Report - www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

Report Overview

Submitted URL
www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
IP
104.21.83.6
ASN
#13335 CLOUDFLARENET
Submitted
2023-05-05 08:53:06
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2023-05-05	897 B	3.0 kB	151.101.129.229
xngqoc.com	unknown	2023-03-03	2023-03-03	2023-05-04	2.0 kB	788 B	185.162.85.4
simplewebanalysis.com	unknown	2022-02-15	2022-02-25	2023-05-05	1.4 kB	1.0 kB	18.192.155.180
s3t3d2y8.afcdn.net	unknown	2022-06-27	2022-08-09	2023-05-05	478 B	10 kB	185.76.9.22
u3y8v8u4.aucdn.net	unknown	2022-06-27	2022-08-08	2023-05-05	543 B	3.5 MB	185.76.9.22
mpmant.com	unknown	2023-01-30	2023-01-30	2023-05-01	466 B	227 B	31.220.27.101
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-05	340 B	1.0 kB	54.230.80.227
unseenreport.com	unknown	2022-03-30	2022-03-30	2023-05-04	1.3 kB	846 B	192.243.59.12
instinctivetheeexemplify.com	unknown	2023-05-01	2023-05-01	2023-05-05	4.8 kB	7.4 kB	173.233.139.164
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2023-05-04	2.2 kB	180 kB	172.64.166.9
xdiwbc.com	unknown	2023-02-07	2023-02-07	2023-05-04	426 B	34 kB	172.64.107.34
a.realsrv.com	10080	2019-02-07	2019-07-03	2023-05-05	408 B	89 kB	185.76.9.22
addresseepaper.com	18169	2021-11-01	2021-11-01	2023-05-05	313 B	0 B	0.0.0.0
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-05-05	903 B	4.1 kB	104.17.25.14
ubbfpm.com	unknown	2022-05-31	2022-05-31	2023-05-04	396 B	203 kB	95.216.206.230
disdainkindle.com	unknown	2023-05-01	2023-05-01	2023-05-04	742 B	15 kB	173.233.137.44
friendshipmale.com	unknown	2022-10-21	2022-10-21	2023-05-04	311 B	28 kB	172.64.108.35
icdns.net	unknown	2023-03-10	2023-03-10	2023-05-01	451 B	252 B	109.206.162.121
go.xlviiirdr.com	unknown	2021-06-22	2021-07-02	2023-05-04	677 B	1.1 kB	104.18.51.106
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-05-05	330 B	963 B	172.64.155.188
cdn.barscreative1.com	25648	2021-09-08	2021-09-16	2023-05-04	482 B	1.6 kB	45.133.44.3
badgegirdle.com	unknown		2022-12-07	2023-04-09	346 B	21 kB	173.233.137.36
ocsp.globalsign.com	2075	1999-04-19	2012-07-20	2023-05-04	358 B	1.9 kB	104.18.20.226
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-05	764 B	9.1 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-05	1.9 kB	66 kB	142.250.74.163
syndication.realsrv.com	9112	2019-02-07	2019-07-03	2023-05-05	4.0 kB	6.7 kB	95.211.229.248
prhzxq.com	unknown	2022-06-29	2022-06-29	2023-05-04	1.1 kB	1.2 kB	185.162.85.3
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2023-05-05	434 B	80 kB	45.133.44.9
i.wmgtr.com	13696	2020-09-11	2020-09-11	2023-05-04	1.2 kB	13 kB	0.0.0.0
www.xxxfiles.tv	unknown		2023-02-06	2023-04-04	9.6 kB	664 kB	104.21.83.6
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-04	1.7 kB	3.5 kB	142.250.74.131
adactioner.com	144829	2019-01-17	2020-11-03	2023-05-04	2.0 kB	226 kB	213.133.98.241
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04	2023-05-05	325 B	327 B	192.243.59.12
go.cambaddies.com	242269	2017-07-06	2019-08-14	2023-05-04	945 B	2.2 kB	88.208.29.90
uacabilqlgpw.cdnvideo3.com	unknown	2022-12-21	2022-12-21	2023-05-04	11 kB	235 kB	135.181.208.216
vjs.zencdn.net	4968	2011-12-27	2012-05-21	2023-05-05	814 B	151 kB	151.101.194.217
img.xxxfiles.tv	unknown		2023-02-07	2023-04-04	14 kB	926 kB	104.21.83.6
s2ipp.xyz	unknown	2021-09-03	2021-09-03	2023-04-30	467 B	459 B	168.119.9.12
tsyndicate.com	13042	2017-03-08	2017-03-16	2023-05-05	452 B	4.2 kB	136.243.130.121
cdn.tapioni.com	167297	2021-05-27	2021-07-01	2023-05-04	1.2 kB	3.8 kB	172.67.31.117
cdn.stripcash.com	unknown	2013-11-11	2020-02-14	2023-05-04	1.6 kB	3.2 MB	8.248.224.22
pxl.tsyndicate.com	14763	2017-03-08	2017-07-05	2023-05-05	1.5 kB	280 B	136.243.75.209
twinrdsrv.com	22283	2019-11-19	2019-12-10	2023-05-04	994 B	8.3 kB	172.66.43.59
unpkg.com	11693	2016-01-06	2016-01-08	2023-05-05	946 B	16 kB	104.16.123.175
vlcdn.tsyndicate.com	unknown	2017-03-08	2022-11-10	2023-05-04	648 B	36 kB	8.247.217.249

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-05	medium	xngqoc.com/er?a=1
2023-05-05	medium	instinctivetheeexemplify.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitzsaD60ENIgiKc%2FCgaCbdMz0zPeawGNdIMG6W3RV%2FXKS6qnpSprqrqeqengSE4ILucfQv6LxJNuiGRfG8IjPeggsZT3MwiODFq7BeZZLg6Hf5vtfvHV6%2FV5%2Fv5afERU4nq%2B%2FqHakUXWpU3crLH3jecmVdJnmv0guaHzf95Yrpvu657ar7SuVtwbb0Us31XNdzvcqqNCLSvSXP86ouZHrU9qptt%2BrXql7DR8%2F8H9vcgaUOePeULEDy8eWj%2Bz4kGyKJv70q7Fam09feinNFM23Q5YfvJVuJLhLEszMyDqLk8EINbU9Wf4BODs4MQ3f%2FFYZyTJw%2FfkeYHF64RNg9ODcaKogEIX8CRXcIoYaQdAimb0PyEwIwjmsbSOK717Qp6PY5S6fsmMw%2F%2BguyGJP5X59BEt9fUbJXualVnkmdWPSiErI3hOwMkeYjZDtzkMUILPsMkj8kS4%2FWkcT7G1ZpSD55yW3VeKMethdbrbZY9IXPFwO%2F2Vp02zU3oK5oN1n7LCEph5DREEr0Qe0ccusglw7yyEGeOoj5pNJifhDwoMGpYKwWRl4Q%2BZHfpsyNmFtv15Cz6T%2F0kaV9MNUHM7tIzS625FcnjYWT9TWY%2FEfYzRKWO7AZQZeXKARBYQkKSlBIgiIjKLrlAVe2Zsu7XNk89C527WLXy4HOOnv0QGcdkZC99JQ8PY3PeXzheWyJSYUxP4h8xlq1kHs0dBlvNTmjgesHNGg3GawsIe0cqHWwI8fksT8%2FRSrHZI7%2BjJCOYNUITD4Fmr8AWgxaNRd0c%2BAHLnaSo16vF0klbJXpGFyXSLN5ZNvOnjolz53VuPxkD4IdX%2Fn%2B74eTZ794FcyUSE2JT%2BRPBB11Z3BDF2T%2Fhi4s%2BW4jzWQsd%2Bi04psZzcSlb94R24U2fO2q7X%2F9BpsS0%2FPolrDZOk24TDqW3FuRnAuzqg0T5MGafV%2BE13O7uZKbJE%2FXr7%2B5uhanRlgrdTIElWNCJmtgckwuP%2Fjo7Pm%2BeO9DSDOEyUvE%2BTG5GEg9Akt3YdOZf6sJjJppwtRBkZcDUwtnH5UkUGKGaVjC%2FgeHs3vP3kHHOKDZbSRxia4p0VUlqOrD5pcGWWqOr%2FxSPxuEyhmEyjj7oTLqy%2FNwrZyW7ArqhS1PCC4adcb8JgvCZlT3WyJo8AYyO%2Ba3Rr%2F9AwAA%2F%2F8BAAD%2F%2FwaR7EaLBAAA
2023-05-05	medium	instinctivetheeexemplify.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2%2FcRBgdp%2BVAOQAVQkICsQcOIMjGdry7Nj1UlBIUEdqqLeLHBY1nxtshY481Y683kZAiKkGPC3%2BB8zZpBI0qEOcitMstolKW0x6IEBIXrkjlijaJWPgu33t%2B7%2FD8vvl8uzwiLko6XXlXb0ql6FKr6TZe%2FsDzLjTWZFb2G%2F2w%2FXE7uNAwvdc9N2q6rzTeFmxdL%2Fmu57qe6zVWpBGJ7i95ntd0IfP9yGtGbjPwm14rQN%2F8n9vSgaUOeO%2BInIfkk3P79wNINkKWfntZ2PVC56%2B9lZaKFtqgx%2Ffey9YzXWVI5zAxDpJs79QNbQ9XfoDOdo8DQ%2Ff%2BNcZyQpw%2Ffkec7Z2mRNzbPQkaK4gMMX8CVW8EoUaQdASmb0PyQwIwjitXkaV3r2hT0Y0Tlc7UCTn76C%2FIakLO%2FvoMsvT%2BJSX7jRtalYXUmUU%2FqSH7I8juCHk5RrG5AFmNwYrPIPlDsvRoDVm6c9UqDcmnL7kdn7eW42ix04nEYiACvhgG7c6iG%2FluSF0RtVl03JCUI8hkBCUGoHYBpXVQSgdl4qDMHaR82uiwIAx52OJUMObHiRcmQRJElLkJc5cjHyWb%2FcMART4AUwMws4XcbGFdfnXYOn%2B4tgpT%2Fgh7q4blDmxB0OM1KkFQWYKKElSSoCoIql69y5X1bX2XK1vG3un2T%2FdyPdRFd5vu6qIrMrKdH5GnZ%2FU5j59%2FHuti2mAsCJOAsY4fc4%2FGLuOdNmc0dIOQhlGbwcoa0i6AWgebckIe%2B%2FNT5HJCFujPiOkYVo3B5FOg5Qug1bDju6C3hkHoYjPb7%2Ff7iVTCNplOwXWNvDiLYsPZVkfkueMzXniyD8EOLn7%2F98Pps1%2B8CmZq5KbGJ%2FIngq66M7yuK7JzXVeWfHc1L2QqN%2BnsxDcKWogz37wjNipt%2BOplO%2Fj6DTYTZnD%2FprDFGs24zLqW3LskORdmRRsmyINV%2B76Ir5X21qXSZGW%2Bdu3NldU0N8JaqbMRqJwQMl0FkxNy7sFHx8%2F3xXsfQpoRTFkjLQ%2FI6UDqMVi%2BBZvP81tNYNTcE%2BcOqrIeGj%2Bef1SSQIk5p3EN%2Bx8ez%2FG2vYOucUCL28jSGj1To6dqUDWALc8Mi9wcXPxl%2BXgQK2cYK%2BPsxMqoL0%2FKtXLaEB3RjqLADTrcdeOA%2B77XEowuBzSivp90UNgJvzn%2B7R8AAAD%2F%2FwEAAP%2F%2F%2BbZEVosEAAA%3D

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-05-05	medium	badgegirdle.com
2023-05-04	medium	disdainkindle.com
2023-05-04	medium	disdainkindle.com
2023-05-05	medium	unseenreport.com
2023-05-05	medium	unseenreport.com
2023-05-05	medium	instinctivetheeexemplify.com
2023-05-05	medium	instinctivetheeexemplify.com
2023-05-05	medium	instinctivetheeexemplify.com
2023-05-05	medium	instinctivetheeexemplify.com
2023-05-05	medium	addresseepaper.com

ThreatFox

No alerts detected

JavaScript (52)

	URL	Size	First Seen	Last Seen
	www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600	7.6 kB	2023-05-05	2023-05-05
Pretty URL www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600 IP 104.21.83.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash 1dca2310d15c7a3d508c8b7185544028 72d14a5446de8ee3fa71319a5b6ef4c194138dee 572672a85f6ddbf139c9dcfa6a6a4a79b71fe3caa682c5ad5d6628b53592cfbf Loading...

	a.realsrv.com/ad-provider.js	88 kB	2023-05-04	2023-05-13
Pretty URL a.realsrv.com/ad-provider.js IP 185.76.9.22 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-04 19:53:08 Last Seen2023-05-13 01:33:20 Times Seen362 Hash a76e103d1d19a1711585ba045fd7b740 9962f556b06ff3409ab656fc985809f1a0b47366 9dd8d3d60a88285017f3bc865206402f549b43bd708d7fb7749cb761f070992f Loading...

	disdainkindle.com/cc/48/f4/cc48f4cc72bd1ab0cd76dca8048a896c.js	37 kB	2023-05-05	2023-05-05
Pretty URL disdainkindle.com/cc/48/f4/cc48f4cc72bd1ab0cd76dca8048a896c.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen2 Hash 24b22d9a7265b48fc4f97c2e6dc6fece 7cbbf27ce6d789c184ebd0a2cd88a691b13e6c16 133224d3c29ebadbe10d394a58db2f478342d96b27f8a20114440f49ffbc6bc9 Loading...

	friendshipmale.com/sfp.js	86 kB	2023-04-05	2023-08-25
Pretty URL friendshipmale.com/sfp.js IP 172.64.108.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:35:42 Last Seen2023-08-25 11:30:02 Times Seen8520 Hash 8bf542db65f0ff20d510889d62e5e092 1b1b7cc04275b7641e2f07b0f4bf99b5387303bf 77a3bebee72af7beb49cd94b7f16852a532aac5f3db8f610160440fe75ca4711 Loading...

	uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=	993 B	2023-03-07	2023-11-21
Pretty URL uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:23 Last Seen2023-11-21 01:22:39 Times Seen1071 Hash 02ebf860493181f6a40c089a99a9314d 34ba6d5eeb1106efda796d1f2c9545569c080141 9a9c68ef482c59f82d285a44bd678fd6f068716fb1cbd80bd43d2493bc805f73 Loading...

	www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600	1.6 kB	2023-03-07	2024-05-09
Pretty URL www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600 IP 104.21.83.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:03:02 Last Seen2024-05-09 13:50:54 Times Seen61 Hash ca0c97655f8e914d086753ecd5bbc772 e26fb75a10e3836212cbc8f8c0fcd769084f5ded 5ca45b27c61eb8902998682e4a788fb549779665c22e8a866350734a2eee12c9 Loading...

	uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=	312 B	2023-03-07	2023-07-28
Pretty URL uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:03:02 Last Seen2023-07-28 09:58:01 Times Seen8 Hash 2604e733c2db1f38e5d1f4898a456386 c08c3c7f664f09e8ccce7aa545440cd21da75ffb eb9008419bdfe4eb0b4a5950f95750361969cb02bd35027cee6ec16ba3f9c1ff Loading...

	uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=	1.2 kB	2023-05-05	2023-05-05
Pretty URL uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash 784288ff4ac6dce3186a9216a11b7712 29ee39d58fbd66a2623f69634c69d69d12c2c4f8 9bcfcc3ab8aa8d4776e752692c72cd0f7f2b24375a75977b19264f3bd00eeb60 Loading...

	www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600	3.1 kB	2023-05-05	2023-11-11
Pretty URL www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600 IP 104.21.83.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 10:53:14 Last Seen2023-11-11 17:10:35 Times Seen5 Hash 1b63fa15ba3079fb86ff35517fd97cbe 4cacfaff678ddb7984c264ce8cea7e62cfa56cd3 ec653f2b5bcf13a14aa95d19caeb37e5bb49ae5b528703b8667fdbeb13052752 Loading...

	www.xxxfiles.tv/js/plugins.js	131 kB	2023-03-07	2024-04-25
Pretty URL www.xxxfiles.tv/js/plugins.js IP 104.21.83.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:02 Last Seen2024-04-25 00:34:13 Times Seen72 Hash 3167e4fb71c974f622dd3466f4e73263 768f89b7870c63a58ceb948cbcd5c5407764c0d7 d3f2e6fa7cb777a8957a0673706c2df43280f6daa4e8ef3d502fa459185cbcb6 Loading...

	uacabilqlgpw.cdnvideo3.com/Ka0q1Ad.js	298 kB	2023-05-03	2023-05-23
Pretty URL uacabilqlgpw.cdnvideo3.com/Ka0q1Ad.js IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 15:49:02 Last Seen2023-05-23 11:45:53 Times Seen208 Hash 23b8c825ab9496210671ee28a11ad739 234cc79f86f1541f09a5a76b4beaf981f821b51a fe260ac7b1fcbe1d4dad3a1fe9b26326e2b764d5ebbf4924a99a1336d8462f49 Loading...

	uacabilqlgpw.cdnvideo3.com/PXXlKV5.js	176 kB	2023-05-03	2023-05-23
Pretty URL uacabilqlgpw.cdnvideo3.com/PXXlKV5.js IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 15:49:02 Last Seen2023-05-23 11:52:46 Times Seen323 Hash b72293f472e03870fe9c18b14bd789d3 5c9c0d5c0698b2d536aac3fcf4e604b6cdf38140 fd79e35698745da93b0418235d0af5de317d0a605d52b91441e0a23fffadf998 Loading...

	ubbfpm.com/av/1150082/inp3.js	203 kB	2023-04-21	2023-09-04
Pretty URL ubbfpm.com/av/1150082/inp3.js IP 95.216.206.230 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-21 17:45:16 Last Seen2023-09-04 14:39:52 Times Seen320 Hash 893780687a38b1b8fc95901e54d4e8ea 3be88744c5cdb0e734be7b98cd01224798b3a69d 494abfa36407ce327f8e9bfeed121e1d533960f6e905397a1783a476d0f38232 Loading...

	banquetunarmedgrater.com/advertisers.js	0 B	2023-03-07	2024-05-10
Pretty URL banquetunarmedgrater.com/advertisers.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 08:59:42 Times Seen37497654 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600	2.9 kB	2023-05-05	2023-05-05
Pretty URL www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600 IP 104.21.83.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash f36de23dec28740afbdbcc2c15d2a3f0 efe5b12aedb72dd3915973691d6d9a51441b32fc 3664c9f72eccfa5f779e4014fd4770ef20ee25b5fc9d9ffd70ca2795ca805e2c Loading...

	www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/sandbox%20eval%20code	147 B	2023-04-11	2024-05-10
Pretty URL www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-10 08:57:34 Times Seen346584 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-10
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-10 08:57:35 Times Seen346075 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600	23 B	2023-03-26	2023-11-30
Pretty URL www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600 IP 104.21.83.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 03:06:44 Last Seen2023-11-30 23:48:39 Times Seen117 Hash b7b5091066edc2c6a3681af13df7b607 979b48ebc472043967c76e72603c73c27216ee28 0fe65166934eb1e4c3335ec4d58ebc5ea54955be6e9b1a16bc0139787ad04959 Loading...

	uacabilqlgpw.cdnvideo3.com/api/users/433863?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25	522 B	2023-05-05	2023-05-05
Pretty URL uacabilqlgpw.cdnvideo3.com/api/users/433863?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash 43ab6e0d96ba6cd18901bd3011323903 ecd95d0ee1cdf1e0018460df1f594f236e858165 c7a494fc6f617b04a925f3b2db32e04ce67c925f5f02a023a372cc477cb677f9 Loading...

	vjs.zencdn.net/7.5.5/video.min.js	502 kB	2023-04-10	2024-05-09
Pretty URL vjs.zencdn.net/7.5.5/video.min.js IP 151.101.194.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-10 19:50:37 Last Seen2024-05-09 13:50:54 Times Seen995 Hash abf127b5ab0bb498119a93890119a660 86083627a04fe65a9ff242a3edb746b94da084a8 4122c012e6c8aba50f529e47785cd402e2b1f6dc1c643907a9fb65375d5cee11 Loading...

	cdn.tapioni.com/adgpt.js	2.0 kB	2023-05-03	2023-05-23
Pretty URL cdn.tapioni.com/adgpt.js IP 172.67.31.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 15:49:02 Last Seen2023-05-23 11:52:49 Times Seen395 Hash 1bb4911b52554d142695dbc6e0e1b158 ca29c7b7cfe2d180fb5f7b00007668af52550304 f89a6ae925ef3f030158b0b03d2a8f0a8bfaeae0e2ccea5a603d1e3c3065f660 Loading...

	cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/jquery.min.js	90 kB	2023-03-07	2024-05-10
Pretty URL cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/jquery.min.js IP 172.64.166.9 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:00 Last Seen2024-05-10 08:35:19 Times Seen4132 Hash 561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc Loading...

	uacabilqlgpw.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw=	307 B	2023-05-05	2023-05-05
Pretty URL uacabilqlgpw.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash c258c57f5e3573a9f0ad4092c05b2ba1 1907b7d79760507997fb6a20567cad3fc5a7c88a 4a4a0c627c9567cef573c190e8160dd3dd595bfb318266dcf8b16baea67e2bc1 Loading...

	uacabilqlgpw.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw=	1.2 kB	2023-05-05	2023-05-05
Pretty URL uacabilqlgpw.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash 6c7acb989f65f38c730fa1277f221d44 e71f7ac3d2566810d389e7a36c1f936d645d3204 51ccbe5d45de2572cb219cc1bc8f3c68e4238fae99999604770b329ec6bd5a41 Loading...

	uacabilqlgpw.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=	306 B	2023-05-05	2023-05-05
Pretty URL uacabilqlgpw.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash 51e0c70ed641c43947b57bfa17c2fde8 b8a3965bb0dd0cfe8104ce13286b8bcf51e6d000 18a2bbf19d2cec37f3843f3bc457ba0cfa506cc9344126bca6aadff35ee8ef3f Loading...

	www.xxxfiles.tv/vpaid/videojs_5.vast.vpaid.min.js	106 kB	2023-03-07	2024-05-08
Pretty URL www.xxxfiles.tv/vpaid/videojs_5.vast.vpaid.min.js IP 104.21.83.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:02 Last Seen2024-05-08 14:45:20 Times Seen1106 Hash 3eb2d1bdcb22ab1037fe9f6b5cf00143 b065d9fabe06ca3488cdd628c6da319c49dd4a78 66348d21d329d78be67f953ac0aad20a504ec3f3f911d3d67f58516475a18036 Loading...

	cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js	2.0 kB	2023-03-07	2024-05-10
Pretty URL cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:43 Last Seen2024-05-10 08:09:56 Times Seen4043 Hash 45f12de4d7b95a193ecdc5cfde664bb9 ee9541cf1a95d2a885f8b143a105caaa08ca9c9d 39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b Loading...

	unknown	565 B	2023-03-13	2023-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:12:14 Last Seen2023-05-10 17:02:14 Times Seen4 Hash 7417593d39beb7d63997fed9b3655703 4f5cca24d10755875371df9cce5f9f39eea6ee8c 6b86475c1bc5ab79cf74b732abdddc861fab8c434630e1b3adf5b6aaf51dd761 Loading...

	www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600	440 B	2023-03-07	2023-11-11
Pretty URL www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600 IP 104.21.83.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:03:02 Last Seen2023-11-11 17:10:35 Times Seen38 Hash 412f306bcf35a13307a32629f5be298e bf6f968bff371bf535394822bc4089202428c045 bc852fbdcf6253fa6588f43f90e3dce8d772450a77ea5985621b6a1a9b95911d Loading...

