viralhotpot.com/?p=1796
104.21.57.136301 Moved Permanently 0 B IP 104.21.57.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?p=1796 HTTP/1.1
Host: viralhotpot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 23:49:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 00:49:34 GMT
Location: https://viralhotpot.com/?p=1796
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4NDyOci17MLZp4Q%2F%2Fxg4IwYOmeirlI2by1J3FKLHTOzvssrEgMjV9cNEB24PX5oS5%2BegHCicU6eBCfSkCGzut4FUrcfEVGwQl1ji3%2BZl7OvRm38GHa%2BIorDf4coVAkwTck%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7706857c4a10b524-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13351
Expires: Sun, 27 Nov 2022 03:32:05 GMT
Date: Sat, 26 Nov 2022 23:49:34 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1705
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:49:34 GMT
Last-Modified: Sat, 26 Nov 2022 23:21:09 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 23:19:17 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1818
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2263
Expires: Sun, 27 Nov 2022 00:27:18 GMT
Date: Sat, 26 Nov 2022 23:49:35 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/hQupADdNCO4
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/hQupADdNCO4
IP 142.250.74.35:0
Hash 64ad75368fe3b70edc36d74d0b5e4f7a
27f4eb0f9672020bd57e05f29ab0e6375aa68fc2
c7f14669e3e374b6fcb1042c893056d06106108c1b50be80955f0093d0407a50
POST /s/gts1p5/hQupADdNCO4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:49:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FlhTK7aZMhdIaAPz12HGb/+UX2nd92ilpBQ2dRDFuNDkWbUPJV1k4q5efba/Ymla1o7Hz+jLy64=
x-amz-request-id: 2AE0F6GE5712Q7B2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 23:44:25 GMT
age: 310
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:49:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/hQupADdNCO4
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/hQupADdNCO4
IP 142.250.74.35:0
Hash 64ad75368fe3b70edc36d74d0b5e4f7a
27f4eb0f9672020bd57e05f29ab0e6375aa68fc2
c7f14669e3e374b6fcb1042c893056d06106108c1b50be80955f0093d0407a50
POST /s/gts1p5/hQupADdNCO4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:49:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 23:11:12 GMT
cache-control: public,max-age=3600
age: 2303
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2472
Cache-Control: max-age=122308
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:49:35 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 09:48:03 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 275f0035de997821992b512cf1c41d0a
cd24fff9ab00012c1c23622ab1f86aaaf02da8c9
1a8dd40698e960be61c4284c14c9d7a30dc3fe89bbbbf60618e741688f9f0f4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5548
Cache-Control: max-age=157423
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:49:35 GMT
Etag: "63825452-118"
Expires: Mon, 28 Nov 2022 19:33:18 GMT
Last-Modified: Sat, 26 Nov 2022 18:00:50 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:49:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 275f0035de997821992b512cf1c41d0a
cd24fff9ab00012c1c23622ab1f86aaaf02da8c9
1a8dd40698e960be61c4284c14c9d7a30dc3fe89bbbbf60618e741688f9f0f4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5548
Cache-Control: max-age=157423
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:49:35 GMT
Etag: "63825452-118"
Expires: Mon, 28 Nov 2022 19:33:18 GMT
Last-Modified: Sat, 26 Nov 2022 18:00:50 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:49:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 417026ffcf017bb63ec97c8422595242
db286af6e87434de4a8201c7ad609903844c61d9
8f233b2cfb7372dbc20740aca75a14a438fbd608989f7aa51aab13dbad874938
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F233B2CFB7372DBC20740ACA75A14A438FBD608989F7AA51AAB13DBAD874938"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16063
Expires: Sun, 27 Nov 2022 04:17:18 GMT
Date: Sat, 26 Nov 2022 23:49:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 54f24adb80ed3e82590fae1e776d2df6
502bcc08679c733c00caab73fb2facaaa2f04fe7
581b3030b7c35b78f5537d3fffd0630add6c5e4b7873f7b97cb71fc0993a6fe6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "581B3030B7C35B78F5537D3FFFD0630ADD6C5E4B7873F7B97CB71FC0993A6FE6"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10575
Expires: Sun, 27 Nov 2022 02:45:50 GMT
Date: Sat, 26 Nov 2022 23:49:35 GMT
Connection: keep-alive
push.services.mozilla.com/
34.208.34.131101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.34.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2QGCi9BEGhKxtOk8NmL7yQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tnc+HUymSIbP+zQVgurQxM/en58=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43dca8ebcf06bd09eb16b5516072ec48
84fe572e189c13383dc0a805a90c07de69c48ee6
be524e069364f1231ff9f6f8a5ca6ae8aa4353ba95fa7913c30c13ed008ab8fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE524E069364F1231FF9F6F8A5CA6AE8AA4353BA95FA7913C30C13ED008AB8FD"
Last-Modified: Sat, 26 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8941
Expires: Sun, 27 Nov 2022 02:18:37 GMT
Date: Sat, 26 Nov 2022 23:49:36 GMT
Connection: keep-alive
bedrapiona.com/5/5523417/?oo=1&js_build=iclick-v1.454.0
139.45.197.234200 OK 1.4 kB URL HTTP/2 bedrapiona.com/5/5523417/?oo=1&js_build=iclick-v1.454.0
IP 139.45.197.234:0
Hash 16de12e4d66641c3623ea13bd3e24422
00df7b14d6b6055d1cb90eea6f0067d777151d5c
67d5467cd3a7161bd67f7d78b8208abaf81bde7c90d528051e2e095fc3a4ebee
GET /5/5523417/?oo=1&js_build=iclick-v1.454.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://viralhotpot.com
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:49:35 GMT
content-type: application/json
x-trace-id: 16ecfe47199863ad0f819b3ec0ad48c4
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://viralhotpot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=03af3a5109a14b34aca0e640216c5bf9; expires=Sun, 26 Nov 2023 23:49:35 GMT; path=/; secure; SameSite=None
oaidts=1669506575; expires=Sun, 26 Nov 2023 23:49:35 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
pl17898348.highperformancecpmgate.com/ce/07/0c/ce070c1ead6f871eaf0ea593845c88e8.js
173.233.137.60200 OK 21 kB URL HTTP/1.1 pl17898348.highperformancecpmgate.com/ce/07/0c/ce070c1ead6f871eaf0ea593845c88e8.js
IP 173.233.137.60:0
File type HTML document, ASCII text, with very long lines (60161), with no line terminators
Hash 790e40b9f25da228a2aa9da3170f493c
c1ba699a8e162fd20317d1932bfbbb1c0b4b3759
0958e70a39469ffc47a901f565390f8bb03d02c033ffc2d60aed37d384a6e99e
