newsexwap.com/watch/movie6618430311/
172.67.179.211301 Moved Permanently 0 B URL HTTP/1.1 newsexwap.com/watch/movie6618430311/
IP 172.67.179.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch/movie6618430311/ HTTP/1.1
Host: newsexwap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 04:47:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 30 Nov 2022 05:47:13 GMT
Location: https://newsexwap.com/watch/movie6618430311/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNHX71wXojUJ3C9%2FNqHXwAvx6pWlXlAZhN0fTueogclIOAXGXJH4GP2P2r4JMFwBXqHYx0J65poQAHY83RXrEEvR0wUtzm%2BZ2zD%2F5F%2BjOQ%2BvficNra0r6MaAn%2FyQHvfl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720f1a008211c12-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3134
Expires: Wed, 30 Nov 2022 05:39:28 GMT
Date: Wed, 30 Nov 2022 04:47:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1518
Cache-Control: max-age=108555
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:14 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 10:56:29 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8140
Expires: Wed, 30 Nov 2022 07:02:54 GMT
Date: Wed, 30 Nov 2022 04:47:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 04:17:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1755
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jQC598hArX5UHgL9gdqfX2sPUmPBSrLuoWIPq94K5tqUz6EJZUTSPMiLOK8hdEE+AUzRZqVELlE=
x-amz-request-id: JB7K4C2HE9MN7VPE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 04:45:44 GMT
age: 90
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 96fb7c3f0143ffaaad1d96e835b5c515
ecb61be906eadb6f172488f1c63be9e786805d32
0c9d6d87c9e9a2dd7ecf1345087eb303d9dff25febb92b72640fb6e0f7c5b865
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=146646
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:14 GMT
Etag: "63867a28-118"
Expires: Thu, 01 Dec 2022 21:31:20 GMT
Last-Modified: Tue, 29 Nov 2022 21:31:20 GMT
Server: nginx
Content-Length: 280
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:47:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
newsexwap.com/watch/movie6618430311/
172.67.179.211200 OK 14 kB URL HTTP/2 newsexwap.com/watch/movie6618430311/
IP 172.67.179.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1739), with CRLF, LF line terminators
Hash d2ce53278b4f7ac836f6d841569abb27
0c7074fcce0055b44c24e8b3304f010824bbeae3
22c5ee9464760f832ae09a129a1095f5b621155b03727ccce8c3e838be5e3a77
GET /watch/movie6618430311/ HTTP/1.1
Host: newsexwap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:14 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 30 Nov 2022 04:47:14 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zteL09dBmRR1SvWo02TgjvdEqUSHvZOjjGrh2T6GPioPpcUNYPx3CtwnnUXX%2Bh%2B3b%2F8O5SQik1wsr5tfm7Xv0Z01qeCCz8PYwxZDGmWaWjgHpMrS6tmzjAG7MG0zWJOQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720f1a25fca1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-hw.xvideos-cdn.com/videos/thumbs169ll/ec/12/8c/ec128cd3e53e864bb652d03643aaafad/ec128cd3e53e864bb652d03643aaafad.15.jpg
209.197.3.84200 OK 6.3 kB URL HTTP/1.1 img-hw.xvideos-cdn.com/videos/thumbs169ll/ec/12/8c/ec128cd3e53e864bb652d03643aaafad/ec128cd3e53e864bb652d03643aaafad.15.jpg
IP 209.197.3.84:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 352x198, components 3\012- data
Hash 5c91918fc29c5ef6636785361ee919a4
bd83e9395a8c7c629745b768ec358ed384388973
9da505df6702bb3d638acee523d5f5d2e65408d7738d79a85727d094cf9124fa
GET /videos/thumbs169ll/ec/12/8c/ec128cd3e53e864bb652d03643aaafad/ec128cd3e53e864bb652d03643aaafad.15.jpg HTTP/1.1
Host: img-hw.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:47:14 GMT
Connection: Keep-Alive
ETag: "1659769160"
Cache-Control: public, max-age=6865973
Content-Length: 6328
Content-Type: image/jpeg
Last-Modified: Sat, 06 Aug 2022 06:59:20 GMT
Accept-Ranges: bytes
X-HW: 1669783634.dop066.sk1.t,1669783634.cds233.sk1.shn,1669783634.dop066.sk1.t,1669783634.cds009.sk1.c
Access-Control-Allow-Origin: *
img-hw.xvideos-cdn.com/videos/thumbs169ll/21/e2/cd/21e2cd1f95c6e2ff688b2187a1cf61cc/21e2cd1f95c6e2ff688b2187a1cf61cc.15.jpg
209.197.3.84200 OK 8.0 kB URL HTTP/1.1 img-hw.xvideos-cdn.com/videos/thumbs169ll/21/e2/cd/21e2cd1f95c6e2ff688b2187a1cf61cc/21e2cd1f95c6e2ff688b2187a1cf61cc.15.jpg
IP 209.197.3.84:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 352x198, components 3\012- data
Hash b88f49c38350015ff3dee46c8c501097
979d1ef06784e7c50f48ab2ae4828edbbad47d69
8b6896cbd33383591c9e899d13bad3f0d6c86d27d053865a9c138fa411619680
GET /videos/thumbs169ll/21/e2/cd/21e2cd1f95c6e2ff688b2187a1cf61cc/21e2cd1f95c6e2ff688b2187a1cf61cc.15.jpg HTTP/1.1
Host: img-hw.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:47:14 GMT
Connection: Keep-Alive
ETag: "1669232563"
Cache-Control: public, max-age=7776000
Content-Length: 7955
Content-Type: image/jpeg
Last-Modified: Wed, 23 Nov 2022 19:42:43 GMT
Accept-Ranges: bytes
X-HW: 1669783634.dop213.sk1.t,1669783634.cds231.sk1.shn,1669783634.dop213.sk1.t,1669783634.cds219.sk1.c
Access-Control-Allow-Origin: *
cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/ca/22/ee/ca22ee1f103b3b3034e81e5707fb2224/ca22ee1f103b3b3034e81e5707fb2224.15.jpg
195.181.166.12200 OK 18 kB URL HTTP/2 cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/ca/22/ee/ca22ee1f103b3b3034e81e5707fb2224/ca22ee1f103b3b3034e81e5707fb2224.15.jpg
IP 195.181.166.12:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 352x198, components 3\012- data
Hash 5bd6e411db9b6590ed771f6b9bf1e873
49c3832d4af4e4a18fa47ac9a081bc403c4afeae
e69780e75952f434f15484c4c57acdddf5a536ceea77d7330396c69a366c7310
GET /videos/thumbs169ll/ca/22/ee/ca22ee1f103b3b3034e81e5707fb2224/ca22ee1f103b3b3034e81e5707fb2224.15.jpg HTTP/1.1
Host: cdn77-pic.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:14 GMT
content-type: image/jpeg
content-length: 17637
x-frame-options: sameorigin
last-modified: Fri, 14 Jan 2022 17:07:22 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-accel-expires: @1675441775
x-77-nzt: A8O1pgogR2bvPEoBANRmOAE5eOz/p5NGAI/0Ot33Fmn/AAAAAA
x-77-cache: HIT
server: CDN77-Turbo
x-77-nzt-ray: 8ypyNXqHV8U
x-cache-lb: HIT, HIT
x-age-lb: 4625319, 84540
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
151.101.65.229200 OK 85 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP 151.101.65.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 48c6510db10510d25a14e132b6c6bd1a
de1feca854233a18bd70d0484154bcacbd138c1d
73c6bbad275690c160ed6e68c4cd317e8c8bc46e3ca5a1445d6195bfa3ef100b
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.249.0
x-jsd-version-type: version
etag: W/"346a1-5pJjF6sMSAvD5NiPdWPuLzoQQcw"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 30 Nov 2022 04:47:14 GMT
age: 37366
x-served-by: cache-fra-eddf8230060-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 85108
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5f77ca8ea78ccd9b1b756c1c72197457
372f4a6caec291d13bd2da76df986293c9a3c27c
a7afaf8b5ef8869185bf590f1a5c6f04aa8e72638d2f38bb0ceac202fde49740
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:47:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 06:30:53 GMT
Expires: Tue, 06 Dec 2022 06:30:52 GMT
Etag: "372f4a6caec291d13bd2da76df986293c9a3c27c"
Cache-Control: max-age=524017,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7720f1a47b77b50c-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 7c3565b73849814250f9d46682879e98
ed32f6b56e8617d7c5b92cb27b1cce96b6d4367f
7b35c7e325e91c7e09fb50ac9b5d97302966306df1a78d1f21131631ddcf719e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1140
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:14 GMT
Last-Modified: Wed, 30 Nov 2022 04:28:14 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 0b2287ed9b482c5ee6e5ae326d4d99d5
890c7c05889ade0be5c6102c3bc342269b432917
d45dc3c55dbe169fb79c1ff74d13138463dc43f76ff8681f5fdd43aa3c7b1349
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:47:14 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "AE29FE625A8DBEAE554F87470F35717E5B42F889"
Expires: Wed, 30 Nov 2022 16:00:00 GMT
Last-Modified: Wed, 30 Nov 2022 04:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2183
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720f1a4cf781c0e-OSL
thumb-v8.xhcdn.com/a/f8eXB1syIl30mYU8yL_gEw/018/932/778/320x240.10.jpg
45.133.44.12200 OK 14 kB URL HTTP/2 thumb-v8.xhcdn.com/a/f8eXB1syIl30mYU8yL_gEw/018/932/778/320x240.10.jpg
IP 45.133.44.12:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 274cc331f9a768cd0f7e94ba473b44d5
1dd861cc6acea878ee988c0111b48d68e7cbf0a8
beda3ae1d4e66cbff39280c764403d516ca5c3ce37d50c1f4e570773fdc22892
GET /a/f8eXB1syIl30mYU8yL_gEw/018/932/778/320x240.10.jpg HTTP/1.1
Host: thumb-v8.xhcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:14 GMT
content-type: image/jpeg
content-length: 14121
server: nginx/1.14.0 (Ubuntu)
last-modified: Fri, 09 Apr 2021 12:50:55 GMT
etag: "60704daf-3729"
cache-control: max-age=86400
timing-allow-origin: *
expires: Thu, 01 Dec 2022 04:47:14 GMT
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
go.xlrdr.com/i?campaignId=2022-7-web-widget-girls-curvy-sm&creativeId=&modelsCountry=&modelsLanguage=&sourceId=&tag=girls%2Fcurvy&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=4887dd3a317c37fe53e0bfaa6d379858c425470a161da40834ef6b70cc72e61c&landing=WidgetV4Universal
104.18.59.150302 Found 0 B URL HTTP/2 go.xlrdr.com/i?campaignId=2022-7-web-widget-girls-curvy-sm&creativeId=&modelsCountry=&modelsLanguage=&sourceId=&tag=girls%2Fcurvy&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=4887dd3a317c37fe53e0bfaa6d379858c425470a161da40834ef6b70cc72e61c&landing=WidgetV4Universal
IP 104.18.59.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i?campaignId=2022-7-web-widget-girls-curvy-sm&creativeId=&modelsCountry=&modelsLanguage=&sourceId=&tag=girls%2Fcurvy&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=4887dd3a317c37fe53e0bfaa6d379858c425470a161da40834ef6b70cc72e61c&landing=WidgetV4Universal HTTP/1.1
