bb=1&p1=50168&p2=68073&ruleId=29&skipOffset=00%3A00%3A05&smartpopId=3594&sourceId=7003&tag=-girls%2Findian&usePreroll=true&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=30739&xhVersion=1
IP 88.208.29.90:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectcambaddies.com
Fingerprint8C:2F:A4:35:26:A0:86:1B:DF:01:1B:E3:DB:9E:5F:3B:CA:3A:25:4B
ValidityTue, 28 Mar 2023 07:47:28 GMT - Mon, 26 Jun 2023 07:47:27 GMT
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1979), with no line terminators
Hash e348c4ac4af2ee07280da7ea62494a1d
f9374a2c9aa4638b624ea88becaf0079b9229180
da17c0f8d314c3a817de53f64c30083a07545a8dac4fa5c59eae92cc63a7ca85
GET /api/models/vast?campaignId=68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490&campaignType=smartpop&contentType=video%2Fmp4&creativeId=f57a5230d434e8fc16759afb2861bf3673729456c43a555cbf7c06ce17ef46e6&duration=00%3A00%3A30&iterationId=455592&masterSmartpopId=2683&memberId=81c6b0b1-d003-4b0b-bfa4-c50b589c00ff&no_bb=1&p1=50168&p2=68073&ruleId=29&skipOffset=00%3A00%3A05&smartpopId=3594&sourceId=7003&tag=-girls%2Findian&usePreroll=true&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=30739&xhVersion=1 HTTP/1.1
Host: go.cambaddies.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://www.xxxfiles.tv/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 08:52:48 GMT
content-type: text/xml; charset=utf-8
content-length: 1979
strict-transport-security: max-age=15768000
access-control-allow-origin: null
access-control-allow-credentials: true
X-Firefox-Spdy: h2
instinctivetheeexemplify.com/sbar.json?key=cc48f4cc72bd1ab0cd76dca8048a896c&uuid=072d53b9-779e-4e4d-8467-09208a0e96c9%3A2%3A1
173.233.139.164200 OK 4.2 kB URL GET HTTP/1.1 instinctivetheeexemplify.com/sbar.json?key=cc48f4cc72bd1ab0cd76dca8048a896c&uuid=072d53b9-779e-4e4d-8467-09208a0e96c9%3A2%3A1
IP 173.233.139.164:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectinstinctivetheeexemplify.com
Fingerprint53:D2:59:BD:B0:52:6A:5F:7C:25:69:14:DA:17:EA:FC:01:0C:1F:41
ValidityMon, 01 May 2023 19:32:47 GMT - Sun, 30 Jul 2023 19:32:46 GMT
File type JSON data\012- , ASCII text, with very long lines (5863), with no line terminators
Hash 65a7ebe80c69cd144c1503969606a8e7
9abf756cf4d7707e92ba0ba27866e34d8ae58d15
393a790a4e0b85b9b2bfc4043404ec6051f4b623e7c2ef87d0c9f82ad8cbc8dc
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=cc48f4cc72bd1ab0cd76dca8048a896c&uuid=072d53b9-779e-4e4d-8467-09208a0e96c9%3A2%3A1 HTTP/1.1
Host: instinctivetheeexemplify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.xxxfiles.tv
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17371676; expires=Sat, 06 May 2023 08:52:48 GMT; secure; SameSite=None
uid_id2=072d53b9-779e-4e4d-8467-09208a0e96c9:2:1; expires=Fri, 12 May 2023 08:52:48 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 06 May 2023 08:52:48 GMT; secure; SameSite=None
uncs=1; expires=Sat, 06 May 2023 08:52:48 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 06 May 2023 08:52:48 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 06 May 2023 08:52:48 GMT; secure; SameSite=None
sleccc48f4cc72bd1ab0cd76dca8048a896c=[3870584]; expires=Fri, 05 May 2023 08:52:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ddaf6608f1bea854ad2797e52332b551
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
mpmant.com/dsp/ph/icm?aid=14190805676604542579&mid=0&sid=581&t=1683276767&subid=ZXADE55T75KSZTTITH6JZDBPWIUAS6AW
31.220.27.101302 Found 0 B URL GET HTTP/2 mpmant.com/dsp/ph/icm?aid=14190805676604542579&mid=0&sid=581&t=1683276767&subid=ZXADE55T75KSZTTITH6JZDBPWIUAS6AW
IP 31.220.27.101:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectmpmant.com
FingerprintD2:0C:BD:E9:50:0C:C1:F5:83:FD:52:45:90:8F:D8:BD:40:34:43:E8
ValidityThu, 30 Mar 2023 18:34:54 GMT - Wed, 28 Jun 2023 18:34:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dsp/ph/icm?aid=14190805676604542579&mid=0&sid=581&t=1683276767&subid=ZXADE55T75KSZTTITH6JZDBPWIUAS6AW HTTP/1.1
Host: mpmant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0
date: Fri, 05 May 2023 08:52:48 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
location: https://i.wmgtr.com/cic/B5zVn3LFG6MeTUPnxFYh5fPakuK7iXH-.png
X-Firefox-Spdy: h2
tsyndicate.com/do2/4f374a23cf56497b89d53e89be5502a2/vast?
136.243.130.121200 OK 3.2 kB URL GET HTTP/2 tsyndicate.com/do2/4f374a23cf56497b89d53e89be5502a2/vast?
IP 136.243.130.121:443
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint78:C4:DB:8D:7E:12:80:0F:A0:B5:E1:B6:0B:3E:B2:46:7E:69:3D:8E
ValidityWed, 12 Apr 2023 09:07:49 GMT - Tue, 11 Jul 2023 09:07:48 GMT
Hash b9e7901db6197c068b6bf05e016aacfc
143d461ff02bcf3813e1631a5492e3f62cf70d19
555b0c830ede580f33a0f6376fe5641a0357d9f84cc1379f15a8afc939b1546a
GET /do2/4f374a23cf56497b89d53e89be5502a2/vast? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 08:52:48 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-vast: 3.0
x-request-id: f3ca3648bc9ce353
set-cookie: ts_uid=f9e73655-9ab5-4400-9698-cb927067cf64; expires=Sun, 05 Nov 2023 08:52:48 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCx5YZNGDMgCEjRxcWIsYU3BLjoYgyE2PYwDFjho0ZGnF06aMg; expires=Sat, 06 May 2023 08:52:48 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188 471 B IP 172.64.155.188:0
Hash d0fb0becbadf17834fd0fc738be343ef
412157f78d2b78b5790b7958cdb258b7041350c6
38cb3bcbb0db3713affc32af27817cc8078b1ebd4f18e44652594c1c8e3ce340
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 04 May 2023 21:49:24 GMT
Expires: Thu, 11 May 2023 21:49:23 GMT
Etag: "412157f78d2b78b5790b7958cdb258b7041350c6"
Cache-Control: max-age=564393,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7c27bfdee868fac4-OSL
cdn.stripcash.com/video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704
8.248.224.22206 Partial Content 62 kB URL GET HTTP/2 cdn.stripcash.com/video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704
IP 8.248.224.22:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerSectigo Limited
Subject*.stripcash.com
Fingerprint5B:6A:0D:1B:EF:C2:6F:3E:E0:9C:46:EE:33:56:AF:46:13:E0:E6:43
ValidityWed, 17 Aug 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
Hash 0b48c6db719935a2fd5442dd8d26e29c
75437d781e9c3f19f4461cc0756bf9d4a861c5e8
23a3723a12dad98b60cad7ae33750dbbdaf1173e68af1f5294742b1d900bf31f
GET /video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704 HTTP/1.1
Host: cdn.stripcash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=3670016-