Analyzer Verdict Alert quad9 Sinkholed
GET /ce/07/0c/ce070c1ead6f871eaf0ea593845c88e8.js HTTP/1.1
Host: pl17898348.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:49:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 54d42e65a357bf829443b232e4dafdf5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl17898413.highperformancecpmgate.com/38/8b/48/388b487c1aca6d87c337e1a6c470c4d0.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 pl17898413.highperformancecpmgate.com/38/8b/48/388b487c1aca6d87c337e1a6c470c4d0.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37131), with no line terminators
Hash 132e9f88b01971084ab5085fc14faa9b
a6b7193751b4c028a6af5dd6c96c4b1f79fcc912
b11468972fb2c888aaa148a2eb5620f7f1ed28a877eed29a7559fcfbf382a23f
Analyzer Verdict Alert quad9 Sinkholed
GET /38/8b/48/388b487c1aca6d87c337e1a6c470c4d0.js HTTP/1.1
Host: pl17898413.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 23:49:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8cf56c1a43805fd00b6d42578bc597a0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:49:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 065348277d274c008d503b66396d2b78
c76415f9b6f9ed51a72ba65dd2047b11b2beef02
1fbdffe6b1f3068474b6f5f43abcec37a611561c9b464590d8f3b9f88b834113
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1FBDFFE6B1F3068474B6F5F43ABCEC37A611561C9B464590D8F3B9F88B834113"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12267
Expires: Sun, 27 Nov 2022 03:14:03 GMT
Date: Sat, 26 Nov 2022 23:49:36 GMT
Connection: keep-alive
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
216.58.207.195200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP 216.58.207.195:0
Hash e30520421e45ccdd4c339c0bde819fee
866be66986349f5a37ff6edd2e1f3ccd30aa4d99
a66cc2e38c63e1da562cdcbfc36952dce293fd5d747420e1054ba9b4b614bdac
GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://viralhotpot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 23:13:50 GMT
expires: Wed, 22 Nov 2023 23:13:50 GMT
cache-control: public, max-age=31536000
age: 347746
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:49:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
onmarshtompor.com/?rb=XGB2nFLa2Fb2jM69ax7d8sUweOZbNutIv0O6UgFxDGDubljNWnvq6EhjMzDpJ1EdpmSyZkYHxP7NLQqQfrf64Y9QmC_CGz2coSB_rkTZrR4iAFRkE57ocxiI2yeiZ6qwUkThZMUU1C-80HJnQipMTRLwnQykdiYx_abcTjiR6kJRJJToix_iQTLWfir0CfJozUjH1WcufS7FICGVgx9MHlxrc066GS-F4eYMUiLfUutf3aSy&request_ab2=96002&zoneid=5523417&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=563b56d3-119a-4e15-a31a-85020969a918&userId=03af3a5109a14b34aca0e640216c5bf9&m=link
139.45.197.243200 OK 2.0 kB URL HTTP/2 onmarshtompor.com/?rb=XGB2nFLa2Fb2jM69ax7d8sUweOZbNutIv0O6UgFxDGDubljNWnvq6EhjMzDpJ1EdpmSyZkYHxP7NLQqQfrf64Y9QmC_CGz2coSB_rkTZrR4iAFRkE57ocxiI2yeiZ6qwUkThZMUU1C-80HJnQipMTRLwnQykdiYx_abcTjiR6kJRJJToix_iQTLWfir0CfJozUjH1WcufS7FICGVgx9MHlxrc066GS-F4eYMUiLfUutf3aSy&request_ab2=96002&zoneid=5523417&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=563b56d3-119a-4e15-a31a-85020969a918&userId=03af3a5109a14b34aca0e640216c5bf9&m=link
IP 139.45.197.243:0
Hash d977f16dd8ed36852bd1bf07e831a222
4dab7a1875fbbd52808d3b36ff8b462643787e29
b19dec9ff3451511ea4b4ec180d9405140b2dac5887b31fc55282c501a91acc9
GET /?rb=XGB2nFLa2Fb2jM69ax7d8sUweOZbNutIv0O6UgFxDGDubljNWnvq6EhjMzDpJ1EdpmSyZkYHxP7NLQqQfrf64Y9QmC_CGz2coSB_rkTZrR4iAFRkE57ocxiI2yeiZ6qwUkThZMUU1C-80HJnQipMTRLwnQykdiYx_abcTjiR6kJRJJToix_iQTLWfir0CfJozUjH1WcufS7FICGVgx9MHlxrc066GS-F4eYMUiLfUutf3aSy&request_ab2=96002&zoneid=5523417&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=563b56d3-119a-4e15-a31a-85020969a918&userId=03af3a5109a14b34aca0e640216c5bf9&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://viralhotpot.com/
Origin: https://viralhotpot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:49:36 GMT
content-type: application/json
x-trace-id: 30e4aea0abf4a5d8b832d237153876eb
access-control-allow-origin: https://viralhotpot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=03af3a5109a14b34aca0e640216c5bf9; expires=Sun, 26 Nov 2023 23:49:36 GMT; path=/; secure; SameSite=None
oaidts=1669506576; expires=Sun, 26 Nov 2023 23:49:36 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 03 Dec 2022 23:49:36 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4af47334194a0d10c2bfd52f16eb91ac
8ea04d240499dea43f26c738c8428df118dd622d
6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=137343
Date: Sat, 26 Nov 2022 23:49:36 GMT
Etag: "63821517-1d7"
Expires: Mon, 28 Nov 2022 13:58:39 GMT
Last-Modified: Sat, 26 Nov 2022 13:31:03 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: h2Hd0FFN015xXD-_UmpmvJCATsL5SjK7B8rDVseWXokUj7IJkBoujQ==
Age: 1656
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68e26aca84fce066d9055ce745e95e49
2c0fd2050be77f1e9989fb4b25867bb77378bf83
43199d7f0694b23d1ca4dc24337f61025b1ccdfbd5d360d0810cf4244091bdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43199D7F0694B23D1CA4DC24337F61025B1CCDFBD5D360D0810CF4244091BDB1"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9631
Expires: Sun, 27 Nov 2022 02:30:07 GMT
Date: Sat, 26 Nov 2022 23:49:36 GMT
Connection: keep-alive
simplewebanalysis.com/stats
18.185.190.54200 OK 32 kB URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
Hash 6183ef78d785b0299eb7928bd8c306ba
776df2bc63e5e7229a8e69d9fc9ee1ae67abe193
9fc1d953e1394c943f0c04ff034cf6238665640ba8744a7139ad991e9f112eba
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://viralhotpot.com
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:49:36 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://viralhotpot.com
access-control-allow-credentials: true
set-cookie: uid_id2=05492b24-2ee1-4be6-a315-11cd9e1a8694:1:1; expires=Tue, 23 Nov 2032 23:49:36 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.profitabledisplayformat.com/14d224ba8ea6c8847d03cae4f8714d3c/invoke.js
173.233.139.164200 OK 43 kB URL HTTP/1.1 www.profitabledisplayformat.com/14d224ba8ea6c8847d03cae4f8714d3c/invoke.js
IP 173.233.139.164:0
Hash 7fe4653b75d55bfb35c99712605143ba
315109678742659506bc108868c4fef3e666c51a
f5c713435325d6c6745def5c7f5a548327350e0386e5dca6304ff4a99ead55c9
Analyzer Verdict Alert quad9 Sinkholed
GET /14d224ba8ea6c8847d03cae4f8714d3c/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:49:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 76d2fb378e8d92d7b73220154a596004
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
majorityevaluatewiped.com/pixel/purst?dl=0&th=0&sc=0&rs=1564&rd=1564&fd=594&bv=22.10.v.9&tmpl=70