	www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600	791 B	2023-03-07	2023-11-11
Pretty URL www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600 IP 104.21.83.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:03:02 Last Seen2023-11-11 17:10:35 Times Seen38 Hash da3c9d4f798d83848c434e39865db44a 29651a54f1f9b05bf3b0e11b993ba579b0dc73c4 50963b0fd8c56fe1abbc091e77f2d241884e46ec30f769e1e32cfd67d763193b Loading...

	uacabilqlgpw.cdnvideo3.com/api/spots/329587?p=1&s1=%subid1%&kw=	306 B	2023-05-05	2023-05-05
Pretty URL uacabilqlgpw.cdnvideo3.com/api/spots/329587?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash f0113d911cfd47569a818ee47e2ad5ea 0ea022b69595e81fe298f7eceba2d3fa6266dcca fed919a9d5f991eb1d7758d013d89ad049ec8d11c80f7dddad37a185eafe27e4 Loading...

	badgegirdle.com/63/d4/5b/63d45b685911cef3b8cc3d1d1550bf85.js	60 kB	2023-05-05	2023-05-05
Pretty URL badgegirdle.com/63/d4/5b/63d45b685911cef3b8cc3d1d1550bf85.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen2 Hash 54857db6fb1e2e8509075d830d347413 f785395aa3f4fef47cfa1396b4da2044b41b2014 53ef15a9df3f7cfeb7741e00892e4fa3b2d129f70dcc4b4996bee1e0a58bd647 Loading...

	uacabilqlgpw.cdnvideo3.com/api/users/309159?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25	733 B	2023-05-05	2023-05-05
Pretty URL uacabilqlgpw.cdnvideo3.com/api/users/309159?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash 869066e027f0940a56317df73a0dfab8 ffe9a006ee666cad8068791efe7376fa3821dc80 2fc7fd890a4784d82d05d71277415922275d72b7d6eec4f8fb3358d874c6e7fa Loading...

	cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js	6.4 kB	2023-03-07	2024-05-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:02 Last Seen2024-05-09 13:50:54 Times Seen1052 Hash eb638361f3402431eb2195f569607d91 c00d931f8738add2a738429784343ea1702b19cf 2a9c9c017aa931fb3ea3db71751ab13c8d8f7e5c4e6f785d3922ad07820443b7 Loading...

	www.xxxfiles.tv/js/videojs.persistvolume.js	3.7 kB	2023-03-07	2024-05-08
Pretty URL www.xxxfiles.tv/js/videojs.persistvolume.js IP 104.21.83.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:02 Last Seen2024-05-08 14:45:17 Times Seen690 Hash f2bdaf6b076a3f5c4b201043fa99e7e6 f55071bc8b46698523719fa2be0528fdbf2dc53b 7876724352a649e130f98ef346619e17272581ce1db46e7dbafc470a7354d055 Loading...

	uacabilqlgpw.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=	305 B	2023-05-05	2023-05-05
Pretty URL uacabilqlgpw.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash adb35c0125fd11318454699e515716aa dd67018fd0b76f52092b5d6b1049d73a6cfea19d 7e154a73467fe4ea36a738bcdf92fcb5d0f8de0c92c03a6bebe47bc900a3aa3a Loading...

	uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=	962 B	2023-05-05	2023-05-05
Pretty URL uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash 4784774b26a6c28974ce48870bcf02c8 e6738d309db9081052ef93d09ac4cda00962b488 a92e508403228d1863906b02ece09a374be3e26777e9b94748ba9b97aa0b224e Loading...

	www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600	834 B	2023-03-07	2024-05-09
Pretty URL www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600 IP 104.21.83.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:03:02 Last Seen2024-05-09 13:50:54 Times Seen60 Hash b9cf4d634c1477ec562587641739a768 28ace4012e9df695e856f2fdff95ed67bad9060b a27749bbbb0692f9fcc90d5cfcdcba076f498b0dd4f722c4859a023cdac4b6ce Loading...

	www.xxxfiles.tv/js/kvs/main.min.js	267 kB	2023-03-08	2024-04-25
Pretty URL www.xxxfiles.tv/js/kvs/main.min.js IP 104.21.83.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:36:40 Last Seen2024-04-25 00:34:12 Times Seen76 Hash bbfc761f3a524e108e25fc8c5451ef5b 0daaa3873cada1fd1283409fa6729249c51c404d c6900d97762ace02398d34ae5bed95f7b4765c74353b1fde456fa352d070a119 Loading...

	www.xxxfiles.tv/js/main.js	21 kB	2023-03-07	2024-04-25
Pretty URL www.xxxfiles.tv/js/main.js IP 104.21.83.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:02 Last Seen2024-04-25 00:34:16 Times Seen109 Hash c719a8f50a9ec082de5a40a2d0b1a442 e9c74b76c56ad7106bd75cb77ef4bbbdb6f67859 96c5ec1f6d8d942a6c1f563600a7f05d8424371972aeb6576be2cd762bee5b1c Loading...

	unknown	52 B	2023-04-11	2024-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-09 13:50:54 Times Seen3853 Hash 6d859e188748e3ba44797981c8640bb5 0511b236880e0d87a7d09c6e1a2515e6eec187cc a43cd3864ec7130f8089603df97ad3060f876dc4d31c2a65746043c05733d4c8 Loading...

	www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600	2.8 kB	2023-05-05	2023-05-05
Pretty URL www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600 IP 104.21.83.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash 2fe23e1dca009d8205c872ef36284013 1a9911791be0da67ac50ed7dcfbcb882b4204398 f591a34b75ffb3b71112be54f0063c2b7cbf89626f8291b3b2c230e61e85a023 Loading...

	uacabilqlgpw.cdnvideo3.com/api/spots/329587?p=1&s1=%subid1%&kw=	1.2 kB	2023-05-05	2023-05-05
Pretty URL uacabilqlgpw.cdnvideo3.com/api/spots/329587?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash 9caec1b86b79e501cdfde7c5fd92a6d8 c0dd0c87df0c40b703db75a8532abe6e6dd977af 259ba50c21ff305ccd094b61c57d2ed57d19273e997a283d23c05a95466b775b Loading...

	uacabilqlgpw.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=	1.2 kB	2023-05-05	2023-05-05
Pretty URL uacabilqlgpw.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash c8b30b0095f6360ec3eb863e803b4b09 cd3d629b0502820273bd255ac781c4e9853aea54 bb6c54a2f5c9e22c292a6cb94dc6ff56bb15ff529b456e9e363e04d8235ecfd1 Loading...

	unpkg.com/silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js	21 kB	2023-03-07	2024-05-09
Pretty URL unpkg.com/silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js IP 104.16.123.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:17 Last Seen2024-05-09 13:50:55 Times Seen1166 Hash 242c96b6f341fad00f677b568a7a6e6b 7ba156f36a99393095461ef4ed1f29e5a26732e6 2b17f02db63529b2ba6fe67c320b69ff803b775b7bd6c70ce4809c5c660ab30b Loading...

	unknown	411 B	2023-04-12	2023-07-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-12 15:47:44 Last Seen2023-07-28 09:58:01 Times Seen281 Hash 0475da959bcc24df5393711ad24128b4 a953f53a8a5810bfd41093d4723555ceef154b17 f267613aa09f4c389bd82da2436e55495ce148621b4bc9bf203d21a334b17b84 Loading...

	uacabilqlgpw.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=	1.2 kB	2023-05-05	2023-05-05
Pretty URL uacabilqlgpw.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash 506e5a9857e05967f40aa35b7a790d22 bfbc03ed7bfd0f26d5d1c3e052ab85b4620e8837 c305618f3520ddfea632ea38e537e5ae342cd330e9dc5be71afd7d4b3f8df90c Loading...

		Size	First Seen	Last Seen
	#1 Write - 570880e9196ea59b10b6aa017596944b	268 B	2023-05-05	2023-05-05
Pretty Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash 570880e9196ea59b10b6aa017596944b b73e974721e7aa6ea8e0beb14d445284fc8b13bb 81aff8486f1ac5361970879c43ba7000f01822e68741e1f6f9380bff95adb664 Loading...

	#2 Write - e0645cce37c3f2b4d47b482623757fe8	269 B	2023-05-05	2023-05-05
Pretty Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash e0645cce37c3f2b4d47b482623757fe8 7802c62bb05655d6b31e6d092af9e9812a2b8ed3 4ba83e2501a4474296c19c79aea7efb33b2c069adb095f647b53ffaba58fb948 Loading...

	#3 Write - 6b31e4e0071daf26c4373eb94d44509e	267 B	2023-05-05	2023-05-05
Pretty Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash 6b31e4e0071daf26c4373eb94d44509e 6dd6303646eea30f86ae8505534f974bcab244be 93e041b73875c8fd66c11c35ba594baf0114235f9321601bd1e031ccd8f9100a Loading...

	#4 Write - 7cce747d822f7c751df327295fb7f652	268 B	2023-05-05	2023-05-05
Pretty Observations First Seen2023-05-05 10:53:14 Last Seen2023-05-05 10:53:14 Times Seen1 Hash 7cce747d822f7c751df327295fb7f652 f3966b026fafae2fd437da67ac776848e1f5c3d7 bd92d0635c8b1d272f7d8706ed8c3a9db0c7f627bf95b90e1bd473d0779661ad Loading...

	#5 Write - e6ff15719e50f19060718a9a2c68b43b	247 B	2023-03-07	2023-07-28
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-07-28 09:58:01 Times Seen8 Hash e6ff15719e50f19060718a9a2c68b43b b100762867aa1a046f8953995bba039dc628ef48 bbf43394b9eed50b59a4b27d02d23884a5fa976987ec55cc8fa4316ff471c955 Loading...

HTTP Transactions (145)

URL IP Response Size

www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

104.21.83.6

200 OK

17 kB

URL User Request GET HTTP/1.1
www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
IP
104.21.83.6:80
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7475)
Size
17 kB (16850 bytes)
Hash
6adccccc59385a1e1b2b67ba3d7367c3
ceb56ed4d9acf3f688f31c7e9a4d5fc14a4f10d9
213d0cf8c4752b46a320f14c5a2edb129adae1f763573f28c9bfa274d0570362

HTTP Headers

GET /videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:45 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; path=/; domain=.xxxfiles.tv; SameSite=Lax
kt_rt_ts=643600; expires=Mon, 29-Apr-2024 08:52:45 GMT; Max-Age=31104000; path=/; domain=.xxxfiles.tv; SameSite=Lax
kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; expires=Sat, 06-May-2023 08:52:45 GMT; Max-Age=86400; path=/; domain=.xxxfiles.tv; SameSite=Lax
kt_ips=91.90.42.154; expires=Sat, 06-May-2023 08:52:45 GMT; Max-Age=86400; path=/; domain=.xxxfiles.tv; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coeVFLuCUVRIFGvC%2FSBFwaxoUeXGSULtGncFJ1l9g69gdeB2waV6WCe03vT4OOFI1tqdn9IsiKt%2BIGCJgeJTpOlROnHtICEf26HVjy2sey5WcqnAWoHmeWdvml8dyQIEXIk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c27bfc5bc63b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.xxxfiles.tv/vpaid/videojs_5.vast.vpaid.min.js

104.21.83.6

200 OK

32 kB

URL GET HTTP/1.1
www.xxxfiles.tv/vpaid/videojs_5.vast.vpaid.min.js
IP
104.21.83.6:80
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
ASCII text, with very long lines (32057)
Size
32 kB (31864 bytes)
Hash
560633af767972e3920012cbf83c148b
7f4848825c8237cdac326b8ee74ef20fe1531c83
cc2f218efee95ea1599ff2c3879cc93bcf23e974210aef7f56694fa83861e9fa

HTTP Headers

GET /vpaid/videojs_5.vast.vpaid.min.js HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Nov 2019 11:59:07 GMT
Vary: Accept-Encoding
ETag: W/"5dd52a8b-19ebe"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 2131984
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZ8Xt%2FJr78m0fY5O8QSifPp2R4UHnDElr6CogoZf3sjdSlG28pDM6Cddc6pZ9LNxE%2BfiCe1E3vpjRjvXFL8Mvl3aELJpP1yXM8ULcAZgzaywEVFrTExsmpSSNHfVoseT7xo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c27bfc6cdceb4fa-OSL
alt-svc: h2=":443"; ma=60

www.xxxfiles.tv/vpaid/videojs.vast.vpaid.min.css

172.67.210.53

200 OK

773 B

URL GET HTTP/1.1
www.xxxfiles.tv/vpaid/videojs.vast.vpaid.min.css
IP
172.67.210.53:80
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
ASCII text, with very long lines (1935)
Size
773 B (773 bytes)
Hash
6845152df80dd7d9aeb046f4e4a31772
5cd1f9eb1e2d19f7b0f46ccecf12d658a62ad324
937976cc423649a6506d474e36ee37a9c6dae07ec617296369f106a32159813e

HTTP Headers

GET /vpaid/videojs.vast.vpaid.min.css HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:45 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Nov 2019 10:54:23 GMT
Vary: Accept-Encoding
ETag: W/"5dd51b5f-7c7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7600374
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvRE6m%2Bgr0UoGq8ekcMr6EPGjNAX%2BnJiXpDbISpuolVcak4B7%2F2vVd44D4PUT9oSf07vEBZdbDIBIz%2FQ4hMSa8iCfsAbdSRTPpcha4kC6xHmnrdIMErYLbBfByVAxAi6R%2Fs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c27bfc71d8ab527-OSL
alt-svc: h2=":443"; ma=60

cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js

104.17.25.14

200 OK

1.7 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text
Size
1.7 kB (1675 bytes)
Hash
25262966b8186937356da73b4437077e
119334d19971c98dbb41ed0a074df6f9ee76414c
550053ac2111a284edfc27b8c6ed672dea9d9ae72e389e555620e1ab53e3fd78

HTTP Headers

GET /ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 1675
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04020-18dd"
last-modified: Mon, 04 May 2020 16:17:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 21913304
expires: Wed, 24 Apr 2024 08:52:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGcktx2e%2B9sWv42f6A5RlmEAvEY5kpro%2BkKtD%2FB4fYFNDPlLS7NAo195H6A0y4FgSZEKyS1mdgR7YrcSx%2BotFEgmK88jiRIv0tb%2FevuDWB3MgUlbvlIzSXAfi5ztHtBbos7nnhDj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c27bfc76f25fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css

104.17.25.14

200 OK

256 B

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text
Size
256 B (256 bytes)
Hash
098110bd3ec60e725e6ac659dec292f3
2079d41c25bec276e4dcd4dcbc3c2cdd5c8cad25
13a4726b6560cb70580a6535e9b165bf3c0a447ea054c844043668d1e2ef5e6e

HTTP Headers

GET /ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: text/css; charset=utf-8
content-length: 256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04020-36a"
last-modified: Mon, 04 May 2020 16:17:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8503016
expires: Wed, 24 Apr 2024 08:52:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icH7bCvEN3c3cJs9%2Fss9x%2FlV9pDnQ%2Fo0G9G2ZWvfnieptFQFIdlVMCtPeWNTCggwRJiVasIDTOLNIOYgiy2sGV34wHKwnpADJMAHz5jvQLZ4ELUUbcnTQKQ3staBLP0GY8hiY%2Bn4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c27bfc77f32fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css

151.101.129.229

200 OK

375 B

URL GET HTTP/2
cdn.jsdelivr.net/npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (449)
Size
375 B (375 bytes)
Hash
fbee40477e7809313d67c319f6e37207
8d1b0f7bd1ef8c80d03b44e6163ba7943fcefe96
382c00fcf41cf8def634c66b83a204657e7aad57485c880277b27e62c2b457cd

HTTP Headers

GET /npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.1.2
x-jsd-version-type: version
etag: W/"299-rLWKZXMtTX2vbGY6rnhXUEYaKx8"
content-encoding: br
accept-ranges: bytes
date: Fri, 05 May 2023 08:52:45 GMT
age: 4391579
x-served-by: cache-fra-eddf8230075-FRA, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 375
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/cZAjeQ7.js

135.181.208.216

200 OK

53 kB

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/cZAjeQ7.js
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
Unicode text, UTF-8 text, with very long lines (65472), with no line terminators
Size
53 kB (53079 bytes)
Hash
9ed7d287590f193c89d8a63d423a7b91
696489b43237b89c23307740d67648802a8dd407
8271b03b3c2bbf3b048ab27244501d7dd42397947f1888bd3c2c0be4065e4b27

HTTP Headers

GET /cZAjeQ7.js HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:45 GMT
Content-Type: application/javascript
Content-Length: 53079
Connection: keep-alive
Last-Modified: Wed, 03 May 2023 10:53:04 GMT
Vary: Accept-Encoding
ETag: "64523d10-cf57"
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: public, max-age=315360000
CF-Cache-Status: HIT
Age: 167
CF-RAY: 7c17ff11cd92fe3c-HEL
Accept-Ranges: bytes

uacabilqlgpw.cdnvideo3.com/PXXlKV5.js

135.181.208.216

200 OK

53 kB

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/PXXlKV5.js
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
Unicode text, UTF-8 text, with very long lines (65472), with no line terminators
Size
53 kB (53079 bytes)
Hash
9ed7d287590f193c89d8a63d423a7b91
696489b43237b89c23307740d67648802a8dd407
8271b03b3c2bbf3b048ab27244501d7dd42397947f1888bd3c2c0be4065e4b27

HTTP Headers

GET /PXXlKV5.js HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:45 GMT
Content-Type: application/javascript
Content-Length: 53079
Connection: keep-alive
Last-Modified: Wed, 03 May 2023 10:53:04 GMT
Vary: Accept-Encoding
ETag: "64523d10-cf57"
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: public, max-age=315360000
CF-Cache-Status: HIT
Age: 167
CF-RAY: 7c17ff11cd92fe3c-HEL
Accept-Ranges: bytes

uacabilqlgpw.cdnvideo3.com/Ka0q1Ad.js

135.181.208.216

200 OK

84 kB

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/Ka0q1Ad.js
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
Unicode text, UTF-8 text, with very long lines (65472), with no line terminators
Size
84 kB (84035 bytes)
Hash
8a8c9c458239547753f284483adeea55
9e0b50b2493e3a3640928945ebadb3fdbe8bad47
f4bea037324de639af511af7d66b7ccb9f4cd3aca2ece851461de4faf6393d55

HTTP Headers

GET /Ka0q1Ad.js HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:45 GMT
Content-Type: application/javascript
Content-Length: 84035
Connection: keep-alive
Last-Modified: Wed, 03 May 2023 10:53:04 GMT
Vary: Accept-Encoding
ETag: "64523d10-14843"
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: public, max-age=315360000
CF-Cache-Status: HIT
Age: 63
CF-RAY: 7c17fc8319e39028-FRA
Accept-Ranges: bytes

vjs.zencdn.net/7.5.5/video-js.css

151.101.194.217

200 OK

10 kB

URL GET HTTP/2
vjs.zencdn.net/7.5.5/video-js.css
IP
151.101.194.217:443
ASN
#54113 FASTLY

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGlobalSign nv-sa
Subjectvjs.zencdn.net
FingerprintF1:9D:59:01:F6:51:96:37:CE:E1:24:CD:15:E5:5E:AA:56:F0:05:7E
ValidityTue, 30 Aug 2022 21:42:19 GMT - Sun, 01 Oct 2023 21:42:18 GMT

File type
ASCII text, with very long lines (5636)
Size
10 kB (10533 bytes)
Hash
63ef1aa5ef8f1bb4fcb8019a9ad157cd
9cbb2b320cce447d40e3af5118042587263158d5
d5b5c765198056aece9fbee1b43a9873a8a6e0fe6a954f48d001bc030e106146

HTTP Headers

GET /7.5.5/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 13 Jun 2019 18:18:21 GMT
etag: "29daa9b197765c0111b16939ce1264a9"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Fri, 05 May 2023 08:52:45 GMT
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 2088
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10533
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js

151.101.129.229

200 OK

1.1 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (1619)
Size
1.1 kB (1078 bytes)
Hash
a51b89be0e1cbd1b4d1f4e512117fa08
5c10e719fe19d0213007f25994390d2efeccc7f0
bd91d3ab1d1f1789802d083132beb160a8b462f1ebcb1d61cb03ddbcf63323f2

HTTP Headers

GET /npm/js-cookie@2/src/js.cookie.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.2.1
x-jsd-version-type: version
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
content-encoding: br
accept-ranges: bytes
date: Fri, 05 May 2023 08:52:45 GMT
age: 28371
x-served-by: cache-fra-eddf8230099-FRA, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1078
X-Firefox-Spdy: h2

vjs.zencdn.net/7.5.5/video.min.js

151.101.194.217

200 OK

139 kB

URL GET HTTP/2
vjs.zencdn.net/7.5.5/video.min.js
IP
151.101.194.217:443
ASN
#54113 FASTLY

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGlobalSign nv-sa
Subjectvjs.zencdn.net
FingerprintF1:9D:59:01:F6:51:96:37:CE:E1:24:CD:15:E5:5E:AA:56:F0:05:7E
ValidityTue, 30 Aug 2022 21:42:19 GMT - Sun, 01 Oct 2023 21:42:18 GMT

File type
Unicode text, UTF-8 text, with very long lines (65133)
Size
139 kB (139372 bytes)
Hash
741643d714b183c3f826744c3bbfcd80
d1fa740fe9a65586e7429185fb29b7429ae1c8ed
b98fafac4d965c8cb9a83c5ce00e723466a6a08f51455a67298a7492b06e0e87

HTTP Headers

GET /7.5.5/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 13 Jun 2019 18:18:22 GMT
etag: "abf127b5ab0bb498119a93890119a660"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Fri, 05 May 2023 08:52:45 GMT
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 139372
X-Firefox-Spdy: h2

img.xxxfiles.tv/183000/183894/medium@2x/1.jpg

104.21.83.6

200 OK

60 kB

URL GET HTTP/3
img.xxxfiles.tv/183000/183894/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
60 kB (59471 bytes)
Hash
409b195efb1e4300305a80999c52bc6e
6bed1c79c729f5636f88ede26ac95d5723f173ca
f9115d930a78b5c233da675565523728df3f5bfc8b3df09b1ed7e01b401a05a6

HTTP Headers

GET /183000/183894/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 59471
last-modified: Wed, 15 Jan 2020 19:08:04 GMT
etag: "5e1f6314-e84f"
expires: Fri, 05 May 2023 09:22:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBdN5rHi7%2FGGXboZrKowzvbvJO3OX6Wh%2BWAuYEyOQ5kUI0JlR0TeQjAZpnt3tdIXzJgQ1BVz%2FrsWKmD%2BtMdHo%2BhuYtKXsmorw8vfYXnysZXKJ1Fqe1Q%2Fe22cGmM6%2BMqG2gY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80eab1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/55492000/55492292/medium@2x/1.jpg

104.21.83.6

200 OK

37 kB

URL GET HTTP/3
img.xxxfiles.tv/55492000/55492292/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
37 kB (36622 bytes)
Hash
b4299301054bfcb229311650c91a8319
17687101b4e71d1ab69e347316e7a83e8e36b221
d8ca2235ee1f9f122b2097a6c165c3a709b68caae61912edcef1926d9048b347

HTTP Headers

GET /55492000/55492292/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 36622
last-modified: Fri, 24 Jun 2022 21:26:26 GMT
etag: "62b62c02-8f0e"
expires: Fri, 05 May 2023 09:40:20 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWUPf4H886nApSoNtVI8KS2wHsvHhhDmWTGMVgYcbilM77VMKenIACqWktb3NDRy8%2FAoB2JuO7RfG069dwnZIZ3WTw2r8fkq0DkMAB0LXaH6GxmqyKvSruH9knE6ZPe6fY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea41bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/341000/341806/medium@2x/1.jpg