Host: go.xlrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 30 Nov 2022 04:47:14 GMT
content-length: 0
location: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=2022-7-web-widget-girls-curvy-sm&creativeId=&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=1&showLiveBadge=1&showModelName=1&showTitle=1&sound=off&sourceId=&tag=girls%2Fcurvy&targetDomain=&thumbSizeKey=small&trackOff=1&userId=4887dd3a317c37fe53e0bfaa6d379858c425470a161da40834ef6b70cc72e61c
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDfsBaY2bRYJiCeRhAptQvDh5wz7nQJCtA4vy3XGx; SameSite=None; Secure; path=/; expires=Thu, 01-Dec-22 03:47:14 GMT; HttpOnly
server: cloudflare
cf-ray: 7720f1a4eff50b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-l3.xvideos-cdn.com/videos/thumbs169ll/71/b6/85/71b6852bbe75476446203479f0660f2c/71b6852bbe75476446203479f0660f2c.15.jpg
8.253.80.115200 OK 7.7 kB URL HTTP/1.1 img-l3.xvideos-cdn.com/videos/thumbs169ll/71/b6/85/71b6852bbe75476446203479f0660f2c/71b6852bbe75476446203479f0660f2c.15.jpg
IP 8.253.80.115:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", progressive, precision 8, 352x198, components 3\012- data
Hash 24cabb9f804fa2a964175c9556308ddf
fc3c47b56babedd42c1e40428c322f6c4d03db1c
11ea555b93f802faffb953e58edc0bae098b93407b1b214e0b1ffd09c9c1191e
GET /videos/thumbs169ll/71/b6/85/71b6852bbe75476446203479f0660f2c/71b6852bbe75476446203479f0660f2c.15.jpg HTTP/1.1
Host: img-l3.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 00:13:04 GMT
Content-Type: image/jpeg
Content-Length: 7656
Connection: keep-alive
Cache-Control: public, max-age=10368000
Expires: Mon, 27 Mar 2023 00:13:04 GMT
Last-Modified: Mon, 21 Nov 2022 00:47:06 GMT
Server: nginx
Access-Control-Allow-Origin: *
X-Frame-Options: sameorigin
Age: 275650
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 3.3 kB IP 93.184.220.29:0
Hash 4e869fad9441e0f914397c68ab22727a
dced18358a3c260c2dd10306f243d9f48f2f28da
2565e8fb03d63dd901850569b8f96b08cec98214826f8ed550264ba90b5e8edc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1140
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:14 GMT
Last-Modified: Wed, 30 Nov 2022 04:28:14 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5f77ca8ea78ccd9b1b756c1c72197457
372f4a6caec291d13bd2da76df986293c9a3c27c
a7afaf8b5ef8869185bf590f1a5c6f04aa8e72638d2f38bb0ceac202fde49740
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:47:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 06:30:53 GMT
Expires: Tue, 06 Dec 2022 06:30:52 GMT
Etag: "372f4a6caec291d13bd2da76df986293c9a3c27c"
Cache-Control: max-age=524017,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7720f1a47f63b523-OSL
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 4826403bfb9cc9f3485a9c8c11f5204a
a11bbb8477c6d5c9bce0c4bcd5172bc9d25d6234
2325dfac81acc71e51494b22ee6968b863950e9729d5bc03601daab5ae5bbbc6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1508
Cache-Control: max-age=92704
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:14 GMT
Etag: "6385a18e-13a"
Expires: Thu, 01 Dec 2022 06:32:18 GMT
Last-Modified: Tue, 29 Nov 2022 06:07:10 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 4826403bfb9cc9f3485a9c8c11f5204a
a11bbb8477c6d5c9bce0c4bcd5172bc9d25d6234
2325dfac81acc71e51494b22ee6968b863950e9729d5bc03601daab5ae5bbbc6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1508
Cache-Control: max-age=92704
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:14 GMT
Etag: "6385a18e-13a"
Expires: Thu, 01 Dec 2022 06:32:18 GMT
Last-Modified: Tue, 29 Nov 2022 06:07:10 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 4826403bfb9cc9f3485a9c8c11f5204a
a11bbb8477c6d5c9bce0c4bcd5172bc9d25d6234
2325dfac81acc71e51494b22ee6968b863950e9729d5bc03601daab5ae5bbbc6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1508
Cache-Control: max-age=92704
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:14 GMT
Etag: "6385a18e-13a"
Expires: Thu, 01 Dec 2022 06:32:18 GMT
Last-Modified: Tue, 29 Nov 2022 06:07:10 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 4826403bfb9cc9f3485a9c8c11f5204a
a11bbb8477c6d5c9bce0c4bcd5172bc9d25d6234
2325dfac81acc71e51494b22ee6968b863950e9729d5bc03601daab5ae5bbbc6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1526
Cache-Control: max-age=92722
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:14 GMT
Etag: "6385a18e-13a"
Expires: Thu, 01 Dec 2022 06:32:36 GMT
Last-Modified: Tue, 29 Nov 2022 06:07:10 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 314
thumb-v6.xhcdn.com/a/BB09dAGbISydWH4AoMvbbw/013/690/916/320x240.8.jpg
45.133.44.12200 OK 13 kB URL HTTP/2 thumb-v6.xhcdn.com/a/BB09dAGbISydWH4AoMvbbw/013/690/916/320x240.8.jpg
IP 45.133.44.12:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 3e10568a5bf9983afffedb61db61d64c
f510f4a511f104200ba46b0862d7248501e4786b
fc13dabd98894ff4cf17a1eff82e76fb871bb7296959cf6f50836e3218a9fb06
GET /a/BB09dAGbISydWH4AoMvbbw/013/690/916/320x240.8.jpg HTTP/1.1
Host: thumb-v6.xhcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:14 GMT
content-type: image/jpeg
content-length: 13222
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 20 Feb 2020 11:00:50 GMT
etag: "5e4e66e2-33a6"
cache-control: max-age=86400
timing-allow-origin: *
expires: Thu, 01 Dec 2022 04:47:14 GMT
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ei.phncdn.com/videos/202205/02/407378681/thumbs_5/(m=eaf8Ggaaaa)(mh=INEKlOj5KhiTMthU)13.jpg
64.210.135.114200 OK 13 kB URL HTTP/2 ei.phncdn.com/videos/202205/02/407378681/thumbs_5/(m=eaf8Ggaaaa)(mh=INEKlOj5KhiTMthU)13.jpg
IP 64.210.135.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash dcdb28eabbb5d5c22e7d504b3c90075e
3fda9f8038480a7fc0df43988a30b12d4131b2f2
c1856b9361425a1d424bb260f204145df5d8c7567e3bf4ec40d12fdb04971afd
GET /videos/202205/02/407378681/thumbs_5/(m=eaf8Ggaaaa)(mh=INEKlOj5KhiTMthU)13.jpg HTTP/1.1
Host: ei.phncdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:14 GMT
content-type: image/jpeg
content-length: 12675
expires: Sat, 18 Feb 2023 19:42:10 GMT
cache-control: max-age=10447951
last-modified: Mon, 02 May 2022 20:51:04 GMT
etag: "17edf1900-7fac-5de0d8cf7d45c"
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: ams5-6140-1-18070-h-0-0---;7619-25-25888----0-0-0
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/DcPZJN6e6YU
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DcPZJN6e6YU
IP 142.250.74.131:0
Hash fc905f7b05b06c605efc6db3ecf03d41
8dab65bc2ccf5265f61875e64df81aee2b582e47
1e80e8b46726ccda47b8bf3c1fa9a0a48efbfb57aaf9cc562eb31d5a83e94033
POST /s/gts1p5/DcPZJN6e6YU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ei.phncdn.com/videos/202201/11/401117971/original/(m=eaf8Ggaaaa)(mh=SOoL5hdFmtSY0zAe)1.jpg
64.210.135.114200 OK 11 kB URL HTTP/2 ei.phncdn.com/videos/202201/11/401117971/original/(m=eaf8Ggaaaa)(mh=SOoL5hdFmtSY0zAe)1.jpg
IP 64.210.135.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash d4f2c592c2e784c49be92b426c44115b
fda3a9edf89104a359912e7f8e38cf284b3bff58
f649044aa4a7e2038bc8b1d7bd09213d135f837679f3b492b4fb79aa4165a8fd
GET /videos/202201/11/401117971/original/(m=eaf8Ggaaaa)(mh=SOoL5hdFmtSY0zAe)1.jpg HTTP/1.1
Host: ei.phncdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:14 GMT
content-type: image/jpeg
content-length: 10783
expires: Wed, 15 Feb 2023 23:03:58 GMT
cache-control: max-age=10210337
last-modified: Tue, 11 Jan 2022 09:04:05 GMT
etag: "14348cb16-14d32-5d54abc2e4b40"
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: ams5-6249-2-10241-h-0-0---;7619-25-25888----0-0-1
X-Firefox-Spdy: h2
ei.phncdn.com/videos/202204/08/406057421/original/(m=eaf8Ggaaaa)(mh=fXztHJ_tFTSe7TAL)16.jpg
64.210.135.114200 OK 13 kB URL HTTP/2 ei.phncdn.com/videos/202204/08/406057421/original/(m=eaf8Ggaaaa)(mh=fXztHJ_tFTSe7TAL)16.jpg
IP 64.210.135.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 148882618760b5406ca5a69b46f29795
cd41f3246dd5d1617691b1c923d6f693505bfe43
b7975bd9e0667762b82286e72315069d3c5f7928b48d434d9a70c6c5f8e21f18
GET /videos/202204/08/406057421/original/(m=eaf8Ggaaaa)(mh=fXztHJ_tFTSe7TAL)16.jpg HTTP/1.1
Host: ei.phncdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:14 GMT
content-type: image/jpeg
content-length: 13030
expires: Sat, 18 Mar 2023 20:15:47 GMT
cache-control: max-age=10106375
last-modified: Fri, 08 Apr 2022 02:00:51 GMT
etag: "17a3a5447-23c9b-5dc1af6c63ac0"
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: ams5-7846-2-5885-m-0-0-200-0.000--;7619-25-25888----0-0-1
X-Firefox-Spdy: h2
ei.phncdn.com/videos/201912/31/272648721/original/(m=eaf8Ggaaaa)(mh=ZE95ZqKCtiAZhx9K)16.jpg
64.210.135.114200 OK 19 kB URL HTTP/2 ei.phncdn.com/videos/201912/31/272648721/original/(m=eaf8Ggaaaa)(mh=ZE95ZqKCtiAZhx9K)16.jpg
IP 64.210.135.114:0
Hash adbe79772d7dd257bcf515cd79993fc5
0e56565d45d4cc7876d69fdc2a4a8d16c7c953f5
a3c3e466284c777bbfee5d568d2a0c16f40a2d727422606494f440fdece1dc27
GET /videos/201912/31/272648721/original/(m=eaf8Ggaaaa)(mh=ZE95ZqKCtiAZhx9K)16.jpg HTTP/1.1
Host: ei.phncdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:14 GMT
content-type: image/jpeg
content-length: 18852
expires: Fri, 03 Mar 2023 15:09:40 GMT
cache-control: max-age=10436999
last-modified: Tue, 31 Dec 2019 03:33:25 GMT
etag: "104f7ab2a-20373-59af79f6d07f0"
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: ams5-7846-3-3856-h-0-0---;7619-25-25888----0-0-0
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 04:08:56 GMT
cache-control: public,max-age=3600
age: 2299
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ei.phncdn.com/videos/202110/27/397057231/thumbs_3/(m=eaf8Ggaaaa)(mh=geMr_g_0oBC8B6PY)12.jpg
64.210.135.114200 OK 15 kB URL HTTP/2 ei.phncdn.com/videos/202110/27/397057231/thumbs_3/(m=eaf8Ggaaaa)(mh=geMr_g_0oBC8B6PY)12.jpg
IP 64.210.135.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash be12652ea630742b11dcf7d2188aee03