192.243.61.225200 OK 156 B URL HTTP/1.1 majorityevaluatewiped.com/pixel/purst?dl=0&th=0&sc=0&rs=1564&rd=1564&fd=594&bv=22.10.v.9&tmpl=70
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash c23d64faf8b50ba77c39ac7ec82baddf
fb7c8a6aa37fd914ee8ccbdca643dc3fd95f7386
e74f4a266fbafba088a069d1c8164c46755ad8f31c56489ad618c5528e1e1102
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1564&rd=1564&fd=594&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: majorityevaluatewiped.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 23:49:36 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
216.58.207.195200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 22376, version 1.0\012- data
Hash e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://viralhotpot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:41 GMT
expires: Thu, 23 Nov 2023 14:07:41 GMT
cache-control: public, max-age=31536000
age: 294115
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.profitabledisplayformat.com/14d224ba8ea6c8847d03cae4f8714d3c/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/14d224ba8ea6c8847d03cae4f8714d3c/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 2110d7153b493064cd1a9dfaef190af6
f947123d6536a9f49d4a00a34a8ef0eb4feff90f
e9fd21bec879b843e3c72324df2f02061f93eaf706947cfea215122edb367cf8
Analyzer Verdict Alert quad9 Sinkholed
GET /14d224ba8ea6c8847d03cae4f8714d3c/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:49:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 74a5d9ffcecabd4365ad6482f0ce9330
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9dd99424d7fdef2ba07ed2df5e93e5ba
8cbad8b675aa34acf63f8244d9a35c4fe7a6e960
fb2c1e21824f9e5486f33c27233d69216011008c7055f590f2a5c8dcea468d47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB2C1E21824F9E5486F33C27233D69216011008C7055F590F2A5C8DCEA468D47"
Last-Modified: Thu, 24 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7574
Expires: Sun, 27 Nov 2022 01:55:50 GMT
Date: Sat, 26 Nov 2022 23:49:36 GMT
Connection: keep-alive
www.profitabledisplayformat.com/bb0ebff905efcdef745d690a993c37eb/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/bb0ebff905efcdef745d690a993c37eb/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 064ecd0f8b09812054fb6e6468ae81d1
bef0947280a0f2fb278903e4a67da4aada434d63
e849984280e71fa15f25ef210551cdf0eae1a528aab4c0eb21429bbb90e61d7e
Analyzer Verdict Alert quad9 Sinkholed
GET /bb0ebff905efcdef745d690a993c37eb/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:49:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 72297ea48e99723f3e609f2f0a8c5c8d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8b0a6ea4a1b52f72d93c9e643b0dd179
02df9611887db2044802892f436f0448eb0e332c
ec8284c369490389342d5a3a33d3501262ecd1498d46153689de13e4356b799c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EC8284C369490389342D5A3A33D3501262ECD1498D46153689DE13E4356B799C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2818
Expires: Sun, 27 Nov 2022 00:36:35 GMT
Date: Sat, 26 Nov 2022 23:49:37 GMT
Connection: keep-alive
parkingridiculous.com/watch.314380652369.js?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 parkingridiculous.com/watch.314380652369.js?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.314380652369.js?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://viralhotpot.com
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:49:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://viralhotpot.com
Access-Control-Allow-Origin: https://viralhotpot.com
Access-Control-Allow-Credentials: true
Location: https://parkingridiculous.com/watch.314380652369.js?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1&shu=98255b48f48cfe714b60545ba259020f9112fd15d08b2b16a3bb653e865bde4676b929e9259c3ff6534f7d03cd7d5373293b2f460a9e596dfcb752777ee607feac2165d2b0229f272147b08d8044271b104c3265ba6340056dba427d9893c85f5e10&pst=1669506637&rmtc=t
Set-Cookie: u_pl=17797867; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5Nzg2NywiayI6IjE0ZDIyNGJhOGVhNmM4ODQ3ZDAzY2FlNGY4NzE0ZDNjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDIyMjU2LCJwaWQiOjI2ODIzMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNywicHQiOjQsInBrIjoiZnRyMDIxOWMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly92aXJhbGhvdHBvdC5jb20vbGF0ZXN0LWZ1bGwtdmlkZW9zLW9mLWljZS1zcGljZS1iaWtpbmktYm90dG9tLWxlYWstZWF0aW5nLW11bmNoLWxlYWtlZC11cGRhdGUvIn19.mYMwcF0HOseYlzWUtOAeJKOyd-7H8AdwsSkvrSpbLA4; expires=Sat, 26 Nov 2022 23:50:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1d536fe2d619de1e1c07868323dc3ae9
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8b0a6ea4a1b52f72d93c9e643b0dd179
02df9611887db2044802892f436f0448eb0e332c
ec8284c369490389342d5a3a33d3501262ecd1498d46153689de13e4356b799c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EC8284C369490389342D5A3A33D3501262ECD1498D46153689DE13E4356B799C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2818
Expires: Sun, 27 Nov 2022 00:36:35 GMT
Date: Sat, 26 Nov 2022 23:49:37 GMT
Connection: keep-alive
parkingridiculous.com/watch.314380652369.js?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1&shu=98255b48f48cfe714b60545ba259020f9112fd15d08b2b16a3bb653e865bde4676b929e9259c3ff6534f7d03cd7d5373293b2f460a9e596dfcb752777ee607feac2165d2b0229f272147b08d8044271b104c3265ba6340056dba427d9893c85f5e10&pst=1669506637&rmtc=t
173.233.137.36200 OK 2.5 kB URL HTTP/1.1 parkingridiculous.com/watch.314380652369.js?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1&shu=98255b48f48cfe714b60545ba259020f9112fd15d08b2b16a3bb653e865bde4676b929e9259c3ff6534f7d03cd7d5373293b2f460a9e596dfcb752777ee607feac2165d2b0229f272147b08d8044271b104c3265ba6340056dba427d9893c85f5e10&pst=1669506637&rmtc=t
IP 173.233.137.36:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (3152)
Hash 6a33c9f982e304497261daaabebba0de
e5d7bf1dfaa82c70782edeb2f71f555150824708
b9e29c1bd108ec8ddeca42ebe95495572f9eae754f4d17d4cc67a3c4adbff5bf
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.314380652369.js?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1&shu=98255b48f48cfe714b60545ba259020f9112fd15d08b2b16a3bb653e865bde4676b929e9259c3ff6534f7d03cd7d5373293b2f460a9e596dfcb752777ee607feac2165d2b0229f272147b08d8044271b104c3265ba6340056dba427d9893c85f5e10&pst=1669506637&rmtc=t HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://viralhotpot.com
Referer: https://viralhotpot.com/
Connection: keep-alive