104.21.83.6

200 OK

47 kB

URL GET HTTP/3
img.xxxfiles.tv/341000/341806/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
47 kB (46960 bytes)
Hash
7b3c30314d5d4a774ec504e65f018f59
eb09c7c9b966120e87c5dd1011e6aabcdb0931cc
3856e7c2beb11c6e3eeac35f3b496d54a07406da802cd53faf9926580b9a604a

HTTP Headers

GET /341000/341806/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 46960
last-modified: Sun, 23 Jun 2019 00:37:59 GMT
etag: "5d0ec9e7-b770"
expires: Fri, 05 May 2023 09:22:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOy%2Fq4hASwrRlLC9XXAN%2Bh%2BmvPNZPENmiSo5AELQ%2FvO1kcgugAi2XxGhAyYCkvapaoRLeCsxx%2Bt6h4vr4XWEJBrQsNxqezeg576aZxviIR3IXJXhv%2FpsNOF1CWweeSHqUp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea71bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/249000/249894/medium@2x/1.jpg

104.21.83.6

200 OK

35 kB

URL GET HTTP/3
img.xxxfiles.tv/249000/249894/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
35 kB (35050 bytes)
Hash
204da2b9b9a1ede0c7d55d6c8aa55454
6347ce203edaf42a277110642a5cd6e8905fdda3
6b8724bdc28c0976b23d7b1fcac266d75addb301d37e993c1e5deab2f097afc8

HTTP Headers

GET /249000/249894/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 35050
last-modified: Mon, 13 May 2019 07:13:22 GMT
etag: "5cd91912-88ea"
expires: Fri, 05 May 2023 09:30:42 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1323
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUCfxdLlEX3lB1Ds4v3Qjxejr%2B5ysU9aKwA75xvRHenRRe349WUylHv3AVJelSHW8CpZqnGi9M02bSqbvA7DuMhsTjsSjLvPdBmLfL28lS%2FVbDi1bUjbRmkg34kh7IzdfwU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec11bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/233000/233003/medium@2x/1.jpg

104.21.83.6

200 OK

34 kB

URL GET HTTP/3
img.xxxfiles.tv/233000/233003/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
34 kB (34211 bytes)
Hash
49e62066bffa1d5cafa63007a56b14c4
7d8345f6006ba69e6daa77fba0e14ee8554bec02
f6f961a7ff9e26fecccc9917a519fa2dea2d08ca4be1aaceee424f598415192f

HTTP Headers

GET /233000/233003/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 34211
last-modified: Fri, 07 Feb 2020 21:05:30 GMT
etag: "5e3dd11a-85a3"
expires: Fri, 05 May 2023 09:43:55 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 530
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSZJU%2BcI8L6D5SjxSgAaVALuHf4l8ibC1VPJAIVkB4%2Bm85I82LvEhv7afJwkuzzjgbtMOWSL6THTJ0R8x5NwYKF%2FQhch2R0OjhOZY1KtO7h9MLlKND%2BWcdz19Ad81UZrAfg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ebf1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/197000/197323/medium@2x/1.jpg

104.21.83.6

200 OK

45 kB

URL GET HTTP/3
img.xxxfiles.tv/197000/197323/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
45 kB (44889 bytes)
Hash
694b04031cd62d14a03271f3b62858c1
4cc4e063d236e9f43570ad5600b2d1bb18f44801
e7adb95e85553c65e8cc93726939ce15671a85983efc5c51e917b878e7905714

HTTP Headers

GET /197000/197323/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 44889
last-modified: Wed, 22 Jan 2020 14:08:45 GMT
etag: "5e28576d-af59"
expires: Fri, 05 May 2023 08:54:14 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3511
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJbpJuzTemHiKll9lB2Yvm%2B1U6Y46XhVzw6PWJ6LRvNpgkQXyfIWW4WAS6HP3ZfQNbX%2BGSXElDln4PE%2Bm7ekXZQTY8LwmiJzqaXzaJOPjqUtlDNh7qtyMOtZzXpHcmBb32A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec61bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/341000/341548/medium@2x/1.jpg

104.21.83.6

200 OK

43 kB

URL GET HTTP/3
img.xxxfiles.tv/341000/341548/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
43 kB (43006 bytes)
Hash
8f31bc85f3bce3d52bd8dbe51f43b58a
97a4d95fd34e63c93d42c3e05ed95eab575737c6
47caeca6f822a980fe5dc8e7215bcedad351977f4c956568b34f75988e1b85b1

HTTP Headers

GET /341000/341548/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 43006
last-modified: Mon, 27 May 2019 11:11:53 GMT
etag: "5cebc5f9-a7fe"
expires: Fri, 05 May 2023 09:30:42 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1323
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAoHYUoDFwdodyXBgAXdQ8lMlZZyX4yFQqpc9pFJHjDsap4K6o%2FXhVksRdW8Gm4%2BheZf7UtHrdG%2BbFb2m7CAOmZXtvzz9xtPoHNZh3tHmDW7PH9%2B0S%2F8szRDCnadwsMmDzM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec31bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/341000/341235/medium@2x/1.jpg

104.21.83.6

200 OK

57 kB

URL GET HTTP/3
img.xxxfiles.tv/341000/341235/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
57 kB (56628 bytes)
Hash
94b52d23577d98bcef21fac912549126
e85b7431582ba655d342b02e6cb226a1e37f2272
2c1ea5cd009d5ea731cfbb52fc40289f3f311631f47952017f68149b1b70b108

HTTP Headers

GET /341000/341235/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 56628
last-modified: Tue, 18 Jun 2019 21:49:38 GMT
etag: "5d095c72-dd34"
expires: Fri, 05 May 2023 09:07:45 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiOUxHsYHOtJSF%2Br4JzwixJi9yb9sTdzcWl5uEKHvgWRVABfjis04KVON%2F1h%2BN3Nixz5yf9Y4fmILBUE3SwyiAtcybSwQJXq%2BpP8g0Nj%2BYBPB%2BYj%2B03dlz7JX4OL0xuMfCU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea81bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/235000/235313/medium@2x/1.jpg

104.21.83.6

200 OK

41 kB

URL GET HTTP/3
img.xxxfiles.tv/235000/235313/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
41 kB (40715 bytes)
Hash
cda3e3cbee1cae281ef1e7c7e92b684f
7218c66a2ed11ab9120cb2b3fc8e35573a1af8e7
c89cfef1c4b9221e31d280e80d678fc427ca4f2e705e6d87c9ef252bc5ebd3e4

HTTP Headers

GET /235000/235313/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 40715
last-modified: Sun, 09 Feb 2020 18:49:54 GMT
etag: "5e405452-9f0b"
expires: Fri, 05 May 2023 09:30:37 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1328
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08qdpC7yHaGbzzfwq363PDaAXJoBAx81Yodtx1XQge50hU8sWRjbYJtZm632MycSo1qRbDY2Po0DxamlNTi8kNzUIOb0Bm%2BWhgrsqjuK%2FtEv9Uyscj9ZUf8J4nljNYHh24g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec01bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/710000/710819/medium@2x/1.jpg

104.21.83.6

200 OK

42 kB

URL GET HTTP/3
img.xxxfiles.tv/710000/710819/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
42 kB (42465 bytes)
Hash
8a92613abf822de4d96dcd8b21c9d18d
b7492631bc67418b4792d7a40e5c70d0bc717b45
1bcb0bc7fee196a8ec63c2b7d94e017969006be1c6744cf5d4c5b441d358e29a

HTTP Headers

GET /710000/710819/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 42465
last-modified: Mon, 09 Nov 2020 11:26:42 GMT
etag: "5fa92772-a5e1"
expires: Fri, 05 May 2023 09:52:45 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLyCoabRwgsvRM35lZCsryNqkhupeX8qbf0FlUs0JGBQrU2vEH27XoDB9i8TO64R6iswAmsGmibwsyHsNnnPObkiLDIfpTH7FC8Hu1Yzt9Z5QsnXQ2ObGOIxDeIRE8PnemU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea31bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/145000/145493/medium@2x/1.jpg

104.21.83.6

200 OK

52 kB

URL GET HTTP/3
img.xxxfiles.tv/145000/145493/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.64.101", baseline, precision 8, 744x420, components 3\012- data
Size
52 kB (52137 bytes)
Hash
063fbfb220177d4c5d6177bc7ef78205
b6f7a0452aea72d6dbd37130ebe2afc2ae7261a2
8d6922a464ff228ef5d11b0e8a8fa58d53183f325453893f491eb5c83a294bb4

HTTP Headers

GET /145000/145493/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 52137
last-modified: Fri, 29 Nov 2019 18:38:01 GMT
etag: "5de16589-cba9"
expires: Fri, 05 May 2023 09:46:34 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 371
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pb3n7wJjKV0n63kAuVrnWDffM5wu2uE%2BQjx5QIgOVeArLQBC%2Fbs3AZriC8aopJwOpAr3aU%2Fckh01y4smWq3jrt029nIO%2FfG0jjU74uycMHc1jz2yYQj40iErxfcv9iSDpjQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea11bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/151000/151328/medium@2x/1.jpg

104.21.83.6

200 OK

28 kB

URL GET HTTP/3
img.xxxfiles.tv/151000/151328/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
28 kB (27809 bytes)
Hash
851e256baf9d258c42bd6104cff9ff92
745aa8b8fc4db2edde5a1f82a5576bfe605a5160
baa00eaf9a52f95b56fee8cd096a9f85584f7db944311954f381c76c7c027044

HTTP Headers

GET /151000/151328/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 27809
last-modified: Fri, 27 Dec 2019 21:17:13 GMT
etag: "5e0674d9-6ca1"
expires: Fri, 05 May 2023 09:46:34 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 371
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMmYJ2VMFCVA3ZqXAaLUnbo8NPtToRUX%2F9xm9nZpTXVpMhRMJgfobGPUr%2FMRJNhh4qleo%2BU7uI96XdHQjd5j1l1cT2yXZzxM%2F86ReTWoFg66Ekm5LnTaMsKo5q6hgT0JkUM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea21bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/193000/193692/medium@2x/1.jpg

104.21.83.6

200 OK

68 kB

URL GET HTTP/3
img.xxxfiles.tv/193000/193692/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
68 kB (67716 bytes)
Hash
2e606971868c198057fffcd0fdbe63c4
f956197643861c4332037a859ed59b30b1b450c9
22f2fed810c10e3236c412aef9e965c78e7f4c1a8537a361d5ee465317175271

HTTP Headers

GET /193000/193692/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 67716
last-modified: Sun, 19 Jan 2020 19:34:33 GMT
etag: "5e24af49-10884"
expires: Fri, 05 May 2023 08:54:14 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3511
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0nlabTSM1mDBw8KuhnQFfAvqO7tJtqUbjeww%2F3bf3%2FC1ayyEym9KrfHmtF0BJESKsAc%2F7oCHO1K4DAHWrYOoNrHS%2BouAYmVfcwfklZxevHyrmekT0B30j4Lka6zPsxp2Fk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea61bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/237000/237014/medium@2x/1.jpg

104.21.83.6

200 OK

40 kB

URL GET HTTP/3
img.xxxfiles.tv/237000/237014/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
40 kB (40316 bytes)
Hash
e013a41afe74a24894105a70da553cd9
24e38e776e22e4dcffe4f44d6a5f6523b84856a4
b7b26712f3a1326d7912753e35021668c23ed80defda04c040c47f7a018dd077

HTTP Headers

GET /237000/237014/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 40316
last-modified: Sun, 09 Feb 2020 19:08:39 GMT
etag: "5e4058b7-9d7c"
expires: Fri, 05 May 2023 09:46:34 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 371
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CoaFZ4t8vgoeM9v%2BUdzrJbzad8IrPDTSusoxf%2FfykdpHQ%2FNH0u02Jd1eNFBRj9xrNdWjLECzsslmfTf0GbviIJa%2F5DIXdfcZOTwv8jolFLYdG0WD3FbpRALk8BJDWhSvUZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80eaf1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/139000/139160/medium@2x/1.jpg

104.21.83.6

200 OK

37 kB

URL GET HTTP/3
img.xxxfiles.tv/139000/139160/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
37 kB (37346 bytes)
Hash
28d999d98837d9545ef3450255cd862d
fedfdd885140d0dc6ea1c90cca4310e1a0e36d4d
5cceaa5c93799242f7249d2476a9a3ca1c5772bd6db1a90772db657ac9d1a5e8

HTTP Headers

GET /139000/139160/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 37346
last-modified: Sat, 09 Nov 2019 10:52:42 GMT
etag: "5dc69a7a-91e2"
expires: Fri, 05 May 2023 09:40:20 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pf4rcqWmxD56RUAkDgJrBwq7mv1QtYDFo29yTvbfHdwsV%2FdZi%2BkUeXyxBLMszI7AzEJeLb1cqsmuU1PSKCjpVskW%2Bo0BGlR7O%2BYjX23%2FvYjNYi4cx3zT%2B2Ah%2BAwb7D4QeWM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ea91bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/141000/141815/medium@2x/1.jpg

104.21.83.6

200 OK

50 kB

URL GET HTTP/3
img.xxxfiles.tv/141000/141815/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
50 kB (49911 bytes)
Hash
8e864c110fe72768cefcca06569a5167
6f5a0f2b67ba0f7a5c26d387183cdf5d25a826ce
a30beea50335b987fd8cb086e0f38023829bd14830b206930abf1bf5f363963c

HTTP Headers

GET /141000/141815/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 49911
last-modified: Tue, 19 Nov 2019 19:02:27 GMT
etag: "5dd43c43-c2f7"
expires: Fri, 05 May 2023 09:38:44 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRrXGq0lrQLktE3OiobIJ3cJSK3I1aZMjMYYxFsLwxBQubyciqbIPdsNr3DA6K09sa7b93tqzcaGiD%2BcEAAtIl5YMvBwrEgJHmxxtdqy8epi0DmW6ovaLemIGnMj0mf7Bhg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc80ead1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/699000/699820/medium@2x/1.jpg

104.21.83.6

200 OK

29 kB

URL GET HTTP/3
img.xxxfiles.tv/699000/699820/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
29 kB (29197 bytes)
Hash
fe965c166fd02279c6253a03635b3813
c7840c20991bcee024bcd3495b5660fecc6f2b26
7c09526fab8d68ba9b38e7f41f5fb2b592f54bc366e4e60ef13696360b717f76

HTTP Headers

GET /699000/699820/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 29197
last-modified: Sun, 08 Nov 2020 21:50:42 GMT
etag: "5fa86832-720d"
expires: Fri, 05 May 2023 09:22:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Bh8kmhwv3csckUL8TEStU%2B0zJq%2FCgLOvjAHym5kfoQDbdCqRQhpKNDXZdedBd5FSISOxYopGUkuS6tRBTcmrI6ZVqSgKoLBxDvuitSptGkZgse84sVC9xJA%2BQhNlzpDL5U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec71bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/340000/340004/medium@2x/1.jpg

104.21.83.6

200 OK

49 kB

URL GET HTTP/3
img.xxxfiles.tv/340000/340004/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
49 kB (49329 bytes)
Hash
0d7033aab454709430d7429cfeff0a0e
bfcec8cd96ad344b03b0affbd16e4466184a0328
5d5a5e429d5be9eb91a9dabc81c2e840235846e9583567bab61a993a610eed85

HTTP Headers

GET /340000/340004/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 49329
last-modified: Wed, 05 Jun 2019 21:51:48 GMT
etag: "5cf83974-c0b1"
expires: Fri, 05 May 2023 09:34:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HE5Ve87jmeT9u%2FP%2FQyOxKIcvDQ9JF4B3ityqsd589y90xLMKoFWvRmeSYc426upUiyULsz8m6tQRHaQHZxk0uIG23OVn9%2BCXW52ZhlbarmFUFl43t9s8W8rLdWyYi0%2ByTeM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec81bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/55483000/55483442/medium@2x/1.jpg

104.21.83.6

200 OK

36 kB

URL GET HTTP/3
img.xxxfiles.tv/55483000/55483442/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
36 kB (36132 bytes)
Hash
bfa863802968db555956e36dccf1e80e
48d3eacdde578c105b213c81fcc1ee1404fdddc3
7506841bd2d7759e110000d83ec0dfe024b5ba22f956d03af3cfeb1bd72c4a37

HTTP Headers

GET /55483000/55483442/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 36132
last-modified: Mon, 13 Jun 2022 18:03:27 GMT
etag: "62a77bef-8d24"
expires: Fri, 05 May 2023 09:22:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BJJ4P%2B14bOjPfm755XrjYV4V59SyX23ar5yFUbBI8StaNvlapM91ulwj54pRLni4VfZ%2F0BMMpDdxxWD3FFpZ0MsAgqGbMon1CydP1g8rHrTiNlC9Lp%2B2r9cv3hs5JTBClA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec51bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/152000/152275/medium@2x/1.jpg

104.21.83.6

200 OK

26 kB

URL GET HTTP/3
img.xxxfiles.tv/152000/152275/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 239x240, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
26 kB (25576 bytes)
Hash
e9ffbc65a72c9d021f837448cc7bc848
50666d35188e1f155a782201d7ed76360e939230
5cba2540012ebe985ce1a466c2ce752a5e5ca99606e33d177ade5e16f2358c1d

HTTP Headers

GET /152000/152275/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 25576
last-modified: Sat, 28 Dec 2019 17:24:11 GMT
etag: "5e078fbb-63e8"
expires: Fri, 05 May 2023 09:37:52 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C53xNOeuWnEIkGPm9YXUszX3WAL0c8SPDQK5%2B5p27kr8wRBo%2Byj8KoK5Zuu%2FDGnqD%2FKz6g5AtPNqx4F7NT7Rjwte0AXlgCFc6e%2BxTUW9BUKT887xezTLVEStOYEgtjlr898%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec21bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

img.xxxfiles.tv/142000/142087/medium@2x/1.jpg

104.21.83.6

200 OK

48 kB

URL GET HTTP/3
img.xxxfiles.tv/142000/142087/medium@2x/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
48 kB (47489 bytes)
Hash
244f5fa055151011996aedafa2b30fd9
cd632ac9779ca7f027696b37660eee74b6cb1605
3d44add9372b322a833f74b298e981a79ab7b8263818cb65f0096ddc1df48d43

HTTP Headers

GET /142000/142087/medium@2x/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: image/jpeg
content-length: 47489
last-modified: Tue, 19 Nov 2019 19:52:43 GMT
etag: "5dd4480b-b981"
expires: Fri, 05 May 2023 09:46:34 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 371
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGzeHZVBqtRuFBZCbe%2B0mwJmY39fdAim5uuVnWRmT9A%2FFZLYEauYfI%2BresHXA6jenlOB9arEjPYKYwtaqeXMTo7yoC7SthC8HBOllKVEkeRYMEQQj3oG450VzFgdNrasLNw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfc81ec91bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

badgegirdle.com/63/d4/5b/63d45b685911cef3b8cc3d1d1550bf85.js

173.233.137.36

200 OK

21 kB

URL GET HTTP/1.1
badgegirdle.com/63/d4/5b/63d45b685911cef3b8cc3d1d1550bf85.js
IP
173.233.137.36:80
ASN
#7979 SERVERS-COM

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
HTML document, ASCII text, with very long lines (60168), with no line terminators
Size
21 kB (20723 bytes)
Hash
f751971b7735640881b16c53d9103fe9
ed23a0afac9b9a8049c139eaa84c7c25ef84934e
845ef49a5db78c0a81d9d9d22c878fe596247e0817e021aa107847dfc8d6f096

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /63/d4/5b/63d45b685911cef3b8cc3d1d1550bf85.js HTTP/1.1
Host: badgegirdle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dc01e373ed0be9bb4957d289db88d5dc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

1.5 kB

URL
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
c9cc39eb129dd6aa10f02bb1e1431da3
76e4d6c6c8e99f5da8394455fe75e8f499575382
2e9c54e77135a30d02a72bef882a2e79fc5beb2f0ef5886b27a1ebad8f4c40d9

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "80C0D7158B13AD7146804EC70937AF6AE2B9EB1D"
Expires: Fri, 05 May 2023 19:00:00 GMT
Last-Modified: Fri, 05 May 2023 07:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3360
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c27bfcbfc3eb517-OSL

ubbfpm.com/av/1150082/inp3.js

95.216.206.230

200 OK

203 kB

URL GET HTTP/1.1
ubbfpm.com/av/1150082/inp3.js
IP
95.216.206.230:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectubbfpm.com
Fingerprint40:41:BB:9D:1E:48:39:57:4D:24:52:30:FC:28:75:D1:80:83:8D:84
ValidityWed, 29 Mar 2023 06:19:02 GMT - Tue, 27 Jun 2023 06:19:01 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
203 kB (202889 bytes)
Hash
893780687a38b1b8fc95901e54d4e8ea
3be88744c5cdb0e734be7b98cd01224798b3a69d
494abfa36407ce327f8e9bfeed121e1d533960f6e905397a1783a476d0f38232

HTTP Headers

GET /av/1150082/inp3.js HTTP/1.1
Host: ubbfpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: application/javascript
Content-Length: 202889
Last-Modified: Fri, 21 Apr 2023 15:45:14 GMT
Connection: keep-alive
ETag: "6442af8a-31889"
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Referrer-Policy: strict-origin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b18fb02cad0a7b7bf0906c8f4cc05154
d5bc73974391f4a48a92353de2997eab0baebf66
b6bf2e82bd814dc0e24f1971c1d2d82554e20d25150774733c1541a1ab24644f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 05 May 2023 08:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Roboto:300,400,700

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
data
Size
1.2 kB (1150 bytes)
Hash
75117451b3a57708eb07b67da0ae1aec
060af0904f331e3863e6f07ad38667a4a0f42311
4de0be0cf3fcc081abddffa93fe0f141ef6442bde74bfd52e99d33cfd1e38e4e

HTTP Headers

GET /css?family=Roboto:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xxxfiles.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 05 May 2023 08:52:46 GMT
date: Fri, 05 May 2023 08:52:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/api/spots/329587?p=1&s1=%subid1%&kw=

135.181.208.216

200 OK

3.3 kB

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/spots/329587?p=1&s1=%subid1%&kw=
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Size
3.3 kB (3278 bytes)
Hash
eb300729530ab89b6cf5889a162b0eae
644b9a3500ae4348e20fc9f1c1d31ca48eecca0c
7aabbfed9b2f411ab5d98059171dfbdd35cedaf8662c1197dedf85598252d050

HTTP Headers

GET /api/spots/329587?p=1&s1=%subid1%&kw= HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=Tiz8UaA9bP6n1WeAzS3z; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip

unpkg.com/silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js

104.16.123.175

200 OK

11 kB

URL GET HTTP/2
unpkg.com/silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js
IP
104.16.123.175:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (21159)
Size
11 kB (10923 bytes)
Hash
3480c3b8ac1207df87e0070ae3ec911f
0fcaf24905289ef0fe206da1990bf6d09b9c0f0c
52ebfe08a195d45befaefb19df96ec9253fbe49c5902fc1543538ffd873d0bc7

HTTP Headers

GET /silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:46 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Wed, 10 Jan 2018 00:56:00 GMT
etag: W/"5329-e6FW82qZOTCVRh707R8p5aJnMuY"
via: 1.1 fly.io
fly-request-id: 01G7549ZE3WWN11S6HGDRQ6KSN-fra
cf-cache-status: HIT
age: 26320788
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c27bfcc8b3a1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=