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 05 May 2023 08:52:49 GMT
content-type: binary/octet-stream
content-length: 62400
content-security-policy: block-all-mixed-content
etag: "1c7f5a61d15dfc07d2568923220f34fc"
last-modified: Fri, 05 May 2023 08:51:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 175C333EE82E3F47
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=28800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5K8aF0eDFDvlY80VP0upg2%2B2p7taMnnFiX9QAbBPzoMcdKgBGLFQXu96I%2FfpjSRvQR4k8lr%2B%2FgtqF3bRMMPZ5HeRPwgNJuEaFzYhKxtoGqW7Rh8ySFiv%2F5dSOJMrLarDmDnciE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27be546e60b746-AMS
age: 64
content-range: bytes 3670016-3732415/3732416
X-Firefox-Spdy: h2
cdn.stripcash.com/video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704
8.248.224.22206 Partial Content 1.6 MB URL GET HTTP/2 cdn.stripcash.com/video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704
IP 8.248.224.22:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerSectigo Limited
Subject*.stripcash.com
Fingerprint5B:6A:0D:1B:EF:C2:6F:3E:E0:9C:46:EE:33:56:AF:46:13:E0:E6:43
ValidityWed, 17 Aug 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 1.6 MB (1565365 bytes)
Hash e3ae51dd8b54e00003f0c7d522c9310b
f1adfd725d36e4e56eafd49f19b448189eff7977
07c5bae9f095364d83931c86a0adc8594852cb6fa592e63acb36b2a9bb8f6b56
GET /video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704 HTTP/1.1
Host: cdn.stripcash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Fri, 05 May 2023 08:52:49 GMT
content-type: binary/octet-stream
content-length: 3732416
content-security-policy: block-all-mixed-content
etag: "1c7f5a61d15dfc07d2568923220f34fc"
last-modified: Fri, 05 May 2023 08:51:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 175C333EE82E3F47
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=28800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5K8aF0eDFDvlY80VP0upg2%2B2p7taMnnFiX9QAbBPzoMcdKgBGLFQXu96I%2FfpjSRvQR4k8lr%2B%2FgtqF3bRMMPZ5HeRPwgNJuEaFzYhKxtoGqW7Rh8ySFiv%2F5dSOJMrLarDmDnciE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27be546e60b746-AMS
age: 64
content-range: bytes 0-3732415/3732416
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/img/close.png
172.64.166.9200 OK 6.0 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/img/close.png
IP 172.64.166.9:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/chat/mob/ssp/v2/new/3/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:49 GMT
content-type: image/png
content-length: 5982
last-modified: Tue, 05 Jul 2022 10:43:39 GMT
etag: "62c415db-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6742882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5u59YOZed8ahbAP4jCIJh%2FGfJ4jMl8mYEohJUZYh63bgvdwesoNT1Ct%2FgivoT7oiBbJ6KUUno7v3Hy0xYPKcwDRifaJPd2craQbyl173B5mUOkYfBp%2Bu%2FZm0mIEq4z8dlv4YdWnocU9B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfe0aa32385e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/api/click/9536405688650181095?c=60&data[error]=400
135.181.208.216200 OK 0 B URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/click/9536405688650181095?c=60&data[error]=400
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/9536405688650181095?c=60&data[error]=400 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
uacabilqlgpw.cdnvideo3.com/api/click/9536405688650181095?c=60&data[error]=3
135.181.208.216200 OK 0 B URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/click/9536405688650181095?c=60&data[error]=3
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/9536405688650181095?c=60&data[error]=3 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
cdn.cloudimagesb.com/si/4f/21/b6/4f21b6f8926b18cc8cec37ffa47004e5/1671506253.png
45.133.44.9200 OK 80 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/4f/21/b6/4f21b6f8926b18cc8cec37ffa47004e5/1671506253.png
IP 45.133.44.9:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint6F:9C:41:9B:BA:6A:17:A2:42:F8:28:FF:ED:09:F8:26:12:F1:4C:7B
ValidityThu, 30 Mar 2023 06:08:09 GMT - Wed, 28 Jun 2023 06:08:08 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 422ab27df20d8765e0fcd3aa74306f6b
3b69a90b3d1a5bd964280b7bad97c2a5baaa6951
9f2c6b29335b1545ddfa2f7e84286472468f737e1d73f6f0562babac6e3afa5a
GET /si/4f/21/b6/4f21b6f8926b18cc8cec37ffa47004e5/1671506253.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:49 GMT
content-type: image/png
content-length: 79704
server: nginx/1.17.6
last-modified: Tue, 20 Dec 2022 03:17:41 GMT
etag: "63a12955-13758"
expires: Sun, 07 May 2023 08:52:49 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.stripcash.com/video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704
8.248.224.22206 Partial Content 1.6 MB URL GET HTTP/2 cdn.stripcash.com/video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704
IP 8.248.224.22:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerSectigo Limited
Subject*.stripcash.com
Fingerprint5B:6A:0D:1B:EF:C2:6F:3E:E0:9C:46:EE:33:56:AF:46:13:E0:E6:43
ValidityWed, 17 Aug 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
Size 1.6 MB (1573335 bytes)
Hash 8ba66bb9471f02a07b52b91afb5c2df1
f1696cad8037b2ac263b193d757d7f44c9f8890d
ca6cbbd686e643041182c653714f957515cc4e695610499a34ce2f0b78813fab
GET /video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704 HTTP/1.1
Host: cdn.stripcash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=753664-
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 05 May 2023 08:52:49 GMT
content-type: binary/octet-stream
content-length: 2978752
content-security-policy: block-all-mixed-content
etag: "1c7f5a61d15dfc07d2568923220f34fc"
last-modified: Fri, 05 May 2023 08:51:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 175C333EE82E3F47
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=28800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5K8aF0eDFDvlY80VP0upg2%2B2p7taMnnFiX9QAbBPzoMcdKgBGLFQXu96I%2FfpjSRvQR4k8lr%2B%2FgtqF3bRMMPZ5HeRPwgNJuEaFzYhKxtoGqW7Rh8ySFiv%2F5dSOJMrLarDmDnciE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27be546e60b746-AMS
age: 64
content-range: bytes 753664-3732415/3732416
X-Firefox-Spdy: h2
vlcdn.tsyndicate.com/videos/c/9/e7f2ba5d025972c148607d5278160929cbd457/440x250.mp4
8.247.217.249206 Partial Content 35 kB URL GET HTTP/2 vlcdn.tsyndicate.com/videos/c/9/e7f2ba5d025972c148607d5278160929cbd457/440x250.mp4
IP 8.247.217.249:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerSectigo Limited
Subjectvlcdn.tsyndicate.com
Fingerprint64:07:46:11:F0:63:22:CB:89:05:CA:C8:53:66:31:4A:18:EB:77:2D
ValidityWed, 10 Aug 2022 00:00:00 GMT - Sun, 10 Sep 2023 23:59:59 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 3f0017cdfc8753ad60963440ba287bc4
d7fddae611f705e79c645eef7158f3b3237f808f
aa17aa648ae73c77e6ff53a843931887c6222c4422bc42669f033f7843c2f20f
GET /videos/c/9/e7f2ba5d025972c148607d5278160929cbd457/440x250.mp4 HTTP/1.1
Host: vlcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: ts_uid=f9e73655-9ab5-4400-9698-cb927067cf64; bfq=APeIECNCx5YZNGDMgCEjRxcWIsYU3BLjoYgyE2PYwDFjho0ZGnF06aMg
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Fri, 05 May 2023 08:52:49 GMT
content-type: video/mp4
content-length: 35043
etag: "645405a7-88e3"
last-modified: Thu, 04 May 2023 19:21:11 GMT
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-expose-headers: Server,Range,Content-Length,Content-Range
access-control-allow-headers: *
access-control-max-age: 31536000
access-control-allow-credentials: true
age: 48279
content-range: bytes 0-35042/35043
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/api/click/3552251425836278095?c=60&data[error]=3
135.181.208.216200 OK 0 B URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/click/3552251425836278095?c=60&data[error]=3
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/3552251425836278095?c=60&data[error]=3 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
xdiwbc.com/template/social.html
172.64.107.34200 OK 34 kB URL GET HTTP/2 xdiwbc.com/template/social.html
IP 172.64.107.34:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xdiwbc.com
Fingerprint3A:79:D7:7B:9C:24:59:26:BA:C9:D4:C0:AA:C4:80:54:ED:D2:FB:3B
ValidityFri, 07 Apr 2023 13:43:24 GMT - Thu, 06 Jul 2023 13:43:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4579), with no line terminators
Hash 8e01b6a78b880890af725352f0a22b9c
592af0ad99380266f554614f201d492bef029e96
dbe34a5d9d3895072eb4bd79595dc67eca0cce01c4e3ea4db9f53b5d8e285579
GET /template/social.html HTTP/1.1
Host: xdiwbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: http://www.xxxfiles.tv
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 05 May 2023 08:52:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYi5w8TiPNPc1ytxAeUXzc9ne7ZFL2m5JyR4e9iFHvVq9TZBkm4guBTKbivIsnhlhZWZJF3jhz%2FWVf9tYWe90xIk6g6pq1qssDwWc6JrlOmCVxOaPBW63lScow%2F4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfda1d577783-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/error?errorcode=3&p=APeICDOGjggdMFgMhAPnYIyHOGwoHNOmoY4aNHDUgCFRhBg3bg7OoAFjBgwZORTSaePQBo4ZMm7YkIlDZRsZLV_GnOnyoQyFcNiMOZhQxJgzRPsoCAg%3D&s=05c608ec0f459015f5422bb1873eac50568e008c2af6a87ecb3b2f0fb03234d71683276768
136.243.75.209200 OK 0 B URL GET HTTP/2 pxl.tsyndicate.com/api/v1/error?errorcode=3&p=APeICDOGjggdMFgMhAPnYIyHOGwoHNOmoY4aNHDUgCFRhBg3bg7OoAFjBgwZORTSaePQBo4ZMm7YkIlDZRsZLV_GnOnyoQyFcNiMOZhQxJgzRPsoCAg%3D&s=05c608ec0f459015f5422bb1873eac50568e008c2af6a87ecb3b2f0fb03234d71683276768
IP 136.243.75.209:443
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint78:C4:DB:8D:7E:12:80:0F:A0:B5:E1:B6:0B:3E:B2:46:7E:69:3D:8E
ValidityWed, 12 Apr 2023 09:07:49 GMT - Tue, 11 Jul 2023 09:07:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/error?errorcode=3&p=APeICDOGjggdMFgMhAPnYIyHOGwoHNOmoY4aNHDUgCFRhBg3bg7OoAFjBgwZORTSaePQBo4ZMm7YkIlDZRsZLV_GnOnyoQyFcNiMOZhQxJgzRPsoCAg%3D&s=05c608ec0f459015f5422bb1873eac50568e008c2af6a87ecb3b2f0fb03234d71683276768 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: ts_uid=f9e73655-9ab5-4400-9698-cb927067cf64; bfq=APeIECNCx5YZNGDMgCEjRxcWIsYU3BLjoYgyE2PYwDFjho0ZGnF06aMg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 08:52:49 GMT
content-length: 0
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/style.css
172.64.166.9200 OK 1.0 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/style.css
IP 172.64.166.9:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
Hash ec70dc1133e8021599c02dbeeb35d577
649f3cc3878514bdb5a50964daf80861e9be2f08
244b275d88e14763ac99b385740bb139693b58772e445e5f9c8c88e4616d5381
GET /sb/chat/mob/ssp/v2/new/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:49 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:55 GMT
etag: W/"62ceb703-1229"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvcGoI8Bs%2FFQKGCY51z2ohljhR%2FblpR%2BoMRK7B%2FGV0wDBVAfl6M93djjGXe41mtGl0P%2B55U9Sog8sTwrT0mCC80OBd05Ug72XX0CW032mtS9AWkTflERzFGddL3DtpumfV%2B4yJEWPL85"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfe079e8385e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 29 Apr 2023 20:50:32 GMT
Expires: Sun, 28 Apr 2024 20:50:32 GMT
Cache-Control: public, max-age=31536000
Age: 475338
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL GET HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:80
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 03 May 2023 23:24:16 GMT
Expires: Thu, 02 May 2024 23:24:16 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
Age: 120514
instinctivetheeexemplify.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitzsaD60ENIgiKc%2FCgaCbdMz0zPeawGNdIMG6W3RV%2FXKS6qnpSprqrqeqengSE4ILucfQv6LxJNuiGRfG8IjPeggsZT3MwiODFq7BeZZLg6Hf5vtfvHV6%2FV5%2Fv5afERU4nq%2B%2FqHakUXWpU3crLH3jecmVdJnmv0guaHzf95Yrpvu657ar7SuVtwbb0Us31XNdzvcqqNCLSvSXP86ouZHrU9qptt%2BrXql7DR8%2F8H9vcgaUOePeULEDy8eWj%2Bz4kGyKJv70q7Fam09feinNFM23Q5YfvJVuJLhLEszMyDqLk8EINbU9Wf4BODs4MQ3f%2FFYZyTJw%2FfkeYHF64RNg9ODcaKogEIX8CRXcIoYaQdAimb0PyEwIwjmsbSOK717Qp6PY5S6fsmMw%2F%2BguyGJP5X59BEt9fUbJXualVnkmdWPSiErI3hOwMkeYjZDtzkMUILPsMkj8kS4%2FWkcT7G1ZpSD55yW3VeKMethdbrbZY9IXPFwO%2F2Vp02zU3oK5oN1n7LCEph5DREEr0Qe0ccusglw7yyEGeOoj5pNJifhDwoMGpYKwWRl4Q%2BZHfpsyNmFtv15Cz6T%2F0kaV9MNUHM7tIzS625FcnjYWT9TWY%2FEfYzRKWO7AZQZeXKARBYQkKSlBIgiIjKLrlAVe2Zsu7XNk89C527WLXy4HOOnv0QGcdkZC99JQ8PY3PeXzheWyJSYUxP4h8xlq1kHs0dBlvNTmjgesHNGg3GawsIe0cqHWwI8fksT8%2FRSrHZI7%2BjJCOYNUITD4Fmr8AWgxaNRd0c%2BAHLnaSo16vF0klbJXpGFyXSLN5ZNvOnjolz53VuPxkD4IdX%2Fn%2B74eTZ794FcyUSE2JT%2BRPBB11Z3BDF2T%2Fhi4s%2BW4jzWQsd%2Bi04psZzcSlb94R24U2fO2q7X%2F9BpsS0%2FPolrDZOk24TDqW3FuRnAuzqg0T5MGafV%2BE13O7uZKbJE%2FXr7%2B5uhanRlgrdTIElWNCJmtgckwuP%2Fjo7Pm%2BeO9DSDOEyUvE%2BTG5GEg9Akt3YdOZf6sJjJppwtRBkZcDUwtnH5UkUGKGaVjC%2FgeHs3vP3kHHOKDZbSRxia4p0VUlqOrD5pcGWWqOr%2FxSPxuEyhmEyjj7oTLqy%2FNwrZyW7ArqhS1PCC4adcb8JgvCZlT3WyJo8AYyO%2Ba3Rr%2F9AwAA%2F%2F8BAAD%2F%2FwaR7EaLBAAA
173.233.139.164200 OK 7 B URL GET HTTP/1.1 instinctivetheeexemplify.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitzsaD60ENIgiKc%2FCgaCbdMz0zPeawGNdIMG6W3RV%2FXKS6qnpSprqrqeqengSE4ILucfQv6LxJNuiGRfG8IjPeggsZT3MwiODFq7BeZZLg6Hf5vtfvHV6%2FV5%2Fv5afERU4nq%2B%2FqHakUXWpU3crLH3jecmVdJnmv0guaHzf95Yrpvu657ar7SuVtwbb0Us31XNdzvcqqNCLSvSXP86ouZHrU9qptt%2BrXql7DR8%2F8H9vcgaUOePeULEDy8eWj%2Bz4kGyKJv70q7Fam09feinNFM23Q5YfvJVuJLhLEszMyDqLk8EINbU9Wf4BODs4MQ3f%2FFYZyTJw%2FfkeYHF64RNg9ODcaKogEIX8CRXcIoYaQdAimb0PyEwIwjmsbSOK717Qp6PY5S6fsmMw%2F%2BguyGJP5X59BEt9fUbJXualVnkmdWPSiErI3hOwMkeYjZDtzkMUILPsMkj8kS4%2FWkcT7G1ZpSD55yW3VeKMethdbrbZY9IXPFwO%2F2Vp02zU3oK5oN1n7LCEph5DREEr0Qe0ccusglw7yyEGeOoj5pNJifhDwoMGpYKwWRl4Q%2BZHfpsyNmFtv15Cz6T%2F0kaV9MNUHM7tIzS625FcnjYWT9TWY%2FEfYzRKWO7AZQZeXKARBYQkKSlBIgiIjKLrlAVe2Zsu7XNk89C527WLXy4HOOnv0QGcdkZC99JQ8PY3PeXzheWyJSYUxP4h8xlq1kHs0dBlvNTmjgesHNGg3GawsIe0cqHWwI8fksT8%2FRSrHZI7%2BjJCOYNUITD4Fmr8AWgxaNRd0c%2BAHLnaSo16vF0klbJXpGFyXSLN5ZNvOnjolz53VuPxkD4IdX%2Fn%2B74eTZ794FcyUSE2JT%2BRPBB11Z3BDF2T%2Fhi4s%2BW4jzWQsd%2Bi04psZzcSlb94R24U2fO2q7X%2F9BpsS0%2FPolrDZOk24TDqW3FuRnAuzqg0T5MGafV%2BE13O7uZKbJE%2FXr7%2B5uhanRlgrdTIElWNCJmtgckwuP%2Fjo7Pm%2BeO9DSDOEyUvE%2BTG5GEg9Akt3YdOZf6sJjJppwtRBkZcDUwtnH5UkUGKGaVjC%2FgeHs3vP3kHHOKDZbSRxia4p0VUlqOrD5pcGWWqOr%2FxSPxuEyhmEyjj7oTLqy%2FNwrZyW7ArqhS1PCC4adcb8JgvCZlT3WyJo8AYyO%2Ba3Rr%2F9AwAA%2F%2F8BAAD%2F%2FwaR7EaLBAAA
IP 173.233.139.164:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectinstinctivetheeexemplify.com
Fingerprint53:D2:59:BD:B0:52:6A:5F:7C:25:69:14:DA:17:EA:FC:01:0C:1F:41
ValidityMon, 01 May 2023 19:32:47 GMT - Sun, 30 Jul 2023 19:32:46 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitzsaD60ENIgiKc%2FCgaCbdMz0zPeawGNdIMG6W3RV%2FXKS6qnpSprqrqeqengSE4ILucfQv6LxJNuiGRfG8IjPeggsZT3MwiODFq7BeZZLg6Hf5vtfvHV6%2FV5%2Fv5afERU4nq%2B%2FqHakUXWpU3crLH3jecmVdJnmv0guaHzf95Yrpvu657ar7SuVtwbb0Us31XNdzvcqqNCLSvSXP86ouZHrU9qptt%2BrXql7DR8%2F8H9vcgaUOePeULEDy8eWj%2Bz4kGyKJv70q7Fam09feinNFM23Q5YfvJVuJLhLEszMyDqLk8EINbU9Wf4BODs4MQ3f%2FFYZyTJw%2FfkeYHF64RNg9ODcaKogEIX8CRXcIoYaQdAimb0PyEwIwjmsbSOK717Qp6PY5S6fsmMw%2F%2BguyGJP5X59BEt9fUbJXualVnkmdWPSiErI3hOwMkeYjZDtzkMUILPsMkj8kS4%2FWkcT7G1ZpSD55yW3VeKMethdbrbZY9IXPFwO%2F2Vp02zU3oK5oN1n7LCEph5DREEr0Qe0ccusglw7yyEGeOoj5pNJifhDwoMGpYKwWRl4Q%2BZHfpsyNmFtv15Cz6T%2F0kaV9MNUHM7tIzS625FcnjYWT9TWY%2FEfYzRKWO7AZQZeXKARBYQkKSlBIgiIjKLrlAVe2Zsu7XNk89C527WLXy4HOOnv0QGcdkZC99JQ8PY3PeXzheWyJSYUxP4h8xlq1kHs0dBlvNTmjgesHNGg3GawsIe0cqHWwI8fksT8%2FRSrHZI7%2BjJCOYNUITD4Fmr8AWgxaNRd0c%2BAHLnaSo16vF0klbJXpGFyXSLN5ZNvOnjolz53VuPxkD4IdX%2Fn%2B74eTZ794FcyUSE2JT%2BRPBB11Z3BDF2T%2Fhi4s%2BW4jzWQsd%2Bi04psZzcSlb94R24U2fO2q7X%2F9BpsS0%2FPolrDZOk24TDqW3FuRnAuzqg0T5MGafV%2BE13O7uZKbJE%2FXr7%2B5uhanRlgrdTIElWNCJmtgckwuP%2Fjo7Pm%2BeO9DSDOEyUvE%2BTG5GEg9Akt3YdOZf6sJjJppwtRBkZcDUwtnH5UkUGKGaVjC%2FgeHs3vP3kHHOKDZbSRxia4p0VUlqOrD5pcGWWqOr%2FxSPxuEyhmEyjj7oTLqy%2FNwrZyW7ArqhS1PCC4adcb8JgvCZlT3WyJo8AYyO%2Ba3Rr%2F9AwAA%2F%2F8BAAD%2F%2FwaR7EaLBAAA HTTP/1.1
Host: instinctivetheeexemplify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: u_pl=17371676; uid_id2=072d53b9-779e-4e4d-8467-09208a0e96c9:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:50 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dcd6b3b3cbe1124037daebcc0346e141
Strict-Transport-Security: max-age=0; includeSubdomains
instinctivetheeexemplify.com/pixel/sbs?c=1
173.233.137.44200 OK 0 B URL GET HTTP/1.1 instinctivetheeexemplify.com/pixel/sbs?c=1
IP 173.233.137.44:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectinstinctivetheeexemplify.com
Fingerprint53:D2:59:BD:B0:52:6A:5F:7C:25:69:14:DA:17:EA:FC:01:0C:1F:41
ValidityMon, 01 May 2023 19:32:47 GMT - Sun, 30 Jul 2023 19:32:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: instinctivetheeexemplify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: u_pl=17371676; uid_id2=072d53b9-779e-4e4d-8467-09208a0e96c9:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:50 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
45.133.44.3200 OK 1.2 kB URL GET HTTP/2 cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
IP 45.133.44.3:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectcdn.barscreative1.com
FingerprintD7:F2:D3:47:0C:43:94:F7:D3:3B:42:E5:1A:61:6E:85:4E:72:C0:25
ValidityThu, 16 Mar 2023 00:04:28 GMT - Wed, 14 Jun 2023 00:04:27 GMT
File type HTML document, ASCII text, with very long lines (1266), with no line terminators
Hash b1a0e0ddf84fa761508921638d1c05ba
6648c209a77d2b683ee31e59ee79666b7d6a5412
e09f27aa42b0340c6dc785b112e061e6888c8d79d03f19e9a61289433a131fe9
GET /sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:49 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 13 Jul 2022 12:11:03 GMT
etag: W/"62ceb657-4a6"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 05 May 2023 09:52:49 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
172.64.166.9200 OK 79 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
IP 172.64.166.9:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
Hash fc638645a938f69e69360c75335ffd1a
143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4
7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90
GET /sb/chat/mob/ssp/v2/new/3/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:49 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:56 GMT
etag: W/"62ceb704-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OApmOsRk5KAOAg9Bg7r%2BNIHZb0ckNgDn5fQ9GKchI91vUx9ML3v5F3B2HYhg6AnH6%2F%2Bihs%2BJzzQl8O19JJzOoh0Y%2FdvLi5WErI%2FEg3Jao%2BQYppOhVtSqCVIDeCpLcrqjJwGwqZLWs10"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfe08a01385e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.xxxfiles.tv/extension/aine/pr_1409.php?s=1683276780733.0.8757397347932793
104.21.83.6200 OK 187 B URL GET HTTP/3 www.xxxfiles.tv/extension/aine/pr_1409.php?s=1683276780733.0.8757397347932793
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type HTML document text\012- troff or preprocessor input, ASCII text, with no line terminators
Hash 6c4febc8beb4d521ab8341c797c728a5
c8d30b5612eac154b0bd12bdbf8dab793a5eea2b
a292033534e1629ef3e6bce8c52dc1a0f56ac4596050b9f4df96db21a057348b
GET /extension/aine/pr_1409.php?s=1683276780733.0.8757397347932793 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:47 GMT
content-type: application/json
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBAakKZ9IaYwJObfddaOUpIj%2FjqOlyP6UzVLxwWyXg7y%2FRJQq2g5Zebg7tUAaM71qj3wYEa96pd1ViHBRElwsuVoTRoTw5uI6%2B0p%2FpX66moyUsNgVlgabLBdRHimlv1sovE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfd5dd8d1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.xxxfiles.tv/js/plugins.js