Cookie: u_pl=17797867; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5Nzg2NywiayI6IjE0ZDIyNGJhOGVhNmM4ODQ3ZDAzY2FlNGY4NzE0ZDNjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDIyMjU2LCJwaWQiOjI2ODIzMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNywicHQiOjQsInBrIjoiZnRyMDIxOWMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly92aXJhbGhvdHBvdC5jb20vbGF0ZXN0LWZ1bGwtdmlkZW9zLW9mLWljZS1zcGljZS1iaWtpbmktYm90dG9tLWxlYWstZWF0aW5nLW11bmNoLWxlYWtlZC11cGRhdGUvIn19.mYMwcF0HOseYlzWUtOAeJKOyd-7H8AdwsSkvrSpbLA4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:49:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://viralhotpot.com
Access-Control-Allow-Origin: https://viralhotpot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=05492b24-2ee1-4be6-a315-11cd9e1a8694:1:1; expires=Sat, 03 Dec 2022 23:49:37 GMT; secure; SameSite=None
iprc0e8dec804cbb27ec086146c41eac3c12=3569683; expires=Sun, 27 Nov 2022 03:49:37 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
uncs27=1; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a5f40e2cd49f32fbfa0b5150168a7428
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c2c3b6f01bcf5f0b23525c971d471b78
645ea202a65555a197d287d6b01e492a8dfc4b0a
af1876e84a84e68805ab80adff1a3aff55be92c87af888dda8cb83b85fbb773d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF1876E84A84E68805AB80ADFF1A3AFF55BE92C87AF888DDA8CB83B85FBB773D"
Last-Modified: Thu, 24 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4181
Expires: Sun, 27 Nov 2022 00:59:18 GMT
Date: Sat, 26 Nov 2022 23:49:37 GMT
Connection: keep-alive
parkingridiculous.com/watch.1522146441444.js?key=bb0ebff905efcdef745d690a993c37eb&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 parkingridiculous.com/watch.1522146441444.js?key=bb0ebff905efcdef745d690a993c37eb&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1522146441444.js?key=bb0ebff905efcdef745d690a993c37eb&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://viralhotpot.com
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:49:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://viralhotpot.com
Access-Control-Allow-Origin: https://viralhotpot.com
Access-Control-Allow-Credentials: true
Location: https://parkingridiculous.com/watch.1522146441444.js?key=bb0ebff905efcdef745d690a993c37eb&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1&shu=3b5e5a17e5abb6d311092bdd1f5a29c90ae1b2ee7510b9f570bf9e2ee3f808ac545da697f715cf3dfda6a9f1111adf81236658ba8d1aa51302997ca0bc390a05807ed46ca2230d67f4c7d4314ce6986fd39ac4ef9281280673c9239fadb91f68&pst=1669506637&rmtc=t
Set-Cookie: u_pl=17797892; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5Nzg5MiwiayI6ImJiMGViZmY5MDVlZmNkZWY3NDVkNjkwYTk5M2MzN2ViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDIyMjU2LCJwaWQiOjI2ODIzMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNiwicHQiOjQsInBrIjoidHJnOWdld3J2IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdmlyYWxob3Rwb3QuY29tL2xhdGVzdC1mdWxsLXZpZGVvcy1vZi1pY2Utc3BpY2UtYmlraW5pLWJvdHRvbS1sZWFrLWVhdGluZy1tdW5jaC1sZWFrZWQtdXBkYXRlLyJ9fQ.jzB05wokE2-E66IbLVrFuTwul1CrAcKO3H_2k-frP50; expires=Sat, 26 Nov 2022 23:50:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ee75bb5d92167b7c07b5b5816bce5969
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d544e647515cb189a384f9c20ec9bd24
b7b52713f8f4c02a47192ef56456e16d0ca408a9
375fc9ebeb579498db5f3df773f4a94debbab4b0f809abc2fa414e9c2bea052c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "375FC9EBEB579498DB5F3DF773F4A94DEBBAB4B0F809ABC2FA414E9C2BEA052C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10131
Expires: Sun, 27 Nov 2022 02:38:28 GMT
Date: Sat, 26 Nov 2022 23:49:37 GMT
Connection: keep-alive
parkingridiculous.com/watch.1522146441444.js?key=bb0ebff905efcdef745d690a993c37eb&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1&shu=3b5e5a17e5abb6d311092bdd1f5a29c90ae1b2ee7510b9f570bf9e2ee3f808ac545da697f715cf3dfda6a9f1111adf81236658ba8d1aa51302997ca0bc390a05807ed46ca2230d67f4c7d4314ce6986fd39ac4ef9281280673c9239fadb91f68&pst=1669506637&rmtc=t
173.233.137.36200 OK 638 B URL HTTP/1.1 parkingridiculous.com/watch.1522146441444.js?key=bb0ebff905efcdef745d690a993c37eb&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1&shu=3b5e5a17e5abb6d311092bdd1f5a29c90ae1b2ee7510b9f570bf9e2ee3f808ac545da697f715cf3dfda6a9f1111adf81236658ba8d1aa51302997ca0bc390a05807ed46ca2230d67f4c7d4314ce6986fd39ac4ef9281280673c9239fadb91f68&pst=1669506637&rmtc=t
IP 173.233.137.36:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash b8a25eff2e0a11ad6f91fa8febe57402
77371b100d4f85075f68410f58d05c6f11e7a2c7
1f99392a2e05bda3ec1987a7e05b318fd08463eb3e81a570b96612aac59bacb3
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1522146441444.js?key=bb0ebff905efcdef745d690a993c37eb&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1&shu=3b5e5a17e5abb6d311092bdd1f5a29c90ae1b2ee7510b9f570bf9e2ee3f808ac545da697f715cf3dfda6a9f1111adf81236658ba8d1aa51302997ca0bc390a05807ed46ca2230d67f4c7d4314ce6986fd39ac4ef9281280673c9239fadb91f68&pst=1669506637&rmtc=t HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://viralhotpot.com
Referer: https://viralhotpot.com/
Connection: keep-alive
Cookie: u_pl=17797892; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5Nzg5MiwiayI6ImJiMGViZmY5MDVlZmNkZWY3NDVkNjkwYTk5M2MzN2ViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDIyMjU2LCJwaWQiOjI2ODIzMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNiwicHQiOjQsInBrIjoidHJnOWdld3J2IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdmlyYWxob3Rwb3QuY29tL2xhdGVzdC1mdWxsLXZpZGVvcy1vZi1pY2Utc3BpY2UtYmlraW5pLWJvdHRvbS1sZWFrLWVhdGluZy1tdW5jaC1sZWFrZWQtdXBkYXRlLyJ9fQ.jzB05wokE2-E66IbLVrFuTwul1CrAcKO3H_2k-frP50; uid_id2=05492b24-2ee1-4be6-a315-11cd9e1a8694:1:1; iprc0e8dec804cbb27ec086146c41eac3c12=3569683; pdhtkv=true; uncs=1; pdhtkv27=true; uncs27=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:49:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://viralhotpot.com
Access-Control-Allow-Origin: https://viralhotpot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=05492b24-2ee1-4be6-a315-11cd9e1a8694:1:1; expires=Sat, 03 Dec 2022 23:49:37 GMT; secure; SameSite=None
iprc915b0beccb5278f504fec78dea1c88e1=2004366; expires=Mon, 28 Nov 2022 01:49:37 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
pdhtkv26=true; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
uncs26=1; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 07a9a579c89f15137f8c19ef3b9c6d65
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
reproductiontape.com/watch.154076682717.js?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1