135.181.208.216

200 OK

3.3 kB

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Size
3.3 kB (3278 bytes)
Hash
cccbd852ede151976e06e91770b2a333
2b8be4f6f0a63e396a09f9b4a463f4439acbe735
9542a71f38b4e91a5c86a7d0d6415e66d00ed54ef14731cdc28be09d441095fb

HTTP Headers

GET /api/spots/329585?p=1&s1=%subid1%&kw= HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=Xxs4SzzXZQsJzn00JC36; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip

www.xxxfiles.tv/img/logo.png?v=3

104.21.83.6

200 OK

24 kB

URL GET HTTP/3
www.xxxfiles.tv/img/logo.png?v=3
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
PNG image data, 520 x 156, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (23819 bytes)
Hash
9822997e90cc16212365e3cb4ce8271c
abdbe5c5e45ce673d6544f560ad8ea38639b78a7
504871362cd7d2f604b1b6cb99ebf785c53ee84f4cf19d029ec9c99b07e9611b

HTTP Headers

GET /img/logo.png?v=3 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.xxxfiles.tv
Connection: keep-alive
Referer: https://www.xxxfiles.tv/css/main.css
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154; show_pops2=true2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:46 GMT
content-type: image/png
content-length: 23819
last-modified: Fri, 13 Dec 2019 13:17:37 GMT
etag: "5df38f71-5d0b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 5066455
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kfv6T4MqyqKGOMRmXqN2GYPsSkrfNRdiE1Jf0dVMElnd%2FhuzThPRnsWCZCXlncwFnlRcF9PyhfyYa4y9Y2oS%2Bg4kxbPLjM55THxQfgE2cERLKByyOYb6hzMmcRUwrTyZfrs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfce7d521bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
60f8ea1a6b07eb8279e8cdc9b91ae061
9e28f47e68c6904cf549703f0e2530d691794256
70fbd2078171f54b059fd27bf2a6890c40af1f752d1b02349d1d830d6f15cd4f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 05 May 2023 08:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
60f8ea1a6b07eb8279e8cdc9b91ae061
9e28f47e68c6904cf549703f0e2530d691794256
70fbd2078171f54b059fd27bf2a6890c40af1f752d1b02349d1d830d6f15cd4f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 05 May 2023 08:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
60f8ea1a6b07eb8279e8cdc9b91ae061
9e28f47e68c6904cf549703f0e2530d691794256
70fbd2078171f54b059fd27bf2a6890c40af1f752d1b02349d1d830d6f15cd4f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 05 May 2023 08:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.xxxfiles.tv/js/videojs.persistvolume.js

104.21.83.6

200 OK

17 kB

URL GET HTTP/2
www.xxxfiles.tv/js/videojs.persistvolume.js
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
ASCII text
Size
17 kB (17260 bytes)
Hash
6da1dcf6a543d86ca7439474a80517c6
8dc6b188535acd33cb7122a8bb7fb988382cb004
39ca26a341c64b97b09e2d6a3efd83e6f26c22fceb686b138aeb77a4bcc11df0

HTTP Headers

GET /js/videojs.persistvolume.js HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: application/javascript
last-modified: Wed, 20 Nov 2019 11:00:42 GMT
vary: Accept-Encoding
etag: W/"5dd51cda-e5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 2131984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jk04%2F85AB%2FPEuvUqaDryZ79m%2FEieLJDGjEvZbdMiYHKjTmrxZB6T5wYwNGPZbh%2FrrpxYXOmmogGVL9iHB1iQyvojmzuuJWMecTDbbYJsUMCJlhQGvNXu6AmS7MpnLKfhk7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfc77da0b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/1.1
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:80
ASN
#15169 GOOGLE

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 20:50:05 GMT
expires: Sun, 28 Apr 2024 20:50:05 GMT
cache-control: public, max-age=31536000
age: 475361
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 20:35:32 GMT
expires: Sun, 28 Apr 2024 20:35:32 GMT
cache-control: public, max-age=31536000
age: 476234
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=

135.181.208.216

200 OK

3.3 kB

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Size
3.3 kB (3276 bytes)
Hash
da95e35440fd6d4fcf4044b6b3f070be
5788d3a9a20d6aaaa27e5785cfe3dcbacc927759
b94e57b37d9517e0bc0ca2f68869a1d3566f25f81c98877285575afd8cf2ceca

HTTP Headers

GET /api/spots/329586?p=1&s1=%subid1%&kw= HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=aoO7M8D97SN5qckk7NoH; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
60f8ea1a6b07eb8279e8cdc9b91ae061
9e28f47e68c6904cf549703f0e2530d691794256
70fbd2078171f54b059fd27bf2a6890c40af1f752d1b02349d1d830d6f15cd4f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 05 May 2023 08:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

unpkg.com/silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js

104.16.123.175

302 Found

3.6 kB

URL GET HTTP/2
unpkg.com/silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js
IP
104.16.123.175:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
data
Size
3.6 kB (3567 bytes)
Hash
cdd8224e2cfcb96b08d97531c71347b0
ab6cc58f094df662ce0c7d7f02dbd16f50243e0e
dcf7cedc3a7a43e9dc52f4d0e7abe2385c01d295c0c0c14bffc4347e4721d0dc

HTTP Headers

GET /silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 05 May 2023 08:52:45 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GZNHASFNB4Z5PCJYV1X88EHY-fra
cf-cache-status: HIT
age: 505
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c27bfc77e051bfa-OSL
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/api/users/377391?v2=1&fill=0&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25&s2=%25subid2%25&i=1

135.181.208.216

200 OK

658 B

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/users/377391?v2=1&fill=0&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25&s2=%25subid2%25&i=1
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
XML 1.0 document text\012- XML document, ASCII text, with very long lines (352)
Size
658 B (658 bytes)
Hash
01580c76c9277d48bf06fbd67f4a0a92
1edacb3f5fa6f4fe1b78b7b9dc10958b0bf547a6
3aae09f71c8698fb862d579655f738d96556483c1ee9c42784f85d0c5f204023

HTTP Headers

GET /api/users/377391?v2=1&fill=0&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25&s2=%25subid2%25&i=1 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Access-Control-Expose-Headers: X-Asg-Config, X-t
Set-Cookie: nauid=VjZNbw0uaSAipSU49lH2; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
X-T: 0
Cache-Control: private
Content-Encoding: gzip

img.xxxfiles.tv/710000/710819/player/1.jpg

104.21.83.6

200 OK

6.0 kB

URL GET HTTP/3
img.xxxfiles.tv/710000/710819/player/1.jpg
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 592x585, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 390x222, components 3\012- data
Size
6.0 kB (6042 bytes)
Hash
60be833c68112966a9e03bafd759b4aa
96fba9d9b65744ecccda07ba236af2a40191c570
234b652b6c7197e07dbc3d0046b59bf8b5faf39060067dd55f32a4d40c384490

HTTP Headers

GET /710000/710819/player/1.jpg HTTP/1.1
Host: img.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: img.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:46 GMT
content-type: image/jpeg
content-length: 6042
last-modified: Sat, 27 Jun 2020 20:25:50 GMT
etag: "5ef7ab4e-179a"
expires: Fri, 05 May 2023 09:52:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vG30%2Fgepw4Mns4KGXNICD21lppHfWVuq2iXod87CLSMvz5ttuo1S1SygpueTAYsG0RjZHPNS9sdUlvcj3Ftk4s8Qfsfh5729YJBIunnk3XlAMJJpJKfQmNhnSB8UUCVkU5w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfcedda41bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.tapioni.com/adgpt.js

172.67.31.117

200 OK

817 B

URL GET HTTP/2
cdn.tapioni.com/adgpt.js
IP
172.67.31.117:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint98:6F:5C:E6:12:D1:E1:1F:BF:CE:7D:0C:FA:D2:F3:F0:AA:18:B7:66
ValidityThu, 23 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2025), with no line terminators
Size
817 B (817 bytes)
Hash
b2854a741a7bc120e829089178ad1993
b0b387267f943e100371fe7d282ee98e985a21cf
86a161f111913c3d0364b784d6c2bd7651445d3218526fc51b432c2874ffa8ae

HTTP Headers

GET /adgpt.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:46 GMT
content-type: application/javascript
content-length: 817
last-modified: Tue, 02 May 2023 11:31:29 GMT
vary: Accept-Encoding
etag: "6450f491-331"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 165347
accept-ranges: bytes
server: cloudflare
cf-ray: 7c27bfcfdcbf0afa-OSL
X-Firefox-Spdy: h2

cdn.tapioni.com/adgpt.js

172.67.31.117

200 OK

817 B

URL GET HTTP/2
cdn.tapioni.com/adgpt.js
IP
172.67.31.117:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint98:6F:5C:E6:12:D1:E1:1F:BF:CE:7D:0C:FA:D2:F3:F0:AA:18:B7:66
ValidityThu, 23 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2025), with no line terminators
Size
817 B (817 bytes)
Hash
b2854a741a7bc120e829089178ad1993
b0b387267f943e100371fe7d282ee98e985a21cf
86a161f111913c3d0364b784d6c2bd7651445d3218526fc51b432c2874ffa8ae

HTTP Headers

GET /adgpt.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:46 GMT
content-type: application/javascript
content-length: 817
last-modified: Tue, 02 May 2023 11:31:29 GMT
vary: Accept-Encoding
etag: "6450f491-331"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 165347
accept-ranges: bytes
server: cloudflare
cf-ray: 7c27bfcfecc80afa-OSL
X-Firefox-Spdy: h2

cdn.tapioni.com/adgpt.js

172.67.31.117

200 OK

817 B

URL GET HTTP/2
cdn.tapioni.com/adgpt.js
IP
172.67.31.117:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint98:6F:5C:E6:12:D1:E1:1F:BF:CE:7D:0C:FA:D2:F3:F0:AA:18:B7:66
ValidityThu, 23 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2025), with no line terminators
Size
817 B (817 bytes)
Hash
b2854a741a7bc120e829089178ad1993
b0b387267f943e100371fe7d282ee98e985a21cf
86a161f111913c3d0364b784d6c2bd7651445d3218526fc51b432c2874ffa8ae

HTTP Headers

GET /adgpt.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:46 GMT
content-type: application/javascript
content-length: 817
last-modified: Tue, 02 May 2023 11:31:29 GMT
vary: Accept-Encoding
etag: "6450f491-331"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 165347
accept-ranges: bytes
server: cloudflare
cf-ray: 7c27bfd0bda80afa-OSL
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/api/click/936276091769690095?c=90

135.181.208.216

200 OK

0 B

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/click/936276091769690095?c=90
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://uacabilqlgpw.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/936276091769690095?c=90 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private

adactioner.com/asset-12001469.mp4

213.133.98.241

206 Partial Content

40 kB

URL GET HTTP/2
adactioner.com/asset-12001469.mp4
IP
213.133.98.241:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://uacabilqlgpw.cdnvideo3.com/api/spots/329587?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectadactioner.com
FingerprintA4:6D:E4:31:E8:7F:01:54:34:36:49:C5:E9:C8:E3:66:A2:1C:B9:7B
ValiditySat, 11 Mar 2023 23:27:07 GMT - Fri, 09 Jun 2023 23:27:06 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
40 kB (39741 bytes)
Hash
3578a6f9664343294ad8fe62e73d0fe4
5e091562f43f82a559f76449b3c2b55059566713
3a6e4c7e113ef8c5f4436535791c17728b8361372b760f60b88c9c2e753e0163

HTTP Headers

GET /asset-12001469.mp4 HTTP/1.1
Host: adactioner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Fri, 05 May 2023 08:52:46 GMT
content-type: video/mp4
content-length: 39741
last-modified: Mon, 17 Apr 2023 08:03:05 GMT
etag: "643cfd39-9b3d"
expires: Sun, 04 Jun 2023 08:52:46 GMT
cache-control: max-age=2592000, public
content-range: bytes 0-39740/39741
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/api/click/17968622317115604095?c=90

135.181.208.216

200 OK

0 B

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/click/17968622317115604095?c=90
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://uacabilqlgpw.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw=

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/17968622317115604095?c=90 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private

www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600&video_id=710819&mode=async&action=js_stats&rand=1683276779974

172.67.210.53

200 OK

43 B

URL GET HTTP/1.1
www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600&video_id=710819&mode=async&action=js_stats&rand=1683276779974
IP
172.67.210.53:80
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600&video_id=710819&mode=async&action=js_stats&rand=1683276779974 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154; show_pops2=true2; show_pops1=true1; ppu_show_on_63d45b685911cef3b8cc3d1d1550bf85=1; kt_tcookie=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: kt_is_visited=1; expires=Sat, 06-May-2023 08:52:46 GMT; Max-Age=86400; path=/; domain=.xxxfiles.tv; SameSite=Lax
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DJuLpVT7O%2BaUvrtGEJ%2BYwCK%2FdyqRXNBRlv2HQe%2FSOrPY8AhSGPizfRHnaqOhCNfE%2Bxt8Zo1a3YHknrisDtd%2FIVKzfpwHnhWbd12ozs4%2B%2BRo9hEO6tmqGCK2MZuEFjbulPE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c27bfd11c3cb527-OSL
alt-svc: h2=":443"; ma=60

www.xxxfiles.tv/get_country.php?v=0.11526282624174733.1683276779983

104.21.83.6

200 OK

43 B

URL GET HTTP/1.1
www.xxxfiles.tv/get_country.php?v=0.11526282624174733.1683276779983
IP
104.21.83.6:80
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
JSON data\012- , ASCII text, with no line terminators
Size
43 B (43 bytes)
Hash
674d6399d11ab9bf30ec1744d68b7b20
0b3be43fa2d41a618372a345d73558585d42b196
8173dcd03400243f1f760f7d0acf798a601443fe65e7862260a56c911e3ce1b8

HTTP Headers

GET /get_country.php?v=0.11526282624174733.1683276779983 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154; show_pops2=true2; show_pops1=true1; ppu_show_on_63d45b685911cef3b8cc3d1d1550bf85=1; kt_tcookie=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1M44kmc%2FpDu1L7JsVfklYUVeD0HjVZF6LFu5Tj7TJEysSLGU6O4P7xPCQCyyW%2F6OmUIOnY39RMs%2FSo90kFYvNq2F3vU2r9nAh6HZ2mTkD6nw%2FZJDpePMslQeg5ZcqNNT7c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c27bfd12bbeb4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

uacabilqlgpw.cdnvideo3.com/api/click/3177329877486409095?c=90

135.181.208.216

200 OK

0 B

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/click/3177329877486409095?c=90
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://uacabilqlgpw.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/3177329877486409095?c=90 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private

xngqoc.com/er?a=1

185.162.85.4

200 OK

0 B

URL GET HTTP/2
xngqoc.com/er?a=1
IP
185.162.85.4:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectxngqoc.com
FingerprintAA:0F:34:6D:D4:2C:9F:AA:C2:02:97:C8:45:D5:EA:D5:DD:D0:F8:8A
ValidityFri, 03 Mar 2023 14:36:16 GMT - Thu, 01 Jun 2023 14:36:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /er?a=1 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 05 May 2023 08:52:46 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2

xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0NDU2NDMsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cDovL3d3dy54eHhmaWxlcy50di92aWRlb3MvNzEwODE5L2E2MWM2OGU1NTA3N2JlZTViMjEwMTJiMmMwMTJmZjgwLw==

185.162.85.4

204 No Content

0 B

URL GET HTTP/2
xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0NDU2NDMsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cDovL3d3dy54eHhmaWxlcy50di92aWRlb3MvNzEwODE5L2E2MWM2OGU1NTA3N2JlZTViMjEwMTJiMmMwMTJmZjgwLw==
IP
185.162.85.4:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectxngqoc.com
FingerprintAA:0F:34:6D:D4:2C:9F:AA:C2:02:97:C8:45:D5:EA:D5:DD:D0:F8:8A
ValidityFri, 03 Mar 2023 14:36:16 GMT - Thu, 01 Jun 2023 14:36:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0NDU2NDMsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cDovL3d3dy54eHhmaWxlcy50di92aWRlb3MvNzEwODE5L2E2MWM2OGU1NTA3N2JlZTViMjEwMTJiMmMwMTJmZjgwLw== HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.18.0
date: Fri, 05 May 2023 08:52:46 GMT
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2

adactioner.com/asset-12001643.mp4

213.133.98.241

206 Partial Content

66 kB

URL GET HTTP/2
adactioner.com/asset-12001643.mp4
IP
213.133.98.241:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://uacabilqlgpw.cdnvideo3.com/api/spots/329586?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectadactioner.com
FingerprintA4:6D:E4:31:E8:7F:01:54:34:36:49:C5:E9:C8:E3:66:A2:1C:B9:7B
ValiditySat, 11 Mar 2023 23:27:07 GMT - Fri, 09 Jun 2023 23:27:06 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
66 kB (65754 bytes)
Hash
c099dbacc74f835a8dfb31c42c231fbf
9bd2e783cedc17d587703f8c1a2c0ea3268b6599
4dba1f45972fb29b47ed73457070f4cae4bfac6491d228f34ae200c6d66bace8

HTTP Headers

GET /asset-12001643.mp4 HTTP/1.1
Host: adactioner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Fri, 05 May 2023 08:52:46 GMT
content-type: video/mp4
content-length: 65754
last-modified: Mon, 17 Apr 2023 08:03:05 GMT
etag: "643cfd39-100da"
expires: Sun, 04 Jun 2023 08:52:46 GMT
cache-control: max-age=2592000, public
content-range: bytes 0-65753/65754
X-Firefox-Spdy: h2

adactioner.com/asset-12001465.mp4

213.133.98.241

206 Partial Content

68 kB

URL GET HTTP/2
adactioner.com/asset-12001465.mp4
IP
213.133.98.241:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://uacabilqlgpw.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectadactioner.com
FingerprintA4:6D:E4:31:E8:7F:01:54:34:36:49:C5:E9:C8:E3:66:A2:1C:B9:7B
ValiditySat, 11 Mar 2023 23:27:07 GMT - Fri, 09 Jun 2023 23:27:06 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
68 kB (67887 bytes)
Hash
fd7938749c02899289c0a84a1f609c2d
6de73fc71e4239e05489a43d9c4e7bc2c85465f1
175758fe352b6570f8a5297ab7a70af9c8df5ddd74465e31f95dabc915ff0560

HTTP Headers

GET /asset-12001465.mp4 HTTP/1.1
Host: adactioner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Fri, 05 May 2023 08:52:46 GMT
content-type: video/mp4
content-length: 67887
last-modified: Mon, 17 Apr 2023 08:03:05 GMT
etag: "643cfd39-1092f"
expires: Sun, 04 Jun 2023 08:52:46 GMT
cache-control: max-age=2592000, public
content-range: bytes 0-67886/67887
X-Firefox-Spdy: h2

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
286ad3af25908fdafc45c0858ab0140d
bfb0b8ec660fa11dd2722470a45a5d9df35ff666
93134bc60a7d06c28c661b538793ffaa09bd93afa56fbeb7cb6f8325e06715d7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116654
Date: Fri, 05 May 2023 08:52:47 GMT
Etag: "6453ddcc-1d7"
Expires: Sat, 06 May 2023 17:17:01 GMT
Last-Modified: Thu, 04 May 2023 16:31:08 GMT
Server: ECAcc (nya/78CB)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _tx165tViyym51NOWwoQUXErZhOQj18IhzG4w88dMBTq57UPptY2wQ==
Age: 2753

syndication.realsrv.com/v1/api.php

95.211.229.248

200 OK

1.2 kB

URL POST HTTP/1.1
syndication.realsrv.com/v1/api.php
IP
95.211.229.248:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
http://uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintC2:CA:14:12:90:2A:B3:84:F3:3C:B8:A9:E8:82:89:E0:CB:B9:EE:49
ValidityMon, 27 Feb 2023 07:33:27 GMT - Sun, 28 May 2023 07:33:26 GMT

File type
JSON data\012- , ASCII text, with very long lines (1645), with no line terminators
Size
1.2 kB (1224 bytes)
Hash
12a853632a9c45bf7ba335ccb2db2a44
f6b3ca93f7934b5aab686667534b5f41f29fb495
f34c9d688738ea5d9c2d2662746d75e38d8eccba593924150aba87c67b17bf4c

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 324
Origin: http://uacabilqlgpw.cdnvideo3.com
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://uacabilqlgpw.cdnvideo3.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226454c3dee31449.329575181013573012%22%3B%7D; expires=Sun, 04-May-2025 08:52:47 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

simplewebanalysis.com/stats

18.192.155.180

200 OK

40 B

URL GET HTTP/2
simplewebanalysis.com/stats
IP
18.192.155.180:443
ASN
#16509 AMAZON-02

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
48078911cfc5e017cbd6c35594030cd7
46742b14734b88d3f738db94fbf5c911ff150cce
86a6a132eff0df0398b358f467464bdd18ae3b8101a3bb4d3f405024ff8cb7cf

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.xxxfiles.tv
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=072d53b9-779e-4e4d-8467-09208a0e96c9:2:1; expires=Mon, 02 May 2033 08:52:47 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW04DMQy8Chdo5Ocm6Tf8glTUA2SzoaoE3QICijSHJ7sV9fjDj7E9FhLdkHe/I9u6bC0ic8gUTAK74fFpB2Oc54/TYQ51foNZMmeIcoyCRDmlCFM2J4NTgvdGIkLq8ySRwA4FdYir2RIFIlZlxISH/Q775/teyxQjGExQoot4H1zPQwjWY7osO6Zmg2uJWYdBx6k1ltIov5gxpdildiK+Si3j8fX99XD+CXU6fR+nNusqn64I5Msx+c/RH1AxwYZviaEbYW2Xz99TBW70K3xd0MWZLWqRlaZYhUvUMtTBBqpusY6tTY2ajX83jwyubwEAAA==

95.211.229.248

200 OK

20 B

URL GET HTTP/1.1
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW04DMQy8Chdo5Ocm6Tf8glTUA2SzoaoE3QICijSHJ7sV9fjDj7E9FhLdkHe/I9u6bC0ic8gUTAK74fFpB2Oc54/TYQ51foNZMmeIcoyCRDmlCFM2J4NTgvdGIkLq8ySRwA4FdYir2RIFIlZlxISH/Q775/teyxQjGExQoot4H1zPQwjWY7osO6Zmg2uJWYdBx6k1ltIov5gxpdildiK+Si3j8fX99XD+CXU6fR+nNusqn64I5Msx+c/RH1AxwYZviaEbYW2Xz99TBW70K3xd0MWZLWqRlaZYhUvUMtTBBqpusY6tTY2ajX83jwyubwEAAA==
IP
95.211.229.248:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
http://uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintC2:CA:14:12:90:2A:B3:84:F3:3C:B8:A9:E8:82:89:E0:CB:B9:EE:49
ValidityMon, 27 Feb 2023 07:33:27 GMT - Sun, 28 May 2023 07:33:26 GMT

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PW04DMQy8Chdo5Ocm6Tf8glTUA2SzoaoE3QICijSHJ7sV9fjDj7E9FhLdkHe/I9u6bC0ic8gUTAK74fFpB2Oc54/TYQ51foNZMmeIcoyCRDmlCFM2J4NTgvdGIkLq8ySRwA4FdYir2RIFIlZlxISH/Q775/teyxQjGExQoot4H1zPQwjWY7osO6Zmg2uJWYdBx6k1ltIov5gxpdildiK+Si3j8fX99XD+CXU6fR+nNusqn64I5Msx+c/RH1AxwYZviaEbYW2Xz99TBW70K3xd0MWZLWqRlaZYhUvUMtTBBqpusY6tTY2ajX83jwyubwEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://uacabilqlgpw.cdnvideo3.com
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226454c3dee31449.329575181013573012%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://uacabilqlgpw.cdnvideo3.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sun, 04 May 2025 08:52:47 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s3t3d2y8.afcdn.net/library/448451/c2229a4908d47f4e5433db72eb4d1ee18f1be36f.webp