104.21.83.6200 OK 131 kB URL GET HTTP/2 www.xxxfiles.tv/js/plugins.js
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
Size 131 kB (130671 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/plugins.js HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2019 06:40:43 GMT
vary: Accept-Encoding
etag: W/"5ddcc8eb-1fe6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 2131984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pStKV35dOidabHTU25WttFy5aaOUf%2B5YnF%2F2z5EkPWHjWNkWPm8mexR0dBbHLQ%2F%2FqICbPfTq7pHTWvjP2BdZ1C5gQZv9jekpF9acFhFhg%2Bro7U8Xe7lWyaqsIp4nWAeTpk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfc73d5bb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.xxxfiles.tv/js/kvs/main.min.js
104.21.83.6200 OK 267 kB URL GET HTTP/2 www.xxxfiles.tv/js/kvs/main.min.js
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
Size 267 kB (266952 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/kvs/main.min.js HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: application/javascript
last-modified: Wed, 20 Nov 2019 11:57:15 GMT
vary: Accept-Encoding
etag: W/"5dd52a1b-412c8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 2131984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFXFLjIUrHPLZrwuz6vvTyA300%2BC8uvx2zyx4TJw1%2Bw22cXkPxgueU3gNW8taMqdBNoD8BZ4C1GDF5GQj3yu1Gy2UEgJYa9GUQ1IYLcMQFQIsr8325XjETruwMYDotL224o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfc74d6eb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.xxxfiles.tv/css/main.css
104.21.83.6200 OK 77 kB URL GET HTTP/2 www.xxxfiles.tv/css/main.css
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type assembler source, ASCII text, with very long lines (492)
Hash f2acc5750c70ce7508edcacb053ddda2
93cbb3c6fa87587f1c1c09ad44e7769ca8f41ea5
762a4d48cacd0adbc7d45e1feec08bc734ceeab368130560d57154d8c9d4a1fd
GET /css/main.css HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: text/css
last-modified: Mon, 23 May 2022 12:38:16 GMT
vary: Accept-Encoding
etag: W/"628b8038-12e50"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 2131984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCwQs%2BAjHTLGwBFc0xOGCQQAp%2F4xRvEdmw0hM6z6xqasbK86BJMRT1%2F6p3dF%2BlsXsyf1JFcyLsvJrA3FUDgidxCuqQFLWct4bHhnsAZh%2BE%2F2siAkrI6%2BX9C6zd4pCvkuIn4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfc71d33b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/api/users/309159?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25
135.181.208.216200 OK 733 B URL GET HTTP/2 uacabilqlgpw.cdnvideo3.com/api/users/309159?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25
IP 135.181.208.216:443
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subject8afb7f9e2c1a7a9e.vtube.to
FingerprintFA:29:50:3A:07:C7:EC:67:24:04:0D:B0:6B:BC:2A:C8:34:0D:66:EB
ValidityTue, 02 May 2023 00:27:31 GMT - Mon, 31 Jul 2023 00:27:30 GMT
File type ASCII text, with very long lines (785), with no line terminators
Hash a11dd6d80709cd25344b88a08939c0ac
be033f005bb91a41eec00e08ff0c34e3a0ea9b27
aca68763cb9488218f1642160fd283d96b5e665f10dad3dd635bbcb4688068c0
GET /api/users/309159?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 08:52:47 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=zutef7LLQoUdscvclt8V; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
i.wmgtr.com/cim/u1a7YOlSqOHS_OZ5054Pd3wsY96uiWEK.png
0.0.0.0 0 B URL GET i.wmgtr.com/cim/u1a7YOlSqOHS_OZ5054Pd3wsY96uiWEK.png
IP 0.0.0.0:0
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjecti.wmgtr.com
Fingerprint7D:1B:65:9B:B8:35:3F:63:AA:D6:0E:B1:DB:13:80:AA:F0:55:75:FC
ValiditySun, 23 Apr 2023 23:02:02 GMT - Sat, 22 Jul 2023 23:02:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cim/u1a7YOlSqOHS_OZ5054Pd3wsY96uiWEK.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:48 GMT
content-type: image/png
server: nginx/1.19.0
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
content-encoding: gzip
cache-control: max-age=82800
expires: Sat, 06 May 2023 07:52:48 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/api/users/433863?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25
135.181.208.216200 OK 522 B URL GET HTTP/2 uacabilqlgpw.cdnvideo3.com/api/users/433863?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25
IP 135.181.208.216:443
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subject8afb7f9e2c1a7a9e.vtube.to
FingerprintFA:29:50:3A:07:C7:EC:67:24:04:0D:B0:6B:BC:2A:C8:34:0D:66:EB
ValidityTue, 02 May 2023 00:27:31 GMT - Mon, 31 Jul 2023 00:27:30 GMT
File type ASCII text, with very long lines (592), with no line terminators
Hash 8df7151370e4a54d67708f1a4892b7c2
ac307285d4e7a004eb71c3ddef1abde0734e8cf1
dd5196b3f55c00d95ed80b5c9a95ead458550e3ed7a6e40a0b027cb86c875efa
GET /api/users/433863?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 08:52:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=wZy2MUzYHTRYny15tk3g; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
adactioner.com/asset-12006683.mp4
213.133.98.241206 Partial Content 51 kB URL GET HTTP/2 adactioner.com/asset-12006683.mp4
IP 213.133.98.241:443
ASN #24940 Hetzner Online GmbH
Requested by http://uacabilqlgpw.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=
Certificate IssuerLet's Encrypt
Subjectadactioner.com
FingerprintA4:6D:E4:31:E8:7F:01:54:34:36:49:C5:E9:C8:E3:66:A2:1C:B9:7B
ValiditySat, 11 Mar 2023 23:27:07 GMT - Fri, 09 Jun 2023 23:27:06 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 1219d2538a3657367d9aeb85df9dcf6e
69997a4e8c9e0496c23a8f44888bfdd2acb2c3de
ed554e6b416b0890bb6c5e8113c6ea68c614310590f525717d8bc72f091c8fe6
GET /asset-12006683.mp4 HTTP/1.1
Host: adactioner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx
date: Fri, 05 May 2023 08:52:46 GMT
content-type: video/mp4
content-length: 81632
last-modified: Thu, 04 May 2023 09:30:05 GMT
etag: "64537b1d-13ee0"
expires: Sun, 04 Jun 2023 08:52:46 GMT
cache-control: max-age=2592000, public
content-range: bytes 0-81631/81632
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/script.js
172.64.166.9200 OK 383 B URL GET HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/script.js
IP 172.64.166.9:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
File type ASCII text, with very long lines (408), with no line terminators
Hash d8254313a6e071f4883a1fccf4a12323
39159fdfba27aa0b8695c3136ab344c4ee84e4a4
b34fc41421c91ccf9fd5f1351fc45117e12e8cf2b58fdcad45d2710a5d218a88
GET /sb/chat/mob/ssp/v2/new/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:49 GMT
content-type: application/javascript
last-modified: Wed, 13 Jul 2022 12:13:56 GMT
etag: W/"62ceb704-17f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sp8hLBqEtd9WsLmnDbJahEPBlHyYYGwODqoV%2FlAC4p4vQ69FsdlEi0OAjG2mhcYZHxUF3WG7Z0T7h1e9j2TK5tq%2FPsevf97ZZdUFDWWHf%2F%2FMgaLwG5P8yh1ih28vr5KYUfeDntu7h4bD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfe1fc8d385e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.realsrv.com/ad-provider.js
185.76.9.22200 OK 88 kB URL GET HTTP/2 a.realsrv.com/ad-provider.js
IP 185.76.9.22:443
ASN #60068 Datacamp Limited
Requested by http://uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=
Certificate IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintC2:CA:14:12:90:2A:B3:84:F3:3C:B8:A9:E8:82:89:E0:CB:B9:EE:49
ValidityMon, 27 Feb 2023 07:33:27 GMT - Sun, 28 May 2023 07:33:26 GMT
File type ASCII text, with very long lines (54191)
Hash a76e103d1d19a1711585ba045fd7b740
9962f556b06ff3409ab656fc985809f1a0b47366
9dd8d3d60a88285017f3bc865206402f549b43bd708d7fb7749cb761f070992f
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:46 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"9962f556b06ff3409ab656fc985"
expires: Thu, 04 May 2023 19:04:23 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCRTWq/b/1BgAAA
x-77-nzt-ray: af585630cc9b1000dec354648a515b2e
x-accel-expires: @1683281210
x-accel-date: 1683270410
x-cache: HIT
x-age: 6356
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 11 kB URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw=
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Hash cbf0d11af8f0d7576a56ae43d6cfffcf
1be5bebfa5bc8c44c5a110d67c4d094b920af212
606933386c9a062b61836524ce697aa2ab32bbf38e5266617d2212d747fbfc48
GET /api/spots/329584?p=1&s1=%subid1%&kw= HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=ZNaD9MFE173u6mtNB1ME; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExNTAwODIsInNpZCI6MTE5NTE5OSwid2lkIjo0Mzk5MzgsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cDovL3d3dy54eHhmaWxlcy50di92aWRlb3MvNzEwODE5L2E2MWM2OGU1NTA3N2JlZTViMjEwMTJiMmMwMTJmZjgwLw==&inc=0
185.162.85.3200 OK 729 B URL GET HTTP/2 prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExNTAwODIsInNpZCI6MTE5NTE5OSwid2lkIjo0Mzk5MzgsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cDovL3d3dy54eHhmaWxlcy50di92aWRlb3MvNzEwODE5L2E2MWM2OGU1NTA3N2JlZTViMjEwMTJiMmMwMTJmZjgwLw==&inc=0
IP 185.162.85.3:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectprhzxq.com
FingerprintE2:7B:B2:5A:29:BC:18:8B:54:42:18:94:DC:A8:70:6D:AC:91:62:83
ValidityTue, 21 Mar 2023 21:20:12 GMT - Mon, 19 Jun 2023 21:20:11 GMT
File type Unicode text, UTF-8 text, with very long lines (800), with no line terminators
Hash ebe1710877c84d2781432d565df6f37b
c267e52b2dcb4c9ad7cab873057d1ebd4b1de78f
064155dd6c84b43aabf5c10f3747e4b218e68ff551b3db2a597d22cb762892f7
GET /wnload?a=1&e=aeyJwaWQiOjExNTAwODIsInNpZCI6MTE5NTE5OSwid2lkIjo0Mzk5MzgsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cDovL3d3dy54eHhmaWxlcy50di92aWRlb3MvNzEwODE5L2E2MWM2OGU1NTA3N2JlZTViMjEwMTJiMmMwMTJmZjgwLw==&inc=0 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 05 May 2023 08:52:47 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/error?errorcode=400&p=APeICDOGjggdMFgMhAPnYIyHOGwoHNOmoY4aNHDUgCFRhBg3bg7OoAFjBgwZORTSaePQBo4ZMm7YkIlDZRsZLV_GnOnyoQyFcNiMOZhQxJgzRPsoCAg%3D&s=05c608ec0f459015f5422bb1873eac50568e008c2af6a87ecb3b2f0fb03234d71683276768
136.243.75.209200 OK 0 B URL GET HTTP/2 pxl.tsyndicate.com/api/v1/error?errorcode=400&p=APeICDOGjggdMFgMhAPnYIyHOGwoHNOmoY4aNHDUgCFRhBg3bg7OoAFjBgwZORTSaePQBo4ZMm7YkIlDZRsZLV_GnOnyoQyFcNiMOZhQxJgzRPsoCAg%3D&s=05c608ec0f459015f5422bb1873eac50568e008c2af6a87ecb3b2f0fb03234d71683276768
IP 136.243.75.209:443
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint78:C4:DB:8D:7E:12:80:0F:A0:B5:E1:B6:0B:3E:B2:46:7E:69:3D:8E
ValidityWed, 12 Apr 2023 09:07:49 GMT - Tue, 11 Jul 2023 09:07:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/error?errorcode=400&p=APeICDOGjggdMFgMhAPnYIyHOGwoHNOmoY4aNHDUgCFRhBg3bg7OoAFjBgwZORTSaePQBo4ZMm7YkIlDZRsZLV_GnOnyoQyFcNiMOZhQxJgzRPsoCAg%3D&s=05c608ec0f459015f5422bb1873eac50568e008c2af6a87ecb3b2f0fb03234d71683276768 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: ts_uid=f9e73655-9ab5-4400-9698-cb927067cf64; bfq=APeIECNCx5YZNGDMgCEjRxcWIsYU3BLjoYgyE2PYwDFjho0ZGnF06aMg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 08:52:49 GMT
content-length: 0
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
twinrdsrv.com/preroll.engine?id=4ce47ff2-c2e3-47a1-a9be-931241b17841&zid=52151&cvs={ClientVideoSupport}&time={TimeOffset}&stdtime={StdTimeOffset}&abr={IsAdblockRequest}&pageurl={PageUrl}&tid={TrackingId}&res={Resolution}&bw={BrowserWidth}&bh={BrowserHeight}&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy+Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred+hair%2Cnude%2Clonghair%2Cparis%2Csmall+breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny+Aurora&referrerUrl={ReferrerUrl}&pw={PlayerWidth}&ph={PlayerHeight}
172.66.43.59200 OK 7.4 kB URL GET HTTP/2 twinrdsrv.com/preroll.engine?id=4ce47ff2-c2e3-47a1-a9be-931241b17841&zid=52151&cvs={ClientVideoSupport}&time={TimeOffset}&stdtime={StdTimeOffset}&abr={IsAdblockRequest}&pageurl={PageUrl}&tid={TrackingId}&res={Resolution}&bw={BrowserWidth}&bh={BrowserHeight}&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy+Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred+hair%2Cnude%2Clonghair%2Cparis%2Csmall+breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny+Aurora&referrerUrl={ReferrerUrl}&pw={PlayerWidth}&ph={PlayerHeight}
IP 172.66.43.59:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint44:DC:AB:AD:02:68:C6:90:3B:A8:AF:E2:FD:7E:D7:F2:0E:5D:AC:2E
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (7455), with no line terminators
Hash 9c287e98b4338ead9ffeaf4a2d752903
798b6232a8d1852c5c9b494e91ace36c50ba35ef
8f6f6f24ee3dc6eaf073cd05bf15b66c4c5b642c75ddc54feab2045f9f2fcb66
GET /preroll.engine?id=4ce47ff2-c2e3-47a1-a9be-931241b17841&zid=52151&cvs={ClientVideoSupport}&time={TimeOffset}&stdtime={StdTimeOffset}&abr={IsAdblockRequest}&pageurl={PageUrl}&tid={TrackingId}&res={Resolution}&bw={BrowserWidth}&bh={BrowserHeight}&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy+Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred+hair%2Cnude%2Clonghair%2Cparis%2Csmall+breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny+Aurora&referrerUrl={ReferrerUrl}&pw={PlayerWidth}&ph={PlayerHeight} HTTP/1.1
Host: twinrdsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:48 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
access-control-allow-credentials: true
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: http://www.xxxfiles.tv
set-cookie: IKSR={}; path=/; SameSite=None; secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FjHtv3LoTkXGHbyAzxheENxrV0sj9Bsq8kjZ%2Bq6YWN58EOMJJ7fwMSPku5297sFmTwbFSx0o4EFflqU03VWRzIz6QO0IEf2rTe%2FR5IoXhe5PUSPMQo41LGJE6y%2FmAg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfd6ff6cb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
instinctivetheeexemplify.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2%2FcRBgdp%2BVAOQAVQkICsQcOIMjGdry7Nj1UlBIUEdqqLeLHBY1nxtshY481Y683kZAiKkGPC3%2BB8zZpBI0qEOcitMstolKW0x6IEBIXrkjlijaJWPgu33t%2B7%2FD8vvl8uzwiLko6XXlXb0ql6FKr6TZe%2FsDzLjTWZFb2G%2F2w%2FXE7uNAwvdc9N2q6rzTeFmxdL%2Fmu57qe6zVWpBGJ7i95ntd0IfP9yGtGbjPwm14rQN%2F8n9vSgaUOeO%2BInIfkk3P79wNINkKWfntZ2PVC56%2B9lZaKFtqgx%2Ffey9YzXWVI5zAxDpJs79QNbQ9XfoDOdo8DQ%2Ff%2BNcZyQpw%2Ffkec7Z2mRNzbPQkaK4gMMX8CVW8EoUaQdASmb0PyQwIwjitXkaV3r2hT0Y0Tlc7UCTn76C%2FIakLO%2FvoMsvT%2BJSX7jRtalYXUmUU%2FqSH7I8juCHk5RrG5AFmNwYrPIPlDsvRoDVm6c9UqDcmnL7kdn7eW42ix04nEYiACvhgG7c6iG%2FluSF0RtVl03JCUI8hkBCUGoHYBpXVQSgdl4qDMHaR82uiwIAx52OJUMObHiRcmQRJElLkJc5cjHyWb%2FcMART4AUwMws4XcbGFdfnXYOn%2B4tgpT%2Fgh7q4blDmxB0OM1KkFQWYKKElSSoCoIql69y5X1bX2XK1vG3un2T%2FdyPdRFd5vu6qIrMrKdH5GnZ%2FU5j59%2FHuti2mAsCJOAsY4fc4%2FGLuOdNmc0dIOQhlGbwcoa0i6AWgebckIe%2B%2FNT5HJCFujPiOkYVo3B5FOg5Qug1bDju6C3hkHoYjPb7%2Ff7iVTCNplOwXWNvDiLYsPZVkfkueMzXniyD8EOLn7%2F98Pps1%2B8CmZq5KbGJ%2FIngq66M7yuK7JzXVeWfHc1L2QqN%2BnsxDcKWogz37wjNipt%2BOplO%2Fj6DTYTZnD%2FprDFGs24zLqW3LskORdmRRsmyINV%2B76Ir5X21qXSZGW%2Bdu3NldU0N8JaqbMRqJwQMl0FkxNy7sFHx8%2F3xXsfQpoRTFkjLQ%2FI6UDqMVi%2BBZvP81tNYNTcE%2BcOqrIeGj%2Bef1SSQIk5p3EN%2Bx8ez%2FG2vYOucUCL28jSGj1To6dqUDWALc8Mi9wcXPxl%2BXgQK2cYK%2BPsxMqoL0%2FKtXLaEB3RjqLADTrcdeOA%2B77XEowuBzSivp90UNgJvzn%2B7R8AAAD%2F%2FwEAAP%2F%2F%2BbZEVosEAAA%3D
173.233.139.164200 OK 0 B URL GET HTTP/1.1 instinctivetheeexemplify.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2%2FcRBgdp%2BVAOQAVQkICsQcOIMjGdry7Nj1UlBIUEdqqLeLHBY1nxtshY481Y683kZAiKkGPC3%2BB8zZpBI0qEOcitMstolKW0x6IEBIXrkjlijaJWPgu33t%2B7%2FD8vvl8uzwiLko6XXlXb0ql6FKr6TZe%2FsDzLjTWZFb2G%2F2w%2FXE7uNAwvdc9N2q6rzTeFmxdL%2Fmu57qe6zVWpBGJ7i95ntd0IfP9yGtGbjPwm14rQN%2F8n9vSgaUOeO%2BInIfkk3P79wNINkKWfntZ2PVC56%2B9lZaKFtqgx%2Ffey9YzXWVI5zAxDpJs79QNbQ9XfoDOdo8DQ%2Ff%2BNcZyQpw%2Ffkec7Z2mRNzbPQkaK4gMMX8CVW8EoUaQdASmb0PyQwIwjitXkaV3r2hT0Y0Tlc7UCTn76C%2FIakLO%2FvoMsvT%2BJSX7jRtalYXUmUU%2FqSH7I8juCHk5RrG5AFmNwYrPIPlDsvRoDVm6c9UqDcmnL7kdn7eW42ix04nEYiACvhgG7c6iG%2FluSF0RtVl03JCUI8hkBCUGoHYBpXVQSgdl4qDMHaR82uiwIAx52OJUMObHiRcmQRJElLkJc5cjHyWb%2FcMART4AUwMws4XcbGFdfnXYOn%2B4tgpT%2Fgh7q4blDmxB0OM1KkFQWYKKElSSoCoIql69y5X1bX2XK1vG3un2T%2FdyPdRFd5vu6qIrMrKdH5GnZ%2FU5j59%2FHuti2mAsCJOAsY4fc4%2FGLuOdNmc0dIOQhlGbwcoa0i6AWgebckIe%2B%2FNT5HJCFujPiOkYVo3B5FOg5Qug1bDju6C3hkHoYjPb7%2Ff7iVTCNplOwXWNvDiLYsPZVkfkueMzXniyD8EOLn7%2F98Pps1%2B8CmZq5KbGJ%2FIngq66M7yuK7JzXVeWfHc1L2QqN%2BnsxDcKWogz37wjNipt%2BOplO%2Fj6DTYTZnD%2FprDFGs24zLqW3LskORdmRRsmyINV%2B76Ir5X21qXSZGW%2Bdu3NldU0N8JaqbMRqJwQMl0FkxNy7sFHx8%2F3xXsfQpoRTFkjLQ%2FI6UDqMVi%2BBZvP81tNYNTcE%2BcOqrIeGj%2Bef1SSQIk5p3EN%2Bx8ez%2FG2vYOucUCL28jSGj1To6dqUDWALc8Mi9wcXPxl%2BXgQK2cYK%2BPsxMqoL0%2FKtXLaEB3RjqLADTrcdeOA%2B77XEowuBzSivp90UNgJvzn%2B7R8AAAD%2F%2FwEAAP%2F%2F%2BbZEVosEAAA%3D
IP 173.233.139.164:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjectinstinctivetheeexemplify.com
Fingerprint53:D2:59:BD:B0:52:6A:5F:7C:25:69:14:DA:17:EA:FC:01:0C:1F:41
ValidityMon, 01 May 2023 19:32:47 GMT - Sun, 30 Jul 2023 19:32:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2%2FcRBgdp%2BVAOQAVQkICsQcOIMjGdry7Nj1UlBIUEdqqLeLHBY1nxtshY481Y683kZAiKkGPC3%2BB8zZpBI0qEOcitMstolKW0x6IEBIXrkjlijaJWPgu33t%2B7%2FD8vvl8uzwiLko6XXlXb0ql6FKr6TZe%2FsDzLjTWZFb2G%2F2w%2FXE7uNAwvdc9N2q6rzTeFmxdL%2Fmu57qe6zVWpBGJ7i95ntd0IfP9yGtGbjPwm14rQN%2F8n9vSgaUOeO%2BInIfkk3P79wNINkKWfntZ2PVC56%2B9lZaKFtqgx%2Ffey9YzXWVI5zAxDpJs79QNbQ9XfoDOdo8DQ%2Ff%2BNcZyQpw%2Ffkec7Z2mRNzbPQkaK4gMMX8CVW8EoUaQdASmb0PyQwIwjitXkaV3r2hT0Y0Tlc7UCTn76C%2FIakLO%2FvoMsvT%2BJSX7jRtalYXUmUU%2FqSH7I8juCHk5RrG5AFmNwYrPIPlDsvRoDVm6c9UqDcmnL7kdn7eW42ix04nEYiACvhgG7c6iG%2FluSF0RtVl03JCUI8hkBCUGoHYBpXVQSgdl4qDMHaR82uiwIAx52OJUMObHiRcmQRJElLkJc5cjHyWb%2FcMART4AUwMws4XcbGFdfnXYOn%2B4tgpT%2Fgh7q4blDmxB0OM1KkFQWYKKElSSoCoIql69y5X1bX2XK1vG3un2T%2FdyPdRFd5vu6qIrMrKdH5GnZ%2FU5j59%2FHuti2mAsCJOAsY4fc4%2FGLuOdNmc0dIOQhlGbwcoa0i6AWgebckIe%2B%2FNT5HJCFujPiOkYVo3B5FOg5Qug1bDju6C3hkHoYjPb7%2Ff7iVTCNplOwXWNvDiLYsPZVkfkueMzXniyD8EOLn7%2F98Pps1%2B8CmZq5KbGJ%2FIngq66M7yuK7JzXVeWfHc1L2QqN%2BnsxDcKWogz37wjNipt%2BOplO%2Fj6DTYTZnD%2FprDFGs24zLqW3LskORdmRRsmyINV%2B76Ir5X21qXSZGW%2Bdu3NldU0N8JaqbMRqJwQMl0FkxNy7sFHx8%2F3xXsfQpoRTFkjLQ%2FI6UDqMVi%2BBZvP81tNYNTcE%2BcOqrIeGj%2Bef1SSQIk5p3EN%2Bx8ez%2FG2vYOucUCL28jSGj1To6dqUDWALc8Mi9wcXPxl%2BXgQK2cYK%2BPsxMqoL0%2FKtXLaEB3RjqLADTrcdeOA%2B77XEowuBzSivp90UNgJvzn%2B7R8AAAD%2F%2FwEAAP%2F%2F%2BbZEVosEAAA%3D HTTP/1.1
Host: instinctivetheeexemplify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: u_pl=17371676; uid_id2=072d53b9-779e-4e4d-8467-09208a0e96c9:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8fca5110320bed265f3ac7876c5b3ea8
Strict-Transport-Security: max-age=0; includeSubdomains
addresseepaper.com/sfp.js
0.0.0.0 0 B URL GET addresseepaper.com/sfp.js
IP 0.0.0.0:0
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
i.wmgtr.com/cic/d186Z1xqbgoLvkVafC4w0Mh9PeSfEmlg.png
0.0.0.0 0 B URL GET i.wmgtr.com/cic/d186Z1xqbgoLvkVafC4w0Mh9PeSfEmlg.png
IP 0.0.0.0:0
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjecti.wmgtr.com
Fingerprint7D:1B:65:9B:B8:35:3F:63:AA:D6:0E:B1:DB:13:80:AA:F0:55:75:FC
ValiditySun, 23 Apr 2023 23:02:02 GMT - Sat, 22 Jul 2023 23:02:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cic/d186Z1xqbgoLvkVafC4w0Mh9PeSfEmlg.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:48 GMT
content-type: image/png
server: nginx/1.19.0
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
content-encoding: gzip
cache-control: max-age=82800
expires: Sat, 06 May 2023 07:52:48 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
uacabilqlgpw.cdnvideo3.com/api/settings/377391
135.181.208.216200 OK 33 B URL GET HTTP/2 uacabilqlgpw.cdnvideo3.com/api/settings/377391
IP 135.181.208.216:443
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subject8afb7f9e2c1a7a9e.vtube.to
FingerprintFA:29:50:3A:07:C7:EC:67:24:04:0D:B0:6B:BC:2A:C8:34:0D:66:EB
ValidityTue, 02 May 2023 00:27:31 GMT - Mon, 31 Jul 2023 00:27:30 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 511ff610a0435434dd22a4836719fbb3
0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3
d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0
GET /api/settings/377391 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 08:52:46 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
i.wmgtr.com/cic/B5zVn3LFG6MeTUPnxFYh5fPakuK7iXH-.png
45.133.44.32200 OK 12 kB URL GET HTTP/2 i.wmgtr.com/cic/B5zVn3LFG6MeTUPnxFYh5fPakuK7iXH-.png
IP 45.133.44.32:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerLet's Encrypt
Subjecti.wmgtr.com
Fingerprint7D:1B:65:9B:B8:35:3F:63:AA:D6:0E:B1:DB:13:80:AA:F0:55:75:FC
ValiditySun, 23 Apr 2023 23:02:02 GMT - Sat, 22 Jul 2023 23:02:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 3ca23521821a6d1e97bf61d46dfa635d
c5e8b425e01b2eeb21679f971b65d6ab02ca76f6
f5382c1238060d950b3fb09071dc1d8ef55c73bca6220239662287ab2343535b
GET /cic/B5zVn3LFG6MeTUPnxFYh5fPakuK7iXH-.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:48 GMT
content-type: image/jpeg
server: nginx/1.19.0
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
cache-control: max-age=82800
expires: Sat, 06 May 2023 07:52:48 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.xxxfiles.tv/extension/aine/pop_1409.php?s=1683276780735.0.4192557010482666
104.21.83.6200 OK 161 B URL GET HTTP/3 www.xxxfiles.tv/extension/aine/pop_1409.php?s=1683276780735.0.4192557010482666
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type HTML document text\012- troff or preprocessor input, ASCII text, with no line terminators
Hash e737546e782da3a416eb068459cdb9cd
de30360e651e0ce41bfe4593b294ee2a33c07ee4
ef6a8969b044e42e916e89c373cde186a1b04b5d2514d8e1f4e6933fd0d71846
GET /extension/aine/pop_1409.php?s=1683276780735.0.4192557010482666 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:47 GMT
content-type: application/json
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LX3EQICj6pwwsfU%2F0gXmzXVzqUAPXciazZMU400l%2BYGnFZqIeaVS0VAAhTGyy4Yb6rK6%2F6vt72uabcuLxwftvw1AEWL6%2F%2FYoI3V3Kj%2BWOffTX6t%2FFHfjF8KcblGloDRNssE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfd5dd901bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/jquery.min.js
172.64.166.9200 OK 90 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/jquery.min.js
IP 172.64.166.9:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
File type ASCII text, with very long lines (65451)
Hash 561acb3e541133bbdd2c0c19f8ee35a1
ffd1353cf3f77d25f801c84d8208613eb0d3d548
9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
GET /sb/chat/mob/ssp/v2/new/3/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:49 GMT
content-type: application/javascript
last-modified: Wed, 13 Jul 2022 12:13:58 GMT
etag: W/"62ceb706-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 14756486
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuAJMg2c38V0UJRDRV4Tzbtz9gPGyZR%2FRPMYcJY%2BKJiKakLeZQSu1T2SAAEhZggFRc%2FpSubgSvE5xoSW0k31t%2FAMzMg6vZ3bAfIaDuTxLxWwmcjbcXRq6jskJdYG0sCDLUyry4ohNcNA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfe0ba42385e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106200 OK 6.8 kB URL GET HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:80
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type ASCII text, with very long lines (6992), with no line terminators
Hash ec5129b372c275aa9bf89c50f312613d
8e75535bebc8e2ec4579424b4e9505500300eac9
91a09ee6f5574dc9630b63e8d1e8e1ae26442cb7ce32b1576c4c20af5d6f858d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 05 May 2023 08:52:49 GMT
Date: Fri, 05 May 2023 08:52:49 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 12 kB URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Hash f8b84fa9b46a56eb8b60d08c1c1e3bca
1abba1363e05971a05dc9d306a15b3bb9d573eeb
8ef4422dcc017728d164457b93e7e68bf62bc97eee6b28aeac28915e4b7aece0
GET /api/spots/329591?p=1&s1=%subid1%&kw= HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=o8S2zNqJ9D8cdnTYRU8C; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
uacabilqlgpw.cdnvideo3.com/api/click/3552251425836278095?c=60&data[error]=400
135.181.208.216200 OK 0 B URL GET HTTP/1.1 uacabilqlgpw.cdnvideo3.com/api/click/3552251425836278095?c=60&data[error]=400
IP 135.181.208.216:80
ASN #24940 Hetzner Online GmbH
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/3552251425836278095?c=60&data[error]=400 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
www.xxxfiles.tv/js/main.js
104.21.83.6200 OK 21 kB URL GET HTTP/2 www.xxxfiles.tv/js/main.js
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
Hash c719a8f50a9ec082de5a40a2d0b1a442
e9c74b76c56ad7106bd75cb77ef4bbbdb6f67859
96c5ec1f6d8d942a6c1f563600a7f05d8424371972aeb6576be2cd762bee5b1c
GET /js/main.js HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: application/javascript
last-modified: Tue, 04 May 2021 10:44:25 GMT
vary: Accept-Encoding
etag: W/"60912589-511f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 2131984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOKCpc12eKXzyiQfDXNCSvE76G8uOJ%2BbRv0kOpQQEJFJhLvl22MOIFW8wFmVTcIVgbLJ4Xoc78roM53Slnr57IXReZfWVxoUDSgebzOgapN1EqiDPIikH6yzBi7B7cKUreQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfc73d5ab529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.xxxfiles.tv/css/plugins.css
104.21.83.6200 OK 50 kB URL GET HTTP/2 www.xxxfiles.tv/css/plugins.css
IP 104.21.83.6:443
Requested by http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT
File type ASCII text, with very long lines (29529)
Hash 4092218dab88f50c2ae78b636da0f06e
6534c8b0dfeaa401038c595a238f3fed21b69da6
2e3480402dc98bc43baa6327e8765e2e07dfc5781359086cb11993e817776cb6
GET /css/plugins.css HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: text/css
last-modified: Wed, 20 Nov 2019 10:53:49 GMT
vary: Accept-Encoding
etag: W/"5dd51b3d-c445"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 2131984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FBlnixwFJEkH%2FJarxviSu1aTjGYn1ufwFgiG09vUw1I6YcSQdzGaFNPxRmHdn5n4xwF6YO22PpWxN1jqVdtkL5jvNnqs%2BzTjQ3wsm08pzo18D2fstgHBxkwplJXYnNaDdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfc73d52b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2