173.233.137.52307 Temporary Redirect 0 B URL HTTP/1.1 reproductiontape.com/watch.154076682717.js?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.154076682717.js?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://viralhotpot.com
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:49:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://viralhotpot.com
Access-Control-Allow-Origin: https://viralhotpot.com
Access-Control-Allow-Credentials: true
Location: https://reproductiontape.com/watch.154076682717.js?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1&shu=2ce5c22db60baeac02fd2b01708616fd6fcae47b7239d85dff45843937891167e6433abc0212d5ac35cebd43f493586f60869a0cfcfc501f9fe9feae3bb7d84f60f1ee21e7434b88dd837af07284c9762091f7d06beb0bb8cd66dfebf4a8&pst=1669506637&rmtc=t
Set-Cookie: u_pl=17797867; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5Nzg2NywiayI6IjE0ZDIyNGJhOGVhNmM4ODQ3ZDAzY2FlNGY4NzE0ZDNjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDIyMjU2LCJwaWQiOjI2ODIzMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNywicHQiOjQsInBrIjoiZnRyMDIxOWMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly92aXJhbGhvdHBvdC5jb20vbGF0ZXN0LWZ1bGwtdmlkZW9zLW9mLWljZS1zcGljZS1iaWtpbmktYm90dG9tLWxlYWstZWF0aW5nLW11bmNoLWxlYWtlZC11cGRhdGUvIn19.mYMwcF0HOseYlzWUtOAeJKOyd-7H8AdwsSkvrSpbLA4; expires=Sat, 26 Nov 2022 23:50:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2416636b99d4460bc80137d2780a802c
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a1282da333101ca2229d6bbe482ca939
80a54289cbf8023dc45058af9391c52b956a4b8a
8e30655f84c3dedd33c4a3b98fc024c4e4905f6a51d8ae3317cba80aca268693
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E30655F84C3DEDD33C4A3B98FC024C4E4905F6A51D8AE3317CBA80ACA268693"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7172
Expires: Sun, 27 Nov 2022 01:49:09 GMT
Date: Sat, 26 Nov 2022 23:49:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10857
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 23:49:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10857
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 23:49:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10857
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 23:49:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10857
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 23:49:37 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/a7/81/a3/a781a3f5b0f5e23bdd2dd0518e7f7682/1658915583.png
45.133.44.9200 OK 59 kB URL HTTP/2 cdn.cloudimagesb.com/cti/a7/81/a3/a781a3f5b0f5e23bdd2dd0518e7f7682/1658915583.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash a8d87e991a22e21fd415f8484a2c798d
512ec0da7b33b71c73453271860fae0a0e23c627
a26bd031fca0ac99e2ee032b81812e714bb94834b7ca304fbdf2aafd5c192045
GET /cti/a7/81/a3/a781a3f5b0f5e23bdd2dd0518e7f7682/1658915583.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:49:37 GMT
content-type: image/png
content-length: 59343
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 09:53:11 GMT
etag: "62e10b07-e7cf"
expires: Mon, 28 Nov 2022 23:49:37 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f80a9a9b55da31c98663e157dde74a19
26b8dd82140c0db021048e11bff65a391dc6b444
680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6859
x-amzn-requestid: 4a1b13ad-9455-401d-a914-c1ada2191977
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYTHRroAMFR8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-4e5d630b23cdeb2e4b6d75d1;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qk03VFAQ1od0YzamiePUE8VQp9kBv_fy5gDUrVSlLGLSdn5v4JQbvw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 14:28:34 GMT
age: 33663
etag: "26b8dd82140c0db021048e11bff65a391dc6b444"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
age: 7643
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7f16c0f8a8e710210ce77c0e4c1c2a2
590c34be54c9889eec4ff7993e070fda836f711f
4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JmJEzqrxMdQtAWft6FHjIqo-WhpiUDfaLpRUe59RcOwReYf1sL-xRg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 04:48:54 GMT
age: 68443
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc51742200b699c93a6ede66c7997d2a
1021cf938f62cf18466e2ff4d55ce8c52c0f9cf6
a7cc50883ac1a59fc14f0467551dec16cef3b033df599b23916427c5e42be1aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8145
x-amzn-requestid: 8aaa302d-30b2-4fb0-aafe-e63f3d9bf680
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCSogEkHIAMFtxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d97cf-660d88387db5e9a145718d46;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:47:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5XZhJ2zj6Ca5gubdHU0DyM-doTvt2pU38IBKx_vLKtDdN2G8VUW-fg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 19:43:10 GMT
age: 14787
etag: "1021cf938f62cf18466e2ff4d55ce8c52c0f9cf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
age: 7643
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y0ofyT6UcPjB8mfRR1VMjHSTW64Qb_EQ0rrjsOdbby1CG-xMIFJMPw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:49:19 GMT
age: 7218
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d734a7a2d2656fcb2c7964591a0fe9c8
3190ed3610ec19f25864a2b0ff3e1798d142be37
f08f6d4462a469f4089a112dc35953447c09125b9f56cfad7ea6a95a80e49565
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F08F6D4462A469F4089A112DC35953447C09125B9F56CFAD7EA6A95A80E49565"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3184
Expires: Sun, 27 Nov 2022 00:42:41 GMT
Date: Sat, 26 Nov 2022 23:49:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1f6b302933d460ab447356556838501c
00d2123ec7f0ef5bf0d648bf4d15e69cd9902f4e
8240f397607869e239c216ca93f78f84e25299c0ad4e7483b2bd53f7861142f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8240F397607869E239C216CA93F78F84E25299C0AD4E7483B2BD53F7861142F0"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4567
Expires: Sun, 27 Nov 2022 01:05:44 GMT
Date: Sat, 26 Nov 2022 23:49:37 GMT
Connection: keep-alive
reproductiontape.com/watch.154076682717?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1
173.233.137.52200 OK 1.3 kB URL HTTP/1.1 reproductiontape.com/watch.154076682717?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (753)
Hash 600d3c122e46ff29c665f3c328c7f3d7
b9623b09ff5e70c6c5433b004537cd922e338d6b
1ca3b65a6b02f942e2777337f57829135ee68694c6c7556c4fb516fb3733a95d
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.154076682717?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://viralhotpot.com/