185.76.9.22

200 OK

9.6 kB

URL GET HTTP/2
s3t3d2y8.afcdn.net/library/448451/c2229a4908d47f4e5433db72eb4d1ee18f1be36f.webp
IP
185.76.9.22:443
ASN
#60068 Datacamp Limited

Requested by
http://uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint58:E2:EC:9A:A1:55:22:20:28:3E:43:7C:0D:B9:0A:67:84:6B:EA:FB
ValidityMon, 27 Feb 2023 07:22:15 GMT - Sun, 28 May 2023 07:22:14 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.6 kB (9604 bytes)
Hash
6f5420ea1c741ef3886d83e561f8ea98
c2229a4908d47f4e5433db72eb4d1ee18f1be36f
b9779dbf9e6d0d8e0c9a527a6845aaab82df1b92931e4d3f2a6af905c185d5bd

HTTP Headers

GET /library/448451/c2229a4908d47f4e5433db72eb4d1ee18f1be36f.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:47 GMT
content-type: image/webp
content-length: 9604
last-modified: Thu, 20 Apr 2023 14:20:29 GMT
etag: "64414a2d-2584"
expires: Fri, 19 Apr 2024 14:24:12 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCRRYSLz/znUTAA
x-77-nzt-ray: af5856306baa1b05dfc354640f45ae0b
x-accel-expires: @1713537425
x-accel-date: 1682001425
x-cache: HIT
x-age: 1275342
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

disdainkindle.com/pixel/purst?dl=0&th=0&sc=0&rs=890&rd=890&fd=749&bv=22.10.v.9&tmpl=70

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
disdainkindle.com/pixel/purst?dl=0&th=0&sc=0&rs=890&rd=890&fd=749&bv=22.10.v.9&tmpl=70
IP
173.233.137.44:80
ASN
#7979 SERVERS-COM

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=890&rd=890&fd=749&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: disdainkindle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

disdainkindle.com/cc/48/f4/cc48f4cc72bd1ab0cd76dca8048a896c.js

173.233.137.44

200 OK

13 kB

URL GET HTTP/1.1
disdainkindle.com/cc/48/f4/cc48f4cc72bd1ab0cd76dca8048a896c.js
IP
173.233.137.44:80
ASN
#7979 SERVERS-COM

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
ASCII text, with very long lines (37155), with no line terminators
Size
13 kB (13426 bytes)
Hash
2b122deccc42f1a19e93ba0fede44a95
279474bc923c99c5a88a81d6ffc33cf03ee9ed17
34d35ab46e8cabcabe571962f2af646c0a64883ae1dc2fe068a96039e748a468

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cc/48/f4/cc48f4cc72bd1ab0cd76dca8048a896c.js HTTP/1.1
Host: disdainkindle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 72ccff601f61829feccceabe8d3485d4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

simplewebanalysis.com/stats

18.192.155.180

200 OK

40 B

URL GET HTTP/2
simplewebanalysis.com/stats
IP
18.192.155.180:443
ASN
#16509 AMAZON-02

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
48078911cfc5e017cbd6c35594030cd7
46742b14734b88d3f738db94fbf5c911ff150cce
86a6a132eff0df0398b358f467464bdd18ae3b8101a3bb4d3f405024ff8cb7cf

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: uid_id2=072d53b9-779e-4e4d-8467-09208a0e96c9:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.xxxfiles.tv
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

banquetunarmedgrater.com/advertisers.js

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
banquetunarmedgrater.com/advertisers.js
IP
192.243.59.12:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3beb2e44a2134412092536f2c1055db4
Strict-Transport-Security: max-age=0; includeSubdomains

friendshipmale.com/sfp.js

172.64.108.35

200 OK

28 kB

URL GET HTTP/1.1
friendshipmale.com/sfp.js
IP
172.64.108.35:80
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27574 bytes)
Hash
b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 7c25fbbb8341dca22652f86259c9a50d
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Fri, 05 May 2023 08:52:47 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUHlVJTxgyg6uHE263mDQCzpiEbme0xjtBNBqxd4u0j9Zy%2F2aOlXkBA34dpWLBPTBvvqn4%2F8VIJOQJuiFfp2WOWD%2BqR1SMFEC4MVwQ1S3%2F%2FM0dNK1TEIVOv9yZNuw2ImRY47rGo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c27bfd44e60459b-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.xxxfiles.tv/apple-touch-icon.png

172.67.210.53

200 OK

14 kB

URL GET HTTP/1.1
www.xxxfiles.tv/apple-touch-icon.png
IP
172.67.210.53:80
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (13713 bytes)
Hash
302003967bcce57931c372aa26310c88
526045f535e90a6d7b19240532f9100c9535beee
117477b129e4ca959b0afd092f7edca8f460ff25120b8dbe2011a88d9f48bef8

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154; show_pops2=true2; show_pops1=true1; ppu_show_on_63d45b685911cef3b8cc3d1d1550bf85=1; kt_tcookie=1; kt_is_visited=1; ppu_main_63d45b685911cef3b8cc3d1d1550bf85=1; ppu_exp_63d45b685911cef3b8cc3d1d1550bf85=1683280380415
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: image/png
Content-Length: 13713
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 12:46:44 GMT
ETag: "6380b934-3591"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 7599935
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJvq5oTmdUFMI4ElFVKojPWp%2F8lB8WvLA0eXyrkQsJ84Par58v6i0XCadUjAz7mdB7vfj8sA8ibKvOjO5yIRQKPGA2dHyiSWhyCsg0ndoCy4AxG1CjCvTPbzmxB0QWogoLE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c27bfd58accb527-OSL
alt-svc: h2=":443"; ma=60

www.xxxfiles.tv/favicon-16x16.png

104.21.83.6

200 OK

1.5 kB

URL GET HTTP/1.1
www.xxxfiles.tv/favicon-16x16.png
IP
104.21.83.6:80
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.5 kB (1489 bytes)
Hash
552872354755cb050014a9501cfec4fa
fd05b4d7002b52e705344db04db723495910e4c7
88ef331642f08aaee6990894bd8015032891181d446faa6c4bbec095a56aba8d

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154; show_pops2=true2; show_pops1=true1; ppu_show_on_63d45b685911cef3b8cc3d1d1550bf85=1; kt_tcookie=1; kt_is_visited=1; ppu_main_63d45b685911cef3b8cc3d1d1550bf85=1; ppu_exp_63d45b685911cef3b8cc3d1d1550bf85=1683280380415
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: image/png
Content-Length: 1489
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 12:46:44 GMT
ETag: "6380b934-5d1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 7600370
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXEX5BVyXhB2y2d1j7MoKgIPhSZ9dqxw2K5VxXcEg1Is6ff1K7EWHpEmkEcHx1AZ0h1UFZ5e4rv8qoMY%2FFCjGCb6eau%2BWD1E%2BzlIL5fd3dTkatD8olrjwwewSImgaTo4x60%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c27bfd589d1b4fa-OSL
alt-svc: h2=":443"; ma=60

xngqoc.com/admc?a=2&pid=1150082&sid=1195199&wid=439938&fp=188e0523b921745c60844a7eb1ad8eb5&f=8&tz=0

185.162.85.4

200 OK

0 B

URL GET HTTP/2
xngqoc.com/admc?a=2&pid=1150082&sid=1195199&wid=439938&fp=188e0523b921745c60844a7eb1ad8eb5&f=8&tz=0
IP
185.162.85.4:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectxngqoc.com
FingerprintAA:0F:34:6D:D4:2C:9F:AA:C2:02:97:C8:45:D5:EA:D5:DD:D0:F8:8A
ValidityFri, 03 Mar 2023 14:36:16 GMT - Thu, 01 Jun 2023 14:36:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /admc?a=2&pid=1150082&sid=1195199&wid=439938&fp=188e0523b921745c60844a7eb1ad8eb5&f=8&tz=0 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 05 May 2023 08:52:47 GMT
content-length: 0
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

18.192.155.180

200 OK

40 B

URL GET HTTP/2
simplewebanalysis.com/stats
IP
18.192.155.180:443
ASN
#16509 AMAZON-02

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
48078911cfc5e017cbd6c35594030cd7
46742b14734b88d3f738db94fbf5c911ff150cce
86a6a132eff0df0398b358f467464bdd18ae3b8101a3bb4d3f405024ff8cb7cf

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: uid_id2=072d53b9-779e-4e4d-8467-09208a0e96c9:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.xxxfiles.tv
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

xngqoc.com/trt?a=1&t=909

185.162.85.4

200 OK

0 B

URL GET HTTP/2
xngqoc.com/trt?a=1&t=909
IP
185.162.85.4:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectxngqoc.com
FingerprintAA:0F:34:6D:D4:2C:9F:AA:C2:02:97:C8:45:D5:EA:D5:DD:D0:F8:8A
ValidityFri, 03 Mar 2023 14:36:16 GMT - Thu, 01 Jun 2023 14:36:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /trt?a=1&t=909 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 05 May 2023 08:52:47 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/api/users/12153353110313291095/1635934?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora

135.181.208.216

200 OK

626 B

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/users/12153353110313291095/1635934?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
XML 1.0 document text\012- XML document, ASCII text, with very long lines (348)
Size
626 B (626 bytes)
Hash
e82637ef1d34570c1cdc44fb0b5ae069
9f7c4c6d03e5d161c4a0921b840fbf2ebea9582c
f609e5c5ff0d8b6c27e10149bc28ca2f3680c613c8b70d0fafe2298e6c276d91

HTTP Headers

GET /api/users/12153353110313291095/1635934?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Cache-Control: private
Content-Encoding: gzip

uacabilqlgpw.cdnvideo3.com/api/users/12153353110313291095/1636027?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora

135.181.208.216

200 OK

888 B

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/users/12153353110313291095/1636027?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
XML 1.0 document text\012- XML document, ASCII text, with very long lines (652)
Size
888 B (888 bytes)
Hash
ec273fe13b916861b19facc9c619ddf2
b24ec6b2c79f633850e52631b2c61994607ce2ed
36cfc9c2fa47133a23241860a5f7354ae34d5031eb172298d9e6b87323ade814

HTTP Headers

GET /api/users/12153353110313291095/1636027?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Cache-Control: private
Content-Encoding: gzip

uacabilqlgpw.cdnvideo3.com/api/users/12153353110313291095/1636039?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora

135.181.208.216

200 OK

634 B

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/users/12153353110313291095/1636039?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
XML 1.0 document text\012- XML document, ASCII text, with very long lines (347)
Size
634 B (634 bytes)
Hash
eed09c4159a7d1f5be08eaa6a2448add
fc8547ac5e1ce5c3760800b543bab62934e36420
ad092aecba83651dc8b6dae5cdab22bd0e5ebb543122e3ad98cf1e58a8e23c0b

HTTP Headers

GET /api/users/12153353110313291095/1636039?fill=0&kw=Anal,Blowjob,Cumshot,shaved,young,Threesome,orgasm,Pussy%20Licking,hotel,beautiful,Striptease,domination,adorable,red%20hair,nude,longhair,paris,small%20breast,deep-throat,spanked,whiteskin,small-ass,teeny,wakeupnfuck.com,Anny%20Aurora HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Cache-Control: private
Content-Encoding: gzip

syndication.realsrv.com/splash.php?idzone=4646896

95.211.229.248

200 OK

2.7 kB

URL GET HTTP/1.1
syndication.realsrv.com/splash.php?idzone=4646896
IP
95.211.229.248:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintC2:CA:14:12:90:2A:B3:84:F3:3C:B8:A9:E8:82:89:E0:CB:B9:EE:49
ValidityMon, 27 Feb 2023 07:33:27 GMT - Sun, 28 May 2023 07:33:26 GMT

File type
XML 1.0 document text\012- XML document, ASCII text, with very long lines (1582)
Size
2.7 kB (2731 bytes)
Hash
a6a81582533da21c0784aa9c47e0a1e5
ae8f4727549d8c1f9c8f42b858af5c81f4ec420f
c7c661e84dde9ae2c46d9be173eabeb74d04a270caeaa592a0a916631122821b

HTTP Headers

GET /splash.php?idzone=4646896 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226454c3dee31449.329575181013573012%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:47 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226454c3dee31449.329575181013573012%22%3B%7D; expires=Sun, 04 May 2025 08:52:47 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4646896%7C80573952%7C153896%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C6454c3dee31449.329575181013573012%7C%7C0%7Cxxxfiles.tv%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sat, 06 May 2023 08:52:47 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

u3y8v8u4.aucdn.net/library/461665/bf8e8d1ccb738f0fac62d3f60db746c47c910021.mp4

185.76.9.22

206 Partial Content

3.5 MB

URL GET HTTP/2
u3y8v8u4.aucdn.net/library/461665/bf8e8d1ccb738f0fac62d3f60db746c47c910021.mp4
IP
185.76.9.22:443
ASN
#60068 Datacamp Limited

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint58:E2:EC:9A:A1:55:22:20:28:3E:43:7C:0D:B9:0A:67:84:6B:EA:FB
ValidityMon, 27 Feb 2023 07:22:15 GMT - Sun, 28 May 2023 07:22:14 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
3.5 MB (3502312 bytes)
Hash
e7ba32e7de3b5eb5823f64baba32de65
bf8e8d1ccb738f0fac62d3f60db746c47c910021
67dfbafe13f4d581d53a945b651a669045ecbf42e412b316e0d0dc62073e3d88

HTTP Headers

GET /library/461665/bf8e8d1ccb738f0fac62d3f60db746c47c910021.mp4 HTTP/1.1
Host: u3y8v8u4.aucdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 05 May 2023 08:52:47 GMT
content-type: video/mp4
content-length: 3502312
last-modified: Thu, 16 Mar 2023 16:05:20 GMT
etag: "64133e40-3570e8"
expires: Fri, 15 Mar 2024 16:27:11 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCRQ8Ki7/QnxBAA
x-77-nzt-ray: af5856306baa1b05dfc3546497a58438
x-accel-expires: @1710521117
x-accel-date: 1678985117
x-cache: HIT
x-age: 4291650
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-3502311/3502312
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/api/click/11587615155989890095?c=60&data[error]=400

135.181.208.216

200 OK

0 B

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/click/11587615155989890095?c=60&data[error]=400
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/11587615155989890095?c=60&data[error]=400 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private

uacabilqlgpw.cdnvideo3.com/api/click/11587615155989890095?c=60&data[error]=3

135.181.208.216

200 OK

0 B

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/click/11587615155989890095?c=60&data[error]=3
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/11587615155989890095?c=60&data[error]=3 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private

syndication.realsrv.com/vregister.php?a=vview&errorcode=3&idzone=4646896&dg=5613726-NOR-80573952-3-0-0-InLine

95.211.229.248

200 OK

20 B

URL GET HTTP/1.1
syndication.realsrv.com/vregister.php?a=vview&errorcode=3&idzone=4646896&dg=5613726-NOR-80573952-3-0-0-InLine
IP
95.211.229.248:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintC2:CA:14:12:90:2A:B3:84:F3:3C:B8:A9:E8:82:89:E0:CB:B9:EE:49
ValidityMon, 27 Feb 2023 07:33:27 GMT - Sun, 28 May 2023 07:33:26 GMT

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /vregister.php?a=vview&errorcode=3&idzone=4646896&dg=5613726-NOR-80573952-3-0-0-InLine HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226454c3dee31449.329575181013573012%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4646896%7C80573952%7C153896%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C6454c3dee31449.329575181013573012%7C%7C0%7Cxxxfiles.tv%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: 
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

syndication.realsrv.com/vregister.php?a=vview&errorcode=400&idzone=4646896&dg=5613726-NOR-80573952-3-0-0-InLine

95.211.229.248

200 OK

20 B

URL GET HTTP/1.1
syndication.realsrv.com/vregister.php?a=vview&errorcode=400&idzone=4646896&dg=5613726-NOR-80573952-3-0-0-InLine
IP
95.211.229.248:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintC2:CA:14:12:90:2A:B3:84:F3:3C:B8:A9:E8:82:89:E0:CB:B9:EE:49
ValidityMon, 27 Feb 2023 07:33:27 GMT - Sun, 28 May 2023 07:33:26 GMT

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /vregister.php?a=vview&errorcode=400&idzone=4646896&dg=5613726-NOR-80573952-3-0-0-InLine HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226454c3dee31449.329575181013573012%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4646896%7C80573952%7C153896%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C6454c3dee31449.329575181013573012%7C%7C0%7Cxxxfiles.tv%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: 
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

unseenreport.com/pxf.gif?uuid=072d53b9-779e-4e4d-8467-09208a0e96c9&eb=1825ffe812838d20280215b5ec6bf9db&te=188e0523b921745c60844a7eb1ad8eb5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2077&b_frame=0&pk=63d45b685911cef3b8cc3d1d1550bf85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8

192.243.59.12

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=072d53b9-779e-4e4d-8467-09208a0e96c9&eb=1825ffe812838d20280215b5ec6bf9db&te=188e0523b921745c60844a7eb1ad8eb5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2077&b_frame=0&pk=63d45b685911cef3b8cc3d1d1550bf85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP
192.243.59.12:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=072d53b9-779e-4e4d-8467-09208a0e96c9&eb=1825ffe812838d20280215b5ec6bf9db&te=188e0523b921745c60844a7eb1ad8eb5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2077&b_frame=0&pk=63d45b685911cef3b8cc3d1d1550bf85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1fd14759e427b6ecba01ed6eec2db224
Strict-Transport-Security: max-age=0; includeSubdomains

prhzxq.com/wnrw?aid=15696559365627594424&a=1

185.162.85.3

200 OK

0 B

URL GET HTTP/2
prhzxq.com/wnrw?aid=15696559365627594424&a=1
IP
185.162.85.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectprhzxq.com
FingerprintE2:7B:B2:5A:29:BC:18:8B:54:42:18:94:DC:A8:70:6D:AC:91:62:83
ValidityTue, 21 Mar 2023 21:20:12 GMT - Mon, 19 Jun 2023 21:20:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wnrw?aid=15696559365627594424&a=1 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 05 May 2023 08:52:48 GMT
content-length: 0
access-control-allow-origin: http://www.xxxfiles.tv
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=072d53b9-779e-4e4d-8467-09208a0e96c9&eb=1825ffe812838d20280215b5ec6bf9db&te=188e0523b921745c60844a7eb1ad8eb5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2077&b_frame=0&pk=cc48f4cc72bd1ab0cd76dca8048a896c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8

192.243.59.12

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=072d53b9-779e-4e4d-8467-09208a0e96c9&eb=1825ffe812838d20280215b5ec6bf9db&te=188e0523b921745c60844a7eb1ad8eb5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2077&b_frame=0&pk=cc48f4cc72bd1ab0cd76dca8048a896c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP
192.243.59.12:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=072d53b9-779e-4e4d-8467-09208a0e96c9&eb=1825ffe812838d20280215b5ec6bf9db&te=188e0523b921745c60844a7eb1ad8eb5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2077&b_frame=0&pk=cc48f4cc72bd1ab0cd76dca8048a896c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 80e2cb7f95aae2ed790a2f90ed0ded49
Strict-Transport-Security: max-age=0; includeSubdomains

icdns.net/b2/c/i/icon?cid=1&eid=561&nid=1&sid=3316712433VxWWhqrk&ts=1683276767&ttl=10800&v=v5.7.5

109.206.162.121

302 Found

0 B

URL GET HTTP/2
icdns.net/b2/c/i/icon?cid=1&eid=561&nid=1&sid=3316712433VxWWhqrk&ts=1683276767&ttl=10800&v=v5.7.5
IP
109.206.162.121:443
ASN
#50245 Serverel Inc.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjecticdns.net
Fingerprint87:2C:5B:68:65:6C:2E:3C:A3:94:0A:A6:2B:4A:A9:03:73:F8:56:3B
ValidityFri, 10 Mar 2023 11:31:42 GMT - Thu, 08 Jun 2023 11:31:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b2/c/i/icon?cid=1&eid=561&nid=1&sid=3316712433VxWWhqrk&ts=1683276767&ttl=10800&v=v5.7.5 HTTP/1.1
Host: icdns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: dspclick-v3.8.7
date: Fri, 05 May 2023 08:52:47 GMT
content-length: 0
location: https://s2ipp.xyz/t/r/0vmCe_IpuX25xVWGno2bw_u8deO4DiUdqmx_MiP8DzE/icn.png?e_tid=8NguZUp7TEekW3OJ7f2ntQ&e_ts=1683276767107
X-Firefox-Spdy: h2

go.xlviiirdr.com/smartpop/68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&xhVersion=1&memberId=81c6b0b1-d003-4b0b-bfa4-c50b589c00ff&sourceId=7003&p1=50168&p2=68073&contentType=video/mp4&no_bb=1

104.18.51.106

302 Found

0 B

URL GET HTTP/2
go.xlviiirdr.com/smartpop/68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&xhVersion=1&memberId=81c6b0b1-d003-4b0b-bfa4-c50b589c00ff&sourceId=7003&p1=50168&p2=68073&contentType=video/mp4&no_bb=1
IP
104.18.51.106:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerCloudflare, Inc.
Subjectxlviiirdr.com
FingerprintB6:46:B0:67:90:FC:66:01:63:19:AF:82:28:93:4D:EC:87:21:E8:16
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /smartpop/68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&xhVersion=1&memberId=81c6b0b1-d003-4b0b-bfa4-c50b589c00ff&sourceId=7003&p1=50168&p2=68073&contentType=video/mp4&no_bb=1 HTTP/1.1
Host: go.xlviiirdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 05 May 2023 08:52:48 GMT
content-length: 0
location: https://go.cambaddies.com/api/models/vast?campaignId=68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490&campaignType=smartpop&contentType=video%2Fmp4&creativeId=f57a5230d434e8fc16759afb2861bf3673729456c43a555cbf7c06ce17ef46e6&duration=00%3A00%3A30&iterationId=455592&masterSmartpopId=2683&memberId=81c6b0b1-d003-4b0b-bfa4-c50b589c00ff&no_bb=1&p1=50168&p2=68073&ruleId=29&skipOffset=00%3A00%3A05&smartpopId=3594&sourceId=7003&tag=-girls%2Findian&usePreroll=true&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=30739&xhVersion=1
set-cookie: _var=8782564.30739; Path=/; HttpOnly; SameSite=Strict
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7c27bfdbdc84b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

s2ipp.xyz/t/r/0vmCe_IpuX25xVWGno2bw_u8deO4DiUdqmx_MiP8DzE/icn.png?e_tid=8NguZUp7TEekW3OJ7f2ntQ&e_ts=1683276767107