611517e63d4d38ad582183a235caaa350dbeab5b
363c5baac74868d4c50155f82056d6bbbe37b307c8b6f5da53db6311806137b0
GET /videos/202110/27/397057231/thumbs_3/(m=eaf8Ggaaaa)(mh=geMr_g_0oBC8B6PY)12.jpg HTTP/1.1
Host: ei.phncdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 14907
expires: Sat, 25 Feb 2023 18:41:44 GMT
cache-control: max-age=10052720
last-modified: Sat, 30 Oct 2021 07:43:02 GMT
etag: "13a625bb7-12643-5cf8d17f1b333"
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: ams5-6141-2-37086-h-0-0---;7619-24-25888----0-0-1
X-Firefox-Spdy: h2
ei.phncdn.com/videos/202101/18/381987112/original/(m=eaf8Ggaaaa)(mh=3MqLWrZ1Rpqr0nd8)13.jpg
64.210.135.114200 OK 12 kB URL HTTP/2 ei.phncdn.com/videos/202101/18/381987112/original/(m=eaf8Ggaaaa)(mh=3MqLWrZ1Rpqr0nd8)13.jpg
IP 64.210.135.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 2506bf5106ae6ed9ba1cb7b55dacb8ac
711456e2caa95a203cad0c08997b3f5043953ac0
f906f8f19a5f0325e0553b854ecc4cecf6a073b36877c11ce688abe5a167cdad
GET /videos/202101/18/381987112/original/(m=eaf8Ggaaaa)(mh=3MqLWrZ1Rpqr0nd8)13.jpg HTTP/1.1
Host: ei.phncdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 11525
expires: Wed, 27 Oct 2021 05:28:47 GMT
cache-control: max-age=10100155
last-modified: Mon, 18 Jan 2021 15:08:07 GMT
etag: "1199bf0fe-12b44-5b92e16e083c0"
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: ams5-6139-1-7808-h-0-0---;7619-24-25888----0-0-1
X-Firefox-Spdy: h2
ei.phncdn.com/videos/202109/20/395051751/original/(m=eaf8Ggaaaa)(mh=ACwU_FK9FnXaPwbE)10.jpg
64.210.135.114200 OK 22 kB URL HTTP/2 ei.phncdn.com/videos/202109/20/395051751/original/(m=eaf8Ggaaaa)(mh=ACwU_FK9FnXaPwbE)10.jpg
IP 64.210.135.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 9308c1c4bb7cde402a3b10dbd994a269
6fcd7dd8ac2f964ffec1e66d46c642e20f896b0f
ff1841c049c36174a5928df4f9a1eaf161b53784b514a33223a265ac9b41d4aa
GET /videos/202109/20/395051751/original/(m=eaf8Ggaaaa)(mh=ACwU_FK9FnXaPwbE)10.jpg HTTP/1.1
Host: ei.phncdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 21608
expires: Fri, 22 Apr 2022 09:25:25 GMT
cache-control: max-age=10099278
last-modified: Mon, 20 Sep 2021 21:44:19 GMT
etag: "136a7dbfb-165a8-5cc742eeb52c0"
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: ams5-6139-1-7808-h-0-0---;7619-25-25888----0-0-1
X-Firefox-Spdy: h2
ei.phncdn.com/videos/202202/24/403615891/original/(m=eaf8Ggaaaa)(mh=cDSUahVX-JwLb2Yl)2.jpg
64.210.135.114200 OK 13 kB URL HTTP/2 ei.phncdn.com/videos/202202/24/403615891/original/(m=eaf8Ggaaaa)(mh=cDSUahVX-JwLb2Yl)2.jpg
IP 64.210.135.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 7980c0a51524c673c47352b56045974c
71f07e99c227cbdd3704f3b48d97bf86d0cdab39
a9451e5b06c138c498b1a0d3af011abe8efbcddcf3512c306565cfabdca851f8
GET /videos/202202/24/403615891/original/(m=eaf8Ggaaaa)(mh=cDSUahVX-JwLb2Yl)2.jpg HTTP/1.1
Host: ei.phncdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 13043
expires: Wed, 29 Jun 2022 16:49:53 GMT
cache-control: max-age=10649991
last-modified: Thu, 24 Feb 2022 03:44:38 GMT
etag: "148d8e49f-26690-5d8bb66c19580"
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: ams5-6249-2-10238-m-0-0-200-0.004--;7619-25-25888----0-0-2
X-Firefox-Spdy: h2
ei.phncdn.com/videos/201909/28/251525432/original/(m=eaf8Ggaaaa)(mh=ZhpG2WwWrrMLoPRk)15.jpg
64.210.135.114200 OK 12 kB URL HTTP/2 ei.phncdn.com/videos/201909/28/251525432/original/(m=eaf8Ggaaaa)(mh=ZhpG2WwWrrMLoPRk)15.jpg
IP 64.210.135.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 03c20d3e4c2e0cf3c9cb995546ae6bc8
e1dd20010f215494027087551fbc57d5a46e41ca
ee01d3bd44b1d8e9d65aad09c3e8930a45a7f265e295ccf0ea32977ce88e9bd3
GET /videos/201909/28/251525432/original/(m=eaf8Ggaaaa)(mh=ZhpG2WwWrrMLoPRk)15.jpg HTTP/1.1
Host: ei.phncdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 12104
expires: Wed, 29 Mar 2023 20:47:56 GMT
cache-control: max-age=10724044
last-modified: Sun, 29 Sep 2019 00:00:40 GMT
etag: "136a716b1-12bc4-593a5cf4f3b88"
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: ams5-6140-2-18161-m-0-0-200-0.004--;7619-25-25888----0-0-2
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 5.2 kB URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 6a4cc15cacd5b194eed33f74379c254b
577e5d7e601f59ca8eec4fd758748b29956163c9
6cdb191209bd952409aed8afa912d95fcf81418c405b4946f858a0949c32b704
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:47:15 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 04 Dec 2022 02:20:20 GMT
ETag: "2a22ce1f85b8aebb76ae53cf11d126fbc40c0bc0"
Last-Modified: Wed, 30 Nov 2022 02:20:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2339
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720f1a768951c0e-OSL
go6shde9nj2itle.com/lv/esnk/1912932/code.js?pid=_cb-1912932_0
62.122.171.6200 OK 44 kB URL HTTP/2 go6shde9nj2itle.com/lv/esnk/1912932/code.js?pid=_cb-1912932_0
IP 62.122.171.6:0
Hash 111c22ef783d227768116535e446050b
6579f005aaba01632fa8a831adb6756486ae82e3
f40878ba34c332815e82b6ae91d4bdbb69cf41ecade8e49db9fa98b0d0752f33
Analyzer Verdict Alert quad9 Sinkholed
GET /lv/esnk/1912932/code.js?pid=_cb-1912932_0 HTTP/1.1
Host: go6shde9nj2itle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:47:14 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-1aaa0"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
go6shde9nj2itle.com/get/1912932?zoneid=1912932&pid=_cb-1912932_0&jp=_clzdq1luiyms2aynmo1x5j&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2642705730630185
62.122.171.6200 OK 1.7 kB URL HTTP/2 go6shde9nj2itle.com/get/1912932?zoneid=1912932&pid=_cb-1912932_0&jp=_clzdq1luiyms2aynmo1x5j&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2642705730630185
IP 62.122.171.6:0
Hash f28e808b7c9ca2fdec52588e89fb935f
5eebfbc3a51657f8da5636d58be95b66570b2064
45543d9f1fab25f0a30b089c8c9d2a7f3bbb6005102d8ac2f22f7e0ac3efd307
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1912932?zoneid=1912932&pid=_cb-1912932_0&jp=_clzdq1luiyms2aynmo1x5j&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2642705730630185 HTTP/1.1
Host: go6shde9nj2itle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=221129234725a3364a914b4417acb938c5c4; Path=/; Expires=Thu, 30 Nov 2023 04:47:15 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
img-hw.xvideos-cdn.com/videos/thumbs169ll/e1/75/55/e17555fe048267472b7aa293eb5507de/e17555fe048267472b7aa293eb5507de.15.jpg
209.197.3.84200 OK 8.8 kB URL HTTP/1.1 img-hw.xvideos-cdn.com/videos/thumbs169ll/e1/75/55/e17555fe048267472b7aa293eb5507de/e17555fe048267472b7aa293eb5507de.15.jpg
IP 209.197.3.84:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 352x198, components 3\012- data
Hash 3fd4d1b38111f2f9d15c8e8806ebd84e
3826882b282f8230dbd70c05fe8dfe61246b1ab4
420285a2d1d9f231927f1b79e65d02d743d31723812d08d67e8aa366d689a17c
GET /videos/thumbs169ll/e1/75/55/e17555fe048267472b7aa293eb5507de/e17555fe048267472b7aa293eb5507de.15.jpg HTTP/1.1
Host: img-hw.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:47:15 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
ETag: "1663328288"
Cache-Control: public, max-age=7059240
Content-Length: 8754
Content-Type: image/jpeg
X-HW: 1669783634.dop020.sk1.t,1669783634.cds249.sk1.shn,1669783634.dop020.sk1.t,1669783634.cds002.sk1.s,1669783634.dop006.da2.r,1669783634.cds207.da2.c,1669783634.cds002.sk1.p
Access-Control-Allow-Origin: *
Last-Modified: Fri, 16 Sep 2022 11:38:08 GMT
cuddlethehyena.com/chicken.gif?z=1890409&pb=8cd1d2aa103f7428b409a9c9dc8281c81669790835&psp=JpOJSb81WkIAF-fShHpNQxtNacZy49t_9YjffmRvi19Zmx-RijH95M5O2g-1msBSlRq_DY6R9-m-D-F-689OrSFADbWL9wEQr2xV5BTY5hc82CeIi7XUT8v2OWvCnWf6d3JMKZxUfn8OLdYFG8pYhlfVAiivJxt1i1-MvFbRTvhGPRIZMcAuZ4KFDA4HukCPZq7G2sqhb8YGF2Kmz3QGcLqp5aR8cRGfguHOh8PNP2LXyONemIHeRoONyymz_yFHizYz0wDTTPm2iDIbP4NMMEk7MJRRC6dI2-oySRWhl1Am0g4v_qI93QnMPKiuiZ7Imb9TyBRkIiyWgTLrM9exy1h4_1Y6I3wGb03VRpYanJ8D2h0Dd1sN93g2dcAtyZoxCqLV9hxLE3pYglZW7ulr2DwRyRD7LIDpqBQ36oG68mJckycBWBrVTXv9eK_5OwBiCMSeuzVH4F7D0GcsX3G-sRfj4onOoYrmypJK5fd4SiWDL-uB3RVWu6uuCT8MZ9HsL_BXEDEf3bI__iPykdy72r5gNw8S8ZGnB5xgbIigfvsp4vtHOnzxE0fOsDOGUqjnYSliDk-fWPdOqzgZddyk-nTV7eKFy6KtntoPnB5_qrQ4aPIvzCkgBU-0yYmcupmeKivtchZBCOUaCTVuQWr-3HKMzkqDrifhHPz7ggzrN2n1t7wvIUt4QpbxmAUs4ItqErEc0gQUVenOoYJpt-s3fYAo9xo1_DLZkId_GVN4RAelmNA3ofseroHosKngz7poj-BbBpDlAQ420F-GCME3xj-gXem3GSAw8VrUeqWhFsYezI5oRf7ntqsfhjvTgFr-lhk6V359V19klWnm6jdGLqv4rlcmzGN2lr3VBLTm8QZFrrGSM_TzwP2Cw0jZVnCeDVOTVNPOloCy1Kc_zuN4eSTi14UGIfjwYkt6iT6tpxI-UenX5corYA4BpryF2wK-L0kWcs3SR_FauQdHi5BJyYN61NngpHQHPonW6g0dUk29vt5d2km6iryt6z9NO1G0ZkSr4INw4KSJLfIzGqEUDuXyBStu10EbGvyx1wv-AOS0d5ifxn2fxs0cYlLxLxpGFbq0zVC_1slTf-gKAJZLFP5vwmefoIcFLrKGaRb2uFNXle9q9mBilparyI7sREfBeVoY1-GrSF99U-s5zxfyIdTc4H_fvvv9ACsJDoTHVa0hJPo9ErQO8i5Op_IvSI6qWYce06nM9NGa5MEEFj8YwTnurHVBmN3fDhJX18DB55THtZ6_um5OtZb8Zf8XrAqRppngBNaufRjU8lHsc4G4BV-EEHT-k2WLLrkIJLI3y40QcuwWXKbyWL7zbCn8uzmJ-7rsivYdw4ifFWd_KIuc_U59xPeMOfDzXzoNE0VMBniQ1S3gqqrSXG0dnDpWuvBREh66-EyNyMP5r6v6BweiUE1wnrUsQ54=&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 cuddlethehyena.com/chicken.gif?z=1890409&pb=8cd1d2aa103f7428b409a9c9dc8281c81669790835&psp=JpOJSb81WkIAF-fShHpNQxtNacZy49t_9YjffmRvi19Zmx-RijH95M5O2g-1msBSlRq_DY6R9-m-D-F-689OrSFADbWL9wEQr2xV5BTY5hc82CeIi7XUT8v2OWvCnWf6d3JMKZxUfn8OLdYFG8pYhlfVAiivJxt1i1-MvFbRTvhGPRIZMcAuZ4KFDA4HukCPZq7G2sqhb8YGF2Kmz3QGcLqp5aR8cRGfguHOh8PNP2LXyONemIHeRoONyymz_yFHizYz0wDTTPm2iDIbP4NMMEk7MJRRC6dI2-oySRWhl1Am0g4v_qI93QnMPKiuiZ7Imb9TyBRkIiyWgTLrM9exy1h4_1Y6I3wGb03VRpYanJ8D2h0Dd1sN93g2dcAtyZoxCqLV9hxLE3pYglZW7ulr2DwRyRD7LIDpqBQ36oG68mJckycBWBrVTXv9eK_5OwBiCMSeuzVH4F7D0GcsX3G-sRfj4onOoYrmypJK5fd4SiWDL-uB3RVWu6uuCT8MZ9HsL_BXEDEf3bI__iPykdy72r5gNw8S8ZGnB5xgbIigfvsp4vtHOnzxE0fOsDOGUqjnYSliDk-fWPdOqzgZddyk-nTV7eKFy6KtntoPnB5_qrQ4aPIvzCkgBU-0yYmcupmeKivtchZBCOUaCTVuQWr-3HKMzkqDrifhHPz7ggzrN2n1t7wvIUt4QpbxmAUs4ItqErEc0gQUVenOoYJpt-s3fYAo9xo1_DLZkId_GVN4RAelmNA3ofseroHosKngz7poj-BbBpDlAQ420F-GCME3xj-gXem3GSAw8VrUeqWhFsYezI5oRf7ntqsfhjvTgFr-lhk6V359V19klWnm6jdGLqv4rlcmzGN2lr3VBLTm8QZFrrGSM_TzwP2Cw0jZVnCeDVOTVNPOloCy1Kc_zuN4eSTi14UGIfjwYkt6iT6tpxI-UenX5corYA4BpryF2wK-L0kWcs3SR_FauQdHi5BJyYN61NngpHQHPonW6g0dUk29vt5d2km6iryt6z9NO1G0ZkSr4INw4KSJLfIzGqEUDuXyBStu10EbGvyx1wv-AOS0d5ifxn2fxs0cYlLxLxpGFbq0zVC_1slTf-gKAJZLFP5vwmefoIcFLrKGaRb2uFNXle9q9mBilparyI7sREfBeVoY1-GrSF99U-s5zxfyIdTc4H_fvvv9ACsJDoTHVa0hJPo9ErQO8i5Op_IvSI6qWYce06nM9NGa5MEEFj8YwTnurHVBmN3fDhJX18DB55THtZ6_um5OtZb8Zf8XrAqRppngBNaufRjU8lHsc4G4BV-EEHT-k2WLLrkIJLI3y40QcuwWXKbyWL7zbCn8uzmJ-7rsivYdw4ifFWd_KIuc_U59xPeMOfDzXzoNE0VMBniQ1S3gqqrSXG0dnDpWuvBREh66-EyNyMP5r6v6BweiUE1wnrUsQ54=&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1890409&pb=8cd1d2aa103f7428b409a9c9dc8281c81669790835&psp=JpOJSb81WkIAF-fShHpNQxtNacZy49t_9YjffmRvi19Zmx-RijH95M5O2g-1msBSlRq_DY6R9-m-D-F-689OrSFADbWL9wEQr2xV5BTY5hc82CeIi7XUT8v2OWvCnWf6d3JMKZxUfn8OLdYFG8pYhlfVAiivJxt1i1-MvFbRTvhGPRIZMcAuZ4KFDA4HukCPZq7G2sqhb8YGF2Kmz3QGcLqp5aR8cRGfguHOh8PNP2LXyONemIHeRoONyymz_yFHizYz0wDTTPm2iDIbP4NMMEk7MJRRC6dI2-oySRWhl1Am0g4v_qI93QnMPKiuiZ7Imb9TyBRkIiyWgTLrM9exy1h4_1Y6I3wGb03VRpYanJ8D2h0Dd1sN93g2dcAtyZoxCqLV9hxLE3pYglZW7ulr2DwRyRD7LIDpqBQ36oG68mJckycBWBrVTXv9eK_5OwBiCMSeuzVH4F7D0GcsX3G-sRfj4onOoYrmypJK5fd4SiWDL-uB3RVWu6uuCT8MZ9HsL_BXEDEf3bI__iPykdy72r5gNw8S8ZGnB5xgbIigfvsp4vtHOnzxE0fOsDOGUqjnYSliDk-fWPdOqzgZddyk-nTV7eKFy6KtntoPnB5_qrQ4aPIvzCkgBU-0yYmcupmeKivtchZBCOUaCTVuQWr-3HKMzkqDrifhHPz7ggzrN2n1t7wvIUt4QpbxmAUs4ItqErEc0gQUVenOoYJpt-s3fYAo9xo1_DLZkId_GVN4RAelmNA3ofseroHosKngz7poj-BbBpDlAQ420F-GCME3xj-gXem3GSAw8VrUeqWhFsYezI5oRf7ntqsfhjvTgFr-lhk6V359V19klWnm6jdGLqv4rlcmzGN2lr3VBLTm8QZFrrGSM_TzwP2Cw0jZVnCeDVOTVNPOloCy1Kc_zuN4eSTi14UGIfjwYkt6iT6tpxI-UenX5corYA4BpryF2wK-L0kWcs3SR_FauQdHi5BJyYN61NngpHQHPonW6g0dUk29vt5d2km6iryt6z9NO1G0ZkSr4INw4KSJLfIzGqEUDuXyBStu10EbGvyx1wv-AOS0d5ifxn2fxs0cYlLxLxpGFbq0zVC_1slTf-gKAJZLFP5vwmefoIcFLrKGaRb2uFNXle9q9mBilparyI7sREfBeVoY1-GrSF99U-s5zxfyIdTc4H_fvvv9ACsJDoTHVa0hJPo9ErQO8i5Op_IvSI6qWYce06nM9NGa5MEEFj8YwTnurHVBmN3fDhJX18DB55THtZ6_um5OtZb8Zf8XrAqRppngBNaufRjU8lHsc4G4BV-EEHT-k2WLLrkIJLI3y40QcuwWXKbyWL7zbCn8uzmJ-7rsivYdw4ifFWd_KIuc_U59xPeMOfDzXzoNE0VMBniQ1S3gqqrSXG0dnDpWuvBREh66-EyNyMP5r6v6BweiUE1wnrUsQ54=&abvar=0&os=0 HTTP/1.1
Host: cuddlethehyena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=22112923474bf00b4190d745c7b253441729
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACHfJgAAAAAAAAAB; Path=/; Expires=Fri, 30 Dec 2022 04:47:15 GMT; Secure; SameSite=None
OACIBLOCK=ACHfJgAAAABjhjqQ; Path=/; Expires=Fri, 30 Dec 2022 04:47:15 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Thu, 01 Dec 2022 04:47:15 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2b18451ba62ba716293e9a696fb5cbf1
b7f3bec739b526057f6ca306892ee2d405b39ce3
0fb71815562197c1c65c974aa191640bce0c5c9ba0e21cc5d273875caf2670bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1458
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:15 GMT
Last-Modified: Wed, 30 Nov 2022 04:22:57 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2b18451ba62ba716293e9a696fb5cbf1
b7f3bec739b526057f6ca306892ee2d405b39ce3
0fb71815562197c1c65c974aa191640bce0c5c9ba0e21cc5d273875caf2670bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1217
Cache-Control: max-age=152857
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:15 GMT
Etag: "63868dab-117"
Expires: Thu, 01 Dec 2022 23:14:52 GMT
Last-Modified: Tue, 29 Nov 2022 22:54:35 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 17e9d8571905180d50a136cfa30e6052
5f1b52afec7ff86f2dc9d1f0c7ee07018b76afd3
9fea4a299001dfe3fa1990c6c7924481b534a468722ae3357617848ba486c1d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1073
Cache-Control: max-age=130031
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:15 GMT
Etag: "63863512-118"
Expires: Thu, 01 Dec 2022 16:54:26 GMT
Last-Modified: Tue, 29 Nov 2022 16:36:34 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
cdn.pncloudfl.com/pn/597/84e/2a6/59784e2a61ac3aa5638fa67202b8a4f6230736b3.jpg
104.22.59.221200 OK 42 kB URL HTTP/2 cdn.pncloudfl.com/pn/597/84e/2a6/59784e2a61ac3aa5638fa67202b8a4f6230736b3.jpg
IP 104.22.59.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3692aeb3d8e97400160c19f93d8dfe7a
93cc0089e10d0c809842d7f40f37f725cdc3f532
3c13879cd6ddf95b6b37994ca197c3a5cc97ee37669eabb5f54d10c344feddbc
GET /pn/597/84e/2a6/59784e2a61ac3aa5638fa67202b8a4f6230736b3.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/webp
content-length: 41926
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=75213
content-disposition: inline; filename="59784e2a61ac3aa5638fa67202b8a4f6230736b3.webp"
etag: de579877c115109ec9ca833aab057d1a
expires: Wed, 30 Nov 2022 05:32:12 GMT
last-modified: Sun, 19 Jun 2022 15:39:25 GMT
vary: Accept
x-openstack-request-id: tx107f7e6e2a7f43d895cc2-0062af4764
x-proxy-cache: HIT
x-timestamp: 1655653164.18243
x-trans-id: tx107f7e6e2a7f43d895cc2-0062af4764
cf-cache-status: HIT
age: 170103
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 7720f1a80a59b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.bncloudfl.com/bn/cab/408/a7a/cab408a7ad821dcef5bdbadee1efa7d60cdc3d7e.gif
104.22.14.198200 OK 242 kB URL HTTP/2 cdn.bncloudfl.com/bn/cab/408/a7a/cab408a7ad821dcef5bdbadee1efa7d60cdc3d7e.gif
IP 104.22.14.198:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 242 kB (241990 bytes)
Hash 05c37d9a4f701da4b569aefcecbe72ed
f1da35e295f7d370fecf16a475a53d43e45e9f3f
f6003abb56e2e3df544fcda158c975d42f1a2af9badd453f7b2798e38afe58d1
GET /bn/cab/408/a7a/cab408a7ad821dcef5bdbadee1efa7d60cdc3d7e.gif HTTP/1.1
Host: cdn.bncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/webp
content-length: 241990
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=278877
content-disposition: inline; filename="cab408a7ad821dcef5bdbadee1efa7d60cdc3d7e.webp"
etag: 94d3d32289ac794d89d04bdc395abdd8
expires: Thu, 01 Dec 2022 22:39:08 GMT
last-modified: Wed, 16 Nov 2022 14:52:14 GMT
vary: Accept
x-openstack-request-id: tx12d987b72793470f98979-006374f92b
x-proxy-cache: HIT
x-timestamp: 1668610333.06580
x-trans-id: tx12d987b72793470f98979-006374f92b
cf-cache-status: HIT
age: 22087
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 7720f1a828991c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/482/ceb/33f/482ceb33f8ed3b24f4ea6b8115a18e174c230a61.jpg
104.22.59.221200 OK 38 kB URL HTTP/2 cdn.pncloudfl.com/pn/482/ceb/33f/482ceb33f8ed3b24f4ea6b8115a18e174c230a61.jpg
IP 104.22.59.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ea3954509e3542148a265db56aff64c9
a2471e1c1a808d5df9847bda790e48ebc2f871fe
8e1ab5fd10583d623b09f255bc71b8044e90cfa6cc1bc00b1bcb722fd6412db7
GET /pn/482/ceb/33f/482ceb33f8ed3b24f4ea6b8115a18e174c230a61.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/webp
content-length: 37632
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=67675
content-disposition: inline; filename="482ceb33f8ed3b24f4ea6b8115a18e174c230a61.webp"
etag: d96ef22fd184e53f986dbaf8adfc4722
expires: Thu, 01 Dec 2022 23:04:18 GMT
last-modified: Tue, 22 Mar 2022 01:31:39 GMT
vary: Accept
x-openstack-request-id: tx186d98cdec60421385d50-0062392779
x-proxy-cache: HIT
x-timestamp: 1647912698.82942
x-trans-id: tx186d98cdec60421385d50-0062392779
cf-cache-status: HIT
age: 20577
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 7720f1a82a69b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xxx.xxxquake.com/xvembed/66184303
188.114.96.1200 OK 612 B URL HTTP/2 xxx.xxxquake.com/xvembed/66184303
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 489e1c86611d0c3e1adc7aa7b219772c
43c81d88a46694b409de5b67d62fdd6de65ec3a2
9eaf758c234f95043f895db5eb10ea1b0ff8a58b547804165f41ee4cc270daee
GET /xvembed/66184303 HTTP/1.1
Host: xxx.xxxquake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 04:47:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UshzZU4zyl2rEV8eYp4AToU8CTpq%2B6vvSX2tzjn%2BPKz35oMHV8W3uDL%2BxmcuSCNhC85lznnWvpqqbH0FMyaIWO99imnStaKkQTrHVmXY%2FqmpjWdROgznmsn0fE8HQi%2FnkI6A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720f1a70cd10af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2b18451ba62ba716293e9a696fb5cbf1
b7f3bec739b526057f6ca306892ee2d405b39ce3
0fb71815562197c1c65c974aa191640bce0c5c9ba0e21cc5d273875caf2670bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1458
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:15 GMT
Last-Modified: Wed, 30 Nov 2022 04:22:57 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
mc.yandex.ru/watch/75722023?wmode=7&page-url=https%3A%2F%2Fnewsexwap.com%2Fwatch%2Fmovie6618430311%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afp%3A846%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A640629248439%3Ahid%3A578284869%3Az%3A0%3Ai%3A20221130044713%3Aet%3A1669783634%3Ac%3A1%3Arn%3A543009824%3Arqn%3A1%3Au%3A1669783634438124969%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C77%2C78%2C0%2C371%2C0%2C%2C190%2C3%2C%2C%2C%2C833%3Ans%3A1669783632748%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669783634%3At%3AGina%20Savagex%20Fap%20Splitscreen%20Tribute%20Tixtox%20Instagram_Mikemoria%20New%20Sex%20Wap%20Tube&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 280 B URL HTTP/2 mc.yandex.ru/watch/75722023?wmode=7&page-url=https%3A%2F%2Fnewsexwap.com%2Fwatch%2Fmovie6618430311%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afp%3A846%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A640629248439%3Ahid%3A578284869%3Az%3A0%3Ai%3A20221130044713%3Aet%3A1669783634%3Ac%3A1%3Arn%3A543009824%3Arqn%3A1%3Au%3A1669783634438124969%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C77%2C78%2C0%2C371%2C0%2C%2C190%2C3%2C%2C%2C%2C833%3Ans%3A1669783632748%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669783634%3At%3AGina%20Savagex%20Fap%20Splitscreen%20Tribute%20Tixtox%20Instagram_Mikemoria%20New%20Sex%20Wap%20Tube&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
Hash 17e9d8571905180d50a136cfa30e6052
5f1b52afec7ff86f2dc9d1f0c7ee07018b76afd3
9fea4a299001dfe3fa1990c6c7924481b534a468722ae3357617848ba486c1d3
GET /watch/75722023?wmode=7&page-url=https%3A%2F%2Fnewsexwap.com%2Fwatch%2Fmovie6618430311%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afp%3A846%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A640629248439%3Ahid%3A578284869%3Az%3A0%3Ai%3A20221130044713%3Aet%3A1669783634%3Ac%3A1%3Arn%3A543009824%3Arqn%3A1%3Au%3A1669783634438124969%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C77%2C78%2C0%2C371%2C0%2C%2C190%2C3%2C%2C%2C%2C833%3Ans%3A1669783632748%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669783634%3At%3AGina%20Savagex%20Fap%20Splitscreen%20Tribute%20Tixtox%20Instagram_Mikemoria%20New%20Sex%20Wap%20Tube&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://newsexwap.com
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/75722023/1?wmode=7&page-url=https%3A%2F%2Fnewsexwap.com%2Fwatch%2Fmovie6618430311%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afp%3A846%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A640629248439%3Ahid%3A578284869%3Az%3A0%3Ai%3A20221130044713%3Aet%3A1669783634%3Ac%3A1%3Arn%3A543009824%3Arqn%3A1%3Au%3A1669783634438124969%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C77%2C78%2C0%2C371%2C0%2C%2C190%2C3%2C%2C%2C%2C833%3Ans%3A1669783632748%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669783634%3At%3AGina%20Savagex%20Fap%20Splitscreen%20Tribute%20Tixtox%20Instagram_Mikemoria%20New%20Sex%20Wap%20Tube&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 30 Nov 2022 04:47:15 GMT
access-control-allow-origin: https://newsexwap.com
set-cookie: yandexuid=9824272061669783635; Expires=Thu, 30-Nov-2023 04:47:15 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9824272061669783635; Expires=Thu, 30-Nov-2023 04:47:15 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1990152161669783635; Path=/; SameSite=None; Secure
i=mO0CzpfRHhcnJpJHLWH5bk5WmdMIgfvdZEqxm8RiYhkWOZ0vEVmEv1Glpg39AnxcXt0TevJ/dLsqyNsnDZ1887CUcCw=; Expires=Sat, 27-Nov-2032 04:47:14 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701319635.yc.1669783635#1701319635.yrts.1669783635#1701319635.yrtsi.1669783635; Expires=Thu, 30-Nov-2023 04:47:15 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 04:47:15 GMT
last-modified: Wed, 30-Nov-2022 04:47:15 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
go6shde9nj2itle.com/chicken.gif?z=1912932&pid=_cb-1912932_0&pb=8cd1d2aa103f7428b409a9c9dc8281c81669790835&psp=Uy1-ytjMfcSDHhBsQk24XVe9eiyGlsl-a_XgRsvc5mqObnbVkRB-YPqQiZliRvyF7N2IyG0UsjytWPGcBs7cvk71eVpvzk3s6ieu2eS76rHR834Eh55qalINrb5gbXbavRJMfYRMXLGo6p0mPk6Uu-ITrawa6uyfXXVxoHn2g3M3dY5zhMMvSuMJuoEAso4AFqiDXQjJZZU897LPfytaqZJbUz1hRFt9Pcg0c6YlRR9BzqAN3iR2jLt7j-S5O8jfRLFXbVpVDhO_FY0w1c3PW_9zFZCCLe9Lr4OQUsswDCC1_8iEGdXghNmFjdMt8F98sYv2QhrsaatMXXJJvTlY8aLesHdbIAp1Ljd-2mNktk_TrmblbIKh8EX0pJbZ0sF5MUJYC32YL-2Xe1nkua3LaS1jOBxCteE2QRfuJ8thJXalJcq4_kvhYTeb90QqdGWbvdnZ-V8rnydNtgjRxenSMTsKZG2_wicAWjh8Ea_mGJyVIh61GAi5LMXiWgG0mx5nr1wGnisSBYG7r_n8NA_S1YXFP7HjXADTzi2ZJOkvSc_UOEb4Y7313DSogfiirucR_7G_BMi21Mux_verQ21awj9_JYYuBo_GCMI9ivJr5XKJfdhbaImE3ZcJaFPyL-r9aN0_z2zD5K2713hvKxGQzoeP4J9bQ8LY9ehNw9ZIIsbMF0pfRV-fYEJikcItwXcB0np2CsmBO8O1H432pm6iio2j5n5sCfMyfBra7j-NNanKFPs1Ka7O_kQX76SoPDMxlmmJHVFJ-8UasgpEkx9cAccJjFr1vbQGJfJj12C_NXO4-3p27Fz6tIhSd_A_8su5kpCR8cIHNWwjOJwpYiZw&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 go6shde9nj2itle.com/chicken.gif?z=1912932&pid=_cb-1912932_0&pb=8cd1d2aa103f7428b409a9c9dc8281c81669790835&psp=Uy1-ytjMfcSDHhBsQk24XVe9eiyGlsl-a_XgRsvc5mqObnbVkRB-YPqQiZliRvyF7N2IyG0UsjytWPGcBs7cvk71eVpvzk3s6ieu2eS76rHR834Eh55qalINrb5gbXbavRJMfYRMXLGo6p0mPk6Uu-ITrawa6uyfXXVxoHn2g3M3dY5zhMMvSuMJuoEAso4AFqiDXQjJZZU897LPfytaqZJbUz1hRFt9Pcg0c6YlRR9BzqAN3iR2jLt7j-S5O8jfRLFXbVpVDhO_FY0w1c3PW_9zFZCCLe9Lr4OQUsswDCC1_8iEGdXghNmFjdMt8F98sYv2QhrsaatMXXJJvTlY8aLesHdbIAp1Ljd-2mNktk_TrmblbIKh8EX0pJbZ0sF5MUJYC32YL-2Xe1nkua3LaS1jOBxCteE2QRfuJ8thJXalJcq4_kvhYTeb90QqdGWbvdnZ-V8rnydNtgjRxenSMTsKZG2_wicAWjh8Ea_mGJyVIh61GAi5LMXiWgG0mx5nr1wGnisSBYG7r_n8NA_S1YXFP7HjXADTzi2ZJOkvSc_UOEb4Y7313DSogfiirucR_7G_BMi21Mux_verQ21awj9_JYYuBo_GCMI9ivJr5XKJfdhbaImE3ZcJaFPyL-r9aN0_z2zD5K2713hvKxGQzoeP4J9bQ8LY9ehNw9ZIIsbMF0pfRV-fYEJikcItwXcB0np2CsmBO8O1H432pm6iio2j5n5sCfMyfBra7j-NNanKFPs1Ka7O_kQX76SoPDMxlmmJHVFJ-8UasgpEkx9cAccJjFr1vbQGJfJj12C_NXO4-3p27Fz6tIhSd_A_8su5kpCR8cIHNWwjOJwpYiZw&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1912932&pid=_cb-1912932_0&pb=8cd1d2aa103f7428b409a9c9dc8281c81669790835&psp=Uy1-ytjMfcSDHhBsQk24XVe9eiyGlsl-a_XgRsvc5mqObnbVkRB-YPqQiZliRvyF7N2IyG0UsjytWPGcBs7cvk71eVpvzk3s6ieu2eS76rHR834Eh55qalINrb5gbXbavRJMfYRMXLGo6p0mPk6Uu-ITrawa6uyfXXVxoHn2g3M3dY5zhMMvSuMJuoEAso4AFqiDXQjJZZU897LPfytaqZJbUz1hRFt9Pcg0c6YlRR9BzqAN3iR2jLt7j-S5O8jfRLFXbVpVDhO_FY0w1c3PW_9zFZCCLe9Lr4OQUsswDCC1_8iEGdXghNmFjdMt8F98sYv2QhrsaatMXXJJvTlY8aLesHdbIAp1Ljd-2mNktk_TrmblbIKh8EX0pJbZ0sF5MUJYC32YL-2Xe1nkua3LaS1jOBxCteE2QRfuJ8thJXalJcq4_kvhYTeb90QqdGWbvdnZ-V8rnydNtgjRxenSMTsKZG2_wicAWjh8Ea_mGJyVIh61GAi5LMXiWgG0mx5nr1wGnisSBYG7r_n8NA_S1YXFP7HjXADTzi2ZJOkvSc_UOEb4Y7313DSogfiirucR_7G_BMi21Mux_verQ21awj9_JYYuBo_GCMI9ivJr5XKJfdhbaImE3ZcJaFPyL-r9aN0_z2zD5K2713hvKxGQzoeP4J9bQ8LY9ehNw9ZIIsbMF0pfRV-fYEJikcItwXcB0np2CsmBO8O1H432pm6iio2j5n5sCfMyfBra7j-NNanKFPs1Ka7O_kQX76SoPDMxlmmJHVFJ-8UasgpEkx9cAccJjFr1vbQGJfJj12C_NXO4-3p27Fz6tIhSd_A_8su5kpCR8cIHNWwjOJwpYiZw&abvar=0&os=0 HTTP/1.1
Host: go6shde9nj2itle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=221129234725a3364a914b4417acb938c5c4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACL9zAAAAAAAAAAB; Path=/; Expires=Fri, 30 Dec 2022 04:47:15 GMT; Secure; SameSite=None
OACIBLOCK=ACL9zAAAAABjhtVA; Path=/; Expires=Fri, 30 Dec 2022 04:47:15 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Thu, 01 Dec 2022 04:47:15 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 79 kB URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
Hash 007df5a99ee7de1b482814ecba3ce977
460d9c6bc3ad13a84be755328eff19e0c29b2446
d67604c7de2da8746a1cb3b93d8f4efd21d83d4f78b105becb3e6c5d28235e82
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 30 Nov 2022 04:47:15 GMT
access-control-allow-origin: *
etag: "6384bff1-2b"
expires: Wed, 30 Nov 2022 05:47:15 GMT
accept-ranges: bytes
last-modified: Mon, 28 Nov 2022 17:04:33 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ddd01a5d428c44d865152e570fff9083
6efd62a499ccf81bab723de6cd327f32b46e89ab
2e27ad303fb2a2484c444c9b41d6e5d43a5fe4b281a45be45857d374bf59c194
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1472
Cache-Control: max-age=166474
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:15 GMT
Etag: "6386c1dd-117"
Expires: Fri, 02 Dec 2022 03:01:49 GMT
Last-Modified: Wed, 30 Nov 2022 02:37:17 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
video.ktkjmp.com/adsbygoogle.js
104.18.59.150200 OK 16 B URL HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP 104.18.59.150:0
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlrdr.com/
Origin: https://creative.xlrdr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: JkCGjUrgnBgB5Ldx8o/A8ASqNLV5nPIAdv57lupABlhL2wyLLTncvB9KXBxRs01tDEzM0AFmFH4=
x-amz-request-id: 3YWDZBTT5KXYP4SY
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xlrdr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 5786
expires: Wed, 30 Nov 2022 08:47:15 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1a93861b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ddd01a5d428c44d865152e570fff9083
6efd62a499ccf81bab723de6cd327f32b46e89ab
2e27ad303fb2a2484c444c9b41d6e5d43a5fe4b281a45be45857d374bf59c194
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1472
Cache-Control: max-age=166474
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:15 GMT
Etag: "6386c1dd-117"
Expires: Fri, 02 Dec 2022 03:01:49 GMT
Last-Modified: Wed, 30 Nov 2022 02:37:17 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
52.41.201.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.201.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f+AaNUgN4jtUeLbO+jvRhQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FemOeqSBCxRy+APNFZ4L5IPdpos=
static-ss.xvideos-cdn.com/v-ada7e83cf8e/v3/js/skins/min/default.embed.static.js
69.55.53.170200 OK 21 kB URL HTTP/2 static-ss.xvideos-cdn.com/v-ada7e83cf8e/v3/js/skins/min/default.embed.static.js
IP 69.55.53.170:0
ASN #46652 SERVERSTACK-ASN
Hash 48d820ac440036bad71432711bbe1f9f
bc3c1ed1770218461b124446cc976d16effdd6e3
0357b17ae8e458314165a6c3b2309b4a1024ae983537bb519c52d5a76defa194
GET /v-ada7e83cf8e/v3/js/skins/min/default.embed.static.js HTTP/1.1
Host: static-ss.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxx.xxxquake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: application/javascript
content-length: 20975
last-modified: Thu, 24 Nov 2022 17:48:00 GMT
vary: Accept-Encoding
etag: "637fae50-51ef"
content-encoding: gzip
expires: Thu, 01 Dec 2022 04:47:15 GMT
cache-control: max-age=86400
access-control-allow-origin: *
X-Firefox-Spdy: h2
static-ss.xvideos-cdn.com/v-7d7c14d25e1/v3/js/skins/min/player.html5.static.js
69.55.53.170200 OK 41 kB URL HTTP/2 static-ss.xvideos-cdn.com/v-7d7c14d25e1/v3/js/skins/min/player.html5.static.js
IP 69.55.53.170:0
ASN #46652 SERVERSTACK-ASN
File type ASCII text, with very long lines (31980)
Hash 2cd2bb111a20398021ff0e3b5cdb0814
32bcd8d7a376a64bbbf14ec43abb4c2be4f1dc40
2618a56f590a92169674db8ccad686e110ceccf8a92e997427cc176e53dcfa82
GET /v-7d7c14d25e1/v3/js/skins/min/player.html5.static.js HTTP/1.1
Host: static-ss.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxx.xxxquake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: application/javascript
content-length: 41354
last-modified: Wed, 23 Nov 2022 15:43:20 GMT
vary: Accept-Encoding
etag: "637e3f98-a18a"
content-encoding: gzip
expires: Thu, 01 Dec 2022 04:47:15 GMT
cache-control: max-age=86400
access-control-allow-origin: *
X-Firefox-Spdy: h2
static-ss.xvideos-cdn.com/v3/js/i18n/xvplayer/english.js
69.55.53.170200 OK 1.5 kB URL HTTP/2 static-ss.xvideos-cdn.com/v3/js/i18n/xvplayer/english.js
IP 69.55.53.170:0
ASN #46652 SERVERSTACK-ASN
Hash 2604eb8a30ec599aa8e6216c7f0c594a
0a004adb65402a6ef26d08de4751ae9f7837ea3b
cd3da236a3b03d6331227cc680cf798e7e8bf51323f6c5cde673dd1a4f659d8a
GET /v3/js/i18n/xvplayer/english.js HTTP/1.1
Host: static-ss.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxx.xxxquake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: application/javascript
content-length: 1386
last-modified: Wed, 30 Nov 2022 04:33:41 GMT
vary: Accept-Encoding
etag: "6386dd25-56a"
content-encoding: gzip
expires: Thu, 01 Dec 2022 04:47:15 GMT
cache-control: max-age=86400
access-control-allow-origin: *
X-Firefox-Spdy: h2
xxx.xxxquake.com/xvembed2/66184303
188.114.96.1200 OK 15 kB URL HTTP/2 xxx.xxxquake.com/xvembed2/66184303
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (21438)
Hash bbfbacb42e6fb73d44ab6dcf7a59058b
bdcf8d28d06d443d8e53960b3441207c2bd3333f
10d09d11350fe153ba506229429982321fa4c68bf4e9b5ca491a80890a862040
GET /xvembed2/66184303 HTTP/1.1
Host: xxx.xxxquake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxx.xxxquake.com/xvembed/66184303
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 04:47:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0SZbnXR5r5Jlfp03cmVNpUrGBMpbWNTIUs5b7V8urzSYK6CHefisI%2Be4dVqZKk95z3vcJFkVPmXVxmo3dGnllUCKZNxD%2FzHCePAOwIWig6uPFr%2BcfFxyRwKFEYnGM%2FSfazv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720f1a7bcf20af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-ss.xvideos-cdn.com/v-484df32ef07/v3/css/default/embed.css
69.55.53.170200 OK 1.5 kB URL HTTP/2 static-ss.xvideos-cdn.com/v-484df32ef07/v3/css/default/embed.css
IP 69.55.53.170:0
ASN #46652 SERVERSTACK-ASN
File type ASCII text, with very long lines (3961)
Hash 1612bedd5a93c4c396039427fa809ac8
accf380156d4461edfafd094c476ef3f5c07fe30
4d12f70ab44d8c5aa7b1693960cb47788563e98a1af359ff52c28d055c2b8c6f
GET /v-484df32ef07/v3/css/default/embed.css HTTP/1.1
Host: static-ss.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxx.xxxquake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: text/css
content-length: 1464
last-modified: Tue, 29 Nov 2022 14:17:26 GMT
vary: Accept-Encoding
etag: "63861476-5b8"
content-encoding: gzip
expires: Thu, 01 Dec 2022 04:47:15 GMT
cache-control: max-age=86400
access-control-allow-origin: *
X-Firefox-Spdy: h2
static-ss.xvideos-cdn.com/v-7d7c14d25e1/v3/img/player/fakeplayer-icon-play.png
69.55.53.170200 OK 4.7 kB URL HTTP/2 static-ss.xvideos-cdn.com/v-7d7c14d25e1/v3/img/player/fakeplayer-icon-play.png
IP 69.55.53.170:0
ASN #46652 SERVERSTACK-ASN
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash cbc426c51d679f3fad9bb71763f2b7f4
9c80ce26c375b320f9102886cc43f06c4b3ddcde
11e3c9a5d2b7bd5ff40eb2f49f6cb345d8275e144fb67a5155c539a14b74db43
GET /v-7d7c14d25e1/v3/img/player/fakeplayer-icon-play.png HTTP/1.1
Host: static-ss.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxx.xxxquake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/png
content-length: 4688
last-modified: Wed, 18 Nov 2020 22:15:36 GMT
etag: "5fb59d08-1250"
expires: Thu, 01 Dec 2022 04:47:15 GMT
cache-control: max-age=86400
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn77-pic.xvideos-cdn.com/videos/thumbs169lll/4d/a7/91/4da79195cdcd3f6e9518cfbaeb26a1b1/4da79195cdcd3f6e9518cfbaeb26a1b1.15.jpg
195.181.166.12200 OK 47 kB URL HTTP/2 cdn77-pic.xvideos-cdn.com/videos/thumbs169lll/4d/a7/91/4da79195cdcd3f6e9518cfbaeb26a1b1/4da79195cdcd3f6e9518cfbaeb26a1b1.15.jpg
IP 195.181.166.12:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 600x337, components 3\012- data
Hash a0bb2386f139ca87cb1ab6f015699131
47c33cd9e278b499a69b730d9d8ec16280472bea
638b9a54d3c318646680ccf6e727d257ef0481ff1c9fd47c050c519894c374d3
GET /videos/thumbs169lll/4d/a7/91/4da79195cdcd3f6e9518cfbaeb26a1b1/4da79195cdcd3f6e9518cfbaeb26a1b1.15.jpg HTTP/1.1
Host: cdn77-pic.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxx.xxxquake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 47071
x-frame-options: sameorigin
last-modified: Fri, 29 Oct 2021 12:55:38 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-accel-expires: @1674135253
x-77-nzt: A8O1pgrnfRuh1GY4FRRGMP+7UFsAj/Q6yESJgP/DfAAA
x-77-cache: HIT
x-77-nzt-ray: Ul+z6MI5BVI
x-age-lb: 5984443
server: CDN77-Turbo
x-cache-lb: HIT, MISS
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e4744053ab86a0cc9aeba533de294fa2
3ad41c8f2216d8976ee9e86b461e70a0c45fc474
10c0e138cd634b4da89241719bd6903f106b29171a0775b433792e8915a0c6f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1518
Cache-Control: max-age=92377
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:15 GMT
Etag: "6385a03e-117"
Expires: Thu, 01 Dec 2022 06:26:52 GMT
Last-Modified: Tue, 29 Nov 2022 06:01:34 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e4744053ab86a0cc9aeba533de294fa2
3ad41c8f2216d8976ee9e86b461e70a0c45fc474
10c0e138cd634b4da89241719bd6903f106b29171a0775b433792e8915a0c6f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1518
Cache-Control: max-age=92377
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:15 GMT
Etag: "6385a03e-117"
Expires: Thu, 01 Dec 2022 06:26:52 GMT
Last-Modified: Tue, 29 Nov 2022 06:01:34 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
img.strpst.com/thumbs/1669783141/72945138
104.18.63.124200 OK 15 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/72945138
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash a3e9a12000a0d6b60d163ca55fb0309d
80cf07667bf3521002e417a6c8829b60c888a57f
bf51497c472d708c8e37548df31462a81e298eae8778829246d1e3543d8eec03
GET /thumbs/1669783141/72945138 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 15409
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=16034, status=webp_bigger
etag: "ed13dc98c9f5d74120fa6317ad3c79e5"
last-modified: Wed, 30 Nov 2022 04:38:38 GMT
cf-cache-status: HIT
age: 170
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8e61c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/33178428
104.18.63.124200 OK 26 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/33178428
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash 1a2b3c496b961acb5a88bdcbb2329812
db7fa8493a6d4608362e871d78192cbfa14d929f
766f30fe0b93f5fdbcb967660307452d7f6b395f6fc88f956b72eda5f7704f42
GET /thumbs/1669783141/33178428 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 25754
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=26978, status=webp_bigger
etag: "9bc4ef0be7c5db5e72d8e3c8a1402f5f"
last-modified: Wed, 30 Nov 2022 04:38:48 GMT
cf-cache-status: HIT
age: 170
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8e81c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/96579061
104.18.63.124200 OK 28 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/96579061
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash 2f36c7d11b5e81332bdae4d3191df4c3
e4657a0bbee57e8e3df1d5f4d1e46dabeadd6ab3
7d44bf8c9d9307fab66099590fa6bc4dc397271cf21e2de88da9d921e43e98d3
GET /thumbs/1669783141/96579061 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 27700
cf-bgj: imgq:100,h2pri
cf-polished: origSize=28889, status=webp_bigger
etag: "7e566ed1eaedeb9f98910bc4596c53c4"
last-modified: Wed, 30 Nov 2022 04:39:51 GMT
cf-cache-status: HIT
age: 218
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8e31c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/71228306
104.18.63.124200 OK 18 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/71228306
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash 603ddc212e02899dae03e3da4b0fb81e
19f30eebf0d82e1f39564c090e243bcb5f487a84
1bed80831b89b00960b4dfdefb042361edce2c24d49cfa4039c1c9b276152527
GET /thumbs/1669783141/71228306 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 17673
cf-bgj: imgq:100,h2pri
cf-polished: origSize=18512, status=webp_bigger
etag: "af854c833e4f6768cfb3579cff0a46ed"
last-modified: Wed, 30 Nov 2022 04:39:00 GMT
cf-cache-status: HIT
age: 417
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8e01c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/85522905
104.18.63.124200 OK 31 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/85522905
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash 22562decb8003cd5b559837149702850
18615ddfbf07c0728e82d22214a547b3202ebf8f
546a9bf0e2d4565a71bf24a6a71628b4e027f5489dc00a23483d65b9ad15ac71
GET /thumbs/1669783141/85522905 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 30707
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=32143, status=webp_bigger
etag: "6f5ec929634cddad3a983e51f4e44a8d"
last-modified: Wed, 30 Nov 2022 04:39:04 GMT
cf-cache-status: HIT
age: 209
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8e11c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/75519683
104.18.63.124200 OK 27 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/75519683
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 788716382e5fb8951ce22f4bf7ec844f
50864278a34082eb0ffe439541e9c06a4ed739a3
b6e857e2eec07161f5c38143193ae3fa20be1fd84e9f8ed0ac73937236357ca7
GET /thumbs/1669783141/75519683 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 27120
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=27798, status=webp_bigger
etag: "256641dc7279e88db4811d2d5a2261a4"
last-modified: Wed, 30 Nov 2022 04:39:36 GMT
cf-cache-status: HIT
age: 192
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8ec1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/84531710
104.18.63.124200 OK 15 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/84531710
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash 2e2eb510a9a4fd3432d4d3c2e36357be
4e128a144d2ec098d75d07c0f44111090ffbddfd
880749ee0cf24151bf4d10a1a0fcb510dbb6c706a7970247b034165513c77247
GET /thumbs/1669783141/84531710 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 15311
cf-bgj: imgq:100,h2pri
cf-polished: origSize=16159, status=webp_bigger
etag: "89a7d4f1be52536ea0c0970028b9aa8c"
last-modified: Wed, 30 Nov 2022 04:39:11 GMT
cf-cache-status: HIT
age: 169
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8ed1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/65858039
104.18.63.124200 OK 41 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/65858039
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 26cbca9512345b8b603291f0075b6bee
02386aa8f7407d779cf9da550d7bd4f973c62aa6
b5e97061ea6ef2e8186e789751247be297cdb8bc76af389788f55ce20a81facf
GET /thumbs/1669783141/65858039 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 41249
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=42637, status=webp_bigger
etag: "9320749c34a34464c98454aab05a276a"
last-modified: Wed, 30 Nov 2022 04:39:18 GMT
cf-cache-status: HIT
age: 213
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8ea1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e4744053ab86a0cc9aeba533de294fa2
3ad41c8f2216d8976ee9e86b461e70a0c45fc474
10c0e138cd634b4da89241719bd6903f106b29171a0775b433792e8915a0c6f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1512
Cache-Control: max-age=92371
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:15 GMT
Etag: "6385a03e-117"
Expires: Thu, 01 Dec 2022 06:26:46 GMT
Last-Modified: Tue, 29 Nov 2022 06:01:34 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e4744053ab86a0cc9aeba533de294fa2
3ad41c8f2216d8976ee9e86b461e70a0c45fc474
10c0e138cd634b4da89241719bd6903f106b29171a0775b433792e8915a0c6f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1515
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:15 GMT
Last-Modified: Wed, 30 Nov 2022 04:22:00 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
img.strpst.com/thumbs/1669783141/26748561
104.18.63.124200 OK 17 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/26748561
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Hash 249603239cdacd20bffa480860c179ed
efc6aaba233e3d006492dca616dc215461f71318
71db525ac2ca519d18f738b1bca7affe20b7bc88f432321d851acf04d812c7aa
GET /thumbs/1669783141/26748561 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 16649
cf-bgj: imgq:100,h2pri
cf-polished: origSize=17422, status=webp_bigger
etag: "54f76fde5b50fb558a3910bc92bff6d4"
last-modified: Wed, 30 Nov 2022 04:18:14 GMT
cf-cache-status: HIT
age: 12
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8e21c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/70739910
104.18.63.124200 OK 60 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/70739910
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash cc76aa812dfb16980d2568d65e675770
ae3b41ed40daf0b82a7ecde1b828604e2b0c6764
070c3d64936dfb9ced47b064fffbb052735eb4ff411823a879e99760f6768b96
GET /thumbs/1669783141/70739910 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 60085
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=62926, status=webp_bigger
etag: "66c3cb257edae3e05b821d4aed26abd8"
last-modified: Wed, 30 Nov 2022 04:39:53 GMT
cf-cache-status: HIT
age: 170
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8e41c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/31215342
104.18.63.124200 OK 13 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/31215342
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash f3afdefc17b8022859797733fe18355d
558bead1218b4674bec5f25dd88e7dc3151eddf1
1de3b66176f20a0d5b7f099db0c18ae50a2115bc515660fa41198f724f4e350b
GET /thumbs/1669783141/31215342 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 12839
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=13575, status=webp_bigger
etag: "073230f0afddd31eeaa5d365ec5e5238"
last-modified: Wed, 30 Nov 2022 04:39:38 GMT
cf-cache-status: HIT
age: 201
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8e51c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/67892069
104.18.63.124200 OK 20 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/67892069
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash 01099afe8afe8beb394ef8ad942cda77
598fdd818907e070d7959ab0ecbf4c043e6585e2
f72e169f438d2456566f45566fff5b28025e75eddb0d707b186afd41ae0fb7be
GET /thumbs/1669783141/67892069 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 19969
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=20946, status=webp_bigger
etag: "c447e329c556f4aa843ba5b7ce95e4c4"
last-modified: Wed, 30 Nov 2022 04:39:23 GMT
cf-cache-status: HIT
age: 204
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8eb1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/45263874
104.18.63.124200 OK 17 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/45263874
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash cdf3ee901fc5ebdb2532574c86cbdeee
41a3cc7b7fc22120d8ff171a21c79d6585273405
85886f6b77ab8c166912c08115698e222c80030317979a3cab197bef41ddde61
GET /thumbs/1669783141/45263874 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 17269
cf-bgj: imgq:100,h2pri
cf-polished: origSize=18193, status=webp_bigger
etag: "c621b5ca33f40f07836555dc7866e78f"
last-modified: Wed, 30 Nov 2022 04:39:41 GMT
cf-cache-status: HIT
age: 169
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8ef1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/19455418
104.18.63.124200 OK 57 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/19455418
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash f38c95d6bc90baed9f4ddade04185b5b
3551c4833a75c72211e7cfbd899cbe0aa463cd2c
2306e7deda2b62a3ef790e17b59faf08f94ee8e6d4fcc34787f27b4d9a3c6d63
GET /thumbs/1669783141/19455418 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 56712
cf-bgj: imgq:100,h2pri
cf-polished: origSize=58976, status=webp_bigger
etag: "50e8124e232ae6970684a142630c0bbe"
last-modified: Wed, 30 Nov 2022 04:39:24 GMT
cf-cache-status: HIT
age: 169
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8ee1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/66615591
104.18.63.124200 OK 80 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/66615591
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash e4984afb5591922241efa4c708fc12a3
5ec2615a0763522e08fe22039af982f30a5ddb40
f84912cd8c54797a03949ea852b7abde91cb9480ad924bfbca14d35d42889ffe
GET /thumbs/1669783141/66615591 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 80416
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=83813, status=webp_bigger
etag: "e0a8d37e359e26045ad47b374395419a"
last-modified: Wed, 30 Nov 2022 04:39:36 GMT
cf-cache-status: HIT
age: 192
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1aca8e91c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/80661866
104.18.63.124200 OK 54 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/80661866
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 4400600727cb9666dff1aa0dac3e9505
946cd47ede02a8ae52cbc8c6f55eb8624adfc494
5f5221c0d1e2612f3cfcbe9ff24a2ce2029e75870d8020bfded482f34831346b
GET /thumbs/1669783141/80661866 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 54075
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=56256, status=webp_bigger
etag: "054994b10209ac9d37571ca6136a1e3a"
last-modified: Wed, 30 Nov 2022 04:39:03 GMT
cf-cache-status: HIT
age: 213
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1acb8f01c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/89106505
104.18.63.124200 OK 73 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/89106505
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 648x360, components 3\012- data
Hash afb927b63e29a41f088a886585843078
d1f825a1d553a6a60fc9233c602ce0ed7968fbbf
16dd01e7131296cf09fffac44ea140369ee625a3be9dd23c1b59237d4cfc130a
GET /thumbs/1669783141/89106505 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 72683
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=76388, status=webp_bigger
etag: "3225de22fd1990982b22f2b9b58d5d08"
last-modified: Wed, 30 Nov 2022 04:40:13 GMT
cf-cache-status: HIT
age: 181
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1acb8f21c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/84946040
104.18.63.124200 OK 33 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/84946040
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 29d30b9d91c038d98db01ae14d620ddb
7560bb877ee5451fe76b7c264c8cb59dbbd9941c
01f675882da2da99618316e1111374b7fc6235b106579e48920feca5fc8c7f68
GET /thumbs/1669783141/84946040 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 32970
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=34297, status=webp_bigger
etag: "18c806e3ca37841e2f6a6782d493357c"
last-modified: Wed, 30 Nov 2022 04:39:42 GMT
cf-cache-status: HIT
age: 204
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1ace8f81c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/2415344
104.18.63.124200 OK 41 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/2415344
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash c40b948d3ef56decd4543fa44d0a398f
2d6af70ffaea1a67b4943eeaad0327f0ec6cb84a
2d001dba7062e2b1c02faaaadc08cecba20cdd2e70462e5b09d696f5ac033781
GET /thumbs/1669783141/2415344 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 41098
cf-bgj: imgq:100,h2pri
cf-polished: origSize=42861, status=webp_bigger
etag: "11358d454e033facb67c9a90188ea27e"
last-modified: Wed, 30 Nov 2022 04:39:40 GMT
cf-cache-status: HIT
age: 361
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1ace8fa1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e4744053ab86a0cc9aeba533de294fa2
3ad41c8f2216d8976ee9e86b461e70a0c45fc474
10c0e138cd634b4da89241719bd6903f106b29171a0775b433792e8915a0c6f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1519
Cache-Control: max-age=92377
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:47:16 GMT
Etag: "6385a03e-117"
Expires: Thu, 01 Dec 2022 06:26:53 GMT
Last-Modified: Tue, 29 Nov 2022 06:01:34 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
img.strpst.com/thumbs/1669783141/21630440
104.18.63.124200 OK 42 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/21630440
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 89e2cfcf71f1461904583734f6b56212
28fa34fa0557544689be452dd48691aec14aeb78
3e92e13e413821e0b13802f325f4666bf97b2a7045b7150b88034f4a7e970cef
GET /thumbs/1669783141/21630440 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: image/jpeg
content-length: 42245
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=44409, status=webp_bigger
etag: "a182d5286176ee844bb57f8c9eb955dc"
last-modified: Wed, 30 Nov 2022 04:39:59 GMT
cf-cache-status: HIT
age: 192
expires: Wed, 30 Nov 2022 04:48:15 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1acf8fd1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/90455810
104.18.63.124200 OK 55 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/90455810
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash c39c70f5160408cf2b2151de6b4ec97b
79993c702296b53b3cb5fca650838733d96032fa
1d5bc0524cff89f165af18d081f330d0b5bd2f0c2a52d177543878b4815a02f1
GET /thumbs/1669783141/90455810 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:16 GMT
content-type: image/jpeg
content-length: 54978
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=56454, status=webp_bigger
etag: "073f6cec8e7fbfc3ad8da4864ed0923c"
last-modified: Wed, 30 Nov 2022 04:38:51 GMT
cf-cache-status: HIT
age: 218
expires: Wed, 30 Nov 2022 04:48:16 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1acf8fe1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/21499060
104.18.63.124200 OK 16 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/21499060
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Hash 5a86156cc4db5a294a4d7ffbbf4f78c9
0b83e786120093966b4c2ccdf6ff4896bda750f3
27beb4f105327561227ff131b0f3096c33398999eb88c15a80bf2c205f993912
GET /thumbs/1669783141/21499060 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:16 GMT
content-type: image/jpeg
content-length: 15870
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=16436, status=webp_bigger
etag: "ea58a89567205537cf7602a017c58ce7"
last-modified: Wed, 30 Nov 2022 04:39:11 GMT
cf-cache-status: HIT
age: 174
expires: Wed, 30 Nov 2022 04:48:16 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1acf8ff1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/86249010
104.18.63.124200 OK 37 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/86249010
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 5277ed46b16e8ec6722f3a780d916b8b
d904df9b5b8871bfdc43b096ff3bf36cfbb3197a
c0becb08ce54fa4a34ac10e3b868be098ada577f6c9c16e44387a57c312e45b9
GET /thumbs/1669783141/86249010 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:16 GMT
content-type: image/jpeg
content-length: 36987
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=38295, status=webp_bigger
etag: "ec2e1c73ef44c85865c760fd65f6cdae"
last-modified: Wed, 30 Nov 2022 04:39:09 GMT
cf-cache-status: HIT
age: 225
expires: Wed, 30 Nov 2022 04:48:16 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1ad09011c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1669783141/42432847
104.18.63.124200 OK 54 kB URL HTTP/2 img.strpst.com/thumbs/1669783141/42432847
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 7996d2adea2dee8ef1f0c9f8e2a0f2b2
15c549adde2ebd8d258af26073b1493e7f8d0069
f322369d25c0eafa184e07995551d0937c1491c3ec43b816951c68119ff5df89
GET /thumbs/1669783141/42432847 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:47:16 GMT
content-type: image/jpeg
content-length: 53540
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=55179, status=webp_bigger
etag: "a94d27753b419ff045be0e910791eaef"
last-modified: Wed, 30 Nov 2022 04:39:17 GMT
cf-cache-status: HIT
age: 235
expires: Wed, 30 Nov 2022 04:48:16 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720f1acf9001c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8942
Expires: Wed, 30 Nov 2022 07:16:18 GMT
Date: Wed, 30 Nov 2022 04:47:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8942
Expires: Wed, 30 Nov 2022 07:16:18 GMT
Date: Wed, 30 Nov 2022 04:47:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8942
Expires: Wed, 30 Nov 2022 07:16:18 GMT
Date: Wed, 30 Nov 2022 04:47:16 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13025
Expires: Wed, 30 Nov 2022 08:24:21 GMT
Date: Wed, 30 Nov 2022 04:47:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c14828912decf19c9d95fee93e92f00
49a82390cbf2139bf681d896f9467ab736e0b337
bbafc9bd160a30c6a31954bdf66655e1decc59dead3bb94c6fa21cad1cd56fe3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11466
x-amzn-requestid: 40ae63d3-397e-4118-90b2-d48b1f4014c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHUxIAMFxWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-2b309a0a5e93f68312a26fa1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: s1eFJ0mtTFv3DFwwZ52JWOCDJWFA9IRiJ54L0JSkxzxFLnFIgts2CA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:35 GMT
etag: "49a82390cbf2139bf681d896f9467ab736e0b337"
content-type: image/jpeg
age: 25361
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cb669522a324cd5d9ba1b1743138d38
71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0
a997731964710b80affb001f7f2e2f05a93550b06c1626279516d78b11332803
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8337
x-amzn-requestid: 88e6ec5a-6b04-4787-91e4-02f316d0d6e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgYHViIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-10f0d81a09c0ae930f6be726;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8XATm-S2y3wzXWzJxgof2GIbXx_7WzuEMKrhI5By_tGaB8EiYeGkLg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:59:07 GMT
age: 24489
etag: "71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 777ce44582c70bf01a31da4cab366f36
57e1d34f146d5ccd9943aa97bcc3158f7103bb07
fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e4GuUolL0WIMXvnF7BZ80j-dMMSILN2gd-1mqFwNns-zCUBsJa8iHQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:43:04 GMT
age: 25452
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8af12b89-c1a0-4a2a-aa29-cd6dea02f435.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8af12b89-c1a0-4a2a-aa29-cd6dea02f435.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd563ab005d968185c8d000e38b88c2
268e6202466941e612ff503835de9091ef4d5b38
272c867dcc37d97f8682e8f3aa11a567a401b4d4d78e890b0eb94a3c77ea5000
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8af12b89-c1a0-4a2a-aa29-cd6dea02f435.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8288
x-amzn-requestid: 8b48ce45-1c30-4ea3-8cef-bf3b2e7f106f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEgFcUIAMFkSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1c-20e896a62338c6dc45c1ca2a;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:08 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0bNBjOUnEjVgDrhXO2wYnfemT_030w9kk747Zk9-DTeI0UB-lV073g==
via: 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:26 GMT
age: 25370
etag: "268e6202466941e612ff503835de9091ef4d5b38"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fb14804c284e300f976848e30396e9c
6004b4b7afd22dded903f026d245bc90a6706767
1cf96b0b6c83f182d018fa4ffb9924038bf282755091e7bacff2a624220260d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13195
x-amzn-requestid: 1303b72c-fe18-46a3-b3c1-06f3b8550d90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvHW6oAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1b3dbbb005a238117076d1f3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pw2Wm8mI8MxRAOVsdvvWLEuxPN5ffcgWBZ_KecuuS5stoTHF4hxECg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:49 GMT
age: 25347
etag: "6004b4b7afd22dded903f026d245bc90a6706767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74cbd5b-36b7-497f-97d1-4e7073a47375.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74cbd5b-36b7-497f-97d1-4e7073a47375.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b96b63164d7dc37268951510afb359f
5991d60e238558f9fe4e1759fe18dde628cb7be4
cd7a88b3173bae9ad466d41b9ae9a2ed9e18157660697f1f1b070043194c3db4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74cbd5b-36b7-497f-97d1-4e7073a47375.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4706
x-amzn-requestid: ce0b287a-7242-402b-8261-c519a1310309
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhHxETjoAMFcTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bcb-7a69d6d14ad0fd707ede2882;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YOLFLV-a93jrA__gtWEzu2Vz8fpQJgvYGDk5fVsjhKVULRHdnKmfHw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:35 GMT
age: 25361
etag: "5991d60e238558f9fe4e1759fe18dde628cb7be4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cuddlethehyena.com/get/1890409?zoneid=1890409&jp=_cl90my31fjbxinyaysw7zc&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4331555590849201
62.122.171.6200 OK 0 B URL HTTP/2 cuddlethehyena.com/get/1890409?zoneid=1890409&jp=_cl90my31fjbxinyaysw7zc&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4331555590849201
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1890409?zoneid=1890409&jp=_cl90my31fjbxinyaysw7zc&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4331555590849201 HTTP/1.1
Host: cuddlethehyena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:47:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=22112923474bf00b4190d745c7b253441729; Path=/; Expires=Thu, 30 Nov 2023 04:47:15 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cuddlethehyena.com/bultykh/ipp24/7/bazinga/1890409
62.122.171.6200 OK 0 B URL HTTP/2 cuddlethehyena.com/bultykh/ipp24/7/bazinga/1890409
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /bultykh/ipp24/7/bazinga/1890409 HTTP/1.1
Host: cuddlethehyena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://newsexwap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:47:14 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-3416a"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2