Cookie: u_pl=17797867; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5Nzg2NywiayI6IjE0ZDIyNGJhOGVhNmM4ODQ3ZDAzY2FlNGY4NzE0ZDNjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDIyMjU2LCJwaWQiOjI2ODIzMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNywicHQiOjQsInBrIjoiZnRyMDIxOWMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly92aXJhbGhvdHBvdC5jb20vbGF0ZXN0LWZ1bGwtdmlkZW9zLW9mLWljZS1zcGljZS1iaWtpbmktYm90dG9tLWxlYWstZWF0aW5nLW11bmNoLWxlYWtlZC11cGRhdGUvIn19.mYMwcF0HOseYlzWUtOAeJKOyd-7H8AdwsSkvrSpbLA4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:49:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5Nzg2NywiayI6IjE0ZDIyNGJhOGVhNmM4ODQ3ZDAzY2FlNGY4NzE0ZDNjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDIyMjU2LCJwaWQiOjI2ODIzMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNywicHQiOjQsInBrIjoiZnRyMDIxOWMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vdmlyYWxob3Rwb3QuY29tL2xhdGVzdC1mdWxsLXZpZGVvcy1vZi1pY2Utc3BpY2UtYmlraW5pLWJvdHRvbS1sZWFrLWVhdGluZy1tdW5jaC1sZWFrZWQtdXBkYXRlLyJ9fQ.8bs0XvSkFeHCXeXMWBv82U2j5S2Ho492nbB_ZbsL-FQ; expires=Sat, 26 Nov 2022 23:50:37 GMT; secure; SameSite=None
uid_id2=05492b24-2ee1-4be6-a315-11cd9e1a8694:1:1; expires=Sat, 03 Dec 2022 23:49:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 096d4fd345ee44976f67cb5daf68c051
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
reproductiontape.com/watch.154076682717?shu=ea8ff7164f7890b6917e411a5e7d7cb202356b422a179f86b74d58ecb5f6631fd9206f442aa554c8937aa03e3bce30ea383d60838afe08968c9a711eea8611236652e45f64f7685b26cb6a514470dccfc781d978ec5806e7c81fc82098fa2d717f76f2&pst=1669506637&rmtc=t&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1&pii=&in=false&key=14d224ba8ea6c8847d03cae4f8714d3c&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D
173.233.137.52200 OK 1.8 kB URL HTTP/1.1 reproductiontape.com/watch.154076682717?shu=ea8ff7164f7890b6917e411a5e7d7cb202356b422a179f86b74d58ecb5f6631fd9206f442aa554c8937aa03e3bce30ea383d60838afe08968c9a711eea8611236652e45f64f7685b26cb6a514470dccfc781d978ec5806e7c81fc82098fa2d717f76f2&pst=1669506637&rmtc=t&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1&pii=&in=false&key=14d224ba8ea6c8847d03cae4f8714d3c&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2524)
Hash 605c7779d6249456b1a8ff085c8d8896
ab3fc9c20c4bd8fe778b4c1187278731c83ce218
976238e2ad8bde8bbc6d7e5706b2abccd8bbc9b535869573e8f17d571bdbd7f7
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.154076682717?shu=ea8ff7164f7890b6917e411a5e7d7cb202356b422a179f86b74d58ecb5f6631fd9206f442aa554c8937aa03e3bce30ea383d60838afe08968c9a711eea8611236652e45f64f7685b26cb6a514470dccfc781d978ec5806e7c81fc82098fa2d717f76f2&pst=1669506637&rmtc=t&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1&pii=&in=false&key=14d224ba8ea6c8847d03cae4f8714d3c&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiontape.com/watch.154076682717?key=14d224ba8ea6c8847d03cae4f8714d3c&kw=%5B%22latest%22%2C%22full%22%2C%22videos%22%2C%22of%22%2C%22ice%22%2C%22spice%22%2C%22%E2%80%93%22%2C%22bikini%22%2C%22bottom%22%2C%22leak%22%2C%22eating%22%2C%22munch%22%2C%22leaked%22%2C%22update%22%2C%22%E2%80%93%22%2C%22viral%22%2C%22news%22%5D&refer=https%3A%2F%2Fviralhotpot.com%2Flatest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update%2F&tz=0&dev=e&res=12.1055&uuid=05492b24-2ee1-4be6-a315-11cd9e1a8694%3A1%3A1
Cookie: u_pl=17797867; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5Nzg2NywiayI6IjE0ZDIyNGJhOGVhNmM4ODQ3ZDAzY2FlNGY4NzE0ZDNjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDIyMjU2LCJwaWQiOjI2ODIzMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNywicHQiOjQsInBrIjoiZnRyMDIxOWMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vdmlyYWxob3Rwb3QuY29tL2xhdGVzdC1mdWxsLXZpZGVvcy1vZi1pY2Utc3BpY2UtYmlraW5pLWJvdHRvbS1sZWFrLWVhdGluZy1tdW5jaC1sZWFrZWQtdXBkYXRlLyJ9fQ.8bs0XvSkFeHCXeXMWBv82U2j5S2Ho492nbB_ZbsL-FQ; uid_id2=05492b24-2ee1-4be6-a315-11cd9e1a8694:1:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:49:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://viralhotpot.com/latest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update/
Access-Control-Allow-Origin: https://viralhotpot.com/latest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=05492b24-2ee1-4be6-a315-11cd9e1a8694:1:1; expires=Sat, 03 Dec 2022 23:49:37 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
uncs27=1; expires=Sun, 27 Nov 2022 23:49:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 36bc7e8f0ce96aeb1244c9d8874e0c5d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/a2/45/f9/a245f93595806c3ef59ae593de33443b/1654692027.jpg
45.133.44.9200 OK 14 kB URL HTTP/2 cdn.cloudimagesb.com/bi/a2/45/f9/a245f93595806c3ef59ae593de33443b/1654692027.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 468x60, components 3\012- data
Hash 0d2baeb4a0caee6b1a835f87a81c62ab
57d1f6d9fc98e9e027d7ceafb9609ce0e1ef1293
200e84aa08fe295d5db2c8050ca81392f33ca5ff527099a9858f146d23deb3af
GET /bi/a2/45/f9/a245f93595806c3ef59ae593de33443b/1654692027.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiontape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:49:38 GMT
content-type: image/jpeg
content-length: 14373
server: nginx/1.17.6
last-modified: Wed, 08 Jun 2022 12:40:35 GMT
etag: "62a098c3-3825"
expires: Mon, 28 Nov 2022 23:49:38 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
veilsuccessfully.com/pixel/sbe?t=1&error=timeout
173.233.137.36200 OK 0 B URL HTTP/1.1 veilsuccessfully.com/pixel/sbe?t=1&error=timeout
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:49:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.spikereekvelocity.com/pph1aeej?key=7a7c3779889805e2058addecb7e13424&psid=17797892
192.243.59.13200 OK 1.2 kB URL HTTP/1.1 www.spikereekvelocity.com/pph1aeej?key=7a7c3779889805e2058addecb7e13424&psid=17797892
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8aeb41e699250226ddbee3f404e23a61
8bebd1a55f8ecde2375c33fb3249ea5b70d63c1f
c7908557ce806187ba4bb7e3e25a2f2ee93e9a85988824e0107b24cd8b4498f3
Analyzer Verdict Alert quad9 Sinkholed
GET /pph1aeej?key=7a7c3779889805e2058addecb7e13424&psid=17797892 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://viralhotpot.com/
Cookie: u_pl=16122660; iprc7eded274d4cb2c988403757b9f27f619=3806410; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 23:49:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660,15077602; expires=Sun, 27 Nov 2022 23:49:38 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTA3NzYwMiwiayI6IjdhN2MzNzc5ODg5ODA1ZTIwNThhZGRlY2I3ZTEzNDI0Iiwic2lkIjoiMTc3OTc4OTIiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyOCwicHQiOjQsInBrIjoicHBoMWFlZWoiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdmlyYWxob3Rwb3QuY29tLyJ9fQ.6p8qGNJnJgz8P6FznbU0u5uDHvQF6K6TRx6iCKzOLWY; expires=Sat, 26 Nov 2022 23:50:38 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 631d30cfdbeb0dea1bbe9b567b06a2c1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/pph1aeej?shu=585c1a2f703581226d6b4dc01b327abaad677272be2b0285f810c4eee71aaeb67b07ee19e7d6aaaedcf92abe9e3b1c81f655a3bbece507b69009a0f0269eb2b17342e78f3012d951f1dc01cc8b528e235570b1e6&pst=1669506638&rmtc=t&uuid=&pii=&in=false&key=7a7c3779889805e2058addecb7e13424&refer=https%3A%2F%2Fviralhotpot.com%2F&psid=17797892
192.243.59.13302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/pph1aeej?shu=585c1a2f703581226d6b4dc01b327abaad677272be2b0285f810c4eee71aaeb67b07ee19e7d6aaaedcf92abe9e3b1c81f655a3bbece507b69009a0f0269eb2b17342e78f3012d951f1dc01cc8b528e235570b1e6&pst=1669506638&rmtc=t&uuid=&pii=&in=false&key=7a7c3779889805e2058addecb7e13424&refer=https%3A%2F%2Fviralhotpot.com%2F&psid=17797892
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pph1aeej?shu=585c1a2f703581226d6b4dc01b327abaad677272be2b0285f810c4eee71aaeb67b07ee19e7d6aaaedcf92abe9e3b1c81f655a3bbece507b69009a0f0269eb2b17342e78f3012d951f1dc01cc8b528e235570b1e6&pst=1669506638&rmtc=t&uuid=&pii=&in=false&key=7a7c3779889805e2058addecb7e13424&refer=https%3A%2F%2Fviralhotpot.com%2F&psid=17797892 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/pph1aeej?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=15077602
Cookie: u_pl=16122660,15077602; iprc7eded274d4cb2c988403757b9f27f619=3806410; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTA3NzYwMiwiayI6IjdhN2MzNzc5ODg5ODA1ZTIwNThhZGRlY2I3ZTEzNDI0Iiwic2lkIjoiMTc3OTc4OTIiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyOCwicHQiOjQsInBrIjoicHBoMWFlZWoiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdmlyYWxob3Rwb3QuY29tLyJ9fQ.6p8qGNJnJgz8P6FznbU0u5uDHvQF6K6TRx6iCKzOLWY; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 23:49:38 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://xu2.com/script/s2iurl.php?stamat=m%7C%2C%2CgjKyIjeToGU3Bk-GH0dEdHP3xP.4ec%2CvDYyn3aEF5PmCQDnkJJ9ZmJVQ_sqCTDwui4rdn-8sJzgr9KPGHmAvRfTiy43ZcBGeh8ood8VCsT5nzeoAHsATgxmElzXO0oXGCA64ogYnSpcyZpm7CcwHr7gpueNe6s8gmC0QhSZAJ4LF7odurY1aC8vud7tI_n9IB6XkawTJKvZYiiikz2O74jui9uRTvgbc0yFBi-3SkO98sB2CIG4dmN3mnMns02LcIrrRdcO1D0CEiERHh-kxpM1MAx2RYyUPr3N8xQfagJEYG0zLe85uB4SnqjWmj31sxIRz0xdNjs_H6O5kF5-j9RTEPAmTozeCx-raW8zZbBrHhlLhLB7CIivEQXDR8czRbdpg3Hg6CSADwyO_kAKjCIaZ_J-9_lfY8OlNQ-5Ronw5euf4ig69I1Ln9-ddZewhU50LMNU7x-pXcc7B24de_IUofye5dLHz6XG0v5O3sDFzI0Vg6Bx0Q5n02SYDx5UCYxJnYcCGxC4cU-i2Xc7J2hmbe076RG1MRZpTbJR78ew8Vg-e_SyBUctILoaso4iwkHGMr6JM6E%2C&csid=1506743&s1=15077602&md=0&crid=23526918
Set-Cookie: uncs=2; expires=Sun, 27 Nov 2022 23:49:38 GMT
uncs28=2; expires=Sun, 27 Nov 2022 23:49:38 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4dc0e9219c04123ac1e824f8a5bf23d2
Strict-Transport-Security: max-age=0; includeSubdomains
xu2.com/script/s2iurl.php?stamat=m%7C%2C%2CgjKyIjeToGU3Bk-GH0dEdHP3xP.4ec%2CvDYyn3aEF5PmCQDnkJJ9ZmJVQ_sqCTDwui4rdn-8sJzgr9KPGHmAvRfTiy43ZcBGeh8ood8VCsT5nzeoAHsATgxmElzXO0oXGCA64ogYnSpcyZpm7CcwHr7gpueNe6s8gmC0QhSZAJ4LF7odurY1aC8vud7tI_n9IB6XkawTJKvZYiiikz2O74jui9uRTvgbc0yFBi-3SkO98sB2CIG4dmN3mnMns02LcIrrRdcO1D0CEiERHh-kxpM1MAx2RYyUPr3N8xQfagJEYG0zLe85uB4SnqjWmj31sxIRz0xdNjs_H6O5kF5-j9RTEPAmTozeCx-raW8zZbBrHhlLhLB7CIivEQXDR8czRbdpg3Hg6CSADwyO_kAKjCIaZ_J-9_lfY8OlNQ-5Ronw5euf4ig69I1Ln9-ddZewhU50LMNU7x-pXcc7B24de_IUofye5dLHz6XG0v5O3sDFzI0Vg6Bx0Q5n02SYDx5UCYxJnYcCGxC4cU-i2Xc7J2hmbe076RG1MRZpTbJR78ew8Vg-e_SyBUctILoaso4iwkHGMr6JM6E%2C&csid=1506743&s1=15077602&md=0&crid=23526918
104.21.44.154200 OK 1.9 kB URL HTTP/1.1 xu2.com/script/s2iurl.php?stamat=m%7C%2C%2CgjKyIjeToGU3Bk-GH0dEdHP3xP.4ec%2CvDYyn3aEF5PmCQDnkJJ9ZmJVQ_sqCTDwui4rdn-8sJzgr9KPGHmAvRfTiy43ZcBGeh8ood8VCsT5nzeoAHsATgxmElzXO0oXGCA64ogYnSpcyZpm7CcwHr7gpueNe6s8gmC0QhSZAJ4LF7odurY1aC8vud7tI_n9IB6XkawTJKvZYiiikz2O74jui9uRTvgbc0yFBi-3SkO98sB2CIG4dmN3mnMns02LcIrrRdcO1D0CEiERHh-kxpM1MAx2RYyUPr3N8xQfagJEYG0zLe85uB4SnqjWmj31sxIRz0xdNjs_H6O5kF5-j9RTEPAmTozeCx-raW8zZbBrHhlLhLB7CIivEQXDR8czRbdpg3Hg6CSADwyO_kAKjCIaZ_J-9_lfY8OlNQ-5Ronw5euf4ig69I1Ln9-ddZewhU50LMNU7x-pXcc7B24de_IUofye5dLHz6XG0v5O3sDFzI0Vg6Bx0Q5n02SYDx5UCYxJnYcCGxC4cU-i2Xc7J2hmbe076RG1MRZpTbJR78ew8Vg-e_SyBUctILoaso4iwkHGMr6JM6E%2C&csid=1506743&s1=15077602&md=0&crid=23526918
IP 104.21.44.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (749)
Hash c78f57ac20ec2c29c88a0394c631e42c
43e16fce662e161423ae9c077a9bf8923213bd78
0015fb7021007252bd12da547d6603a2155952fc5d3f3b207c330b1e298699da
GET /script/s2iurl.php?stamat=m%7C%2C%2CgjKyIjeToGU3Bk-GH0dEdHP3xP.4ec%2CvDYyn3aEF5PmCQDnkJJ9ZmJVQ_sqCTDwui4rdn-8sJzgr9KPGHmAvRfTiy43ZcBGeh8ood8VCsT5nzeoAHsATgxmElzXO0oXGCA64ogYnSpcyZpm7CcwHr7gpueNe6s8gmC0QhSZAJ4LF7odurY1aC8vud7tI_n9IB6XkawTJKvZYiiikz2O74jui9uRTvgbc0yFBi-3SkO98sB2CIG4dmN3mnMns02LcIrrRdcO1D0CEiERHh-kxpM1MAx2RYyUPr3N8xQfagJEYG0zLe85uB4SnqjWmj31sxIRz0xdNjs_H6O5kF5-j9RTEPAmTozeCx-raW8zZbBrHhlLhLB7CIivEQXDR8czRbdpg3Hg6CSADwyO_kAKjCIaZ_J-9_lfY8OlNQ-5Ronw5euf4ig69I1Ln9-ddZewhU50LMNU7x-pXcc7B24de_IUofye5dLHz6XG0v5O3sDFzI0Vg6Bx0Q5n02SYDx5UCYxJnYcCGxC4cU-i2Xc7J2hmbe076RG1MRZpTbJR78ew8Vg-e_SyBUctILoaso4iwkHGMr6JM6E%2C&csid=1506743&s1=15077602&md=0&crid=23526918 HTTP/1.1
Host: xu2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 23:49:38 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Via: 1.1 google
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4MsrtQjCgkK57f50afTilM4eEykdMJv5rI39VuRRBFKiW4XaUMXDLJI78viaI3M7VkgPt5iyfN6nKPLooioDRuCfuwyM2S2Bp5pcv4c0d7arGFW6RAt60lq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770685936c47b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
xu2.com/favicon.ico
104.21.44.154200 OK 0 B IP 104.21.44.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: xu2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 23:49:38 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 10 Dec 2020 09:27:58 GMT
ETag: "5fd1ea1e-0"
Via: 1.1 google
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4724
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Bv1XqczYoJp3AT1cY%2FrvZZ3u2AWMaR4qCHLpW4WfbhlvnYJVRGRpB6DAW3Hi8r3iLw%2Bb6eBy5Tk%2BIfx3Z%2BKtFNWjQ1NN3lHksTRotyUAMwu3DkygnLjFRcT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770685953cc0b511-OSL
alt-svc: h2=":443"; ma=60
xu2.com/script/s2iurl.php?stamat=m%7C%2C%2CgjKyIjeToGU3Bk-GH0dEdHP3xP.4ec%2CvDYyn3aEF5PmCQDnkJJ9ZmJVQ_sqCTDwui4rdn-8sJzgr9KPGHmAvRfTiy43ZcBGeh8ood8VCsT5nzeoAHsATgxmElzXO0oXGCA64ogYnSpcyZpm7CcwHr7gpueNe6s8gmC0QhSZAJ4LF7odurY1aC8vud7tI_n9IB6XkawTJKvZYiiikz2O74jui9uRTvgbc0yFBi-3SkO98sB2CIG4dmN3mnMns02LcIrrRdcO1D0CEiERHh-kxpM1MAx2RYyUPr3N8xQfagJEYG0zLe85uB4SnqjWmj31sxIRz0xdNjs_H6O5kF5-j9RTEPAmTozeCx-raW8zZbBrHhlLhLB7CIivEQXDR8czRbdpg3Hg6CSADwyO_kAKjCIaZ_J-9_lfY8OlNQ-5Ronw5euf4ig69I1Ln9-ddZewhU50LMNU7x-pXcc7B24de_IUofye5dLHz6XG0v5O3sDFzI0Vg6Bx0Q5n02SYDx5UCYxJnYcCGxC4cU-i2Xc7J2hmbe076RG1MRZpTbJR78ew8Vg-e_SyBUctILoaso4iwkHGMr6JM6E%2C&csid=1506743&s1=15077602&md=0&crid=23526918&treqn=42346345&rpn=1&cbrandom=0.02920150126459642&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
104.21.44.154302 Found 1 B URL HTTP/1.1 xu2.com/script/s2iurl.php?stamat=m%7C%2C%2CgjKyIjeToGU3Bk-GH0dEdHP3xP.4ec%2CvDYyn3aEF5PmCQDnkJJ9ZmJVQ_sqCTDwui4rdn-8sJzgr9KPGHmAvRfTiy43ZcBGeh8ood8VCsT5nzeoAHsATgxmElzXO0oXGCA64ogYnSpcyZpm7CcwHr7gpueNe6s8gmC0QhSZAJ4LF7odurY1aC8vud7tI_n9IB6XkawTJKvZYiiikz2O74jui9uRTvgbc0yFBi-3SkO98sB2CIG4dmN3mnMns02LcIrrRdcO1D0CEiERHh-kxpM1MAx2RYyUPr3N8xQfagJEYG0zLe85uB4SnqjWmj31sxIRz0xdNjs_H6O5kF5-j9RTEPAmTozeCx-raW8zZbBrHhlLhLB7CIivEQXDR8czRbdpg3Hg6CSADwyO_kAKjCIaZ_J-9_lfY8OlNQ-5Ronw5euf4ig69I1Ln9-ddZewhU50LMNU7x-pXcc7B24de_IUofye5dLHz6XG0v5O3sDFzI0Vg6Bx0Q5n02SYDx5UCYxJnYcCGxC4cU-i2Xc7J2hmbe076RG1MRZpTbJR78ew8Vg-e_SyBUctILoaso4iwkHGMr6JM6E%2C&csid=1506743&s1=15077602&md=0&crid=23526918&treqn=42346345&rpn=1&cbrandom=0.02920150126459642&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
IP 104.21.44.154:0
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /script/s2iurl.php?stamat=m%7C%2C%2CgjKyIjeToGU3Bk-GH0dEdHP3xP.4ec%2CvDYyn3aEF5PmCQDnkJJ9ZmJVQ_sqCTDwui4rdn-8sJzgr9KPGHmAvRfTiy43ZcBGeh8ood8VCsT5nzeoAHsATgxmElzXO0oXGCA64ogYnSpcyZpm7CcwHr7gpueNe6s8gmC0QhSZAJ4LF7odurY1aC8vud7tI_n9IB6XkawTJKvZYiiikz2O74jui9uRTvgbc0yFBi-3SkO98sB2CIG4dmN3mnMns02LcIrrRdcO1D0CEiERHh-kxpM1MAx2RYyUPr3N8xQfagJEYG0zLe85uB4SnqjWmj31sxIRz0xdNjs_H6O5kF5-j9RTEPAmTozeCx-raW8zZbBrHhlLhLB7CIivEQXDR8czRbdpg3Hg6CSADwyO_kAKjCIaZ_J-9_lfY8OlNQ-5Ronw5euf4ig69I1Ln9-ddZewhU50LMNU7x-pXcc7B24de_IUofye5dLHz6XG0v5O3sDFzI0Vg6Bx0Q5n02SYDx5UCYxJnYcCGxC4cU-i2Xc7J2hmbe076RG1MRZpTbJR78ew8Vg-e_SyBUctILoaso4iwkHGMr6JM6E%2C&csid=1506743&s1=15077602&md=0&crid=23526918&treqn=42346345&rpn=1&cbrandom=0.02920150126459642&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref= HTTP/1.1
Host: xu2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 26 Nov 2022 23:49:38 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Location: https://track.kinetiksoft.com/click.php?key=hf5zoh19696hna26t27k&redirection_cost=0.0034&zone=1506743-2616089357-0&campaign=310085820
Via: 1.1 google
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=an6L%2Bh25EOJCyP%2BryXUB2rNyZKAOKDYsqO1toZsAu7o3NL6%2BOD%2BZE519RevBBJ2unUig%2F2wkMKCMy5cYLN%2FNWecK0A0uiJXrH%2FqPV0aS%2FIoNTdw02huoavMy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770685949d54b50c-OSL
alt-svc: h2=":443"; ma=60
friendshipmale.com/sfp.js
104.21.234.92200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.92:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:49:37 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 218f79a48607838e9c82889ec3c2e1a6
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 26 Nov 2022 23:49:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zjer56JMaoVB6Fv5Yg3r4ZCMXVcjYbBtOzOtbgES1ciYt37CYUzg36WoQgxe2JxjDDM4UvYx7Z8CtKZYwXeVYh3tp0e%2Fc4zqp95WtBsWfkqM8ZP0W82UnKiCn3SQB9ApNxsiX0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7706858a694ef43b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
track.kinetiksoft.com/click.php?key=hf5zoh19696hna26t27k&redirection_cost=0.0034&zone=1506743-2616089357-0&campaign=310085820
95.216.17.248200 OK 0 B URL HTTP/2 track.kinetiksoft.com/click.php?key=hf5zoh19696hna26t27k&redirection_cost=0.0034&zone=1506743-2616089357-0&campaign=310085820
IP 95.216.17.248:0
ASN #24940 Hetzner Online GmbH
GET /click.php?key=hf5zoh19696hna26t27k&redirection_cost=0.0034&zone=1506743-2616089357-0&campaign=310085820 HTTP/1.1
Host: track.kinetiksoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 26 Nov 2022 23:49:38 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
track.kinetiksoft.com/favicon.ico
95.216.17.248404 Not Found 0 B URL HTTP/2 track.kinetiksoft.com/favicon.ico
IP 95.216.17.248:0
ASN #24940 Hetzner Online GmbH
GET /favicon.ico HTTP/1.1
Host: track.kinetiksoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.kinetiksoft.com/click.php?key=hf5zoh19696hna26t27k&redirection_cost=0.0034&zone=1506743-2616089357-0&campaign=310085820
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.20.1
date: Sat, 26 Nov 2022 23:49:38 GMT
content-type: text/html
content-encoding: gzip
X-Firefox-Spdy: h2
viralhotpot.com/?p=1796
172.67.164.19301 Moved Permanently 0 B IP 172.67.164.19:0
GET /?p=1796 HTTP/1.1
Host: viralhotpot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sat, 26 Nov 2022 23:49:35 GMT
content-type: text/html; charset=UTF-8
location: https://viralhotpot.com/latest-full-videos-of-ice-spice-bikini-bottom-leak-eating-munch-leaked-update/
x-pingback: https://viralhotpot.com/xmlrpc.php
x-redirect-by: WordPress
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTovLCKXg0Qjy53aTLqNi3pH%2BAM7bGdvdweSHniSdPJl4c2tz%2BdE5DrjuJSaWOFAO60XJgiduqZS2Ajy7UJzooBkqs7os99Qyb3XdamxKVQWHjzxSpzM9EvI9L1rNj3ia8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706857e4d48b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
172.67.211.29200 OK 0 B IP 172.67.211.29:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:49:35 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: a7f06484958c4f6d9e133f0c9850ad86
cache-control: max-age=86400
last-modified: Wed, 23 Nov 2022 10:06:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sun, 27 Nov 2022 23:38:40 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 655
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYo5%2BUk7bgHSGEtOadZQ%2B4EiTHcYxha%2BnVvdYX4dUtzAtER6fjwYA1Vxp1yrxv68a4JWwDZC6hrrDtKCT8P0%2BVtCluKgoQ%2Fq4Wp1rHdVthP5eWA6kg7Kz5jHnJsGXtG9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77068582ace90b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
IP 142.250.74.10:0
GET /css?family=Droid+Sans%3Aregular%2C700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://viralhotpot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 23:49:35 GMT
date: Sat, 26 Nov 2022 23:49:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2