168.119.9.12

302 Found

0 B

URL GET HTTP/1.1
s2ipp.xyz/t/r/0vmCe_IpuX25xVWGno2bw_u8deO4DiUdqmx_MiP8DzE/icn.png?e_tid=8NguZUp7TEekW3OJ7f2ntQ&e_ts=1683276767107
IP
168.119.9.12:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjects2ipp.xyz
Fingerprint87:77:88:14:9C:F5:32:B0:62:70:FB:FF:58:D8:A6:9F:BC:F0:2D:10
ValidityWed, 26 Apr 2023 11:28:58 GMT - Tue, 25 Jul 2023 11:28:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/r/0vmCe_IpuX25xVWGno2bw_u8deO4DiUdqmx_MiP8DzE/icn.png?e_tid=8NguZUp7TEekW3OJ7f2ntQ&e_ts=1683276767107 HTTP/1.1
Host: s2ipp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
date: Fri, 5 May 2023 08:52:48 GMT
expires: 0
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: *
location: https://mpmant.com/dsp/ph/icm?aid=14190805676604542579&mid=0&sid=581&t=1683276767&subid=ZXADE55T75KSZTTITH6JZDBPWIUAS6AW
content-length: 0
x-response-time: 0ms

go.cambaddies.com/api/models/vast?campaignId=68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490&campaignType=smartpop&contentType=video%2Fmp4&creativeId=f57a5230d434e8fc16759afb2861bf3673729456c43a555cbf7c06ce17ef46e6&duration=00%3A00%3A30&iterationId=455592&masterSmartpopId=2683&memberId=81c6b0b1-d003-4b0b-bfa4-c50b589c00ff&no_bb=1&p1=50168&p2=68073&ruleId=29&skipOffset=00%3A00%3A05&smartpopId=3594&sourceId=7003&tag=-girls%2Findian&usePreroll=true&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=30739&xhVersion=1

88.208.29.90

200 OK

2.0 kB

URL GET HTTP/2
go.cambaddies.com/api/models/vast?campaignId=68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490&campaignType=smartpop&contentType=video%2Fmp4&creativeId=f57a5230d434e8fc16759afb2861bf3673729456c43a555cbf7c06ce17ef46e6&duration=00%3A00%3A30&iterationId=455592&masterSmartpopId=2683&memberId=81c6b0b1-d003-4b0b-bfa4-c50b589c00ff&no_bb=1&p1=50168&p2=68073&ruleId=29&skipOffset=00%3A00%3A05&smartpopId=3594&sourceId=7003&tag=-girls%2Findian&usePreroll=true&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=30739&xhVersion=1
IP
88.208.29.90:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectcambaddies.com
Fingerprint8C:2F:A4:35:26:A0:86:1B:DF:01:1B:E3:DB:9E:5F:3B:CA:3A:25:4B
ValidityTue, 28 Mar 2023 07:47:28 GMT - Mon, 26 Jun 2023 07:47:27 GMT

File type
XML 1.0 document text\012- XML document, ASCII text, with very long lines (1979), with no line terminators
Size
2.0 kB (1979 bytes)
Hash
e348c4ac4af2ee07280da7ea62494a1d
f9374a2c9aa4638b624ea88becaf0079b9229180
da17c0f8d314c3a817de53f64c30083a07545a8dac4fa5c59eae92cc63a7ca85

HTTP Headers

GET /api/models/vast?campaignId=68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490&campaignType=smartpop&contentType=video%2Fmp4&creativeId=f57a5230d434e8fc16759afb2861bf3673729456c43a555cbf7c06ce17ef46e6&duration=00%3A00%3A30&iterationId=455592&masterSmartpopId=2683&memberId=81c6b0b1-d003-4b0b-bfa4-c50b589c00ff&no_bb=1&p1=50168&p2=68073&ruleId=29&skipOffset=00%3A00%3A05&smartpopId=3594&sourceId=7003&tag=-girls%2Findian&usePreroll=true&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=30739&xhVersion=1 HTTP/1.1
Host: go.cambaddies.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://www.xxxfiles.tv/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 08:52:48 GMT
content-type: text/xml; charset=utf-8
content-length: 1979
strict-transport-security: max-age=15768000
access-control-allow-origin: null
access-control-allow-credentials: true
X-Firefox-Spdy: h2

instinctivetheeexemplify.com/sbar.json?key=cc48f4cc72bd1ab0cd76dca8048a896c&uuid=072d53b9-779e-4e4d-8467-09208a0e96c9%3A2%3A1

173.233.139.164

200 OK

4.2 kB

URL GET HTTP/1.1
instinctivetheeexemplify.com/sbar.json?key=cc48f4cc72bd1ab0cd76dca8048a896c&uuid=072d53b9-779e-4e4d-8467-09208a0e96c9%3A2%3A1
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectinstinctivetheeexemplify.com
Fingerprint53:D2:59:BD:B0:52:6A:5F:7C:25:69:14:DA:17:EA:FC:01:0C:1F:41
ValidityMon, 01 May 2023 19:32:47 GMT - Sun, 30 Jul 2023 19:32:46 GMT

File type
JSON data\012- , ASCII text, with very long lines (5863), with no line terminators
Size
4.2 kB (4203 bytes)
Hash
65a7ebe80c69cd144c1503969606a8e7
9abf756cf4d7707e92ba0ba27866e34d8ae58d15
393a790a4e0b85b9b2bfc4043404ec6051f4b623e7c2ef87d0c9f82ad8cbc8dc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=cc48f4cc72bd1ab0cd76dca8048a896c&uuid=072d53b9-779e-4e4d-8467-09208a0e96c9%3A2%3A1 HTTP/1.1
Host: instinctivetheeexemplify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.xxxfiles.tv
Access-Control-Allow-Origin: http://www.xxxfiles.tv
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17371676; expires=Sat, 06 May 2023 08:52:48 GMT; secure; SameSite=None
uid_id2=072d53b9-779e-4e4d-8467-09208a0e96c9:2:1; expires=Fri, 12 May 2023 08:52:48 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 06 May 2023 08:52:48 GMT; secure; SameSite=None
uncs=1; expires=Sat, 06 May 2023 08:52:48 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 06 May 2023 08:52:48 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 06 May 2023 08:52:48 GMT; secure; SameSite=None
sleccc48f4cc72bd1ab0cd76dca8048a896c=[3870584]; expires=Fri, 05 May 2023 08:52:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ddaf6608f1bea854ad2797e52332b551
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

mpmant.com/dsp/ph/icm?aid=14190805676604542579&mid=0&sid=581&t=1683276767&subid=ZXADE55T75KSZTTITH6JZDBPWIUAS6AW

31.220.27.101

302 Found

0 B

URL GET HTTP/2
mpmant.com/dsp/ph/icm?aid=14190805676604542579&mid=0&sid=581&t=1683276767&subid=ZXADE55T75KSZTTITH6JZDBPWIUAS6AW
IP
31.220.27.101:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectmpmant.com
FingerprintD2:0C:BD:E9:50:0C:C1:F5:83:FD:52:45:90:8F:D8:BD:40:34:43:E8
ValidityThu, 30 Mar 2023 18:34:54 GMT - Wed, 28 Jun 2023 18:34:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dsp/ph/icm?aid=14190805676604542579&mid=0&sid=581&t=1683276767&subid=ZXADE55T75KSZTTITH6JZDBPWIUAS6AW HTTP/1.1
Host: mpmant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.18.0
date: Fri, 05 May 2023 08:52:48 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
location: https://i.wmgtr.com/cic/B5zVn3LFG6MeTUPnxFYh5fPakuK7iXH-.png
X-Firefox-Spdy: h2

tsyndicate.com/do2/4f374a23cf56497b89d53e89be5502a2/vast?

136.243.130.121

200 OK

3.2 kB

URL GET HTTP/2
tsyndicate.com/do2/4f374a23cf56497b89d53e89be5502a2/vast?
IP
136.243.130.121:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint78:C4:DB:8D:7E:12:80:0F:A0:B5:E1:B6:0B:3E:B2:46:7E:69:3D:8E
ValidityWed, 12 Apr 2023 09:07:49 GMT - Tue, 11 Jul 2023 09:07:48 GMT

File type
data
Size
3.2 kB (3153 bytes)
Hash
b9e7901db6197c068b6bf05e016aacfc
143d461ff02bcf3813e1631a5492e3f62cf70d19
555b0c830ede580f33a0f6376fe5641a0357d9f84cc1379f15a8afc939b1546a

HTTP Headers

GET /do2/4f374a23cf56497b89d53e89be5502a2/vast? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 08:52:48 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: http://www.xxxfiles.tv
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-vast: 3.0
x-request-id: f3ca3648bc9ce353
set-cookie: ts_uid=f9e73655-9ab5-4400-9698-cb927067cf64; expires=Sun, 05 Nov 2023 08:52:48 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCx5YZNGDMgCEjRxcWIsYU3BLjoYgyE2PYwDFjho0ZGnF06aMg; expires=Sat, 06 May 2023 08:52:48 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

471 B

URL
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
d0fb0becbadf17834fd0fc738be343ef
412157f78d2b78b5790b7958cdb258b7041350c6
38cb3bcbb0db3713affc32af27817cc8078b1ebd4f18e44652594c1c8e3ce340

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 05 May 2023 08:52:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 04 May 2023 21:49:24 GMT
Expires: Thu, 11 May 2023 21:49:23 GMT
Etag: "412157f78d2b78b5790b7958cdb258b7041350c6"
Cache-Control: max-age=564393,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7c27bfdee868fac4-OSL

cdn.stripcash.com/video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704

8.248.224.22

206 Partial Content

62 kB

URL GET HTTP/2
cdn.stripcash.com/video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704
IP
8.248.224.22:443
ASN
#3356 LEVEL3

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerSectigo Limited
Subject*.stripcash.com
Fingerprint5B:6A:0D:1B:EF:C2:6F:3E:E0:9C:46:EE:33:56:AF:46:13:E0:E6:43
ValidityWed, 17 Aug 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
data
Size
62 kB (62400 bytes)
Hash
0b48c6db719935a2fd5442dd8d26e29c
75437d781e9c3f19f4461cc0756bf9d4a861c5e8
23a3723a12dad98b60cad7ae33750dbbdaf1173e68af1f5294742b1d900bf31f

HTTP Headers

GET /video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704 HTTP/1.1
Host: cdn.stripcash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=3670016-
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 05 May 2023 08:52:49 GMT
content-type: binary/octet-stream
content-length: 62400
content-security-policy: block-all-mixed-content
etag: "1c7f5a61d15dfc07d2568923220f34fc"
last-modified: Fri, 05 May 2023 08:51:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 175C333EE82E3F47
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=28800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5K8aF0eDFDvlY80VP0upg2%2B2p7taMnnFiX9QAbBPzoMcdKgBGLFQXu96I%2FfpjSRvQR4k8lr%2B%2FgtqF3bRMMPZ5HeRPwgNJuEaFzYhKxtoGqW7Rh8ySFiv%2F5dSOJMrLarDmDnciE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27be546e60b746-AMS
age: 64
content-range: bytes 3670016-3732415/3732416
X-Firefox-Spdy: h2

cdn.stripcash.com/video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704

8.248.224.22

206 Partial Content

1.6 MB

URL GET HTTP/2
cdn.stripcash.com/video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704
IP
8.248.224.22:443
ASN
#3356 LEVEL3

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerSectigo Limited
Subject*.stripcash.com
Fingerprint5B:6A:0D:1B:EF:C2:6F:3E:E0:9C:46:EE:33:56:AF:46:13:E0:E6:43
ValidityWed, 17 Aug 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
1.6 MB (1565365 bytes)
Hash
e3ae51dd8b54e00003f0c7d522c9310b
f1adfd725d36e4e56eafd49f19b448189eff7977
07c5bae9f095364d83931c86a0adc8594852cb6fa592e63acb36b2a9bb8f6b56

HTTP Headers

GET /video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704 HTTP/1.1
Host: cdn.stripcash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Fri, 05 May 2023 08:52:49 GMT
content-type: binary/octet-stream
content-length: 3732416
content-security-policy: block-all-mixed-content
etag: "1c7f5a61d15dfc07d2568923220f34fc"
last-modified: Fri, 05 May 2023 08:51:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 175C333EE82E3F47
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=28800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5K8aF0eDFDvlY80VP0upg2%2B2p7taMnnFiX9QAbBPzoMcdKgBGLFQXu96I%2FfpjSRvQR4k8lr%2B%2FgtqF3bRMMPZ5HeRPwgNJuEaFzYhKxtoGqW7Rh8ySFiv%2F5dSOJMrLarDmDnciE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27be546e60b746-AMS
age: 64
content-range: bytes 0-3732415/3732416
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/img/close.png

172.64.166.9

200 OK

6.0 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/img/close.png
IP
172.64.166.9:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT

File type
PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (5982 bytes)
Hash
c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd

HTTP Headers

GET /sb/chat/mob/ssp/v2/new/3/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:49 GMT
content-type: image/png
content-length: 5982
last-modified: Tue, 05 Jul 2022 10:43:39 GMT
etag: "62c415db-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6742882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5u59YOZed8ahbAP4jCIJh%2FGfJ4jMl8mYEohJUZYh63bgvdwesoNT1Ct%2FgivoT7oiBbJ6KUUno7v3Hy0xYPKcwDRifaJPd2craQbyl173B5mUOkYfBp%2Bu%2FZm0mIEq4z8dlv4YdWnocU9B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfe0aa32385e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/api/click/9536405688650181095?c=60&data[error]=400

135.181.208.216

200 OK

0 B

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/click/9536405688650181095?c=60&data[error]=400
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/9536405688650181095?c=60&data[error]=400 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private

uacabilqlgpw.cdnvideo3.com/api/click/9536405688650181095?c=60&data[error]=3

135.181.208.216

200 OK

0 B

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/click/9536405688650181095?c=60&data[error]=3
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/9536405688650181095?c=60&data[error]=3 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private

cdn.cloudimagesb.com/si/4f/21/b6/4f21b6f8926b18cc8cec37ffa47004e5/1671506253.png

45.133.44.9

200 OK

80 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/4f/21/b6/4f21b6f8926b18cc8cec37ffa47004e5/1671506253.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint6F:9C:41:9B:BA:6A:17:A2:42:F8:28:FF:ED:09:F8:26:12:F1:4C:7B
ValidityThu, 30 Mar 2023 06:08:09 GMT - Wed, 28 Jun 2023 06:08:08 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
80 kB (79704 bytes)
Hash
422ab27df20d8765e0fcd3aa74306f6b
3b69a90b3d1a5bd964280b7bad97c2a5baaa6951
9f2c6b29335b1545ddfa2f7e84286472468f737e1d73f6f0562babac6e3afa5a

HTTP Headers

GET /si/4f/21/b6/4f21b6f8926b18cc8cec37ffa47004e5/1671506253.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:49 GMT
content-type: image/png
content-length: 79704
server: nginx/1.17.6
last-modified: Tue, 20 Dec 2022 03:17:41 GMT
etag: "63a12955-13758"
expires: Sun, 07 May 2023 08:52:49 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.stripcash.com/video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704

8.248.224.22

206 Partial Content

1.6 MB

URL GET HTTP/2
cdn.stripcash.com/video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704
IP
8.248.224.22:443
ASN
#3356 LEVEL3

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerSectigo Limited
Subject*.stripcash.com
Fingerprint5B:6A:0D:1B:EF:C2:6F:3E:E0:9C:46:EE:33:56:AF:46:13:E0:E6:43
ValidityWed, 17 Aug 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
data
Size
1.6 MB (1573335 bytes)
Hash
8ba66bb9471f02a07b52b91afb5c2df1
f1696cad8037b2ac263b193d757d7f44c9f8890d
ca6cbbd686e643041182c653714f957515cc4e695610499a34ce2f0b78813fab

HTTP Headers

GET /video/a98e7983ef2f180a166cde100961c7c4.mp4?cb=1683276704 HTTP/1.1
Host: cdn.stripcash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=753664-
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 05 May 2023 08:52:49 GMT
content-type: binary/octet-stream
content-length: 2978752
content-security-policy: block-all-mixed-content
etag: "1c7f5a61d15dfc07d2568923220f34fc"
last-modified: Fri, 05 May 2023 08:51:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 175C333EE82E3F47
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=28800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5K8aF0eDFDvlY80VP0upg2%2B2p7taMnnFiX9QAbBPzoMcdKgBGLFQXu96I%2FfpjSRvQR4k8lr%2B%2FgtqF3bRMMPZ5HeRPwgNJuEaFzYhKxtoGqW7Rh8ySFiv%2F5dSOJMrLarDmDnciE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27be546e60b746-AMS
age: 64
content-range: bytes 753664-3732415/3732416
X-Firefox-Spdy: h2

vlcdn.tsyndicate.com/videos/c/9/e7f2ba5d025972c148607d5278160929cbd457/440x250.mp4

8.247.217.249

206 Partial Content

35 kB

URL GET HTTP/2
vlcdn.tsyndicate.com/videos/c/9/e7f2ba5d025972c148607d5278160929cbd457/440x250.mp4
IP
8.247.217.249:443
ASN
#3356 LEVEL3

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerSectigo Limited
Subjectvlcdn.tsyndicate.com
Fingerprint64:07:46:11:F0:63:22:CB:89:05:CA:C8:53:66:31:4A:18:EB:77:2D
ValidityWed, 10 Aug 2022 00:00:00 GMT - Sun, 10 Sep 2023 23:59:59 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
35 kB (35043 bytes)
Hash
3f0017cdfc8753ad60963440ba287bc4
d7fddae611f705e79c645eef7158f3b3237f808f
aa17aa648ae73c77e6ff53a843931887c6222c4422bc42669f033f7843c2f20f

HTTP Headers

GET /videos/c/9/e7f2ba5d025972c148607d5278160929cbd457/440x250.mp4 HTTP/1.1
Host: vlcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: ts_uid=f9e73655-9ab5-4400-9698-cb927067cf64; bfq=APeIECNCx5YZNGDMgCEjRxcWIsYU3BLjoYgyE2PYwDFjho0ZGnF06aMg
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Fri, 05 May 2023 08:52:49 GMT
content-type: video/mp4
content-length: 35043
etag: "645405a7-88e3"
last-modified: Thu, 04 May 2023 19:21:11 GMT
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-expose-headers: Server,Range,Content-Length,Content-Range
access-control-allow-headers: *
access-control-max-age: 31536000
access-control-allow-credentials: true
age: 48279
content-range: bytes 0-35042/35043
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/api/click/3552251425836278095?c=60&data[error]=3

135.181.208.216

200 OK

0 B

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/click/3552251425836278095?c=60&data[error]=3
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/3552251425836278095?c=60&data[error]=3 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private

xdiwbc.com/template/social.html

172.64.107.34

200 OK

34 kB

URL GET HTTP/2
xdiwbc.com/template/social.html
IP
172.64.107.34:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xdiwbc.com
Fingerprint3A:79:D7:7B:9C:24:59:26:BA:C9:D4:C0:AA:C4:80:54:ED:D2:FB:3B
ValidityFri, 07 Apr 2023 13:43:24 GMT - Thu, 06 Jul 2023 13:43:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4579), with no line terminators
Size
34 kB (33491 bytes)
Hash
8e01b6a78b880890af725352f0a22b9c
592af0ad99380266f554614f201d492bef029e96
dbe34a5d9d3895072eb4bd79595dc67eca0cce01c4e3ea4db9f53b5d8e285579

HTTP Headers

GET /template/social.html HTTP/1.1
Host: xdiwbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: http://www.xxxfiles.tv
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Fri, 05 May 2023 08:52:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYi5w8TiPNPc1ytxAeUXzc9ne7ZFL2m5JyR4e9iFHvVq9TZBkm4guBTKbivIsnhlhZWZJF3jhz%2FWVf9tYWe90xIk6g6pq1qssDwWc6JrlOmCVxOaPBW63lScow%2F4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfda1d577783-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pxl.tsyndicate.com/api/v1/error?errorcode=3&p=APeICDOGjggdMFgMhAPnYIyHOGwoHNOmoY4aNHDUgCFRhBg3bg7OoAFjBgwZORTSaePQBo4ZMm7YkIlDZRsZLV_GnOnyoQyFcNiMOZhQxJgzRPsoCAg%3D&s=05c608ec0f459015f5422bb1873eac50568e008c2af6a87ecb3b2f0fb03234d71683276768

136.243.75.209

200 OK

0 B

URL GET HTTP/2
pxl.tsyndicate.com/api/v1/error?errorcode=3&p=APeICDOGjggdMFgMhAPnYIyHOGwoHNOmoY4aNHDUgCFRhBg3bg7OoAFjBgwZORTSaePQBo4ZMm7YkIlDZRsZLV_GnOnyoQyFcNiMOZhQxJgzRPsoCAg%3D&s=05c608ec0f459015f5422bb1873eac50568e008c2af6a87ecb3b2f0fb03234d71683276768
IP
136.243.75.209:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint78:C4:DB:8D:7E:12:80:0F:A0:B5:E1:B6:0B:3E:B2:46:7E:69:3D:8E
ValidityWed, 12 Apr 2023 09:07:49 GMT - Tue, 11 Jul 2023 09:07:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/v1/error?errorcode=3&p=APeICDOGjggdMFgMhAPnYIyHOGwoHNOmoY4aNHDUgCFRhBg3bg7OoAFjBgwZORTSaePQBo4ZMm7YkIlDZRsZLV_GnOnyoQyFcNiMOZhQxJgzRPsoCAg%3D&s=05c608ec0f459015f5422bb1873eac50568e008c2af6a87ecb3b2f0fb03234d71683276768 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: ts_uid=f9e73655-9ab5-4400-9698-cb927067cf64; bfq=APeIECNCx5YZNGDMgCEjRxcWIsYU3BLjoYgyE2PYwDFjho0ZGnF06aMg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 08:52:49 GMT
content-length: 0
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/style.css

172.64.166.9

200 OK

1.0 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/style.css
IP
172.64.166.9:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT

File type
ASCII text
Size
1.0 kB (1032 bytes)
Hash
ec70dc1133e8021599c02dbeeb35d577
649f3cc3878514bdb5a50964daf80861e9be2f08
244b275d88e14763ac99b385740bb139693b58772e445e5f9c8c88e4616d5381

HTTP Headers

GET /sb/chat/mob/ssp/v2/new/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:49 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:55 GMT
etag: W/"62ceb703-1229"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvcGoI8Bs%2FFQKGCY51z2ohljhR%2FblpR%2BoMRK7B%2FGV0wDBVAfl6M93djjGXe41mtGl0P%2B55U9Sog8sTwrT0mCC80OBd05Ug72XX0CW032mtS9AWkTflERzFGddL3DtpumfV%2B4yJEWPL85"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfe079e8385e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 29 Apr 2023 20:50:32 GMT
Expires: Sun, 28 Apr 2024 20:50:32 GMT
Cache-Control: public, max-age=31536000
Age: 475338
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/1.1
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:80
ASN
#15169 GOOGLE

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 03 May 2023 23:24:16 GMT
Expires: Thu, 02 May 2024 23:24:16 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
Age: 120514

instinctivetheeexemplify.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitzsaD60ENIgiKc%2FCgaCbdMz0zPeawGNdIMG6W3RV%2FXKS6qnpSprqrqeqengSE4ILucfQv6LxJNuiGRfG8IjPeggsZT3MwiODFq7BeZZLg6Hf5vtfvHV6%2FV5%2Fv5afERU4nq%2B%2FqHakUXWpU3crLH3jecmVdJnmv0guaHzf95Yrpvu657ar7SuVtwbb0Us31XNdzvcqqNCLSvSXP86ouZHrU9qptt%2BrXql7DR8%2F8H9vcgaUOePeULEDy8eWj%2Bz4kGyKJv70q7Fam09feinNFM23Q5YfvJVuJLhLEszMyDqLk8EINbU9Wf4BODs4MQ3f%2FFYZyTJw%2FfkeYHF64RNg9ODcaKogEIX8CRXcIoYaQdAimb0PyEwIwjmsbSOK717Qp6PY5S6fsmMw%2F%2BguyGJP5X59BEt9fUbJXualVnkmdWPSiErI3hOwMkeYjZDtzkMUILPsMkj8kS4%2FWkcT7G1ZpSD55yW3VeKMethdbrbZY9IXPFwO%2F2Vp02zU3oK5oN1n7LCEph5DREEr0Qe0ccusglw7yyEGeOoj5pNJifhDwoMGpYKwWRl4Q%2BZHfpsyNmFtv15Cz6T%2F0kaV9MNUHM7tIzS625FcnjYWT9TWY%2FEfYzRKWO7AZQZeXKARBYQkKSlBIgiIjKLrlAVe2Zsu7XNk89C527WLXy4HOOnv0QGcdkZC99JQ8PY3PeXzheWyJSYUxP4h8xlq1kHs0dBlvNTmjgesHNGg3GawsIe0cqHWwI8fksT8%2FRSrHZI7%2BjJCOYNUITD4Fmr8AWgxaNRd0c%2BAHLnaSo16vF0klbJXpGFyXSLN5ZNvOnjolz53VuPxkD4IdX%2Fn%2B74eTZ794FcyUSE2JT%2BRPBB11Z3BDF2T%2Fhi4s%2BW4jzWQsd%2Bi04psZzcSlb94R24U2fO2q7X%2F9BpsS0%2FPolrDZOk24TDqW3FuRnAuzqg0T5MGafV%2BE13O7uZKbJE%2FXr7%2B5uhanRlgrdTIElWNCJmtgckwuP%2Fjo7Pm%2BeO9DSDOEyUvE%2BTG5GEg9Akt3YdOZf6sJjJppwtRBkZcDUwtnH5UkUGKGaVjC%2FgeHs3vP3kHHOKDZbSRxia4p0VUlqOrD5pcGWWqOr%2FxSPxuEyhmEyjj7oTLqy%2FNwrZyW7ArqhS1PCC4adcb8JgvCZlT3WyJo8AYyO%2Ba3Rr%2F9AwAA%2F%2F8BAAD%2F%2FwaR7EaLBAAA

173.233.139.164

200 OK

7 B

URL GET HTTP/1.1
instinctivetheeexemplify.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitzsaD60ENIgiKc%2FCgaCbdMz0zPeawGNdIMG6W3RV%2FXKS6qnpSprqrqeqengSE4ILucfQv6LxJNuiGRfG8IjPeggsZT3MwiODFq7BeZZLg6Hf5vtfvHV6%2FV5%2Fv5afERU4nq%2B%2FqHakUXWpU3crLH3jecmVdJnmv0guaHzf95Yrpvu657ar7SuVtwbb0Us31XNdzvcqqNCLSvSXP86ouZHrU9qptt%2BrXql7DR8%2F8H9vcgaUOePeULEDy8eWj%2Bz4kGyKJv70q7Fam09feinNFM23Q5YfvJVuJLhLEszMyDqLk8EINbU9Wf4BODs4MQ3f%2FFYZyTJw%2FfkeYHF64RNg9ODcaKogEIX8CRXcIoYaQdAimb0PyEwIwjmsbSOK717Qp6PY5S6fsmMw%2F%2BguyGJP5X59BEt9fUbJXualVnkmdWPSiErI3hOwMkeYjZDtzkMUILPsMkj8kS4%2FWkcT7G1ZpSD55yW3VeKMethdbrbZY9IXPFwO%2F2Vp02zU3oK5oN1n7LCEph5DREEr0Qe0ccusglw7yyEGeOoj5pNJifhDwoMGpYKwWRl4Q%2BZHfpsyNmFtv15Cz6T%2F0kaV9MNUHM7tIzS625FcnjYWT9TWY%2FEfYzRKWO7AZQZeXKARBYQkKSlBIgiIjKLrlAVe2Zsu7XNk89C527WLXy4HOOnv0QGcdkZC99JQ8PY3PeXzheWyJSYUxP4h8xlq1kHs0dBlvNTmjgesHNGg3GawsIe0cqHWwI8fksT8%2FRSrHZI7%2BjJCOYNUITD4Fmr8AWgxaNRd0c%2BAHLnaSo16vF0klbJXpGFyXSLN5ZNvOnjolz53VuPxkD4IdX%2Fn%2B74eTZ794FcyUSE2JT%2BRPBB11Z3BDF2T%2Fhi4s%2BW4jzWQsd%2Bi04psZzcSlb94R24U2fO2q7X%2F9BpsS0%2FPolrDZOk24TDqW3FuRnAuzqg0T5MGafV%2BE13O7uZKbJE%2FXr7%2B5uhanRlgrdTIElWNCJmtgckwuP%2Fjo7Pm%2BeO9DSDOEyUvE%2BTG5GEg9Akt3YdOZf6sJjJppwtRBkZcDUwtnH5UkUGKGaVjC%2FgeHs3vP3kHHOKDZbSRxia4p0VUlqOrD5pcGWWqOr%2FxSPxuEyhmEyjj7oTLqy%2FNwrZyW7ArqhS1PCC4adcb8JgvCZlT3WyJo8AYyO%2Ba3Rr%2F9AwAA%2F%2F8BAAD%2F%2FwaR7EaLBAAA
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectinstinctivetheeexemplify.com
Fingerprint53:D2:59:BD:B0:52:6A:5F:7C:25:69:14:DA:17:EA:FC:01:0C:1F:41
ValidityMon, 01 May 2023 19:32:47 GMT - Sun, 30 Jul 2023 19:32:46 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitzsaD60ENIgiKc%2FCgaCbdMz0zPeawGNdIMG6W3RV%2FXKS6qnpSprqrqeqengSE4ILucfQv6LxJNuiGRfG8IjPeggsZT3MwiODFq7BeZZLg6Hf5vtfvHV6%2FV5%2Fv5afERU4nq%2B%2FqHakUXWpU3crLH3jecmVdJnmv0guaHzf95Yrpvu657ar7SuVtwbb0Us31XNdzvcqqNCLSvSXP86ouZHrU9qptt%2BrXql7DR8%2F8H9vcgaUOePeULEDy8eWj%2Bz4kGyKJv70q7Fam09feinNFM23Q5YfvJVuJLhLEszMyDqLk8EINbU9Wf4BODs4MQ3f%2FFYZyTJw%2FfkeYHF64RNg9ODcaKogEIX8CRXcIoYaQdAimb0PyEwIwjmsbSOK717Qp6PY5S6fsmMw%2F%2BguyGJP5X59BEt9fUbJXualVnkmdWPSiErI3hOwMkeYjZDtzkMUILPsMkj8kS4%2FWkcT7G1ZpSD55yW3VeKMethdbrbZY9IXPFwO%2F2Vp02zU3oK5oN1n7LCEph5DREEr0Qe0ccusglw7yyEGeOoj5pNJifhDwoMGpYKwWRl4Q%2BZHfpsyNmFtv15Cz6T%2F0kaV9MNUHM7tIzS625FcnjYWT9TWY%2FEfYzRKWO7AZQZeXKARBYQkKSlBIgiIjKLrlAVe2Zsu7XNk89C527WLXy4HOOnv0QGcdkZC99JQ8PY3PeXzheWyJSYUxP4h8xlq1kHs0dBlvNTmjgesHNGg3GawsIe0cqHWwI8fksT8%2FRSrHZI7%2BjJCOYNUITD4Fmr8AWgxaNRd0c%2BAHLnaSo16vF0klbJXpGFyXSLN5ZNvOnjolz53VuPxkD4IdX%2Fn%2B74eTZ794FcyUSE2JT%2BRPBB11Z3BDF2T%2Fhi4s%2BW4jzWQsd%2Bi04psZzcSlb94R24U2fO2q7X%2F9BpsS0%2FPolrDZOk24TDqW3FuRnAuzqg0T5MGafV%2BE13O7uZKbJE%2FXr7%2B5uhanRlgrdTIElWNCJmtgckwuP%2Fjo7Pm%2BeO9DSDOEyUvE%2BTG5GEg9Akt3YdOZf6sJjJppwtRBkZcDUwtnH5UkUGKGaVjC%2FgeHs3vP3kHHOKDZbSRxia4p0VUlqOrD5pcGWWqOr%2FxSPxuEyhmEyjj7oTLqy%2FNwrZyW7ArqhS1PCC4adcb8JgvCZlT3WyJo8AYyO%2Ba3Rr%2F9AwAA%2F%2F8BAAD%2F%2FwaR7EaLBAAA HTTP/1.1
Host: instinctivetheeexemplify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: u_pl=17371676; uid_id2=072d53b9-779e-4e4d-8467-09208a0e96c9:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:50 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dcd6b3b3cbe1124037daebcc0346e141
Strict-Transport-Security: max-age=0; includeSubdomains

instinctivetheeexemplify.com/pixel/sbs?c=1

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
instinctivetheeexemplify.com/pixel/sbs?c=1
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectinstinctivetheeexemplify.com
Fingerprint53:D2:59:BD:B0:52:6A:5F:7C:25:69:14:DA:17:EA:FC:01:0C:1F:41
ValidityMon, 01 May 2023 19:32:47 GMT - Sun, 30 Jul 2023 19:32:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: instinctivetheeexemplify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: u_pl=17371676; uid_id2=072d53b9-779e-4e4d-8467-09208a0e96c9:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:50 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html

45.133.44.3

200 OK

1.2 kB

URL GET HTTP/2
cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
IP
45.133.44.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
FingerprintD7:F2:D3:47:0C:43:94:F7:D3:3B:42:E5:1A:61:6E:85:4E:72:C0:25
ValidityThu, 16 Mar 2023 00:04:28 GMT - Wed, 14 Jun 2023 00:04:27 GMT

File type
HTML document, ASCII text, with very long lines (1266), with no line terminators
Size
1.2 kB (1190 bytes)
Hash
b1a0e0ddf84fa761508921638d1c05ba
6648c209a77d2b683ee31e59ee79666b7d6a5412
e09f27aa42b0340c6dc785b112e061e6888c8d79d03f19e9a61289433a131fe9

HTTP Headers

GET /sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:49 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 13 Jul 2022 12:11:03 GMT
etag: W/"62ceb657-4a6"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 05 May 2023 09:52:49 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css

172.64.166.9

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
IP
172.64.166.9:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT

File type
ASCII text
Size
79 kB (79313 bytes)
Hash
fc638645a938f69e69360c75335ffd1a
143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4
7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90

HTTP Headers

GET /sb/chat/mob/ssp/v2/new/3/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:49 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:56 GMT
etag: W/"62ceb704-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OApmOsRk5KAOAg9Bg7r%2BNIHZb0ckNgDn5fQ9GKchI91vUx9ML3v5F3B2HYhg6AnH6%2F%2Bihs%2BJzzQl8O19JJzOoh0Y%2FdvLi5WErI%2FEg3Jao%2BQYppOhVtSqCVIDeCpLcrqjJwGwqZLWs10"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfe08a01385e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.xxxfiles.tv/extension/aine/pr_1409.php?s=1683276780733.0.8757397347932793

104.21.83.6

200 OK

187 B

URL GET HTTP/3
www.xxxfiles.tv/extension/aine/pr_1409.php?s=1683276780733.0.8757397347932793
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
HTML document text\012- troff or preprocessor input, ASCII text, with no line terminators
Size
187 B (187 bytes)
Hash
6c4febc8beb4d521ab8341c797c728a5
c8d30b5612eac154b0bd12bdbf8dab793a5eea2b
a292033534e1629ef3e6bce8c52dc1a0f56ac4596050b9f4df96db21a057348b

HTTP Headers

GET /extension/aine/pr_1409.php?s=1683276780733.0.8757397347932793 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:47 GMT
content-type: application/json
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBAakKZ9IaYwJObfddaOUpIj%2FjqOlyP6UzVLxwWyXg7y%2FRJQq2g5Zebg7tUAaM71qj3wYEa96pd1ViHBRElwsuVoTRoTw5uI6%2B0p%2FpX66moyUsNgVlgabLBdRHimlv1sovE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfd5dd8d1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.xxxfiles.tv/js/plugins.js

104.21.83.6

200 OK

131 kB

URL GET HTTP/2
www.xxxfiles.tv/js/plugins.js
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type

Size
131 kB (130671 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/plugins.js HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2019 06:40:43 GMT
vary: Accept-Encoding
etag: W/"5ddcc8eb-1fe6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 2131984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pStKV35dOidabHTU25WttFy5aaOUf%2B5YnF%2F2z5EkPWHjWNkWPm8mexR0dBbHLQ%2F%2FqICbPfTq7pHTWvjP2BdZ1C5gQZv9jekpF9acFhFhg%2Bro7U8Xe7lWyaqsIp4nWAeTpk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfc73d5bb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.xxxfiles.tv/js/kvs/main.min.js

104.21.83.6

200 OK

267 kB

URL GET HTTP/2
www.xxxfiles.tv/js/kvs/main.min.js
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type

Size
267 kB (266952 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/kvs/main.min.js HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: application/javascript
last-modified: Wed, 20 Nov 2019 11:57:15 GMT
vary: Accept-Encoding
etag: W/"5dd52a1b-412c8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 2131984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFXFLjIUrHPLZrwuz6vvTyA300%2BC8uvx2zyx4TJw1%2Bw22cXkPxgueU3gNW8taMqdBNoD8BZ4C1GDF5GQj3yu1Gy2UEgJYa9GUQ1IYLcMQFQIsr8325XjETruwMYDotL224o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfc74d6eb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.xxxfiles.tv/css/main.css

104.21.83.6

200 OK

77 kB

URL GET HTTP/2
www.xxxfiles.tv/css/main.css
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
assembler source, ASCII text, with very long lines (492)
Size
77 kB (77392 bytes)
Hash
f2acc5750c70ce7508edcacb053ddda2
93cbb3c6fa87587f1c1c09ad44e7769ca8f41ea5
762a4d48cacd0adbc7d45e1feec08bc734ceeab368130560d57154d8c9d4a1fd

HTTP Headers

GET /css/main.css HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: text/css
last-modified: Mon, 23 May 2022 12:38:16 GMT
vary: Accept-Encoding
etag: W/"628b8038-12e50"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 2131984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCwQs%2BAjHTLGwBFc0xOGCQQAp%2F4xRvEdmw0hM6z6xqasbK86BJMRT1%2F6p3dF%2BlsXsyf1JFcyLsvJrA3FUDgidxCuqQFLWct4bHhnsAZh%2BE%2F2siAkrI6%2BX9C6zd4pCvkuIn4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfc71d33b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/api/users/309159?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25

135.181.208.216

200 OK

733 B

URL GET HTTP/2
uacabilqlgpw.cdnvideo3.com/api/users/309159?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subject8afb7f9e2c1a7a9e.vtube.to
FingerprintFA:29:50:3A:07:C7:EC:67:24:04:0D:B0:6B:BC:2A:C8:34:0D:66:EB
ValidityTue, 02 May 2023 00:27:31 GMT - Mon, 31 Jul 2023 00:27:30 GMT

File type
ASCII text, with very long lines (785), with no line terminators
Size
733 B (733 bytes)
Hash
a11dd6d80709cd25344b88a08939c0ac
be033f005bb91a41eec00e08ff0c34e3a0ea9b27
aca68763cb9488218f1642160fd283d96b5e665f10dad3dd635bbcb4688068c0

HTTP Headers

GET /api/users/309159?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 08:52:47 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=zutef7LLQoUdscvclt8V; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

i.wmgtr.com/cim/u1a7YOlSqOHS_OZ5054Pd3wsY96uiWEK.png

0.0.0.0

0 B

URL GET
i.wmgtr.com/cim/u1a7YOlSqOHS_OZ5054Pd3wsY96uiWEK.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjecti.wmgtr.com
Fingerprint7D:1B:65:9B:B8:35:3F:63:AA:D6:0E:B1:DB:13:80:AA:F0:55:75:FC
ValiditySun, 23 Apr 2023 23:02:02 GMT - Sat, 22 Jul 2023 23:02:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cim/u1a7YOlSqOHS_OZ5054Pd3wsY96uiWEK.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:48 GMT
content-type: image/png
server: nginx/1.19.0
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
content-encoding: gzip
cache-control: max-age=82800
expires: Sat, 06 May 2023 07:52:48 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/api/users/433863?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25

135.181.208.216

200 OK

522 B

URL GET HTTP/2
uacabilqlgpw.cdnvideo3.com/api/users/433863?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subject8afb7f9e2c1a7a9e.vtube.to
FingerprintFA:29:50:3A:07:C7:EC:67:24:04:0D:B0:6B:BC:2A:C8:34:0D:66:EB
ValidityTue, 02 May 2023 00:27:31 GMT - Mon, 31 Jul 2023 00:27:30 GMT

File type
ASCII text, with very long lines (592), with no line terminators
Size
522 B (522 bytes)
Hash
8df7151370e4a54d67708f1a4892b7c2
ac307285d4e7a004eb71c3ddef1abde0734e8cf1
dd5196b3f55c00d95ed80b5c9a95ead458550e3ed7a6e40a0b027cb86c875efa

HTTP Headers

GET /api/users/433863?host=www.xxxfiles.tv&ev=206&wh=1024&ww=1280&uuid=&i=1&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy%20Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred%20hair%2Cnude%2Clonghair%2Cparis%2Csmall%20breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny%20Aurora&s1=%25subid1%25 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 08:52:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=wZy2MUzYHTRYny15tk3g; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

adactioner.com/asset-12006683.mp4

213.133.98.241

206 Partial Content

51 kB

URL GET HTTP/2
adactioner.com/asset-12006683.mp4
IP
213.133.98.241:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://uacabilqlgpw.cdnvideo3.com/api/spots/329585?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectadactioner.com
FingerprintA4:6D:E4:31:E8:7F:01:54:34:36:49:C5:E9:C8:E3:66:A2:1C:B9:7B
ValiditySat, 11 Mar 2023 23:27:07 GMT - Fri, 09 Jun 2023 23:27:06 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
51 kB (50941 bytes)
Hash
1219d2538a3657367d9aeb85df9dcf6e
69997a4e8c9e0496c23a8f44888bfdd2acb2c3de
ed554e6b416b0890bb6c5e8113c6ea68c614310590f525717d8bc72f091c8fe6

HTTP Headers

GET /asset-12006683.mp4 HTTP/1.1
Host: adactioner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Fri, 05 May 2023 08:52:46 GMT
content-type: video/mp4
content-length: 81632
last-modified: Thu, 04 May 2023 09:30:05 GMT
etag: "64537b1d-13ee0"
expires: Sun, 04 Jun 2023 08:52:46 GMT
cache-control: max-age=2592000, public
content-range: bytes 0-81631/81632
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/script.js

172.64.166.9

200 OK

383 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/script.js
IP
172.64.166.9:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT

File type
ASCII text, with very long lines (408), with no line terminators
Size
383 B (383 bytes)
Hash
d8254313a6e071f4883a1fccf4a12323
39159fdfba27aa0b8695c3136ab344c4ee84e4a4
b34fc41421c91ccf9fd5f1351fc45117e12e8cf2b58fdcad45d2710a5d218a88

HTTP Headers

GET /sb/chat/mob/ssp/v2/new/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:49 GMT
content-type: application/javascript
last-modified: Wed, 13 Jul 2022 12:13:56 GMT
etag: W/"62ceb704-17f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sp8hLBqEtd9WsLmnDbJahEPBlHyYYGwODqoV%2FlAC4p4vQ69FsdlEi0OAjG2mhcYZHxUF3WG7Z0T7h1e9j2TK5tq%2FPsevf97ZZdUFDWWHf%2F%2FMgaLwG5P8yh1ih28vr5KYUfeDntu7h4bD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfe1fc8d385e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

a.realsrv.com/ad-provider.js

185.76.9.22

200 OK

88 kB

URL GET HTTP/2
a.realsrv.com/ad-provider.js
IP
185.76.9.22:443
ASN
#60068 Datacamp Limited

Requested by
http://uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintC2:CA:14:12:90:2A:B3:84:F3:3C:B8:A9:E8:82:89:E0:CB:B9:EE:49
ValidityMon, 27 Feb 2023 07:33:27 GMT - Sun, 28 May 2023 07:33:26 GMT

File type
ASCII text, with very long lines (54191)
Size
88 kB (88338 bytes)
Hash
a76e103d1d19a1711585ba045fd7b740
9962f556b06ff3409ab656fc985809f1a0b47366
9dd8d3d60a88285017f3bc865206402f549b43bd708d7fb7749cb761f070992f

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uacabilqlgpw.cdnvideo3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:46 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"9962f556b06ff3409ab656fc985"
expires: Thu, 04 May 2023 19:04:23 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCRTWq/b/1BgAAA
x-77-nzt-ray: af585630cc9b1000dec354648a515b2e
x-accel-expires: @1683281210
x-accel-date: 1683270410
x-cache: HIT
x-age: 6356
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw=

135.181.208.216

200 OK

11 kB

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/spots/329584?p=1&s1=%subid1%&kw=
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Size
11 kB (11165 bytes)
Hash
cbf0d11af8f0d7576a56ae43d6cfffcf
1be5bebfa5bc8c44c5a110d67c4d094b920af212
606933386c9a062b61836524ce697aa2ab32bbf38e5266617d2212d747fbfc48

HTTP Headers

GET /api/spots/329584?p=1&s1=%subid1%&kw= HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=ZNaD9MFE173u6mtNB1ME; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip

prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExNTAwODIsInNpZCI6MTE5NTE5OSwid2lkIjo0Mzk5MzgsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cDovL3d3dy54eHhmaWxlcy50di92aWRlb3MvNzEwODE5L2E2MWM2OGU1NTA3N2JlZTViMjEwMTJiMmMwMTJmZjgwLw==&inc=0

185.162.85.3

200 OK

729 B

URL GET HTTP/2
prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExNTAwODIsInNpZCI6MTE5NTE5OSwid2lkIjo0Mzk5MzgsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cDovL3d3dy54eHhmaWxlcy50di92aWRlb3MvNzEwODE5L2E2MWM2OGU1NTA3N2JlZTViMjEwMTJiMmMwMTJmZjgwLw==&inc=0
IP
185.162.85.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectprhzxq.com
FingerprintE2:7B:B2:5A:29:BC:18:8B:54:42:18:94:DC:A8:70:6D:AC:91:62:83
ValidityTue, 21 Mar 2023 21:20:12 GMT - Mon, 19 Jun 2023 21:20:11 GMT

File type
Unicode text, UTF-8 text, with very long lines (800), with no line terminators
Size
729 B (729 bytes)
Hash
ebe1710877c84d2781432d565df6f37b
c267e52b2dcb4c9ad7cab873057d1ebd4b1de78f
064155dd6c84b43aabf5c10f3747e4b218e68ff551b3db2a597d22cb762892f7

HTTP Headers

GET /wnload?a=1&e=aeyJwaWQiOjExNTAwODIsInNpZCI6MTE5NTE5OSwid2lkIjo0Mzk5MzgsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cDovL3d3dy54eHhmaWxlcy50di92aWRlb3MvNzEwODE5L2E2MWM2OGU1NTA3N2JlZTViMjEwMTJiMmMwMTJmZjgwLw==&inc=0 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 05 May 2023 08:52:47 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2

pxl.tsyndicate.com/api/v1/error?errorcode=400&p=APeICDOGjggdMFgMhAPnYIyHOGwoHNOmoY4aNHDUgCFRhBg3bg7OoAFjBgwZORTSaePQBo4ZMm7YkIlDZRsZLV_GnOnyoQyFcNiMOZhQxJgzRPsoCAg%3D&s=05c608ec0f459015f5422bb1873eac50568e008c2af6a87ecb3b2f0fb03234d71683276768

136.243.75.209

200 OK

0 B

URL GET HTTP/2
pxl.tsyndicate.com/api/v1/error?errorcode=400&p=APeICDOGjggdMFgMhAPnYIyHOGwoHNOmoY4aNHDUgCFRhBg3bg7OoAFjBgwZORTSaePQBo4ZMm7YkIlDZRsZLV_GnOnyoQyFcNiMOZhQxJgzRPsoCAg%3D&s=05c608ec0f459015f5422bb1873eac50568e008c2af6a87ecb3b2f0fb03234d71683276768
IP
136.243.75.209:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint78:C4:DB:8D:7E:12:80:0F:A0:B5:E1:B6:0B:3E:B2:46:7E:69:3D:8E
ValidityWed, 12 Apr 2023 09:07:49 GMT - Tue, 11 Jul 2023 09:07:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/v1/error?errorcode=400&p=APeICDOGjggdMFgMhAPnYIyHOGwoHNOmoY4aNHDUgCFRhBg3bg7OoAFjBgwZORTSaePQBo4ZMm7YkIlDZRsZLV_GnOnyoQyFcNiMOZhQxJgzRPsoCAg%3D&s=05c608ec0f459015f5422bb1873eac50568e008c2af6a87ecb3b2f0fb03234d71683276768 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: ts_uid=f9e73655-9ab5-4400-9698-cb927067cf64; bfq=APeIECNCx5YZNGDMgCEjRxcWIsYU3BLjoYgyE2PYwDFjho0ZGnF06aMg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 08:52:49 GMT
content-length: 0
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

twinrdsrv.com/preroll.engine?id=4ce47ff2-c2e3-47a1-a9be-931241b17841&zid=52151&cvs={ClientVideoSupport}&time={TimeOffset}&stdtime={StdTimeOffset}&abr={IsAdblockRequest}&pageurl={PageUrl}&tid={TrackingId}&res={Resolution}&bw={BrowserWidth}&bh={BrowserHeight}&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy+Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred+hair%2Cnude%2Clonghair%2Cparis%2Csmall+breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny+Aurora&referrerUrl={ReferrerUrl}&pw={PlayerWidth}&ph={PlayerHeight}

172.66.43.59

200 OK

7.4 kB

URL GET HTTP/2
twinrdsrv.com/preroll.engine?id=4ce47ff2-c2e3-47a1-a9be-931241b17841&zid=52151&cvs={ClientVideoSupport}&time={TimeOffset}&stdtime={StdTimeOffset}&abr={IsAdblockRequest}&pageurl={PageUrl}&tid={TrackingId}&res={Resolution}&bw={BrowserWidth}&bh={BrowserHeight}&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy+Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred+hair%2Cnude%2Clonghair%2Cparis%2Csmall+breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny+Aurora&referrerUrl={ReferrerUrl}&pw={PlayerWidth}&ph={PlayerHeight}
IP
172.66.43.59:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint44:DC:AB:AD:02:68:C6:90:3B:A8:AF:E2:FD:7E:D7:F2:0E:5D:AC:2E
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7455), with no line terminators
Size
7.4 kB (7443 bytes)
Hash
9c287e98b4338ead9ffeaf4a2d752903
798b6232a8d1852c5c9b494e91ace36c50ba35ef
8f6f6f24ee3dc6eaf073cd05bf15b66c4c5b642c75ddc54feab2045f9f2fcb66

HTTP Headers

GET /preroll.engine?id=4ce47ff2-c2e3-47a1-a9be-931241b17841&zid=52151&cvs={ClientVideoSupport}&time={TimeOffset}&stdtime={StdTimeOffset}&abr={IsAdblockRequest}&pageurl={PageUrl}&tid={TrackingId}&res={Resolution}&bw={BrowserWidth}&bh={BrowserHeight}&kw=Anal%2CBlowjob%2CCumshot%2Cshaved%2Cyoung%2CThreesome%2Corgasm%2CPussy+Licking%2Chotel%2Cbeautiful%2CStriptease%2Cdomination%2Cadorable%2Cred+hair%2Cnude%2Clonghair%2Cparis%2Csmall+breast%2Cdeep-throat%2Cspanked%2Cwhiteskin%2Csmall-ass%2Cteeny%2Cwakeupnfuck.com%2CAnny+Aurora&referrerUrl={ReferrerUrl}&pw={PlayerWidth}&ph={PlayerHeight} HTTP/1.1
Host: twinrdsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:48 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
access-control-allow-credentials: true
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: http://www.xxxfiles.tv
set-cookie: IKSR={}; path=/; SameSite=None; secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FjHtv3LoTkXGHbyAzxheENxrV0sj9Bsq8kjZ%2Bq6YWN58EOMJJ7fwMSPku5297sFmTwbFSx0o4EFflqU03VWRzIz6QO0IEf2rTe%2FR5IoXhe5PUSPMQo41LGJE6y%2FmAg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfd6ff6cb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

instinctivetheeexemplify.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2%2FcRBgdp%2BVAOQAVQkICsQcOIMjGdry7Nj1UlBIUEdqqLeLHBY1nxtshY481Y683kZAiKkGPC3%2BB8zZpBI0qEOcitMstolKW0x6IEBIXrkjlijaJWPgu33t%2B7%2FD8vvl8uzwiLko6XXlXb0ql6FKr6TZe%2FsDzLjTWZFb2G%2F2w%2FXE7uNAwvdc9N2q6rzTeFmxdL%2Fmu57qe6zVWpBGJ7i95ntd0IfP9yGtGbjPwm14rQN%2F8n9vSgaUOeO%2BInIfkk3P79wNINkKWfntZ2PVC56%2B9lZaKFtqgx%2Ffey9YzXWVI5zAxDpJs79QNbQ9XfoDOdo8DQ%2Ff%2BNcZyQpw%2Ffkec7Z2mRNzbPQkaK4gMMX8CVW8EoUaQdASmb0PyQwIwjitXkaV3r2hT0Y0Tlc7UCTn76C%2FIakLO%2FvoMsvT%2BJSX7jRtalYXUmUU%2FqSH7I8juCHk5RrG5AFmNwYrPIPlDsvRoDVm6c9UqDcmnL7kdn7eW42ix04nEYiACvhgG7c6iG%2FluSF0RtVl03JCUI8hkBCUGoHYBpXVQSgdl4qDMHaR82uiwIAx52OJUMObHiRcmQRJElLkJc5cjHyWb%2FcMART4AUwMws4XcbGFdfnXYOn%2B4tgpT%2Fgh7q4blDmxB0OM1KkFQWYKKElSSoCoIql69y5X1bX2XK1vG3un2T%2FdyPdRFd5vu6qIrMrKdH5GnZ%2FU5j59%2FHuti2mAsCJOAsY4fc4%2FGLuOdNmc0dIOQhlGbwcoa0i6AWgebckIe%2B%2FNT5HJCFujPiOkYVo3B5FOg5Qug1bDju6C3hkHoYjPb7%2Ff7iVTCNplOwXWNvDiLYsPZVkfkueMzXniyD8EOLn7%2F98Pps1%2B8CmZq5KbGJ%2FIngq66M7yuK7JzXVeWfHc1L2QqN%2BnsxDcKWogz37wjNipt%2BOplO%2Fj6DTYTZnD%2FprDFGs24zLqW3LskORdmRRsmyINV%2B76Ir5X21qXSZGW%2Bdu3NldU0N8JaqbMRqJwQMl0FkxNy7sFHx8%2F3xXsfQpoRTFkjLQ%2FI6UDqMVi%2BBZvP81tNYNTcE%2BcOqrIeGj%2Bef1SSQIk5p3EN%2Bx8ez%2FG2vYOucUCL28jSGj1To6dqUDWALc8Mi9wcXPxl%2BXgQK2cYK%2BPsxMqoL0%2FKtXLaEB3RjqLADTrcdeOA%2B77XEowuBzSivp90UNgJvzn%2B7R8AAAD%2F%2FwEAAP%2F%2F%2BbZEVosEAAA%3D

173.233.139.164

200 OK

0 B

URL GET HTTP/1.1
instinctivetheeexemplify.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2%2FcRBgdp%2BVAOQAVQkICsQcOIMjGdry7Nj1UlBIUEdqqLeLHBY1nxtshY481Y683kZAiKkGPC3%2BB8zZpBI0qEOcitMstolKW0x6IEBIXrkjlijaJWPgu33t%2B7%2FD8vvl8uzwiLko6XXlXb0ql6FKr6TZe%2FsDzLjTWZFb2G%2F2w%2FXE7uNAwvdc9N2q6rzTeFmxdL%2Fmu57qe6zVWpBGJ7i95ntd0IfP9yGtGbjPwm14rQN%2F8n9vSgaUOeO%2BInIfkk3P79wNINkKWfntZ2PVC56%2B9lZaKFtqgx%2Ffey9YzXWVI5zAxDpJs79QNbQ9XfoDOdo8DQ%2Ff%2BNcZyQpw%2Ffkec7Z2mRNzbPQkaK4gMMX8CVW8EoUaQdASmb0PyQwIwjitXkaV3r2hT0Y0Tlc7UCTn76C%2FIakLO%2FvoMsvT%2BJSX7jRtalYXUmUU%2FqSH7I8juCHk5RrG5AFmNwYrPIPlDsvRoDVm6c9UqDcmnL7kdn7eW42ix04nEYiACvhgG7c6iG%2FluSF0RtVl03JCUI8hkBCUGoHYBpXVQSgdl4qDMHaR82uiwIAx52OJUMObHiRcmQRJElLkJc5cjHyWb%2FcMART4AUwMws4XcbGFdfnXYOn%2B4tgpT%2Fgh7q4blDmxB0OM1KkFQWYKKElSSoCoIql69y5X1bX2XK1vG3un2T%2FdyPdRFd5vu6qIrMrKdH5GnZ%2FU5j59%2FHuti2mAsCJOAsY4fc4%2FGLuOdNmc0dIOQhlGbwcoa0i6AWgebckIe%2B%2FNT5HJCFujPiOkYVo3B5FOg5Qug1bDju6C3hkHoYjPb7%2Ff7iVTCNplOwXWNvDiLYsPZVkfkueMzXniyD8EOLn7%2F98Pps1%2B8CmZq5KbGJ%2FIngq66M7yuK7JzXVeWfHc1L2QqN%2BnsxDcKWogz37wjNipt%2BOplO%2Fj6DTYTZnD%2FprDFGs24zLqW3LskORdmRRsmyINV%2B76Ir5X21qXSZGW%2Bdu3NldU0N8JaqbMRqJwQMl0FkxNy7sFHx8%2F3xXsfQpoRTFkjLQ%2FI6UDqMVi%2BBZvP81tNYNTcE%2BcOqrIeGj%2Bef1SSQIk5p3EN%2Bx8ez%2FG2vYOucUCL28jSGj1To6dqUDWALc8Mi9wcXPxl%2BXgQK2cYK%2BPsxMqoL0%2FKtXLaEB3RjqLADTrcdeOA%2B77XEowuBzSivp90UNgJvzn%2B7R8AAAD%2F%2FwEAAP%2F%2F%2BbZEVosEAAA%3D
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjectinstinctivetheeexemplify.com
Fingerprint53:D2:59:BD:B0:52:6A:5F:7C:25:69:14:DA:17:EA:FC:01:0C:1F:41
ValidityMon, 01 May 2023 19:32:47 GMT - Sun, 30 Jul 2023 19:32:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2%2FcRBgdp%2BVAOQAVQkICsQcOIMjGdry7Nj1UlBIUEdqqLeLHBY1nxtshY481Y683kZAiKkGPC3%2BB8zZpBI0qEOcitMstolKW0x6IEBIXrkjlijaJWPgu33t%2B7%2FD8vvl8uzwiLko6XXlXb0ql6FKr6TZe%2FsDzLjTWZFb2G%2F2w%2FXE7uNAwvdc9N2q6rzTeFmxdL%2Fmu57qe6zVWpBGJ7i95ntd0IfP9yGtGbjPwm14rQN%2F8n9vSgaUOeO%2BInIfkk3P79wNINkKWfntZ2PVC56%2B9lZaKFtqgx%2Ffey9YzXWVI5zAxDpJs79QNbQ9XfoDOdo8DQ%2Ff%2BNcZyQpw%2Ffkec7Z2mRNzbPQkaK4gMMX8CVW8EoUaQdASmb0PyQwIwjitXkaV3r2hT0Y0Tlc7UCTn76C%2FIakLO%2FvoMsvT%2BJSX7jRtalYXUmUU%2FqSH7I8juCHk5RrG5AFmNwYrPIPlDsvRoDVm6c9UqDcmnL7kdn7eW42ix04nEYiACvhgG7c6iG%2FluSF0RtVl03JCUI8hkBCUGoHYBpXVQSgdl4qDMHaR82uiwIAx52OJUMObHiRcmQRJElLkJc5cjHyWb%2FcMART4AUwMws4XcbGFdfnXYOn%2B4tgpT%2Fgh7q4blDmxB0OM1KkFQWYKKElSSoCoIql69y5X1bX2XK1vG3un2T%2FdyPdRFd5vu6qIrMrKdH5GnZ%2FU5j59%2FHuti2mAsCJOAsY4fc4%2FGLuOdNmc0dIOQhlGbwcoa0i6AWgebckIe%2B%2FNT5HJCFujPiOkYVo3B5FOg5Qug1bDju6C3hkHoYjPb7%2Ff7iVTCNplOwXWNvDiLYsPZVkfkueMzXniyD8EOLn7%2F98Pps1%2B8CmZq5KbGJ%2FIngq66M7yuK7JzXVeWfHc1L2QqN%2BnsxDcKWogz37wjNipt%2BOplO%2Fj6DTYTZnD%2FprDFGs24zLqW3LskORdmRRsmyINV%2B76Ir5X21qXSZGW%2Bdu3NldU0N8JaqbMRqJwQMl0FkxNy7sFHx8%2F3xXsfQpoRTFkjLQ%2FI6UDqMVi%2BBZvP81tNYNTcE%2BcOqrIeGj%2Bef1SSQIk5p3EN%2Bx8ez%2FG2vYOucUCL28jSGj1To6dqUDWALc8Mi9wcXPxl%2BXgQK2cYK%2BPsxMqoL0%2FKtXLaEB3RjqLADTrcdeOA%2B77XEowuBzSivp90UNgJvzn%2B7R8AAAD%2F%2FwEAAP%2F%2F%2BbZEVosEAAA%3D HTTP/1.1
Host: instinctivetheeexemplify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: u_pl=17371676; uid_id2=072d53b9-779e-4e4d-8467-09208a0e96c9:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 05 May 2023 08:52:48 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8fca5110320bed265f3ac7876c5b3ea8
Strict-Transport-Security: max-age=0; includeSubdomains

addresseepaper.com/sfp.js

0.0.0.0

0 B

URL GET
addresseepaper.com/sfp.js
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

i.wmgtr.com/cic/d186Z1xqbgoLvkVafC4w0Mh9PeSfEmlg.png

0.0.0.0

0 B

URL GET
i.wmgtr.com/cic/d186Z1xqbgoLvkVafC4w0Mh9PeSfEmlg.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjecti.wmgtr.com
Fingerprint7D:1B:65:9B:B8:35:3F:63:AA:D6:0E:B1:DB:13:80:AA:F0:55:75:FC
ValiditySun, 23 Apr 2023 23:02:02 GMT - Sat, 22 Jul 2023 23:02:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cic/d186Z1xqbgoLvkVafC4w0Mh9PeSfEmlg.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:48 GMT
content-type: image/png
server: nginx/1.19.0
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
content-encoding: gzip
cache-control: max-age=82800
expires: Sat, 06 May 2023 07:52:48 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

uacabilqlgpw.cdnvideo3.com/api/settings/377391

135.181.208.216

200 OK

33 B

URL GET HTTP/2
uacabilqlgpw.cdnvideo3.com/api/settings/377391
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subject8afb7f9e2c1a7a9e.vtube.to
FingerprintFA:29:50:3A:07:C7:EC:67:24:04:0D:B0:6B:BC:2A:C8:34:0D:66:EB
ValidityTue, 02 May 2023 00:27:31 GMT - Mon, 31 Jul 2023 00:27:30 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
511ff610a0435434dd22a4836719fbb3
0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3
d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0

HTTP Headers

GET /api/settings/377391 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xxxfiles.tv/
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 08:52:46 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

i.wmgtr.com/cic/B5zVn3LFG6MeTUPnxFYh5fPakuK7iXH-.png

45.133.44.32

200 OK

12 kB

URL GET HTTP/2
i.wmgtr.com/cic/B5zVn3LFG6MeTUPnxFYh5fPakuK7iXH-.png
IP
45.133.44.32:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerLet's Encrypt
Subjecti.wmgtr.com
Fingerprint7D:1B:65:9B:B8:35:3F:63:AA:D6:0E:B1:DB:13:80:AA:F0:55:75:FC
ValiditySun, 23 Apr 2023 23:02:02 GMT - Sat, 22 Jul 2023 23:02:01 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
12 kB (11743 bytes)
Hash
3ca23521821a6d1e97bf61d46dfa635d
c5e8b425e01b2eeb21679f971b65d6ab02ca76f6
f5382c1238060d950b3fb09071dc1d8ef55c73bca6220239662287ab2343535b

HTTP Headers

GET /cic/B5zVn3LFG6MeTUPnxFYh5fPakuK7iXH-.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:48 GMT
content-type: image/jpeg
server: nginx/1.19.0
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
cache-control: max-age=82800
expires: Sat, 06 May 2023 07:52:48 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.xxxfiles.tv/extension/aine/pop_1409.php?s=1683276780735.0.4192557010482666

104.21.83.6

200 OK

161 B

URL GET HTTP/3
www.xxxfiles.tv/extension/aine/pop_1409.php?s=1683276780735.0.4192557010482666
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
HTML document text\012- troff or preprocessor input, ASCII text, with no line terminators
Size
161 B (161 bytes)
Hash
e737546e782da3a416eb068459cdb9cd
de30360e651e0ce41bfe4593b294ee2a33c07ee4
ef6a8969b044e42e916e89c373cde186a1b04b5d2514d8e1f4e6933fd0d71846

HTTP Headers

GET /extension/aine/pop_1409.php?s=1683276780735.0.4192557010482666 HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xxxfiles.tv
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 05 May 2023 08:52:47 GMT
content-type: application/json
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LX3EQICj6pwwsfU%2F0gXmzXVzqUAPXciazZMU400l%2BYGnFZqIeaVS0VAAhTGyy4Yb6rK6%2F6vt72uabcuLxwftvw1AEWL6%2F%2FYoI3V3Kj%2BWOffTX6t%2FFHfjF8KcblGloDRNssE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfd5dd901bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/jquery.min.js

172.64.166.9

200 OK

90 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/jquery.min.js
IP
172.64.166.9:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT

File type
ASCII text, with very long lines (65451)
Size
90 kB (89492 bytes)
Hash
561acb3e541133bbdd2c0c19f8ee35a1
ffd1353cf3f77d25f801c84d8208613eb0d3d548
9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc

HTTP Headers

GET /sb/chat/mob/ssp/v2/new/3/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:49 GMT
content-type: application/javascript
last-modified: Wed, 13 Jul 2022 12:13:58 GMT
etag: W/"62ceb706-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 14756486
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuAJMg2c38V0UJRDRV4Tzbtz9gPGyZR%2FRPMYcJY%2BKJiKakLeZQSu1T2SAAEhZggFRc%2FpSubgSvE5xoSW0k31t%2FAMzMg6vZ3bAfIaDuTxLxWwmcjbcXRq6jskJdYG0sCDLUyry4ohNcNA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c27bfe0ba42385e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

6.8 kB

URL GET HTTP/1.1
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:80
ASN
#15169 GOOGLE

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
ASCII text, with very long lines (6992), with no line terminators
Size
6.8 kB (6803 bytes)
Hash
ec5129b372c275aa9bf89c50f312613d
8e75535bebc8e2ec4579424b4e9505500300eac9
91a09ee6f5574dc9630b63e8d1e8e1ae26442cb7ce32b1576c4c20af5d6f858d

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 05 May 2023 08:52:49 GMT
Date: Fri, 05 May 2023 08:52:49 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=

135.181.208.216

200 OK

12 kB

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/spots/329591?p=1&s1=%subid1%&kw=
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Size
12 kB (12176 bytes)
Hash
f8b84fa9b46a56eb8b60d08c1c1e3bca
1abba1363e05971a05dc9d306a15b3bb9d573eeb
8ef4422dcc017728d164457b93e7e68bf62bc97eee6b28aeac28915e4b7aece0

HTTP Headers

GET /api/spots/329591?p=1&s1=%subid1%&kw= HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=o8S2zNqJ9D8cdnTYRU8C; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip

uacabilqlgpw.cdnvideo3.com/api/click/3552251425836278095?c=60&data[error]=400

135.181.208.216

200 OK

0 B

URL GET HTTP/1.1
uacabilqlgpw.cdnvideo3.com/api/click/3552251425836278095?c=60&data[error]=400
IP
135.181.208.216:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/3552251425836278095?c=60&data[error]=400 HTTP/1.1
Host: uacabilqlgpw.cdnvideo3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 08:52:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private

www.xxxfiles.tv/js/main.js

104.21.83.6

200 OK

21 kB

URL GET HTTP/2
www.xxxfiles.tv/js/main.js
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
ASCII text
Size
21 kB (20767 bytes)
Hash
c719a8f50a9ec082de5a40a2d0b1a442
e9c74b76c56ad7106bd75cb77ef4bbbdb6f67859
96c5ec1f6d8d942a6c1f563600a7f05d8424371972aeb6576be2cd762bee5b1c

HTTP Headers

GET /js/main.js HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: application/javascript
last-modified: Tue, 04 May 2021 10:44:25 GMT
vary: Accept-Encoding
etag: W/"60912589-511f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 2131984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOKCpc12eKXzyiQfDXNCSvE76G8uOJ%2BbRv0kOpQQEJFJhLvl22MOIFW8wFmVTcIVgbLJ4Xoc78roM53Slnr57IXReZfWVxoUDSgebzOgapN1EqiDPIikH6yzBi7B7cKUreQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfc73d5ab529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.xxxfiles.tv/css/plugins.css

104.21.83.6

200 OK

50 kB

URL GET HTTP/2
www.xxxfiles.tv/css/plugins.css
IP
104.21.83.6:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.xxxfiles.tv/videos/710819/a61c68e55077bee5b21012b2c012ff80/?ts=643600
Certificate
IssuerGoogle Trust Services LLC
Subject*.xxxfiles.tv
Fingerprint48:8E:F0:05:F8:0B:FE:1F:24:D4:FB:D8:0C:21:C4:4D:69:B5:7E:C3
ValidityMon, 03 Apr 2023 01:53:46 GMT - Sun, 02 Jul 2023 01:53:45 GMT

File type
ASCII text, with very long lines (29529)
Size
50 kB (50245 bytes)
Hash
4092218dab88f50c2ae78b636da0f06e
6534c8b0dfeaa401038c595a238f3fed21b69da6
2e3480402dc98bc43baa6327e8765e2e07dfc5781359086cb11993e817776cb6

HTTP Headers

GET /css/plugins.css HTTP/1.1
Host: www.xxxfiles.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xxxfiles.tv/
Cookie: PHPSESSID=31pvkd64q8s5hfnvocjtbmmem9; kt_rt_ts=643600; kt_qparams=id%3D710819%26dir%3Da61c68e55077bee5b21012b2c012ff80%26ts%3D643600; kt_ips=91.90.42.154
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 05 May 2023 08:52:45 GMT
content-type: text/css
last-modified: Wed, 20 Nov 2019 10:53:49 GMT
vary: Accept-Encoding
etag: W/"5dd51b3d-c445"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 2131984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FBlnixwFJEkH%2FJarxviSu1aTjGYn1ufwFgiG09vUw1I6YcSQdzGaFNPxRmHdn5n4xwF6YO22PpWxN1jqVdtkL5jvNnqs%2BzTjQ3wsm08pzo18D2fstgHBxkwplJXYnNaDdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c27bfc73d52b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (52)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML