94ero.com/videos/700740
104.21.16.154301 Moved Permanently 0 B IP 104.21.16.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /videos/700740 HTTP/1.1
Host: 94ero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 20 Sep 2022 19:38:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 20 Sep 2022 20:38:50 GMT
Location: https://94ero.com/videos/700740
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7aJ%2BplXEBwFjPryldth0nMMbWpgW80u91LJAj8gyIu9sowH606r5HDza1CG1bH1ojf6TgvHenSDHwR96JVGhRJriTVzt8syuEcthCC5hw25myIGgoRVyli6oOo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dd0612af02b509-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 19:03:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZnmtUFKGhQNQUpl4vpPbsGqZxIhXVDTI4-BPVPKwWDjcVlGZ-m6zOQ==
Age: 2143
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3664
Expires: Tue, 20 Sep 2022 20:39:54 GMT
Date: Tue, 20 Sep 2022 19:38:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kDsg3ZHsgLOmIFa6Uc2sx-mimEcgx5K3JZe0PtkqVXC6-j-RxXq-5Q==
age: 54217
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c813d70414016b04df0e6a4939ec9217
da1105e913574b438c3bb0255406966358d32657
364605aaa48ac6925ae5faed69ea73d49afc6842b6f474f96a1b2d2c42b34748
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3271
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:50 GMT
Last-Modified: Tue, 20 Sep 2022 18:44:19 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c813d70414016b04df0e6a4939ec9217
da1105e913574b438c3bb0255406966358d32657
364605aaa48ac6925ae5faed69ea73d49afc6842b6f474f96a1b2d2c42b34748
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3272
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Last-Modified: Tue, 20 Sep 2022 18:44:19 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0a103478642d8967648f98988c7e6419
b39283cc8c8cd4f335f94e15f03ede72698f75de
348b99176d4f4d9f324ce464cf051eac70f03bb6219e54c0b6fbf35efa356443
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c53364cae0510b97de38fb4b3396ff56
d6088b7fe775ebc077d116271fbe7fce898c06f0
2df909d86d97fbb9a27dd94ca9335ea29eae8f9325fccc8d0ef00a4f7cd7cdc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0a103478642d8967648f98988c7e6419
b39283cc8c8cd4f335f94e15f03ede72698f75de
348b99176d4f4d9f324ce464cf051eac70f03bb6219e54c0b6fbf35efa356443
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 556 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 27b68162c75bebb4dacf518c46e974d5
99abc7e3e02891bec5de3dda3cb18a6f865f82bc
93415a1ed398b656767f092c53ca274ad9ae9c8cb0672831fa3c4ab275f994d1
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 20 Sep 2022 19:38:51 GMT
date: Tue, 20 Sep 2022 19:38:51 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32058)
Hash fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 22:01:23 GMT
expires: Mon, 18 Sep 2023 22:01:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 164248
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d.line-scdn.net/r/web/social-plugin/js/thirdparty/loader.min.js
23.38.201.100200 OK 1.6 kB URL HTTP/2 d.line-scdn.net/r/web/social-plugin/js/thirdparty/loader.min.js
IP 23.38.201.100:0
File type ASCII text, with very long lines (4730), with no line terminators
Hash 6ca5861dd247b41429ca943bbe2abc4c
17dfbc93696d0d6e1417e9574598deb8b58c62ac
59b9c01979c2f8e64c01f95534f59759e5df6b0d943bd7d1172c1e943b19ec40
GET /r/web/social-plugin/js/thirdparty/loader.min.js HTTP/1.1
Host: d.line-scdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: VOS
content-type: application/javascript
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:07:56 GMT
x-rgw-object-type: Normal
etag: "8e50c4d0b7f2c69fe4b07b078876770b"
x-amz-meta-s3cmd-attrs: md5:8e50c4d0b7f2c69fe4b07b078876770b
x-amz-storage-class: STANDARD
x-amz-request-id: tx000000000000043f87610-006266f963-f4bef5d-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=494721
expires: Mon, 26 Sep 2022 13:04:12 GMT
date: Tue, 20 Sep 2022 19:38:51 GMT
content-length: 1558
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-53263334-5
142.250.74.72200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-53263334-5
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 9dc284c45df57f7423457ce52bf12997
cb6aed53eaf272aac7c9eed623a300460e919b55
901cf187d090c614159f6fb73e1f95d5857329c08b6286b6e5764175452f2b5c
GET /gtag/js?id=UA-53263334-5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 19:38:51 GMT
expires: Tue, 20 Sep 2022 19:38:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43297
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 7.9 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
Hash 4682747441e4bc6426cd026b7b4b0cbb
5dbf3b9eef82ff4ae693b7f781dd175f1cf558e1
5e6fd7dcec501fab1fc5e4424bee2094cf3b041c93ffc635d84b177ac5d69e2c
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 19:03:22 GMT
Expires: Tue, 20 Sep 2022 19:31:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JeejvsVId8tJOHIMRwVTUzyZnpGihdB-5R0_YiOiLHXFnPzlLcpzew==
Age: 2129
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 28eb8ec3223628bb9ca925634f78f7b4
b44f79aa73ded91d9373ef6a751fd08f23e43e6a
3c443a8e740ca690049988dc76516cf62815b746655ae344d26e6b31a04b812d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 08:27:05 GMT
Expires: Tue, 27 Sep 2022 08:27:04 GMT
Etag: "b44f79aa73ded91d9373ef6a751fd08f23e43e6a"
Cache-Control: max-age=563892,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd0618a9fe0b02-OSL
poweredby.jads.co/js/jads.js
185.94.237.102301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.237.102:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 20 Sep 2022 19:38:51 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://94ero.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 8910
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://94ero.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 06:06:20 GMT
expires: Fri, 15 Sep 2023 06:06:20 GMT
cache-control: public, max-age=31536000
age: 480751
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
avgle.com/embed/57ed717e9c550e05aab2
104.21.45.211200 OK 7.3 kB URL HTTP/2 avgle.com/embed/57ed717e9c550e05aab2
IP 104.21.45.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4306), with CRLF, LF line terminators
Hash 330410a975c66c04d9b4bc2dff191200
fe37154c3eba34da9ad37137006ae77e122bcb78
04099a4b665ede2180915c4c1b854335dfc0a7dd02146200259bf402710b72b4
GET /embed/57ed717e9c550e05aab2 HTTP/1.1
Host: avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.14
set-cookie: AVS=a8b99f2897edb829a7916253874dd51b; path=/
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
cache-control: public, s-maxage=1800
servedby: n2
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqD7TB3O9MgRacyF85hcQSnGL5uoqthhQ9pEby8vf3EnQI88JOOGb4RVrbDKZt5tQMHtaMYM0J%2BNf54aVJBHzn%2FKFwVUm89QICMp1eApwHZ1A%2FwvTXtc5KibEgM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd061a0fedb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
poweredby.jads.co/js/jads2.js
185.94.237.102200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.237.102:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://94ero.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 19:38:52 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
cdnjs.cloudflare.com/ajax/libs/video.js/5.20.3/video-js.min.css
104.17.24.14200 OK 12 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/video.js/5.20.3/video-js.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (39368), with no line terminators
Hash a3d749fa144167d371d6441e2890a1ba
bcb060070f22fea928113286a340fc11cb58790e
e6f570094305dabd55355842c61dd6b851bda2b3c2cf785253a9d7355b4bff25
GET /ajax/libs/video.js/5.20.3/video-js.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: text/css; charset=utf-8
content-length: 12020
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0401e-99c8"
last-modified: Mon, 04 May 2020 16:17:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8988573
expires: Sun, 10 Sep 2023 19:38:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQPBzUmh0v9dnjU6AKNc4acsihXIURb1DGz9ye%2FHecCVfV%2B5r5FuDLO1zCmcd1g0ur8ZhkVoIOh%2BK0FOScXqNzE0eiYs2HXoY2zpdnYO2ZGRu5Ro0P7Naa0fyo2qWYuczZ2v8tBZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd061c2ea6b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/json2/20160511/json2.min.js
104.17.24.14200 OK 1.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/json2/20160511/json2.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (3133)
Hash e97f465dd6f6747af6f7a54a0a6484cd
760d09ec643c3a05f825a7dd3256954df2adf112
e48b1c68cfc013bdc7e11c3a8951554e880c3b1f5cd99e1a9c993d1cbc6a9985
GET /ajax/libs/json2/20160511/json2.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 1235
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec8-c63"
last-modified: Mon, 04 May 2020 16:11:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1567017
expires: Sun, 10 Sep 2023 19:38:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shuUGZT3WifWPm7jk9RtiCxkLotH0ho%2FIhYbNOUTernVtzOTJ0TzwQxaun3tIzLflz7vS6bye9dxLiiX%2BkozD4LvtBcAaZuaLPSOAqGibQ1gGj6LRR%2FvCG2qBPO8kz8egpAUCZ97"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd061c2ebab500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jStorage/0.4.12/jstorage.min.js
104.17.24.14200 OK 2.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jStorage/0.4.12/jstorage.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (542)
Hash ec5adb5acdffd5db6b4e5978a2042874
c5eab3c8eb6a2a214e599d06d3295ddca37dd34c
0308db7a602a1a9819ac538afb08e0c57bea89c1a052521b2055ad385693353b
GET /ajax/libs/jStorage/0.4.12/jstorage.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 2503
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ebe-1e97"
last-modified: Mon, 04 May 2020 16:11:42 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8283392
expires: Sun, 10 Sep 2023 19:38:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cf2gomlcoHbbmT0KPY4RA61AMM9b8ooEnK1aMEW7fC5RXx4%2BKRhR3j0odPUvzr4EsCgRY6GCaMmAhKskYQzEWMysZRSYstu0tTib9tnWD3%2BekWsE80MmuKDczGcVB8upjt88%2BZIf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd061c2eb7b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js
104.17.24.14200 OK 3.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (8830)
Hash 1cf760c79216e6b8559aea791ab5cb8d
62d310bfcfec341609491e28bfebd30e4e0e8d76
15c7460f2f89d5d98674339159442044b921d40ec62e5315d9945cd29edad1ca
GET /ajax/libs/js-sha256/0.9.0/sha256.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 2977
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec6-2339"
last-modified: Mon, 04 May 2020 16:11:50 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1045552
expires: Sun, 10 Sep 2023 19:38:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3i4B7t88o1UMjSOaMMBFqSHYI%2BhCkbuP0ReKSeXIG0Cusd7Rh5olCt30wurySobcs0FWx8P3aK5cPfPqk%2BmqsB4e1X%2FgZV%2Fn01AaHrncBimNb2TXxGYA7%2FTX%2BRn%2B132B98JVnFEn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd061c2ebbb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
104.17.24.14200 OK 30 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32077)
Hash 5e4764d3c94d1a1db8c3d0890278b6d1
e5171f2f46e16d32df5f634ba21e47256fa9689c
5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1046886
expires: Sun, 10 Sep 2023 19:38:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRYFIXe6Ld%2Bk7AwbP8DmHcUXmfk387pe6EXjuE2YvL2okioWi081L1XPhEwx8YXbvGHDc%2BxP3nhc9AQmAIsagP%2BIGTEigfAbQERgFbzwlWbEAOonEAv4LWZOfdItDyJy6drQPVbo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd061c4ed1b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.191.222.112101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.222.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yiA3QVM/RdRE7Ll6PWUjKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Zw5eKmZMYMX02gOHu3VROYucDy4=
social-plugins.line.me/widget/share?url=https%3A%2F%2F94ero.com%2Fline%2F700740&buttonType=share-e&lang=zh_Hant&type=share&id=0&origin=https%3A%2F%2F94ero.com%2Fvideos%2F700740&title=94ERO%20%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188-&env=REAL
23.38.200.34200 OK 801 B URL HTTP/1.1 social-plugins.line.me/widget/share?url=https%3A%2F%2F94ero.com%2Fline%2F700740&buttonType=share-e&lang=zh_Hant&type=share&id=0&origin=https%3A%2F%2F94ero.com%2Fvideos%2F700740&title=94ERO%20%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188-&env=REAL
IP 23.38.200.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 77161a2c0af12df194c72ee696d0e85d
db8717979bdbf341d0119d3eb7658e4ecafc697e
799450eff202e414c3a5ccb6e45fdd2225a18ac5c5287cecca45952c31976736
GET /widget/share?url=https%3A%2F%2F94ero.com%2Fline%2F700740&buttonType=share-e&lang=zh_Hant&type=share&id=0&origin=https%3A%2F%2F94ero.com%2Fvideos%2F700740&title=94ERO%20%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188-&env=REAL HTTP/1.1
Host: social-plugins.line.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Tue, 20 Sep 2022 19:38:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 20 Sep 2022 19:38:52 GMT
Content-Length: 801
Connection: keep-alive
Vary: Accept-Encoding
cdnjs.cloudflare.com/ajax/libs/video.js/5.20.3/video.min.js
104.17.24.14200 OK 44 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/video.js/5.20.3/video.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (31992)
Hash b70521cd3823a72b55763e7e2c4ef079
c1d770e0362719ffd4868dc00f3b79541682ca5d
1624978bcfedc8e577a69444d7ac683254ce520750cad223f639950c83d47ff3
GET /ajax/libs/video.js/5.20.3/video.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 44324
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0401e-3d5fb"
last-modified: Mon, 04 May 2020 16:17:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6044964
expires: Sun, 10 Sep 2023 19:38:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FvEa5uSoZ1oBMvwVqFQmNuUuGFuDVxQbi4Ke8Lwuuke0aDe%2F1d4EQptZuC058QO5i5WuLHocRynAE4tfKQopQFUvimDe8kVZmDHNehqF3owLPCvOVu6jAaeAC5BHJKarSL%2B0Miq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd061cdf9bb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 3.5 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d17eba97e546269b4eac7912dc4497c
6fd229c9b8d83a944779297471ac0ac9110f5d55
f1025f409505acf73c278a3b0e2923215d587f49c5c558ed3cd81a06e10bbb02
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EE069CC1D0B41A955ECFB14EE78D17D71F5CC34A7070D77CC383D67D71E7D5AD"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3791
Expires: Tue, 20 Sep 2022 20:42:03 GMT
Date: Tue, 20 Sep 2022 19:38:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e4cc81fcf0ec8873ae4e138021b4ab1e
fc34f3f602cb239e12d5c0ffa1d0f0f5e5ca4504
7f43a2b6d9f8995ba34670d7503b1d106917602c0657f9b50252cf0c4fc4832f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F43A2B6D9F8995BA34670D7503B1D106917602C0657F9B50252CF0C4FC4832F"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6456
Expires: Tue, 20 Sep 2022 21:26:28 GMT
Date: Tue, 20 Sep 2022 19:38:52 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash f5da03397ce8c044bdf64ca507ff5abc
937a2f88fdc756b9fff5582f9a4475b6423d5a57
04e1b854d6cf5388c283643b66361efbaf6006794ef5f9cadb89c2bd0e70b147
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 24 Sep 2022 16:28:32 GMT
ETag: "937a2f88fdc756b9fff5582f9a4475b6423d5a57"
Last-Modified: Tue, 20 Sep 2022 16:28:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3009
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dd061deba6b4f3-OSL
www.line-website.com/social-plugins/img/common/line_icon_v3.png
23.38.201.100200 OK 906 B URL HTTP/2 www.line-website.com/social-plugins/img/common/line_icon_v3.png
IP 23.38.201.100:0
File type PNG image data, 70 x 70, 8-bit colormap, non-interlaced\012- data
Hash 5b5dbfdf26951c09f907b46805f10b5a
fe16f44110501e5d82aeb2b91ba9c6760108f271
6ba9ecf0a6e418c4c8772d4d2bc546945e156e7d333112410b88bdc04b947423
GET /social-plugins/img/common/line_icon_v3.png HTTP/1.1
Host: www.line-website.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: VOS
content-type: image/png
content-length: 906
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:08:00 GMT
x-rgw-object-type: Normal
etag: "5b5dbfdf26951c09f907b46805f10b5a"
x-amz-meta-s3cmd-attrs: md5:5b5dbfdf26951c09f907b46805f10b5a
x-amz-storage-class: STANDARD
x-amz-request-id: tx000000000000066ed51ed-0062a8958d-f4bef5d-jp2
strict-transport-security: max-age=15768000
cache-control: public, max-age=11327843
date: Tue, 20 Sep 2022 19:38:52 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f81ace5cee3832298910dcd21da084ca
d718a8ac73298f2f4cbbb11c9c5e493412cbf426
d98aa96893d704dc88863f254df2acc99482e0ed72d08192b6277699c5682037
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D98AA96893D704DC88863F254DF2ACC99482E0ED72D08192B6277699C5682037"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10887
Expires: Tue, 20 Sep 2022 22:40:19 GMT
Date: Tue, 20 Sep 2022 19:38:52 GMT
Connection: keep-alive
www.line-website.com/social-plugins/css/widget.1.17.0.0.css
23.38.201.100200 OK 2.2 kB URL HTTP/2 www.line-website.com/social-plugins/css/widget.1.17.0.0.css
IP 23.38.201.100:0
File type Unicode text, UTF-8 text, with very long lines (8338), with no line terminators
Hash 5244ad6ebba20429622947ed6f87cc09
8f9de79bcf2045f053c8f686f5ad31e699e59519
081085d173cc7dff128909b2f6c806ad84982da56309edb77c35485eaa2ce17e
GET /social-plugins/css/widget.1.17.0.0.css HTTP/1.1
Host: www.line-website.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: VOS
content-type: text/css
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:07:58 GMT
x-rgw-object-type: Normal
etag: "0bf065d0cd685dac6d59c469a52b9720"
x-amz-meta-s3cmd-attrs: md5:0bf065d0cd685dac6d59c469a52b9720
x-amz-storage-class: STANDARD
x-amz-request-id: tx00000000000004395aeec-0062661229-f4bc22f-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=10195506
date: Tue, 20 Sep 2022 19:38:52 GMT
content-length: 2245
X-Firefox-Spdy: h2
www.line-website.com/social-plugins/js/widget/button.1.17.0.0.js
23.38.201.100200 OK 11 kB URL HTTP/2 www.line-website.com/social-plugins/js/widget/button.1.17.0.0.js
IP 23.38.201.100:0
Hash 4bd3a990162cf607124b6ff6845a6887
5d48d590269702a15a3449f2a360ebec71f5aa3b
f6f038745f2ece1f790ad32ef056b129cbe20a5cb935990d9f92304dbe57ed6a
GET /social-plugins/js/widget/button.1.17.0.0.js HTTP/1.1
Host: www.line-website.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: VOS
content-type: application/javascript
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:07:57 GMT
x-rgw-object-type: Normal
etag: "ddbc80bdec4dfa544bda15e3f65c4630"
x-amz-meta-s3cmd-attrs: md5:ddbc80bdec4dfa544bda15e3f65c4630
x-amz-storage-class: STANDARD
x-amz-request-id: tx00000000000004398d491-0062661229-f4bc21a-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=182422
date: Tue, 20 Sep 2022 19:38:52 GMT
content-length: 9315
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://avgle.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 40071
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb21/700740/default.jpg
45.133.44.9200 OK 18 kB URL HTTP/2 static-clst.avgle.com/videos/tmb21/700740/default.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash 5f8b6ab7d638f9b788c9eb1c96a52e60
79d8cba7ab5166ccd0d99060fe6da853274185d8
2b7c76ab7bf724ffd348fa28c8e24781c73a8854a94293569b20b65a8f6604df
GET /videos/tmb21/700740/default.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: image/jpeg
content-length: 18054
server: nginx/1.22.0
x-object-meta-mtime: 1662998291.049887173
etag: 5f8b6ab7d638f9b788c9eb1c96a52e60
last-modified: Mon, 12 Sep 2022 15:58:17 GMT
x-timestamp: 1662998296.07501
x-trans-id: tx6500be2111894756a50b0-0063204492
x-openstack-request-id: tx6500be2111894756a50b0-0063204492
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 01 Nov 2022 10:38:52 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 797f8e0dfd59bcbe0d019dac2f3f9d93
b720b8257d471ff85fccb68f43412166f0ea4bb5
ee069cc1d0b41a955ecfb14ee78d17d71f5cc34a7070d77cc383d67d71e7d5ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EE069CC1D0B41A955ECFB14EE78D17D71F5CC34A7070D77CC383D67D71E7D5AD"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3791
Expires: Tue, 20 Sep 2022 20:42:03 GMT
Date: Tue, 20 Sep 2022 19:38:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9405985bfe6aab7c008cf3a305f79b0f
d698b786300ea45e2cd1b9d3fadf2639e71efe5e
28c7a840f64d83b92b41d7255788845fbe83aefbee8acf3d8cb131ffd81f6267
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2448
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:52 GMT
Last-Modified: Tue, 20 Sep 2022 18:58:04 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 20 Sep 2022 18:41:12 GMT
expires: Tue, 20 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 3460
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash 3be40f820dac3fb3b1f86e5107ebd018
41a771393ca947ea40ddea3b66b87b137085583f
7ae47f78815ab6e75d8406507b746480893015a46b4fb670f0f1e7ca7b829597
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 85c505e2787109e82db551b6f6f9d71b
etag: "de0fab03c0a08d81a264506602eaf015"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 20 Sep 2022 19:53:23 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: O+QPgg2sP7Ox+G5RB+vQGA==
x-fb-debug: cuIA2LcbILYfmmzQE4e3oAtdOJgNhgimDRhcnTAXH7+21VONf6r7wjySWgSGbeC51S/viZzum7bN06HGe32cUw==
content-length: 1686
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 19:38:52 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
daisycontroversy.com/67/1d/ba/671dbadbf37814e321f252eac8aa2500.js
192.243.59.20200 OK 24 kB URL HTTP/1.1 daisycontroversy.com/67/1d/ba/671dbadbf37814e321f252eac8aa2500.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash f4b395788f2a4adaf9e80e7e59cc8fd4
448f6bfd964a1126225576f1ce8b95b7a23f15a6
807d7815c25a1c26124380eac2321dadfeda4b253c711bf149fd0323f007eb9f
GET /67/1d/ba/671dbadbf37814e321f252eac8aa2500.js HTTP/1.1
Host: daisycontroversy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 20 Sep 2022 19:38:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 36de1700c6090dffafbd06ae6afa6d66
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 20 kB IP 93.184.220.29:0
Hash 577a3f0e4fe55fa1a6ecfea02acb4ede
f1b8f1494d9ece31b892c44a9aef9ce13e74e117
c8ba9775a7470a2077498e0e889c2c98debd73622c6a0a295f133c56195543ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2448
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:52 GMT
Last-Modified: Tue, 20 Sep 2022 18:58:04 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
region1.google-analytics.com/g/collect?v=2&tid=G-ZLN9EGDKDC>m=2oe9j0&_p=1492102644&cid=779880191.1663702732&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663702732&sct=1&seg=0&dl=https%3A%2F%2F94ero.com%2Fvideos%2F700740&dt=94ERO%20%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 1.5 kB URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-ZLN9EGDKDC>m=2oe9j0&_p=1492102644&cid=779880191.1663702732&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663702732&sct=1&seg=0&dl=https%3A%2F%2F94ero.com%2Fvideos%2F700740&dt=94ERO%20%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash 8faeb8ed8e69c8cc720d99e471cd288d
e137003c0002505f8cdb3ac414a73a0c5604fcca
63df3a98c6630ba0c71278fa731d3bc04a15e7b3b92cd5308b4d201a0052bc91
POST /g/collect?v=2&tid=G-ZLN9EGDKDC>m=2oe9j0&_p=1492102644&cid=779880191.1663702732&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663702732&sct=1&seg=0&dl=https%3A%2F%2F94ero.com%2Fvideos%2F700740&dt=94ERO%20%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://94ero.com
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://94ero.com
date: Tue, 20 Sep 2022 19:38:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d.line-scdn.net/n/_4/torimochi.js/public/v1/release/stable/min/torimochi.js
23.38.201.100200 OK 8.7 kB URL HTTP/2 d.line-scdn.net/n/_4/torimochi.js/public/v1/release/stable/min/torimochi.js
IP 23.38.201.100:0
File type ASCII text, with very long lines (32963), with no line terminators
Hash 926a122b2f2a293991fe1571de214d8c
c7e0a134f2f04237c10d857937c987fb091cbe57
ec6b37e265ba072b9d9bc1688ab36d0087f06fbc57b0da01117aa5641a01424e
GET /n/_4/torimochi.js/public/v1/release/stable/min/torimochi.js HTTP/1.1
Host: d.line-scdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 04 Nov 2020 03:02:38 GMT
server: nginx
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=2130
expires: Tue, 20 Sep 2022 20:14:23 GMT
date: Tue, 20 Sep 2022 19:38:53 GMT
content-length: 8672
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 1.8 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7bf4ca4b1644a414e9b91fe70b10b6d3
bf39d1c8952f2a0d34081e0731982f2a806dd481
ad42183146f25e5267fb978743b9c7d286bc467a136f33946f6541b71fe17e9f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D647FDBBD4238A04D493EDECA66A2B70568B003B578B7EF7F005D3B4200A6242"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5056
Expires: Tue, 20 Sep 2022 21:03:09 GMT
Date: Tue, 20 Sep 2022 19:38:53 GMT
Connection: keep-alive
static-clst.avgle.com/videos/tmb21/681305/1.jpg
45.133.44.9200 OK 11 kB URL HTTP/2 static-clst.avgle.com/videos/tmb21/681305/1.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash 4458382fef2967d651729d3c7c0a7d74
8b607d4fc7bebe5c8146c3974cf12386f3bbd864
fe675b57bcfeb7cd0b239e1d8401634ec61121e6fb8be9938f3472d7a9840a8b
GET /videos/tmb21/681305/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: image/jpeg
content-length: 10623
server: nginx/1.16.1
last-modified: Sun, 17 Jul 2022 07:38:06 GMT
etag: 4458382fef2967d651729d3c7c0a7d74
x-timestamp: 1658043485.50549
x-object-meta-mtime: 1658043474.185231581
x-trans-id: tx537da1870389490da1653-0062d51ede
x-openstack-request-id: tx537da1870389490da1653-0062d51ede
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:53 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb16/524470/1.jpg
45.133.44.9200 OK 13 kB URL HTTP/2 static-clst.avgle.com/videos/tmb16/524470/1.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash 17951bcfbb584cb0b2a68efd2665309b
ab535e5fb6f4e69712a6653980e89d20b984e65d
e697a22d83137dc5df4da3b61ad74ae144d5044077de078b264cc70d8d43345c
GET /videos/tmb16/524470/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: image/jpeg
content-length: 13213
server: nginx/1.16.1
last-modified: Tue, 25 May 2021 17:31:01 GMT
etag: 17951bcfbb584cb0b2a68efd2665309b
x-timestamp: 1621963860.69845
x-object-meta-mtime: 1621963865.761685838
x-trans-id: txd3f01aed229349daa59b1-0062a8c69d
x-openstack-request-id: txd3f01aed229349daa59b1-0062a8c69d
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:53 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb19/638267/1.jpg
45.133.44.9200 OK 14 kB URL HTTP/2 static-clst.avgle.com/videos/tmb19/638267/1.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash c7690f74029f9d6e8ba83e1b06edb33c
388b81ccfdfd55352b6e0ced77afffbdceda6c0e
48ce65704a30f8e486383ba394127415441d2b50fae14f4bb2f15665691f7a80
GET /videos/tmb19/638267/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: image/jpeg
content-length: 13826
server: nginx/1.16.1
x-object-meta-mtime: 1647249954.856923529
last-modified: Mon, 14 Mar 2022 09:26:01 GMT
etag: c7690f74029f9d6e8ba83e1b06edb33c
x-timestamp: 1647249960.14842
x-trans-id: tx6679156bf5ca42d2b214d-0062abd69d
x-openstack-request-id: tx6679156bf5ca42d2b214d-0062abd69d
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:53 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb14/455605/1.jpg
45.133.44.9200 OK 11 kB URL HTTP/2 static-clst.avgle.com/videos/tmb14/455605/1.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash 2396f6a85fe6ca45ebd00ad51f106846
dd651ab3865fcdb4d7849a3e53f0870ec70508fa
9d2623451997fd30287f23bbb50c1a9af94e348cc2003fe04c2827c8d9f26a7d
GET /videos/tmb14/455605/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: image/jpeg
content-length: 11166
server: nginx/1.16.1
last-modified: Mon, 16 Nov 2020 03:32:22 GMT
etag: 2396f6a85fe6ca45ebd00ad51f106846
x-timestamp: 1605497541.37646
x-object-meta-mtime: 1605497542.144506385
x-trans-id: tx60ba8755d2ac4d9c95fb9-0062a8d51d
x-openstack-request-id: tx60ba8755d2ac4d9c95fb9-0062a8d51d
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:53 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb7/234240/1.jpg
45.133.44.9200 OK 42 kB URL HTTP/2 static-clst.avgle.com/videos/tmb7/234240/1.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
Hash 481a6cfd8abbe2db9ae46c191f5feec1
67bd9b37171f3eef378fed0b0bb6230bb14ed58a
69313e2b25be4e4ab1906f32c1debba56da5fea945bba65fddffdab87c3cec06
GET /videos/tmb7/234240/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: image/jpeg
content-length: 40068
server: nginx/1.16.1
last-modified: Fri, 16 Nov 2018 12:25:37 GMT
etag: b00b69c94e554b03ad1473ad3afd1732
x-timestamp: 1542371136.80324
x-object-meta-mtime: 1542371139.996448203
x-trans-id: tx01d14fcdb6c544959107d-0062aa0f43
x-openstack-request-id: tx01d14fcdb6c544959107d-0062aa0f43
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:53 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb6/218829/1.jpg
45.133.44.9200 OK 18 kB URL HTTP/2 static-clst.avgle.com/videos/tmb6/218829/1.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash 1d5fe346c44e948c0893eddae8acf53a
6337c89628ceec6cf163d8a8ef9612544f88e169
a6a79604dca0d694cee6f6d2d771e8ba80a8b43768d8743425e6a1633f180c13
GET /videos/tmb6/218829/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: image/jpeg
content-length: 17957
server: nginx/1.16.1
last-modified: Tue, 09 Oct 2018 07:00:23 GMT
etag: 1d5fe346c44e948c0893eddae8acf53a
x-timestamp: 1539068422.70476
x-object-meta-mtime: 1539068424.367316592
x-trans-id: tx3203c02e902644998d091-0062a8e6ed
x-openstack-request-id: tx3203c02e902644998d091-0062a8e6ed
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:53 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bda3785284005ac7bc717616a5fc822a
19e6478fdfa5f8c34f3c384768cc3485a3c7859b
3dae78f80932a1b97217313fd3c97e709502c0f4323e0126e3dda7776e4aed62
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3DAE78F80932A1B97217313FD3C97E709502C0F4323E0126E3DDA7776E4AED62"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7450
Expires: Tue, 20 Sep 2022 21:43:03 GMT
Date: Tue, 20 Sep 2022 19:38:53 GMT
Connection: keep-alive
static-clst.avgle.com/videos/tmb1/47721/1.jpg
45.133.44.9200 OK 38 kB URL HTTP/2 static-clst.avgle.com/videos/tmb1/47721/1.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 375dc0498594eaef12ea5c027b0ceaa3
715c0fa2a5de4e622c636e704e0f0a99f0ac80bb
d44701d6f6a347735529d3d1bfa1082e2e030eddf4ecc198d9ed5f70ae9f580c
GET /videos/tmb1/47721/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: image/jpeg
content-length: 37965
server: nginx/1.16.1
x-object-meta-mtime: 1492775192.743333333
last-modified: Fri, 18 May 2018 06:36:57 GMT
etag: 375dc0498594eaef12ea5c027b0ceaa3
x-timestamp: 1526625416.89332
x-trans-id: tx4da51f3192444784af2f1-0062b1024a
x-openstack-request-id: tx4da51f3192444784af2f1-0062b1024a
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:53 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb6/222444/1.jpg
45.133.44.9200 OK 38 kB URL HTTP/2 static-clst.avgle.com/videos/tmb6/222444/1.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash c21e0ebdb44bfccfc8746845d2fa499a
b1d1333951dab89ae66b3d3ef657d7233c278591
683ef5936583366244400f334b592538109676c4940574ad1a16275852fed0cd
GET /videos/tmb6/222444/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: image/jpeg
content-length: 38399
server: nginx/1.16.1
last-modified: Fri, 19 Oct 2018 10:21:49 GMT
etag: c21e0ebdb44bfccfc8746845d2fa499a
x-timestamp: 1539944508.62775
x-object-meta-mtime: 1539944511.220043789
x-trans-id: txe02caaaf4abb424d8f6c0-0062a9bb40
x-openstack-request-id: txe02caaaf4abb424d8f6c0-0062a9bb40
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:53 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=675182
185.94.237.102200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=675182
IP 185.94.237.102:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (410), with CRLF, LF line terminators
Hash cb36555947bb411f5f346f92a3c6ab98
825ae7841324c605f30c173329dd70765b000f08
a0436193d0e9694f897db1b0a537300a65e96c344ec347dfe4d77f5c251ab044
GET /adshow.php?adzone=675182 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 19:38:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=978fbc6641fd50e00f154331415fc929; expires=Wed, 20-Sep-2023 19:38:52 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps31629=1; expires=Wed, 21-Sep-2022 19:38:52 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjc1MDExNztpOjE2NjM5NjE5MzI7fQ%3D%3D; expires=Fri, 23-Sep-2022 19:38:52 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 23-Sep-2022 19:38:52 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c07385c50686aadb74ceb7b61dc0584
a3c65ae2e25cc51da72a503fccad276a0cfc1810
d647fdbbd4238a04d493edeca66a2b70568b003b578b7ef7f005d3b4200a6242
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D647FDBBD4238A04D493EDECA66A2B70568B003B578B7EF7F005D3B4200A6242"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5056
Expires: Tue, 20 Sep 2022 21:03:09 GMT
Date: Tue, 20 Sep 2022 19:38:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d1f7ca821a83d4199eddd6b33ed33a2
5c54d3d133a79c3d53aa013b73568fbf53a28ff6
451c35fb3eb5adbe30afb5a9282033e28c444b9ffa27209271e1948e5727e8ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "451C35FB3EB5ADBE30AFB5A9282033E28C444B9FFA27209271E1948E5727E8BA"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5437
Expires: Tue, 20 Sep 2022 21:09:30 GMT
Date: Tue, 20 Sep 2022 19:38:53 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.jads.co/network/user22416/31627-1553293849-0677253001553293849.gif
69.16.175.42200 OK 290 kB URL HTTP/2 i.jads.co/network/user22416/31627-1553293849-0677253001553293849.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 290 kB (290519 bytes)
Hash 77e1cb2ce6818bdaa9759c075301e0df
cba61ddb2d42b3562500898dde33d74522ada7b6
cc1d7a712f3337500c536a752d19bb7995609c4bd84831117d85a01fbf94cecc
GET /network/user22416/31627-1553293849-0677253001553293849.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=978fbc6641fd50e00f154331415fc929; imps31629=1; juicy_data_1=YToxOntpOjc1MDExNztpOjE2NjM5NjE5MzI7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
etag: "1553293849"
cache-control: max-age=21884138
content-length: 290519
content-type: image/gif
last-modified: Fri, 22 Mar 2019 22:30:49 GMT
accept-ranges: bytes
x-hw: 1663702733.dop203.sk1.t,1663702733.cds227.sk1.hn,1663702733.cds232.sk1.c
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53263334-5&cid=779880191.1663702732&jid=708309200&gjid=1241548927&_gid=695406617.1663702733&_u=YADAAUAAAAAAAC~&z=1200735633
142.251.1.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53263334-5&cid=779880191.1663702732&jid=708309200&gjid=1241548927&_gid=695406617.1663702733&_u=YADAAUAAAAAAAC~&z=1200735633
IP 142.251.1.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53263334-5&cid=779880191.1663702732&jid=708309200&gjid=1241548927&_gid=695406617.1663702733&_u=YADAAUAAAAAAAC~&z=1200735633 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://94ero.com
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://94ero.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Sep 2022 19:38:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4fba52f3a5369325ec24f39df01270f8
7941e039a4ac59069e23cfbdc7b03bf1a40f54de
cb623455572dc60364cc94638c7479a8357dcdbf0e3cfc7b801c1a681f40e1ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB623455572DC60364CC94638C7479A8357DCDBF0E3CFC7B801C1A681F40E1EE"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8994
Expires: Tue, 20 Sep 2022 22:08:47 GMT
Date: Tue, 20 Sep 2022 19:38:53 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:34:41 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 118424337
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hm.baidu.com/hm.js?e810e7f85127761c3b5d14c6b42b9ce4
103.235.46.191200 OK 13 kB URL HTTP/1.1 hm.baidu.com/hm.js?e810e7f85127761c3b5d14c6b42b9ce4
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash cf21a392096d7d8b6ab0397653828d63
d4c69bd964085104ea165017d8f938ce57288e7d
3fac41acff9cb8adc8ca42a7e992a3d3d241cf8018d17dc41262988c1f59e25e
GET /hm.js?e810e7f85127761c3b5d14c6b42b9ce4 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Tue, 20 Sep 2022 19:38:53 GMT
Etag: 1ab3998ed5f339fb703834cede9b9ab6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=15C13349A3427EC4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
go.strpjmp.com/i?campaignId=114c61a376af0e4ad32002e9224edc479d0fb30ab4e3ae0988dfb4b60e6dabe2&creativeId=c0012946eb231abe26945e1ec9cb543adcd67f988cfa681b6c1236ecbd1928cd&modelsCountry=&modelsLanguage=&sourceId=4778569&tag=females&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&landing=WidgetV4Universal&autoplay=all
172.67.203.28302 Found 0 B URL HTTP/2 go.strpjmp.com/i?campaignId=114c61a376af0e4ad32002e9224edc479d0fb30ab4e3ae0988dfb4b60e6dabe2&creativeId=c0012946eb231abe26945e1ec9cb543adcd67f988cfa681b6c1236ecbd1928cd&modelsCountry=&modelsLanguage=&sourceId=4778569&tag=females&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&landing=WidgetV4Universal&autoplay=all
IP 172.67.203.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i?campaignId=114c61a376af0e4ad32002e9224edc479d0fb30ab4e3ae0988dfb4b60e6dabe2&creativeId=c0012946eb231abe26945e1ec9cb543adcd67f988cfa681b6c1236ecbd1928cd&modelsCountry=&modelsLanguage=&sourceId=4778569&tag=females&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&landing=WidgetV4Universal&autoplay=all HTTP/1.1
Host: go.strpjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nnteens.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 20 Sep 2022 19:38:53 GMT
content-length: 0
location: https://creative.strpjmp.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&buttonColor=&campaignId=114c61a376af0e4ad32002e9224edc479d0fb30ab4e3ae0988dfb4b60e6dabe2&creativeId=c0012946eb231abe26945e1ec9cb543adcd67f988cfa681b6c1236ecbd1928cd&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=1&showLiveBadge=1&showModelName=1&showTitle=1&sound=off&sourceId=4778569&tag=females&targetDomain=&thumbSizeKey=big&trackOff=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0I7HK3loeWIXEoV4D3n6aXRgmZ6DU2NNOl1A4tItEsaemBVEg%2B196aa2ulcawu2yntQL6kdCh%2FlSNP4%2BVnPhSr%2FhNw0hejD9qQ0ToB1FWNA0eZ91EbW9TrLS2SVcEJlMmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dd0624786bb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6916
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 19:38:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6916
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 19:38:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6916
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 19:38:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c283017ec789693602177a2785177e21
ff8286c4d2cf87a1865d56d082bc5235dba60ad7
520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DwufJXA1yHz_jnJL0PWjCQYF9fa3jlJ0e-2hIomInAXCpmPISX3mjg==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:33 GMT
age: 77780
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 21:50:04 GMT
age: 78529
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:07:05 GMT
age: 77508
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 02:46:17 GMT
age: 60756
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30fbdfee7ec4513a5ff3dfcb7282f816
a852edb64a7220532aa619ab2a440c3a7e11b97a
4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y3urrVdjZEds_DKf3yL2XfaOy-5UPBwU-YVWe5eKYsDpl3JPmqffsw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:23:30 GMT
age: 76523
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zDPKSOJ7SJImKcluUMhGvVMHv4t2oKLD2AJfGKAFSfedsdSA4VgZ_g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:56 GMT
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
age: 77757
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 93e73313482e478ab565123e7330abe4
1dc60ec81e36915856f273c8d032517c75ec38aa
9364402f23c31e0208863be4e9cfcca07aabfe6326488afc19dca2b8cd4ef29a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 24 Sep 2022 18:07:23 GMT
ETag: "1dc60ec81e36915856f273c8d032517c75ec38aa"
Last-Modified: Tue, 20 Sep 2022 18:07:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 707
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dd06254debb4f3-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b592d72b8b6020ca5914c5f905726079
715a0b2810b23cd0eb10b0dbffc1e6df801f2f0c
856d5a3c27b9bb808009bda65b733a9bf70c0ba5868f50154c9765841c16f247
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "856D5A3C27B9BB808009BDA65B733A9BF70C0BA5868F50154C9765841C16F247"
Last-Modified: Mon, 19 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4015
Expires: Tue, 20 Sep 2022 20:45:48 GMT
Date: Tue, 20 Sep 2022 19:38:53 GMT
Connection: keep-alive
poweredby.jads.co/adshow.php?adzone=853015
185.94.237.102200 OK 1.6 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=853015
IP 185.94.237.102:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394), with CRLF, LF line terminators
Hash b4d0130aff3a08fac3692826e1f4fd58
8fd40e938efe837f4ef55d92d0239bc71a7e8f8f
9b8723579f25019e6ce06bcd4e4f8edd5a2237c638c81768e69e4d76acd81e81
GET /adshow.php?adzone=853015 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 19:38:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=978fbc6641fd50e00f154331415fc929; expires=Wed, 20-Sep-2023 19:38:52 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps161=1; expires=Wed, 21-Sep-2022 19:38:52 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjExOTY3MzA7aToxNjYzOTYxOTMyO30%3D; expires=Fri, 23-Sep-2022 19:38:52 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 23-Sep-2022 19:38:52 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
video.ktkjmp.com/adsbygoogle.js
104.18.42.40200 OK 16 B URL HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP 104.18.42.40:0
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.strpjmp.com/
Origin: https://creative.strpjmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: c47UasJhsDR4AgkVahPH+44iy4nxKNdq6o0IM6PdzxUs/b4Kvi2BSxg2E7b43eLXemucC9tNE0s=
x-amz-request-id: ZN98ZZDJSDAZF99X
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.strpjmp.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 5847
expires: Tue, 20 Sep 2022 23:38:53 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd06264b49b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.jads.co/network/user1037/131-1573234879-0672616001573234879.gif
69.16.175.42200 OK 55 kB URL HTTP/2 i.jads.co/network/user1037/131-1573234879-0672616001573234879.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 160 x 600\012- data
Hash 91ebc432ed4947d05bd7ca13cea1ef9e
a954283710f7ee1c374574164b5f52cd84ba1c76
06b58fb6d42894e3953f5f85fc9aa296e5dc774a1e272481f54a210d0118e1bb
GET /network/user1037/131-1573234879-0672616001573234879.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=978fbc6641fd50e00f154331415fc929; imps31629=1; juicy_data_1=YToxOntpOjExOTY3MzA7aToxNjYzOTYxOTMyO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps161=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
etag: "1573234879"
cache-control: max-age=23523739
content-length: 54567
content-type: image/gif
last-modified: Fri, 08 Nov 2019 17:41:19 GMT
accept-ranges: bytes
x-hw: 1663702733.dop203.sk1.t,1663702733.cds227.sk1.hn,1663702733.cds023.sk1.c
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 673575bc721a6980e47e40def9d3fa7c
cf535b25c6dd5d8226288d188e74ac8b687908b2
61b5d71acafe089221df8c5c20655f284e44923e804f14e3a2c1dd537ba8cd15
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 20 Sep 2022 19:38:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 19 Sep 2022 22:34:25 GMT
Expires: Tue, 20 Sep 2022 22:34:25 GMT
ETag: "cf535b25c6dd5d8226288d188e74ac8b687908b2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=7786200&si=e810e7f85127761c3b5d14c6b42b9ce4&v=1.2.97&lv=1&sn=31224&r=0&ww=1280&ct=!!&u=https%3A%2F%2F94ero.com%2Fvideos%2F700740&tt=94ERO%20%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188-
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=7786200&si=e810e7f85127761c3b5d14c6b42b9ce4&v=1.2.97&lv=1&sn=31224&r=0&ww=1280&ct=!!&u=https%3A%2F%2F94ero.com%2Fvideos%2F700740&tt=94ERO%20%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188-
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=7786200&si=e810e7f85127761c3b5d14c6b42b9ce4&v=1.2.97&lv=1&sn=31224&r=0&ww=1280&ct=!!&u=https%3A%2F%2F94ero.com%2Fvideos%2F700740&tt=94ERO%20%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188- HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 20 Sep 2022 19:38:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9293247DAABBBA2F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
d24ak3f2b.top/advertisers.js
142.0.204.220200 OK 0 B URL HTTP/1.1 d24ak3f2b.top/advertisers.js
IP 142.0.204.220:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: d24ak3f2b.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 19:38:53 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
s4.histats.com/stats/3858761.php?3858761&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188&@n0&@ohttps%3A%2F%2F94ero.com%2F&@q0&@r0&@s1032&@ten-US&@u1280&@b1:36522526&@b3:1663702733&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favgle.com%2Fembed%2F57ed717e9c550e05aab2&@w
192.99.8.27200 OK 123 B URL HTTP/1.1 s4.histats.com/stats/3858761.php?3858761&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188&@n0&@ohttps%3A%2F%2F94ero.com%2F&@q0&@r0&@s1032&@ten-US&@u1280&@b1:36522526&@b3:1663702733&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favgle.com%2Fembed%2F57ed717e9c550e05aab2&@w
IP 192.99.8.27:0
File type ASCII text, with no line terminators
Hash 797dbfff1e74acf17c8a9fc2b710a6ad
df1f294a131b5320057a8e3ccaeedcc5e98c4439
d9cb476ef5bb1ff195f0216489b043eb4b12cc087c7cc35145ed75a5dcef98a9
GET /stats/3858761.php?3858761&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188&@n0&@ohttps%3A%2F%2F94ero.com%2F&@q0&@r0&@s1032&@ten-US&@u1280&@b1:36522526&@b3:1663702733&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favgle.com%2Fembed%2F57ed717e9c550e05aab2&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:53 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 123
Connection: close
s10.histats.com/counters/cc_1032.js
46.105.201.240200 OK 5.6 kB URL HTTP/2 s10.histats.com/counters/cc_1032.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (15441), with no line terminators
Hash 0ec7f2a21cef271e478d52652b3ce8f0
7644885c01d5197c2d8b26cfcdcbeb6d60b3f792
ce0aaf0880f892c04c6e8070b036cbf3822255136e47052eca1f9b712d56e84b
GET /counters/cc_1032.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:37:01 GMT
etag: "-33105628"
last-modified: Thu, 16 Apr 2020 10:44:41 GMT
x-request-id: 926583377
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5573
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b8f20dedeed9f698f952787fefe276bc
9aa06ca05a52e08be19102c8c23b35ae0c65a6b1
c37bb0bf76c2e96df55802f9548192971a59d4cde326ce6b41ea7f496e76e987
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5597
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:54 GMT
Last-Modified: Tue, 20 Sep 2022 18:05:37 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b8f20dedeed9f698f952787fefe276bc
9aa06ca05a52e08be19102c8c23b35ae0c65a6b1
c37bb0bf76c2e96df55802f9548192971a59d4cde326ce6b41ea7f496e76e987
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5597
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:54 GMT
Last-Modified: Tue, 20 Sep 2022 18:05:37 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
img.strpst.com/thumbs/1663702416/87303266
104.16.62.52200 OK 31 kB URL HTTP/2 img.strpst.com/thumbs/1663702416/87303266
IP 104.16.62.52:0
Hash 0bc43a05aa4373b6e9a1ee897218b34c
07679190b87dd0ee195bf754fbb7702f973054c8
1e72c1f74d8512c006c31b267f11b418576d6da2e62949edf487293709c7310b
GET /thumbs/1663702416/87303266 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.strpjmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: image/jpeg
content-length: 31104
cf-bgj: imgq:100,h2pri
cf-polished: origSize=32372, status=webp_bigger
etag: "46934493ce461030bc63127a1c8588e8"
last-modified: Tue, 20 Sep 2022 19:33:50 GMT
cf-cache-status: HIT
age: 202
expires: Tue, 20 Sep 2022 19:43:54 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd06280b8c1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1663702418/87210366
104.16.62.52200 OK 29 kB URL HTTP/2 img.strpst.com/thumbs/1663702418/87210366
IP 104.16.62.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash cc574a31d18d8d77a3c328149de7b616
73276a2ca129da7a16a19651ec550ea31215fdfc
e4d1c436563e0b4ec826a2aa959265d2e2217554385304175a6da5e59d8422bd
GET /thumbs/1663702418/87210366 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.strpjmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: image/jpeg
content-length: 28866
cf-bgj: imgq:100,h2pri
cf-polished: origSize=30471, status=webp_bigger
etag: "28c5dcd6b5d2face14d79b605988ca42"
last-modified: Tue, 20 Sep 2022 19:33:51 GMT
cf-cache-status: HIT
age: 206
expires: Tue, 20 Sep 2022 19:43:54 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd06281b9e1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b8f20dedeed9f698f952787fefe276bc
9aa06ca05a52e08be19102c8c23b35ae0c65a6b1
c37bb0bf76c2e96df55802f9548192971a59d4cde326ce6b41ea7f496e76e987
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5597
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:54 GMT
Last-Modified: Tue, 20 Sep 2022 18:05:37 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
torimochi.line-apps.com/1/req?cid=77aa3788d1007ced&threshold=81&eventType=pageview×tamp=1663702733105&logVersion=1.11.1&productKey=line-social-plugin-real&productVersion=latest&url=https%3A%2F%2Fsocial-plugins.line.me%2Fwidget%2Fshare%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700740%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700740%26title%3D94ERO%2520%25E6%259E%2581%25E5%2593%2581JVID%25E5%25A6%25A9%25E5%25AA%259A%25E6%25B8%2585%25E7%25BA%25AF%25E9%25BD%2590%25E4%25B8%2580%25E8%25BA%25AB%25E6%2596%25B0%25E4%25BA%25BA%25E2%2596%258C%25E9%25BB%259B%25E5%25A8%259C%2520%25E2%2596%258C%25E9%25BB%2591%25E8%2589%25B2%25E8%2595%25BE%25E4%25B8%259D%25E6%2580%25A7%25E6%2584%259F%25E5%2586%2585%25E8%25A1%25A3%2520%25E6%258C%25BA%25E7%25BF%2598%25E7%25BE%258E%25E4%25B9%25B3%25E7%25A8%259A%25E5%25AB%25A9%25E8%25AF%25B1%25E4%25BA%25BA%25E8%25A3%2582%25E7%25BC%259D%2520%25E8%25AF%25B1%25E6%2583%2591%25E5%2596%259C%25E6%25AC%25A2%25E7%259A%2584%25E7%2594%25B7%25E8%2580%2581%25E5%25B8%2588117P1V%2520-%25E7%259C%258B%25E3%2580%2590%25E4%25B8%25BB%25E9%25A1%25B5%25E3%2580%2591%25E8%25BF%259B%25E7%25BE%25A4%25EF%25BC%258C%25E6%2588%2596%25E7%2594%25B5%25E6%258A%25A5%25E8%25BD%25AF%25E4%25BB%25B6%25E6%2590%259C%25E7%25B4%25A2%2520%2540SX99188-%26env%3DREAL&host=social-plugins.line.me&path=ver1-share-e&query=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700740%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700740%26title%3D94ERO%2520%25E6%259E%2581%25E5%2593%2581JVID%25E5%25A6%25A9%25E5%25AA%259A%25E6%25B8%2585%25E7%25BA%25AF%25E9%25BD%2590%25E4%25B8%2580%25E8%25BA%25AB%25E6%2596%25B0%25E4%25BA%25BA%25E2%2596%258C%25E9%25BB%259B%25E5%25A8%259C%2520%25E2%2596%258C%25E9%25BB%2591%25E8%2589%25B2%25E8%2595%25BE%25E4%25B8%259D%25E6%2580%25A7%25E6%2584%259F%25E5%2586%2585%25E8%25A1%25A3%2520%25E6%258C%25BA%25E7%25BF%2598%25E7%25BE%258E%25E4%25B9%25B3%25E7%25A8%259A%25E5%25AB%25A9%25E8%25AF%25B1%25E4%25BA%25BA%25E8%25A3%2582%25E7%25BC%259D%2520%25E8%25AF%25B1%25E6%2583%2591%25E5%2596%259C%25E6%25AC%25A2%25E7%259A%2584%25E7%2594%25B7%25E8%2580%2581%25E5%25B8%2588117P1V%2520-%25E7%259C%258B%25E3%2580%2590%25E4%25B8%25BB%25E9%25A1%25B5%25E3%2580%2591%25E8%25BF%259B%25E7%25BE%25A4%25EF%25BC%258C%25E6%2588%2596%25E7%2594%25B5%25E6%258A%25A5%25E8%25BD%25AF%25E4%25BB%25B6%25E6%2590%259C%25E7%25B4%25A2%2520%2540SX99188-%26env%3DREAL&hash=&referrer=https%3A%2F%2F94ero.com%2F&userId=77aa3788d1007ced&userAttr0=0&sessionId=77aa37884e6ef593&sessionPath=%2Fwidget%2Fshare&sessionQuery=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700740%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700740%26title%3D94ERO%2520%25E6%259E%2581%25E5%2593%2581JVID%25E5%25A6%25A9%25E5%25AA%259A%25E6%25B8%2585%25E7%25BA%25AF%25E9%25BD%2590%25E4%25B8%2580%25E8%25BA%25AB%25E6%2596%25B0%25E4%25BA%25BA%25E2%2596%258C%25E9%25BB%259B%25E5%25A8%259C%2520%25E2%2596%258C%25E9%25BB%2591%25E8%2589%25B2%25E8%2595%25BE%25E4%25B8%259D%25E6%2580%25A7%25E6%2584%259F%25E5%2586%2585%25E8%25A1%25A3%2520%25E6%258C%25BA%25E7%25BF%2598%25E7%25BE%258E%25E4%25B9%25B3%25E7%25A8%259A%25E5%25AB%25A9%25E8%25AF%25B1%25E4%25BA%25BA%25E8%25A3%2582%25E7%25BC%259D%2520%25E8%25AF%25B1%25E6%2583%2591%25E5%2596%259C%25E6%25AC%25A2%25E7%259A%2584%25E7%2594%25B7%25E8%2580%2581%25E5%25B8%2588117P1V%2520-%25E7%259C%258B%25E3%2580%2590%25E4%25B8%25BB%25E9%25A1%25B5%25E3%2580%2591%25E8%25BF%259B%25E7%25BE%25A4%25EF%25BC%258C%25E6%2588%2596%25E7%2594%25B5%25E6%258A%25A5%25E8%25BD%25AF%25E4%25BB%25B6%25E6%2590%259C%25E7%25B4%25A2%2520%2540SX99188-%26env%3DREAL&sessionParams=%7B%7D&sessionTime=1663702733105&sessionDuration=0&touchX=0&touchY=0&scrollX=0&scrollY=0&windowX=0&windowY=0&targets=%5B%5D&content=%7B%22pageview%22%3A%7B%22title%22%3A%22%22%2C%22from%22%3A%22%22%2C%22to%22%3A%22ver1-share-e%22%7D%2C%22extend%22%3A%7B%7D%2C%22aside%22%3A%7B%22dnt%22%3A%22unspecified%22%2C%22safemode%22%3Afalse%2C%22exceptionCount%22%3A0%2C%22cachedId%22%3A%2277aa3788d1007ced%22%2C%22isLiffClient%22%3Afalse%2C%22liffId%22%3Anull%2C%22waitFor%22%3Anull%7D%2C%22libra%22%3A%7B%7D%2C%22tid%22%3Anull%7D
147.92.191.144200 OK 73 kB URL HTTP/1.1 torimochi.line-apps.com/1/req?cid=77aa3788d1007ced&threshold=81&eventType=pageview×tamp=1663702733105&logVersion=1.11.1&productKey=line-social-plugin-real&productVersion=latest&url=https%3A%2F%2Fsocial-plugins.line.me%2Fwidget%2Fshare%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700740%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700740%26title%3D94ERO%2520%25E6%259E%2581%25E5%2593%2581JVID%25E5%25A6%25A9%25E5%25AA%259A%25E6%25B8%2585%25E7%25BA%25AF%25E9%25BD%2590%25E4%25B8%2580%25E8%25BA%25AB%25E6%2596%25B0%25E4%25BA%25BA%25E2%2596%258C%25E9%25BB%259B%25E5%25A8%259C%2520%25E2%2596%258C%25E9%25BB%2591%25E8%2589%25B2%25E8%2595%25BE%25E4%25B8%259D%25E6%2580%25A7%25E6%2584%259F%25E5%2586%2585%25E8%25A1%25A3%2520%25E6%258C%25BA%25E7%25BF%2598%25E7%25BE%258E%25E4%25B9%25B3%25E7%25A8%259A%25E5%25AB%25A9%25E8%25AF%25B1%25E4%25BA%25BA%25E8%25A3%2582%25E7%25BC%259D%2520%25E8%25AF%25B1%25E6%2583%2591%25E5%2596%259C%25E6%25AC%25A2%25E7%259A%2584%25E7%2594%25B7%25E8%2580%2581%25E5%25B8%2588117P1V%2520-%25E7%259C%258B%25E3%2580%2590%25E4%25B8%25BB%25E9%25A1%25B5%25E3%2580%2591%25E8%25BF%259B%25E7%25BE%25A4%25EF%25BC%258C%25E6%2588%2596%25E7%2594%25B5%25E6%258A%25A5%25E8%25BD%25AF%25E4%25BB%25B6%25E6%2590%259C%25E7%25B4%25A2%2520%2540SX99188-%26env%3DREAL&host=social-plugins.line.me&path=ver1-share-e&query=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700740%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700740%26title%3D94ERO%2520%25E6%259E%2581%25E5%2593%2581JVID%25E5%25A6%25A9%25E5%25AA%259A%25E6%25B8%2585%25E7%25BA%25AF%25E9%25BD%2590%25E4%25B8%2580%25E8%25BA%25AB%25E6%2596%25B0%25E4%25BA%25BA%25E2%2596%258C%25E9%25BB%259B%25E5%25A8%259C%2520%25E2%2596%258C%25E9%25BB%2591%25E8%2589%25B2%25E8%2595%25BE%25E4%25B8%259D%25E6%2580%25A7%25E6%2584%259F%25E5%2586%2585%25E8%25A1%25A3%2520%25E6%258C%25BA%25E7%25BF%2598%25E7%25BE%258E%25E4%25B9%25B3%25E7%25A8%259A%25E5%25AB%25A9%25E8%25AF%25B1%25E4%25BA%25BA%25E8%25A3%2582%25E7%25BC%259D%2520%25E8%25AF%25B1%25E6%2583%2591%25E5%2596%259C%25E6%25AC%25A2%25E7%259A%2584%25E7%2594%25B7%25E8%2580%2581%25E5%25B8%2588117P1V%2520-%25E7%259C%258B%25E3%2580%2590%25E4%25B8%25BB%25E9%25A1%25B5%25E3%2580%2591%25E8%25BF%259B%25E7%25BE%25A4%25EF%25BC%258C%25E6%2588%2596%25E7%2594%25B5%25E6%258A%25A5%25E8%25BD%25AF%25E4%25BB%25B6%25E6%2590%259C%25E7%25B4%25A2%2520%2540SX99188-%26env%3DREAL&hash=&referrer=https%3A%2F%2F94ero.com%2F&userId=77aa3788d1007ced&userAttr0=0&sessionId=77aa37884e6ef593&sessionPath=%2Fwidget%2Fshare&sessionQuery=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700740%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700740%26title%3D94ERO%2520%25E6%259E%2581%25E5%2593%2581JVID%25E5%25A6%25A9%25E5%25AA%259A%25E6%25B8%2585%25E7%25BA%25AF%25E9%25BD%2590%25E4%25B8%2580%25E8%25BA%25AB%25E6%2596%25B0%25E4%25BA%25BA%25E2%2596%258C%25E9%25BB%259B%25E5%25A8%259C%2520%25E2%2596%258C%25E9%25BB%2591%25E8%2589%25B2%25E8%2595%25BE%25E4%25B8%259D%25E6%2580%25A7%25E6%2584%259F%25E5%2586%2585%25E8%25A1%25A3%2520%25E6%258C%25BA%25E7%25BF%2598%25E7%25BE%258E%25E4%25B9%25B3%25E7%25A8%259A%25E5%25AB%25A9%25E8%25AF%25B1%25E4%25BA%25BA%25E8%25A3%2582%25E7%25BC%259D%2520%25E8%25AF%25B1%25E6%2583%2591%25E5%2596%259C%25E6%25AC%25A2%25E7%259A%2584%25E7%2594%25B7%25E8%2580%2581%25E5%25B8%2588117P1V%2520-%25E7%259C%258B%25E3%2580%2590%25E4%25B8%25BB%25E9%25A1%25B5%25E3%2580%2591%25E8%25BF%259B%25E7%25BE%25A4%25EF%25BC%258C%25E6%2588%2596%25E7%2594%25B5%25E6%258A%25A5%25E8%25BD%25AF%25E4%25BB%25B6%25E6%2590%259C%25E7%25B4%25A2%2520%2540SX99188-%26env%3DREAL&sessionParams=%7B%7D&sessionTime=1663702733105&sessionDuration=0&touchX=0&touchY=0&scrollX=0&scrollY=0&windowX=0&windowY=0&targets=%5B%5D&content=%7B%22pageview%22%3A%7B%22title%22%3A%22%22%2C%22from%22%3A%22%22%2C%22to%22%3A%22ver1-share-e%22%7D%2C%22extend%22%3A%7B%7D%2C%22aside%22%3A%7B%22dnt%22%3A%22unspecified%22%2C%22safemode%22%3Afalse%2C%22exceptionCount%22%3A0%2C%22cachedId%22%3A%2277aa3788d1007ced%22%2C%22isLiffClient%22%3Afalse%2C%22liffId%22%3Anull%2C%22waitFor%22%3Anull%7D%2C%22libra%22%3A%7B%7D%2C%22tid%22%3Anull%7D
IP 147.92.191.144:0
ASN #38631 LINE Corporation
Hash bcb2c1882d419a82755cd6eff0ac94fc
cf0f7883d56a98dfbacff544616e79eea2925331
9192b69e808ec783d06044cf09d23c09898c835595909402b39f2bb774ba7457
GET /1/req?cid=77aa3788d1007ced&threshold=81&eventType=pageview×tamp=1663702733105&logVersion=1.11.1&productKey=line-social-plugin-real&productVersion=latest&url=https%3A%2F%2Fsocial-plugins.line.me%2Fwidget%2Fshare%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700740%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700740%26title%3D94ERO%2520%25E6%259E%2581%25E5%2593%2581JVID%25E5%25A6%25A9%25E5%25AA%259A%25E6%25B8%2585%25E7%25BA%25AF%25E9%25BD%2590%25E4%25B8%2580%25E8%25BA%25AB%25E6%2596%25B0%25E4%25BA%25BA%25E2%2596%258C%25E9%25BB%259B%25E5%25A8%259C%2520%25E2%2596%258C%25E9%25BB%2591%25E8%2589%25B2%25E8%2595%25BE%25E4%25B8%259D%25E6%2580%25A7%25E6%2584%259F%25E5%2586%2585%25E8%25A1%25A3%2520%25E6%258C%25BA%25E7%25BF%2598%25E7%25BE%258E%25E4%25B9%25B3%25E7%25A8%259A%25E5%25AB%25A9%25E8%25AF%25B1%25E4%25BA%25BA%25E8%25A3%2582%25E7%25BC%259D%2520%25E8%25AF%25B1%25E6%2583%2591%25E5%2596%259C%25E6%25AC%25A2%25E7%259A%2584%25E7%2594%25B7%25E8%2580%2581%25E5%25B8%2588117P1V%2520-%25E7%259C%258B%25E3%2580%2590%25E4%25B8%25BB%25E9%25A1%25B5%25E3%2580%2591%25E8%25BF%259B%25E7%25BE%25A4%25EF%25BC%258C%25E6%2588%2596%25E7%2594%25B5%25E6%258A%25A5%25E8%25BD%25AF%25E4%25BB%25B6%25E6%2590%259C%25E7%25B4%25A2%2520%2540SX99188-%26env%3DREAL&host=social-plugins.line.me&path=ver1-share-e&query=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700740%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700740%26title%3D94ERO%2520%25E6%259E%2581%25E5%2593%2581JVID%25E5%25A6%25A9%25E5%25AA%259A%25E6%25B8%2585%25E7%25BA%25AF%25E9%25BD%2590%25E4%25B8%2580%25E8%25BA%25AB%25E6%2596%25B0%25E4%25BA%25BA%25E2%2596%258C%25E9%25BB%259B%25E5%25A8%259C%2520%25E2%2596%258C%25E9%25BB%2591%25E8%2589%25B2%25E8%2595%25BE%25E4%25B8%259D%25E6%2580%25A7%25E6%2584%259F%25E5%2586%2585%25E8%25A1%25A3%2520%25E6%258C%25BA%25E7%25BF%2598%25E7%25BE%258E%25E4%25B9%25B3%25E7%25A8%259A%25E5%25AB%25A9%25E8%25AF%25B1%25E4%25BA%25BA%25E8%25A3%2582%25E7%25BC%259D%2520%25E8%25AF%25B1%25E6%2583%2591%25E5%2596%259C%25E6%25AC%25A2%25E7%259A%2584%25E7%2594%25B7%25E8%2580%2581%25E5%25B8%2588117P1V%2520-%25E7%259C%258B%25E3%2580%2590%25E4%25B8%25BB%25E9%25A1%25B5%25E3%2580%2591%25E8%25BF%259B%25E7%25BE%25A4%25EF%25BC%258C%25E6%2588%2596%25E7%2594%25B5%25E6%258A%25A5%25E8%25BD%25AF%25E4%25BB%25B6%25E6%2590%259C%25E7%25B4%25A2%2520%2540SX99188-%26env%3DREAL&hash=&referrer=https%3A%2F%2F94ero.com%2F&userId=77aa3788d1007ced&userAttr0=0&sessionId=77aa37884e6ef593&sessionPath=%2Fwidget%2Fshare&sessionQuery=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700740%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700740%26title%3D94ERO%2520%25E6%259E%2581%25E5%2593%2581JVID%25E5%25A6%25A9%25E5%25AA%259A%25E6%25B8%2585%25E7%25BA%25AF%25E9%25BD%2590%25E4%25B8%2580%25E8%25BA%25AB%25E6%2596%25B0%25E4%25BA%25BA%25E2%2596%258C%25E9%25BB%259B%25E5%25A8%259C%2520%25E2%2596%258C%25E9%25BB%2591%25E8%2589%25B2%25E8%2595%25BE%25E4%25B8%259D%25E6%2580%25A7%25E6%2584%259F%25E5%2586%2585%25E8%25A1%25A3%2520%25E6%258C%25BA%25E7%25BF%2598%25E7%25BE%258E%25E4%25B9%25B3%25E7%25A8%259A%25E5%25AB%25A9%25E8%25AF%25B1%25E4%25BA%25BA%25E8%25A3%2582%25E7%25BC%259D%2520%25E8%25AF%25B1%25E6%2583%2591%25E5%2596%259C%25E6%25AC%25A2%25E7%259A%2584%25E7%2594%25B7%25E8%2580%2581%25E5%25B8%2588117P1V%2520-%25E7%259C%258B%25E3%2580%2590%25E4%25B8%25BB%25E9%25A1%25B5%25E3%2580%2591%25E8%25BF%259B%25E7%25BE%25A4%25EF%25BC%258C%25E6%2588%2596%25E7%2594%25B5%25E6%258A%25A5%25E8%25BD%25AF%25E4%25BB%25B6%25E6%2590%259C%25E7%25B4%25A2%2520%2540SX99188-%26env%3DREAL&sessionParams=%7B%7D&sessionTime=1663702733105&sessionDuration=0&touchX=0&touchY=0&scrollX=0&scrollY=0&windowX=0&windowY=0&targets=%5B%5D&content=%7B%22pageview%22%3A%7B%22title%22%3A%22%22%2C%22from%22%3A%22%22%2C%22to%22%3A%22ver1-share-e%22%7D%2C%22extend%22%3A%7B%7D%2C%22aside%22%3A%7B%22dnt%22%3A%22unspecified%22%2C%22safemode%22%3Afalse%2C%22exceptionCount%22%3A0%2C%22cachedId%22%3A%2277aa3788d1007ced%22%2C%22isLiffClient%22%3Afalse%2C%22liffId%22%3Anull%2C%22waitFor%22%3Anull%7D%2C%22libra%22%3A%7B%7D%2C%22tid%22%3Anull%7D HTTP/1.1
Host: torimochi.line-apps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 19:38:54 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
banners.cams.com/banners/streamray/live/banner.html?w=160&h=120&tc=FF0000&mc=000000&b=n&d=http%3A%2F%2Fcams.com%2Fp%2Fcams%2Fview.cgi%3Fpid%3Dg741266-pct.subadnium4778569%26stream%3D%7bstream%7d%26action%3Dview&n=1&g=F&c=0&md=any
69.165.107.14200 OK 395 B URL HTTP/1.1 banners.cams.com/banners/streamray/live/banner.html?w=160&h=120&tc=FF0000&mc=000000&b=n&d=http%3A%2F%2Fcams.com%2Fp%2Fcams%2Fview.cgi%3Fpid%3Dg741266-pct.subadnium4778569%26stream%3D%7bstream%7d%26action%3Dview&n=1&g=F&c=0&md=any
IP 69.165.107.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash f39b3c7ce04b702a4b386c3207df9cc5
6be791d03e9cefb520eb082bf2ffd9845b6f67fb
fdeea5e7dcd11fcd818fef43eea076a778a6abfba06576407cda22f598e2ebe1
GET /banners/streamray/live/banner.html?w=160&h=120&tc=FF0000&mc=000000&b=n&d=http%3A%2F%2Fcams.com%2Fp%2Fcams%2Fview.cgi%3Fpid%3Dg741266-pct.subadnium4778569%26stream%3D%7bstream%7d%26action%3Dview&n=1&g=F&c=0&md=any HTTP/1.1
Host: banners.cams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nnteens.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:54 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Wed, 16 May 2018 20:46:41 GMT
ETag: "1cb70-40f-56c58d0e2ce40"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 395
Content-Type: text/html
Age: 0
Via: 1.1 varnish (Varnish/6.0)
Accept-Ranges: bytes
Connection: keep-alive
as.sexad.net/as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=240&adHeight=90&niche=female&fontSize=12&font_color=%23fff&background_color=%2315469e&hn=fap247.com&AFNO=1-37004778569
216.127.52.241200 2.9 kB URL HTTP/1.1 as.sexad.net/as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=240&adHeight=90&niche=female&fontSize=12&font_color=%23fff&background_color=%2315469e&hn=fap247.com&AFNO=1-37004778569
IP 216.127.52.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (303)
Hash c1452aed115196ba2469583f36dcabaf
34e1bb4a602f2fda9662c7d4b2ea1bf199ebf36c
0f7f87514ee882a568e78ad6114035605ecdc2fd54bd384b978862f1346118c9
GET /as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=240&adHeight=90&niche=female&fontSize=12&font_color=%23fff&background_color=%2315469e&hn=fap247.com&AFNO=1-37004778569 HTTP/1.1
Host: as.sexad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nnteens.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx/1.18.0
Date: Tue, 20 Sep 2022 19:38:54 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Access-Control-Allow-Origin: *
Set-Cookie: at11663702734937_0_5106_4398=0001000; expires=Thu, 20-Oct-2022 19:38:54 GMT; Max-Age=2592000; path=/as; secure; SameSite=None
iid=8063-1663702734; expires=Fri, 17-Sep-2032 19:38:54 GMT; Max-Age=315360000; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=731571
185.94.237.102200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=731571
IP 185.94.237.102:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (395), with CRLF, LF line terminators
Hash 8082217c3335505f7512b7af58998509
cf3f8d2be7e830e1bcf9ec3e2a8fdb217d0f933f
9fc1c2b7b26c4d2e60030587d20653ec1271f28c9ca058cd73835a12ce4a0cab
GET /adshow.php?adzone=731571 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 19:38:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=978fbc6641fd50e00f154331415fc929; expires=Wed, 20-Sep-2023 19:38:52 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps9183=1; expires=Wed, 21-Sep-2022 19:38:52 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjI5MDIzMztpOjE2NjM5NjE5MzI7fQ%3D%3D; expires=Fri, 23-Sep-2022 19:38:52 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 23-Sep-2022 19:38:52 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
code.jquery.com/jquery-2.1.3.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-2.1.3.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32180)
Hash de4fdb8e2e5d9b9624bad7ed2b726525
053a31e8e83b261e3863c4f9e652caba910a2b89
f44c9556d0ecebc0716a7fce2899c0b40ed96394bebafb2937f4305bf3b118f3
GET /jquery-2.1.3.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-encoding: gzip
content-length: 29507
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-14960"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663702734.dop010.sk1.t,1663702734.cds067.sk1.hn,1663702734.cds215.sk1.c
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/css/twemoji-sprite-1.css?c4df0605225e
104.16.94.42200 OK 71 kB URL HTTP/2 static-assets.highwebmedia.com/css/twemoji-sprite-1.css?c4df0605225e
IP 104.16.94.42:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ef6bacf08f4a3784ffb9e3ba71ae13e4
ce2b5b2a70a23ae5ddcdf3a758d3e144ba80bf3d
4c5e31dcc142ec1b1466ab14ebd26771c50c922c1283db8ec35b2b132876b320
GET /css/twemoji-sprite-1.css?c4df0605225e HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.810ce50b58bd.css
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=376950
etag: W/"9c39c66b7dfac90cd90aaa51712201a3"
last-modified: Tue, 06 Apr 2021 16:32:47 GMT
x-amz-id-2: KmxF5Xd+Hl+kCHR7ztVH4cMTTpKaYhBCqmB775okde60URUFykMxNAmJtwjNnH2Iz6pE+vJfNYE=
x-amz-meta-s3cmd-attrs: md5:9c39c66b7dfac90cd90aaa51712201a3
x-amz-request-id: B7R6HC27YJN3W8BK
cf-cache-status: HIT
age: 1877053
expires: Thu, 20 Oct 2022 19:38:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3zCqj4L%2FnA%2BLKWO%2Bd4TzbBcFybWc%2BP2aQUU%2FomjxZmGTd2G2z58IwkcNnDXpMj96jfeDjHOZXenZIuyZHgTeE6x3CxFie8aKRpVUGnfmJ8gSmU3aPt9KOIzl%2BLQo0XUaGp1mQ0W1Er9cGN0BNY%2FjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd06291cec1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/css/twemoji-sprite-2.css?d91d0c579235
104.16.94.42200 OK 76 kB URL HTTP/2 static-assets.highwebmedia.com/css/twemoji-sprite-2.css?d91d0c579235
IP 104.16.94.42:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 62ffaf4095a4ad46caf17e55ec1f175e
144cf3ba7cd52a0ac4798b369fc5beabef319f3a
0ad75f3d6c072efc65e6d9f91892a99fdb52a52e835c5612dcaf2390b7a3f120
GET /css/twemoji-sprite-2.css?d91d0c579235 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.810ce50b58bd.css
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=379696
etag: W/"4a6e8913a84e4ba71f941b0d3b2cbbf8"
last-modified: Tue, 06 Apr 2021 16:32:47 GMT
x-amz-id-2: tuVPtbHwQKn5U9zNpz4brDn7zHBq7qr4MMk7FFmnKhmdU8GnhS5pr4dV9D1ZYoevN8n3Lrms0a8=
x-amz-meta-s3cmd-attrs: md5:4a6e8913a84e4ba71f941b0d3b2cbbf8
x-amz-request-id: 2BDNWR2METRH7BP2
cf-cache-status: HIT
age: 485525
expires: Thu, 20 Oct 2022 19:38:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXiWD0kzU8s%2FaqdgN6KcPrXjVGPxwOBFBgs64IWRUjgszE697MORWEdkjEzfsoP20VAiIfaLcLU9Ornyq568WNpyCXjSETRpvO2j33ZTsdOzDJPmEIyOPRpBQDUe%2B2kVNAEwGiXgu2bagbz973k%2FPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd06291cf11bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.jads.co/network/user22416/300x250-1392051358.jpg
69.16.175.42200 OK 30 kB URL HTTP/2 i.jads.co/network/user22416/300x250-1392051358.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 300x250, components 3\012- data
Hash 1c1fbc8e6d4eef72451f4dd0ba063100
b7100d92e3dd6b9aee8700913bb1c5dd91f5bbf0
65dfd5345e9e11d6825f552319a0c5711f90712e2addab7f6b0cf919dda47ccc
GET /network/user22416/300x250-1392051358.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=978fbc6641fd50e00f154331415fc929; imps31629=1; juicy_data_1=YToxOntpOjI5MDIzMztpOjE2NjM5NjE5MzI7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps161=1; imps9183=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
etag: "1456947710"
cache-control: max-age=20670278
content-length: 29810
content-type: image/jpeg
last-modified: Wed, 02 Mar 2016 19:41:50 GMT
accept-ranges: bytes
x-hw: 1663702734.dop203.sk1.t,1663702734.cds227.sk1.hn,1663702734.cds068.sk1.c
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/cams/lib/angular-sanitize_1.5.5.js
192.229.233.220200 OK 8.1 kB URL HTTP/2 secureimage.securedataimages.com/images/cams/lib/angular-sanitize_1.5.5.js
IP 192.229.233.220:0
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c5f6d5f7fb13c7c23d6afb2e925aa126
e82bdb4c55bb5c8a61119a24319a545ce04341b3
a7e34126fcbe7221c3f2f6c46ae38c0f184366f38d664ef6917fe697dd8b5e3d
GET /images/cams/lib/angular-sanitize_1.5.5.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 2091535
cache-control: max-age=2592000
content-type: application/x-javascript
date: Tue, 20 Sep 2022 19:38:54 GMT
etag: "1065c6b-6701-5382de0196e00"
expires: Thu, 20 Oct 2022 19:38:54 GMT
last-modified: Thu, 21 Jul 2016 23:42:48 GMT
server: ECS (ska/F71E)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 31
content-length: 8065
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/cams/flash/swfobject_2.3.min.js
192.229.233.220200 OK 4.0 kB URL HTTP/2 secureimage.securedataimages.com/images/cams/flash/swfobject_2.3.min.js
IP 192.229.233.220:0
File type ASCII text, with very long lines (5044), with CRLF line terminators
Hash 0bb160bec496c18b9f1ba7f433c8b7aa
37b9be937c62583255f0e70b797bf08db1208d1f
051749d6cf86180fedf74ae42ef097cdaa7500d2709442429bc137057c74b0ac
GET /images/cams/flash/swfobject_2.3.min.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 2196434
cache-control: max-age=2592000
content-type: application/x-javascript
date: Tue, 20 Sep 2022 19:38:54 GMT
etag: "1065a3b-2864-5481c5a6e1040"
expires: Thu, 20 Oct 2022 19:38:54 GMT
last-modified: Thu, 09 Feb 2017 17:31:37 GMT
server: ECS (ska/F70F)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 10
content-length: 4046
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/cams/lib/scrollglue.js
192.229.233.220200 OK 1.3 kB URL HTTP/2 secureimage.securedataimages.com/images/cams/lib/scrollglue.js
IP 192.229.233.220:0
Hash dba111765ee2718d06d6ce12401a1b01
badb0fc58960e30575b189dadd527d7542406591
249d77d9a129d742dfae07d3748880ec1dac1845540e3f08bfa3476945b6f154
GET /images/cams/lib/scrollglue.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 2005482
cache-control: max-age=2592000
content-type: application/x-javascript
date: Tue, 20 Sep 2022 19:38:54 GMT
etag: "106843b-1484-54fbf04b6f400"
expires: Thu, 20 Oct 2022 19:38:54 GMT
last-modified: Wed, 17 May 2017 21:32:00 GMT
server: ECS (ska/F711)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 25
content-length: 1301
X-Firefox-Spdy: h2
m.sancdn.net/common/fontawesome-430/font-awesome.min.css
69.16.175.10200 OK 24 kB URL HTTP/1.1 m.sancdn.net/common/fontawesome-430/font-awesome.min.css
IP 69.16.175.10:0
File type ASCII text, with very long lines (23523)
Hash 3738ef90dad175977dc8a695809bb71a
98aa676ba7987caa86d49ab1b71f73896d08ad13
c86f7b62a894d5799f1aa0a535efb34ed6f914447f901f1da50c837dee13fa72
GET /common/fontawesome-430/font-awesome.min.css HTTP/1.1
Host: m.sancdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:54 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 23685
Content-Type: text/css
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1663702734.dop223.sk1.t,1663702734.cds249.sk1.shn,1663702734.cds249.sk1.c
a.medfoodsafety.com/loader?a=4788326&v=2&t=2&s=4778569&p=10777&if=false&url=https%3A%2F%2F94ero.com%2Fvideos%2F700740&title=94ERO%20%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188-
172.64.172.19200 OK 487 B URL HTTP/2 a.medfoodsafety.com/loader?a=4788326&v=2&t=2&s=4778569&p=10777&if=false&url=https%3A%2F%2F94ero.com%2Fvideos%2F700740&title=94ERO%20%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188-
IP 172.64.172.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 56d293bf1f21229edc786b868fde6c25
07bcd995b83b8bda89e73feac79e62ddb0f08b19
d1d6a29b92162b132a111dc25033c97e427f50b91284ca60590210feb9f7f1ad
GET /loader?a=4788326&v=2&t=2&s=4778569&p=10777&if=false&url=https%3A%2F%2F94ero.com%2Fvideos%2F700740&title=94ERO%20%E6%9E%81%E5%93%81JVID%E5%A6%A9%E5%AA%9A%E6%B8%85%E7%BA%AF%E9%BD%90%E4%B8%80%E8%BA%AB%E6%96%B0%E4%BA%BA%E2%96%8C%E9%BB%9B%E5%A8%9C%20%E2%96%8C%E9%BB%91%E8%89%B2%E8%95%BE%E4%B8%9D%E6%80%A7%E6%84%9F%E5%86%85%E8%A1%A3%20%E6%8C%BA%E7%BF%98%E7%BE%8E%E4%B9%B3%E7%A8%9A%E5%AB%A9%E8%AF%B1%E4%BA%BA%E8%A3%82%E7%BC%9D%20%E8%AF%B1%E6%83%91%E5%96%9C%E6%AC%A2%E7%9A%84%E7%94%B7%E8%80%81%E5%B8%88117P1V%20-%E7%9C%8B%E3%80%90%E4%B8%BB%E9%A1%B5%E3%80%91%E8%BF%9B%E7%BE%A4%EF%BC%8C%E6%88%96%E7%94%B5%E6%8A%A5%E8%BD%AF%E4%BB%B6%E6%90%9C%E7%B4%A2%20%40SX99188- HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mrG8Gkb%2BEFaZCJKbJoUmreeo68xmQ5dn%2BAwhSmY%2B8cmnuF2pq1t43ASeaR09sN5cestcbSbYikNgBVnXSoDw2re9WgfhGXqE%2BqfE9W8QggVM3bz%2Bz1c4tKqnesHl2rKBYYYkl6y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dd061dc9d37320-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
as.sexad.net/px.gif?stno=3-937-fap247.com-0-5106-0-0-3003-4398-6&p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=240&adHeight=90&niche=female&fontSize=12&font_color=%23fff&background_color=%2315469e&hn=fap247.com&AFNO=1-37004778569&cam=0&adv=0&ctry=NO&lang=en&dev=Other
216.127.52.241200 35 B URL HTTP/1.1 as.sexad.net/px.gif?stno=3-937-fap247.com-0-5106-0-0-3003-4398-6&p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=240&adHeight=90&niche=female&fontSize=12&font_color=%23fff&background_color=%2315469e&hn=fap247.com&AFNO=1-37004778569&cam=0&adv=0&ctry=NO&lang=en&dev=Other
IP 216.127.52.241:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 729c3007a8ed0597531b0c76d54a94bb
90fe9b8a8142548fdfab29f59cb0a164a0eaef81
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
GET /px.gif?stno=3-937-fap247.com-0-5106-0-0-3003-4398-6&p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=240&adHeight=90&niche=female&fontSize=12&font_color=%23fff&background_color=%2315469e&hn=fap247.com&AFNO=1-37004778569&cam=0&adv=0&ctry=NO&lang=en&dev=Other HTTP/1.1
Host: as.sexad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=240&adHeight=90&niche=female&fontSize=12&font_color=%23fff&background_color=%2315469e&hn=fap247.com&AFNO=1-37004778569
Cookie: iid=8063-1663702734
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx/1.18.0
Date: Tue, 20 Sep 2022 19:38:54 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Access-Control-Allow-Origin: *
Set-Cookie: ust=1663702734; expires=Fri, 17-Sep-2032 19:38:54 GMT; Max-Age=315360000; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
r3.o.lencr.org/
23.36.77.32200 OK 17 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 217ee4d7a699f265dbb7ac07309fb8dc
5f10c913d7d0261e7b8fdb64726bd6627cf0945d
b0647aea34b8fbfa61513fd56163346e3f131656f888f8e6f1ae62bf7010601d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FDFCDA146E54FD6A4D53335F27D9F61A055AB2AB294F9B391DC2B0A5BA32B968"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11203
Expires: Tue, 20 Sep 2022 22:45:37 GMT
Date: Tue, 20 Sep 2022 19:38:54 GMT
Connection: keep-alive
static-assets.highwebmedia.com/CACHE/css/output.33f071a5d3ef.css
104.16.94.42200 OK 40 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.33f071a5d3ef.css
IP 104.16.94.42:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 241772ba50b6b5bb5f9976a178351fd9
d6bc3226c77be4b54aabd7e52ee972989a8b10f0
2b0df64fb6e2c625aac8c0409f7735c755451eba21f949f9f994e21a3b9e0b7c
GET /CACHE/css/output.33f071a5d3ef.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=246602
etag: W/"c251d546bbd23367b2eee257f5cbb084"
last-modified: Tue, 20 Sep 2022 01:24:13 GMT
x-amz-id-2: nFiBdeJKBLpbEdvK1UEFNV8aEbquhVRuZpVUqOIPzvv3J+Ax73yi0YG7oND96uUGq7TSjbmPpe8=
x-amz-meta-s3cmd-attrs: md5:c251d546bbd23367b2eee257f5cbb084
x-amz-request-id: J0NGMAVF53DGQAER
cf-cache-status: HIT
age: 65540
expires: Thu, 20 Oct 2022 19:38:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntC9rnW7m7q3%2BUCIyOsRGwSuI0ZbGqxq8h8IAayVK%2ByX5emtn4e2O%2FXxQPN4w97ss82kWCQaH8cWeik%2FfGufUWb4Eecljpy2ocJrMhtLkQdYs6gdx1A6IOxQHmg2d1iSskFwR2H3Uj8ZXCbPt0wiVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=RyKSIMn7TbBCu18Pr.mj4MeMlybMtFpcqkVvAr_8QWg-1663702734218-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74dd0628cc8f1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.09a0bf741d47.js
104.16.94.42200 OK 72 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.09a0bf741d47.js
IP 104.16.94.42:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 990e1cb605cac8c8166de991a1fd4553
bb367478bf773f9d9a391a83a2dcd2b371ebd805
dda55f5ed56de13d62fd7c7bf7d7d30a7f88f97d3bc712f65dd50f569fda23c3
GET /CACHE/js/output.09a0bf741d47.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"bb81bca2482741d6c4dcf148cb33a79d"
last-modified: Wed, 17 Aug 2022 00:26:59 GMT
x-amz-id-2: 3dz298/kgeP1Pq/aBz8wop8Gas15qR9oG1wjU5FgYthy7g6Z9MZpPydhaAydlHaKkHGU8KIJbDw=
x-amz-meta-s3cmd-attrs: md5:bb81bca2482741d6c4dcf148cb33a79d
x-amz-request-id: RGGA1ZRYYYSSRXHH
cf-cache-status: HIT
age: 414520
expires: Thu, 20 Oct 2022 19:38:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uk3qPrs06o%2FRxjbSq0P7KXzbE7C1UhSqfX4WOljSPUHcPDf6O9TiR5YtqA6Vp1k6mVRbwLyUHUFCgr8JpCo%2F20%2B6NoQyR6By86uvBHKDE0Icvet7KBMlwidpxuMpaTXFNXz7nnR5Yrc19RG8zdEYbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=RXk4eKgD4lVoopaWoxsJa5R4dAVLvzpdZ9MJJTotSjI-1663702734222-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74dd0628cc7b1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
chaturbate.com/in/?track=zadnium-728x90-4778569&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1
104.18.101.40302 Found 19 kB URL HTTP/2 chaturbate.com/in/?track=zadnium-728x90-4778569&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1
IP 104.18.101.40:0
File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 1179631f78330d8b2e8918f8f0e2e9fa
743c778104ff0a87f440990ec9f285ed95a515e7
16da4e83dd5e5ebacba638b7ecea526f9d6b856c623f69de7813f9d2ed7220a4
GET /in/?track=zadnium-728x90-4778569&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nnteens.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: text/html; charset=utf-8
location: /topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_dTm0=1; expires=Sun, 25-Sep-2022 19:38:53 GMT; Max-Age=432000; Path=/
us_dTm0=1; Path=/
affkey="eJwdjE0OQDAQRq8is0YRFEsXsHGBqgqRKWlH4ifuLmP5vvfyPUDQBDD2mEAYgMadkVTnW2ZyK/OtRrscGMmsOuskyqWsirLmwLGeiXbfCGEtGWN9rDcULNU0sdbXYBwuq+Ht/89SeD8LuCHV"; Domain=.chaturbate.com; expires=Thu, 20-Oct-2022 19:38:53 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Wed, 21-Sep-2022 01:38:53 GMT; Max-Age=21600; Path=/
stcki="pOtSwZ=0\054FqPd9a=0\0546pduSG=1\054aDBbcK=0"; expires=Thu, 20-Oct-2022 19:38:53 GMT; Max-Age=2592000; Path=/
sbr=sec:sbrde549f9a-d694-4b1e-b783-f0035efe99d2:1oaj53:XW5KfjCTsjuMcqkDJ6bELo5oyJ4; Domain=.chaturbate.com; expires=Sun, 15-Jun-2025 19:38:53 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
__cf_bm=e6rHLeyW_cQfvVWOQ8.LdE7BoRPpctvrNy76erFBF2A-1663702733-0-AcskkrYb9ilqLSSrJgiDOkArsEj+Qc+py2a/V1risr8rj+JBVAHtHbWi/EGjzhuCFc/ths/aPhsYntWqCqjABXk=; path=/; expires=Tue, 20-Sep-22 20:08:53 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74dd06246c4eb4f7-OSL
X-Firefox-Spdy: h2
www.cams.com/images/cams/lib/camslivebanner-1.0.6.js
69.165.103.130302 Found 138 B URL HTTP/2 www.cams.com/images/cams/lib/camslivebanner-1.0.6.js
IP 69.165.103.130:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /images/cams/lib/camslivebanner-1.0.6.js HTTP/1.1
Host: www.cams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 302 Found
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: text/html
content-length: 138
location: https://classic.cams.com/images/cams/lib/camslivebanner-1.0.6.js
x-ingress: PROD
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash f4c9b7ff62fa66a4f516525d8c8ca467
6c113f795d7ca72bacf3c1712d0d6dd2ad86c274
300442f861166c3ba6bdc82beaea50023343d05c1ba38f90450107870e63511b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 19:38:54 GMT
Last-Modified: Tue, 20 Sep 2022 18:03:53 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JJd2pg8izkJ7zj7RKzMtOeesVsBWSrn-ne74zktJGNYwBMTTyP0LyQ==
Age: 5701
simplewebanalysis.com/stats
35.158.153.212200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.158.153.212:0
File type ASCII text, with no line terminators
Hash 7f740ccda4c883b4a181bfc4e030b9a0
0ec100a59f00bc859eae073347842a1e104cc22d
725afba5ea51ee10b6178fe3620a0acb362a791f486e558a5bf3c58371777bb2
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://avgle.com
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:55 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://avgle.com
access-control-allow-credentials: true
set-cookie: uid_id2=47104263-6f1b-41ee-a3bb-ab48c3e0129f:2:1; expires=Fri, 17 Sep 2032 19:38:55 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
m.sancdn.net/common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0
69.16.175.10200 OK 57 kB URL HTTP/1.1 m.sancdn.net/common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0
IP 69.16.175.10:0
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: m.sancdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://as.sexad.net
Connection: keep-alive
Referer: https://m.sancdn.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:55 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 56780
Content-Type: application/octet-stream
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1663702735.dop013.sk1.t,1663702735.cds021.sk1.shn,1663702735.cds021.sk1.c
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.33011335302280453
131.153.88.90200 OK 27 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.33011335302280453
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
Hash a0c57c5d9e5dbdbf18ec4628bdb5af3a
3b49db22a04dbb34f30e74b534c0bafd2bd90a7b
5dc7edf2c2a65ebc4d755069f2b05a0fd1fbfa640c9231d3d832c5b7dab4cea2
GET /stream?room=addamymar&f=0.33011335302280453 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:55 GMT
content-type: image/jpeg
content-length: 18815
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.8063268876186134
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.8063268876186134
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash c8078a8bc02700f84ce50291a65bdfdf
7d87749c50ac95a71fd8956a5d2a1a6a69755811
a1e2f62843f811ec218915610898a11fcd797d91781e7b4744cd8a3187bae889
GET /stream?room=addamymar&f=0.8063268876186134 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:55 GMT
content-type: image/jpeg
content-length: 17165
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.9683764954803581
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.9683764954803581
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 8d67534d8869bbd6ec926d73cb4c58de
8c59822be2bc5c8f27f1172707e4215d6b6bdd32
f25f4dc522cc6d8ce613a4d62b43868e45f73cf735ce08d02c4e0b1aec67a915
GET /stream?room=addamymar&f=0.9683764954803581 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:55 GMT
content-type: image/jpeg
content-length: 17028
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 20 Sep 2022 19:38:56 GMT
via: 1.1 varnish
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 3862
x-timer: S1663702736.004562,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.9945237850861025
131.153.88.90200 OK 18 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.9945237850861025
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
Hash c026ce71d552875998ac836c52e77134
b4515c6f0b2866a47e6ca20bdecdf731adcb0ed6
01e9dc4c211eb9effc0c6c9b4221d996409c28dd1fb3728d389f3db8a541aec9
GET /stream?room=addamymar&f=0.9945237850861025 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:56 GMT
content-type: image/jpeg
content-length: 17317
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
classic.cams.com/images/cams/lib/camslivebanner-1.0.6.js
69.165.105.13200 OK 24 kB URL HTTP/1.1 classic.cams.com/images/cams/lib/camslivebanner-1.0.6.js
IP 69.165.105.13:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (30253), with CRLF, LF line terminators
Hash 0113e89c975a41de2e3077b36979abd3
6e78dad61a577a3cf5fa02565ca5ee713c0efdb0
229d791b6313ef0b056914d68da4f6ec88237b6fc94966b3088d869d8887c751
GET /images/cams/lib/camslivebanner-1.0.6.js HTTP/1.1
Host: classic.cams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://banners.cams.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:55 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Wed, 16 May 2018 20:03:29 GMT
ETag: "1066805-170f7-56c5836690bf6"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-ApacheServer: si112-102.friendfinderinc.com
Content-Length: 23727
Keep-Alive: timeout=5, max=184
Connection: Keep-Alive
Content-Type: application/x-javascript
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.21280003658442692
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.21280003658442692
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 0c20f2f12f18939df4ced35e344c3b0c
2affe79dc1e01e15838144b702ee2aa5cd966e54
66e7b1cf88c8dbe602d26126f2713c910b5277310ffe1f03eddfa361f82ddec6
GET /stream?room=addamymar&f=0.21280003658442692 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:56 GMT
content-type: image/jpeg
content-length: 17238
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b83a6b6b4befc3dde083b82c36d63a58
ee43af38bbdbf69c7f6697aa9edd70b0d1263b2b
177757fc5a4865f99a033f45e5e278d9c88ddc3344e7af940a6a7c0d934f368d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4540
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:56 GMT
Last-Modified: Tue, 20 Sep 2022 18:23:16 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=6950032641862504
54.230.111.8204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=6950032641862504
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /keys/KSKw2g.L36ISg/requestToken?rnd=6950032641862504 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: ably-agent,content-type,x-ably-version
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Content-Length,Accept,Authorization,X-Ably-Version,X-Ably-Lib,X-Ably-ClientId,Ably-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://chaturbate.com
access-control-max-age: 3600
date: Tue, 20 Sep 2022 19:38:56 GMT
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vfpPJtqipbWuecJb2eAXIDaWyRuNc0IjbPqlitArGjnT6uYj_zvv5w==
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.5331970669107546
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.5331970669107546
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 35c7aabdecfaf3dcd2572a6694c484c9
8908f8ea86ffddaf42be06cce2887063c7fa9a67
a5ac9405c364575965ce5f742d0a0812c193ba979663b606419047d01eb6ae4a
GET /stream?room=addamymar&f=0.5331970669107546 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:56 GMT
content-type: image/jpeg
content-length: 16983
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.9b823bb2f723.js
104.16.94.42200 OK 4.9 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.9b823bb2f723.js
IP 104.16.94.42:0
File type ASCII text, with very long lines (7845)
Hash 83c1013396a8d43c953e8f031b06c7e8
0636632047ea2b05900e4c042971156c982bb2e4
a145b644e077fd82becb6f66cae3b9e9a7189877ce7427ecefe7a687d9f97b75
GET /CACHE/js/output.9b823bb2f723.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"1360376b8f5657814f662391b765d655"
last-modified: Tue, 24 May 2022 17:14:17 GMT
x-amz-id-2: KTWJY/HCZAzfCN7zvoTtoCRDkjCDtsx43npe+RSp0Ebo2HF6WHgess4Ct9QL7Zi8XExzaRuhmCw=
x-amz-meta-s3cmd-attrs: md5:1360376b8f5657814f662391b765d655
x-amz-request-id: M1HHWCFNA8C6CV81
cf-cache-status: HIT
age: 1368309
expires: Thu, 20 Oct 2022 19:38:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAiDc2aTC0AaOXz7DJhkoUPxycSIdDJYSxp3xjMCvYwc3lxfPhJos7pbcXeHR4lzoAgh2SmUNTWj7sTDyg4aJ6HYeLq2UnUkQapK3Tn1VLPX%2B%2FNVL3mw24qNWzSYq%2FSeGmMJ6kVFq8Lt3lDRPDY%2F%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=LcVzcSs_IW94.mB34lWJc_bImvMBO..edeNj47CQaeE-1663702734209-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74dd0628cc741bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2633&ck=1&ref=https://chaturbate.com/embed/addamymar/&ap=78&be=682&fe=2213&dc=1311&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1663702733476,%22n%22:0,%22r%22:1,%22re%22:400,%22f%22:400,%22dn%22:400,%22dne%22:400,%22c%22:400,%22s%22:400,%22ce%22:400,%22rq%22:402,%22rp%22:663,%22rpe%22:664,%22dl%22:668,%22di%22:1280,%22ds%22:1311,%22de%22:1319,%22dc%22:2212,%22l%22:2212,%22le%22:2215%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fcp=1667&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFJdUQkHUwdbB1pXBlZXXBh2Yi0TFUMhJTshCU0XAwhRHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlAFVVgMGw4FEUkbGRtGDW5RDhEXRllEWl1YRRRDWwAWBkoACVQXFRMSWE0EPQoAQVwIGRtCCEVcPgYMCQIPVxcDEwJZWBUXEQYCElwbWl4MExVDEAYVFgNKQWZZDkJNQ1hBBwsHTUBLUwBFXE8BDAlBShtXS14WQlwTPQoAQVwbBVxUUgUKWVNOUgIACBgNV1kDFFhXVVxOUVsFDVBXVQoFAwEAQUobR1xXBENcE0BZRgsSTUVKC04eVw8WBgENFRdWVlxOExVDEAYVFgNKQWZcBEVRDgZBXkEhfGEbHUNBQBUKDAo8EFxHSlgOXxtbQFBKVEQVF0xQPlVcFwsAATwAWFhQXRgTA0MtFwwGFBsZG0QAbl0EFAoHBjlNTElUQwsbBQcQDxcJSRcVExRQZg4RPAICC1BZQBNbE3UIDBYcQUobQFhuDkJmFwcRFwoJVxcDE0MdGxQDPAYRCU5GXEM%2BV1gMCw8dQVwbc1BDBFdWGUBPRhYHZldLXhZCXBM9FQERFVBaVxNbEwBXTFNGT0RMVGZCFUNQDwVBXkErVk9QXQ1QFlRMU0RLPggEAhEtWFcUGkMcW1BmAw0KQUNPW1tVSlNPGXJcUgpeFlNSUlRTVwkEGXcIQ1wHDRtLWlAXBRsdQ1ZQFT0ACw4LUEEbC0MIAAABUgACUQ5QCQBDHRsRAxEFDhUbDxtKPRNTDgsNOwwQXEdVUBhtG1tCP0ZSOhsZGW1DRVYUED9GWUZlF11lDAFlQ05DOEEFWFhJUAhWVz1AWUQ/RE1UdkIjbRtNQj9GBw9KVFtdBG5KDhcNAD9EAxVlE1BtG01CP0YOCVtcVVQzVF0IEAYHFzobDxltQ1BMFQ0/Rk9GZRdcXANUXT4UCgAGCWZaV10YbRtbQj9GUjobSBsdQ1RVCAUKBg8DZkZJXQhFZhUHEBAQRAMXGXUSUk8TIFJEJxVaQ0tzUxF9EgEVFiFVGXFKUhdDe1VCLhYvDW1dakMVBRksEC8PNw5qR00EQXxLLQk3DDAUTQMZE00TXA0LBA0BClxqSkENWE0%2BFgYXFxVmW0oTWxMZBQsQBwwQXEdAbhFQXgRCDgsRA2ZZUFoEbkoOEBcBB0YbGRtQAkVQFwc8FxMKUEFmRQRCTRJAWUZDIkpWT0MjAhksEC8PNw5qR00HQRMVQwMAEAoQXGpKQQ1YTT4WBhcXFWZbShNbExkFCxAHDBBcR0BuEVBeBEIOCxEDZllQWgRuSg4QFwEHRhsZG1IAXGYVAwRGWURJQFtdCFIbTUAACw8JS2pUXgVUG1tADw0EDk1YVlUEExVDEAwLDjlKQVhFFEIbW0APDRUDG0hE&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2633&ck=1&ref=https://chaturbate.com/embed/addamymar/&ap=78&be=682&fe=2213&dc=1311&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1663702733476,%22n%22:0,%22r%22:1,%22re%22:400,%22f%22:400,%22dn%22:400,%22dne%22:400,%22c%22:400,%22s%22:400,%22ce%22:400,%22rq%22:402,%22rp%22:663,%22rpe%22:664,%22dl%22:668,%22di%22:1280,%22ds%22:1311,%22de%22:1319,%22dc%22:2212,%22l%22:2212,%22le%22:2215%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fcp=1667&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFJdUQkHUwdbB1pXBlZXXBh2Yi0TFUMhJTshCU0XAwhRHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlAFVVgMGw4FEUkbGRtGDW5RDhEXRllEWl1YRRRDWwAWBkoACVQXFRMSWE0EPQoAQVwIGRtCCEVcPgYMCQIPVxcDEwJZWBUXEQYCElwbWl4MExVDEAYVFgNKQWZZDkJNQ1hBBwsHTUBLUwBFXE8BDAlBShtXS14WQlwTPQoAQVwbBVxUUgUKWVNOUgIACBgNV1kDFFhXVVxOUVsFDVBXVQoFAwEAQUobR1xXBENcE0BZRgsSTUVKC04eVw8WBgENFRdWVlxOExVDEAYVFgNKQWZcBEVRDgZBXkEhfGEbHUNBQBUKDAo8EFxHSlgOXxtbQFBKVEQVF0xQPlVcFwsAATwAWFhQXRgTA0MtFwwGFBsZG0QAbl0EFAoHBjlNTElUQwsbBQcQDxcJSRcVExRQZg4RPAICC1BZQBNbE3UIDBYcQUobQFhuDkJmFwcRFwoJVxcDE0MdGxQDPAYRCU5GXEM%2BV1gMCw8dQVwbc1BDBFdWGUBPRhYHZldLXhZCXBM9FQERFVBaVxNbEwBXTFNGT0RMVGZCFUNQDwVBXkErVk9QXQ1QFlRMU0RLPggEAhEtWFcUGkMcW1BmAw0KQUNPW1tVSlNPGXJcUgpeFlNSUlRTVwkEGXcIQ1wHDRtLWlAXBRsdQ1ZQFT0ACw4LUEEbC0MIAAABUgACUQ5QCQBDHRsRAxEFDhUbDxtKPRNTDgsNOwwQXEdVUBhtG1tCP0ZSOhsZGW1DRVYUED9GWUZlF11lDAFlQ05DOEEFWFhJUAhWVz1AWUQ/RE1UdkIjbRtNQj9GBw9KVFtdBG5KDhcNAD9EAxVlE1BtG01CP0YOCVtcVVQzVF0IEAYHFzobDxltQ1BMFQ0/Rk9GZRdcXANUXT4UCgAGCWZaV10YbRtbQj9GUjobSBsdQ1RVCAUKBg8DZkZJXQhFZhUHEBAQRAMXGXUSUk8TIFJEJxVaQ0tzUxF9EgEVFiFVGXFKUhdDe1VCLhYvDW1dakMVBRksEC8PNw5qR00EQXxLLQk3DDAUTQMZE00TXA0LBA0BClxqSkENWE0%2BFgYXFxVmW0oTWxMZBQsQBwwQXEdAbhFQXgRCDgsRA2ZZUFoEbkoOEBcBB0YbGRtQAkVQFwc8FxMKUEFmRQRCTRJAWUZDIkpWT0MjAhksEC8PNw5qR00HQRMVQwMAEAoQXGpKQQ1YTT4WBhcXFWZbShNbExkFCxAHDBBcR0BuEVBeBEIOCxEDZllQWgRuSg4QFwEHRhsZG1IAXGYVAwRGWURJQFtdCFIbTUAACw8JS2pUXgVUG1tADw0EDk1YVlUEExVDEAwLDjlKQVhFFEIbW0APDRUDG0hE&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2633&ck=1&ref=https://chaturbate.com/embed/addamymar/&ap=78&be=682&fe=2213&dc=1311&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1663702733476,%22n%22:0,%22r%22:1,%22re%22:400,%22f%22:400,%22dn%22:400,%22dne%22:400,%22c%22:400,%22s%22:400,%22ce%22:400,%22rq%22:402,%22rp%22:663,%22rpe%22:664,%22dl%22:668,%22di%22:1280,%22ds%22:1311,%22de%22:1319,%22dc%22:2212,%22l%22:2212,%22le%22:2215%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fcp=1667&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFJdUQkHUwdbB1pXBlZXXBh2Yi0TFUMhJTshCU0XAwhRHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlAFVVgMGw4FEUkbGRtGDW5RDhEXRllEWl1YRRRDWwAWBkoACVQXFRMSWE0EPQoAQVwIGRtCCEVcPgYMCQIPVxcDEwJZWBUXEQYCElwbWl4MExVDEAYVFgNKQWZZDkJNQ1hBBwsHTUBLUwBFXE8BDAlBShtXS14WQlwTPQoAQVwbBVxUUgUKWVNOUgIACBgNV1kDFFhXVVxOUVsFDVBXVQoFAwEAQUobR1xXBENcE0BZRgsSTUVKC04eVw8WBgENFRdWVlxOExVDEAYVFgNKQWZcBEVRDgZBXkEhfGEbHUNBQBUKDAo8EFxHSlgOXxtbQFBKVEQVF0xQPlVcFwsAATwAWFhQXRgTA0MtFwwGFBsZG0QAbl0EFAoHBjlNTElUQwsbBQcQDxcJSRcVExRQZg4RPAICC1BZQBNbE3UIDBYcQUobQFhuDkJmFwcRFwoJVxcDE0MdGxQDPAYRCU5GXEM%2BV1gMCw8dQVwbc1BDBFdWGUBPRhYHZldLXhZCXBM9FQERFVBaVxNbEwBXTFNGT0RMVGZCFUNQDwVBXkErVk9QXQ1QFlRMU0RLPggEAhEtWFcUGkMcW1BmAw0KQUNPW1tVSlNPGXJcUgpeFlNSUlRTVwkEGXcIQ1wHDRtLWlAXBRsdQ1ZQFT0ACw4LUEEbC0MIAAABUgACUQ5QCQBDHRsRAxEFDhUbDxtKPRNTDgsNOwwQXEdVUBhtG1tCP0ZSOhsZGW1DRVYUED9GWUZlF11lDAFlQ05DOEEFWFhJUAhWVz1AWUQ/RE1UdkIjbRtNQj9GBw9KVFtdBG5KDhcNAD9EAxVlE1BtG01CP0YOCVtcVVQzVF0IEAYHFzobDxltQ1BMFQ0/Rk9GZRdcXANUXT4UCgAGCWZaV10YbRtbQj9GUjobSBsdQ1RVCAUKBg8DZkZJXQhFZhUHEBAQRAMXGXUSUk8TIFJEJxVaQ0tzUxF9EgEVFiFVGXFKUhdDe1VCLhYvDW1dakMVBRksEC8PNw5qR00EQXxLLQk3DDAUTQMZE00TXA0LBA0BClxqSkENWE0%2BFgYXFxVmW0oTWxMZBQsQBwwQXEdAbhFQXgRCDgsRA2ZZUFoEbkoOEBcBB0YbGRtQAkVQFwc8FxMKUEFmRQRCTRJAWUZDIkpWT0MjAhksEC8PNw5qR00HQRMVQwMAEAoQXGpKQQ1YTT4WBhcXFWZbShNbExkFCxAHDBBcR0BuEVBeBEIOCxEDZllQWgRuSg4QFwEHRhsZG1IAXGYVAwRGWURJQFtdCFIbTUAACw8JS2pUXgVUG1tADw0EDk1YVlUEExVDEAwLDjlKQVhFFEIbW0APDRUDG0hE&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:56 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74dd0635ae41b4f3-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=4051370276439b46; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=6950032641862504
54.230.111.8201 Created 1.0 kB URL HTTP/2 realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=6950032641862504
IP 54.230.111.8:0
File type JSON data\012- , ASCII text, with very long lines (804)
Hash 8ca7e98351d2075ba329e9cbc8f936cb
6596089006bf95ed8587ed3188243563c8fd4a54
85e8c987ff1024f0ffe19ea05e50b27418af9124599e096cd2a013ec96050639
POST /keys/KSKw2g.L36ISg/requestToken?rnd=6950032641862504 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: application/json
X-Ably-Version: 1.2
Ably-Agent: ably-js/1.2.13 browser
Content-Length: 1039
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
content-length: 1036
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 20 Sep 2022 19:38:56 GMT
vary: Origin
x-ably-serverid: frontend.e81a.1.eu-central-1-A.i-0eeed36a2daf48916.e917d3bDwBG2IE
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aBmgPN2r7DlneZsrouZQA-11SL9PNMCX0mgijp6Ir2SZHAkVHG19oA==
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.781261741980021
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.781261741980021
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 5fb16221e04ba6622a70c4514bd2bd4b
2c6ff614f4bc0c368ae9cefff28c165d1d5097c5
c20ccb9c03994a7e20d46f3c6021f009482fd313ac065eafb269a3c8470ad85b
GET /stream?room=addamymar&f=0.781261741980021 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:56 GMT
content-type: image/jpeg
content-length: 16946
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0a0093dbac56b7a27ab47c1139f554d3
95e5b1eac324639a3d095ac86eb2382e8e2975bb
d6042aa3d1bb277bfd37caf6ea4dd9e068135550839fd1890727ab0d5e7ae8a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6042AA3D1BB277BFD37CAF6EA4DD9E068135550839FD1890727AB0D5E7AE8A8"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8351
Expires: Tue, 20 Sep 2022 21:58:07 GMT
Date: Tue, 20 Sep 2022 19:38:56 GMT
Connection: keep-alive
realtime.pa.highwebmedia.com/comet/connect?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=38988792783947324
54.230.111.8200 OK 572 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/connect?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=38988792783947324
IP 54.230.111.8:0
File type JSON data\012- , ASCII text
Hash 9e7428c332df9a8f455a9dc603af8acd
1bddca81d7db9891e2d234a11f134bec4461b0d5
6efbee96e6c542e83c8048c31d7a3798c793815a322290b28b9d4ed7e1216035
GET /comet/connect?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=38988792783947324 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 572
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 20 Sep 2022 19:38:56 GMT
vary: Origin
x-ably-serverid: frontend.445a.2.eu-central-1-A.i-0d0383fc8bbbdaf57.e91-B60wQBG1dy
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qxfeVU1y9fK3lsqAfAzm5_Wtg5HRs16pCqkc3EOVRTiqSRFSPOi0yg==
X-Firefox-Spdy: h2
bam.nr-data.net/ins/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2971&ck=1&ref=https://chaturbate.com/embed/addamymar/&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFJdUQkHUwdbB1pXBlZXXBh2Yi0TFUMhJTshCU0XAwhRHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlAFVVgMGw4FEUkbGRtGDW5RDhEXRllEWl1YRRRDWwAWBkoACVQXFRMSWE0EPQoAQVwIGRtCCEVcPgYMCQIPVxcDEwJZWBUXEQYCElwbWl4MExVDEAYVFgNKQWZZDkJNQ1hBBwsHTUBLUwBFXE8BDAlBShtXS14WQlwTPQoAQVwbBVxUUgUKWVNOUgIACBgNV1kDFFhXVVxOUVsFDVBXVQoFAwEAQUobR1xXBENcE0BZRgsSTUVKC04eVw8WBgENFRdWVlxOExVDEAYVFgNKQWZcBEVRDgZBXkEhfGEbHUNBQBUKDAo8EFxHSlgOXxtbQFBKVEQVF0xQPlVcFwsAATwAWFhQXRgTA0MtFwwGFBsZG0QAbl0EFAoHBjlNTElUQwsbBQcQDxcJSRcVExRQZg4RPAICC1BZQBNbE3UIDBYcQUobQFhuDkJmFwcRFwoJVxcDE0MdGxQDPAYRCU5GXEM%2BV1gMCw8dQVwbc1BDBFdWGUBPRhYHZldLXhZCXBM9FQERFVBaVxNbEwBXTFNGT0RMVGZCFUNQDwVBXkErVk9QXQ1QFlRMU0RLPggEAhEtWFcUGkMcW1BmAw0KQUNPW1tVSlNPGXJcUgpeFlNSUlRTVwkEGXcIQ1wHDRtLWlAXBRsdQ1ZQFT0ACw4LUEEbC0MIAAABUgACUQ5QCQBDHRsRAxEFDhUbDxtKPRNTDgsNOwwQXEdVUBhtG1tCP0ZSOhsZGW1DRVYUED9GWUZlF11lDAFlQ05DOEEFWFhJUAhWVz1AWUQ/RE1UdkIjbRtNQj9GBw9KVFtdBG5KDhcNAD9EAxVlE1BtG01CP0YOCVtcVVQzVF0IEAYHFzobDxltQ1BMFQ0/Rk9GZRdcXANUXT4UCgAGCWZaV10YbRtbQj9GUjobSBsdQ1RVCAUKBg8DZkZJXQhFZhUHEBAQRAMXGXUSUk8TIFJEJxVaQ0tzUxF9EgEVFiFVGXFKUhdDe1VCLhYvDW1dakMVBRksEC8PNw5qR00EQXxLLQk3DDAUTQMZE00TXA0LBA0BClxqSkENWE0%2BFgYXFxVmW0oTWxMZBQsQBwwQXEdAbhFQXgRCDgsRA2ZZUFoEbkoOEBcBB0YbGRtQAkVQFwc8FxMKUEFmRQRCTRJAWUZDIkpWT0MjAhksEC8PNw5qR00HQRMVQwMAEAoQXGpKQQ1YTT4WBhcXFWZbShNbExkFCxAHDBBcR0BuEVBeBEIOCxEDZllQWgRuSg4QFwEHRhsZG1IAXGYVAwRGWURJQFtdCFIbTUAACw8JS2pUXgVUG1tADw0EDk1YVlUEExVDEAwLDjlKQVhFFEIbW0APDRUDG0hE
162.247.241.14204 No Content 0 B URL HTTP/1.1 bam.nr-data.net/ins/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2971&ck=1&ref=https://chaturbate.com/embed/addamymar/&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFJdUQkHUwdbB1pXBlZXXBh2Yi0TFUMhJTshCU0XAwhRHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlAFVVgMGw4FEUkbGRtGDW5RDhEXRllEWl1YRRRDWwAWBkoACVQXFRMSWE0EPQoAQVwIGRtCCEVcPgYMCQIPVxcDEwJZWBUXEQYCElwbWl4MExVDEAYVFgNKQWZZDkJNQ1hBBwsHTUBLUwBFXE8BDAlBShtXS14WQlwTPQoAQVwbBVxUUgUKWVNOUgIACBgNV1kDFFhXVVxOUVsFDVBXVQoFAwEAQUobR1xXBENcE0BZRgsSTUVKC04eVw8WBgENFRdWVlxOExVDEAYVFgNKQWZcBEVRDgZBXkEhfGEbHUNBQBUKDAo8EFxHSlgOXxtbQFBKVEQVF0xQPlVcFwsAATwAWFhQXRgTA0MtFwwGFBsZG0QAbl0EFAoHBjlNTElUQwsbBQcQDxcJSRcVExRQZg4RPAICC1BZQBNbE3UIDBYcQUobQFhuDkJmFwcRFwoJVxcDE0MdGxQDPAYRCU5GXEM%2BV1gMCw8dQVwbc1BDBFdWGUBPRhYHZldLXhZCXBM9FQERFVBaVxNbEwBXTFNGT0RMVGZCFUNQDwVBXkErVk9QXQ1QFlRMU0RLPggEAhEtWFcUGkMcW1BmAw0KQUNPW1tVSlNPGXJcUgpeFlNSUlRTVwkEGXcIQ1wHDRtLWlAXBRsdQ1ZQFT0ACw4LUEEbC0MIAAABUgACUQ5QCQBDHRsRAxEFDhUbDxtKPRNTDgsNOwwQXEdVUBhtG1tCP0ZSOhsZGW1DRVYUED9GWUZlF11lDAFlQ05DOEEFWFhJUAhWVz1AWUQ/RE1UdkIjbRtNQj9GBw9KVFtdBG5KDhcNAD9EAxVlE1BtG01CP0YOCVtcVVQzVF0IEAYHFzobDxltQ1BMFQ0/Rk9GZRdcXANUXT4UCgAGCWZaV10YbRtbQj9GUjobSBsdQ1RVCAUKBg8DZkZJXQhFZhUHEBAQRAMXGXUSUk8TIFJEJxVaQ0tzUxF9EgEVFiFVGXFKUhdDe1VCLhYvDW1dakMVBRksEC8PNw5qR00EQXxLLQk3DDAUTQMZE00TXA0LBA0BClxqSkENWE0%2BFgYXFxVmW0oTWxMZBQsQBwwQXEdAbhFQXgRCDgsRA2ZZUFoEbkoOEBcBB0YbGRtQAkVQFwc8FxMKUEFmRQRCTRJAWUZDIkpWT0MjAhksEC8PNw5qR00HQRMVQwMAEAoQXGpKQQ1YTT4WBhcXFWZbShNbExkFCxAHDBBcR0BuEVBeBEIOCxEDZllQWgRuSg4QFwEHRhsZG1IAXGYVAwRGWURJQFtdCFIbTUAACw8JS2pUXgVUG1tADw0EDk1YVlUEExVDEAwLDjlKQVhFFEIbW0APDRUDG0hE
IP 162.247.241.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ins/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2971&ck=1&ref=https://chaturbate.com/embed/addamymar/&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFJdUQkHUwdbB1pXBlZXXBh2Yi0TFUMhJTshCU0XAwhRHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlAFVVgMGw4FEUkbGRtGDW5RDhEXRllEWl1YRRRDWwAWBkoACVQXFRMSWE0EPQoAQVwIGRtCCEVcPgYMCQIPVxcDEwJZWBUXEQYCElwbWl4MExVDEAYVFgNKQWZZDkJNQ1hBBwsHTUBLUwBFXE8BDAlBShtXS14WQlwTPQoAQVwbBVxUUgUKWVNOUgIACBgNV1kDFFhXVVxOUVsFDVBXVQoFAwEAQUobR1xXBENcE0BZRgsSTUVKC04eVw8WBgENFRdWVlxOExVDEAYVFgNKQWZcBEVRDgZBXkEhfGEbHUNBQBUKDAo8EFxHSlgOXxtbQFBKVEQVF0xQPlVcFwsAATwAWFhQXRgTA0MtFwwGFBsZG0QAbl0EFAoHBjlNTElUQwsbBQcQDxcJSRcVExRQZg4RPAICC1BZQBNbE3UIDBYcQUobQFhuDkJmFwcRFwoJVxcDE0MdGxQDPAYRCU5GXEM%2BV1gMCw8dQVwbc1BDBFdWGUBPRhYHZldLXhZCXBM9FQERFVBaVxNbEwBXTFNGT0RMVGZCFUNQDwVBXkErVk9QXQ1QFlRMU0RLPggEAhEtWFcUGkMcW1BmAw0KQUNPW1tVSlNPGXJcUgpeFlNSUlRTVwkEGXcIQ1wHDRtLWlAXBRsdQ1ZQFT0ACw4LUEEbC0MIAAABUgACUQ5QCQBDHRsRAxEFDhUbDxtKPRNTDgsNOwwQXEdVUBhtG1tCP0ZSOhsZGW1DRVYUED9GWUZlF11lDAFlQ05DOEEFWFhJUAhWVz1AWUQ/RE1UdkIjbRtNQj9GBw9KVFtdBG5KDhcNAD9EAxVlE1BtG01CP0YOCVtcVVQzVF0IEAYHFzobDxltQ1BMFQ0/Rk9GZRdcXANUXT4UCgAGCWZaV10YbRtbQj9GUjobSBsdQ1RVCAUKBg8DZkZJXQhFZhUHEBAQRAMXGXUSUk8TIFJEJxVaQ0tzUxF9EgEVFiFVGXFKUhdDe1VCLhYvDW1dakMVBRksEC8PNw5qR00EQXxLLQk3DDAUTQMZE00TXA0LBA0BClxqSkENWE0%2BFgYXFxVmW0oTWxMZBQsQBwwQXEdAbhFQXgRCDgsRA2ZZUFoEbkoOEBcBB0YbGRtQAkVQFwc8FxMKUEFmRQRCTRJAWUZDIkpWT0MjAhksEC8PNw5qR00HQRMVQwMAEAoQXGpKQQ1YTT4WBhcXFWZbShNbExkFCxAHDBBcR0BuEVBeBEIOCxEDZllQWgRuSg4QFwEHRhsZG1IAXGYVAwRGWURJQFtdCFIbTUAACw8JS2pUXgVUG1tADw0EDk1YVlUEExVDEAwLDjlKQVhFFEIbW0APDRUDG0hE HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1830
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 20 Sep 2022 19:38:56 GMT
Connection: keep-alive
CF-Ray: 74dd0636d839b4f3-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3055&ck=1&ref=https://chaturbate.com/embed/addamymar/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3055&ck=1&ref=https://chaturbate.com/embed/addamymar/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3055&ck=1&ref=https://chaturbate.com/embed/addamymar/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 3329
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:56 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 74dd06375b7bb509-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.11426127006919917
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.11426127006919917
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 064ccf670479c1b551bc36035a470bee
cc85882a0cf8542bc517f429edc30ecafc057fd0
13508dd168fdcc9cedbce8d565a81fef495cfef089a206d0d75234de3141d938
GET /stream?room=addamymar&f=0.11426127006919917 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:56 GMT
content-type: image/jpeg
content-length: 17304
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/send?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=7216934484471085
54.230.111.8204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/send?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=7216934484471085
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/send?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=7216934484471085 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Content-Length,Accept,Authorization,X-Ably-Version,X-Ably-Lib,X-Ably-ClientId,Ably-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://chaturbate.com
access-control-max-age: 3600
date: Tue, 20 Sep 2022 19:38:56 GMT
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 88xRgQFbrlkXAWN605RKTdJvv44B7q0o_iPQlehVxQ_tpMbIb9NYuQ==
X-Firefox-Spdy: h2
chatw-24.stream.highwebmedia.com/ws/750/ovo0nu3b/websocket
104.19.241.83101 Switching Protocols 22 kB URL HTTP/1.1 chatw-24.stream.highwebmedia.com/ws/750/ovo0nu3b/websocket
IP 104.19.241.83:0
Hash cb7d7e310424fae2e9be6a4732f7da6b
7b6f57a250f822d1d0d5e0b9e4cfbdf0269fad92
3563afce28d648f4696a81746229c372bb14d5119f74cd4a8f8ade2ac0ebb201
GET /ws/750/ovo0nu3b/websocket HTTP/1.1
Host: chatw-24.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://chaturbate.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +O0JGE9DSNcAUi6WziMx6w==
Connection: keep-alive, Upgrade
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 20 Sep 2022 19:38:56 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nsmML/PDWcHyRlCbSA9gJL3pl0I=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgU6afU4kDuKCJE3nxqUaPoalqzYg4VCRhGS1kS7kG8B%2BbmT88hO%2F2%2BYpgX3Bra8CihAQcildfRltDhLMjmmG8gFZq51RJnIuUNq1JTitA2esXEN4%2F%2BgR7czlKVcIE4smt%2BoJUWJnPf8kZRa%2BBIY480K"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74dd0635b905b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/send?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=7216934484471085
54.230.111.8201 Created 2 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/send?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=7216934484471085
IP 54.230.111.8:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/send?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=7216934484471085 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: application/json
Content-Length: 77
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 20 Sep 2022 19:38:56 GMT
vary: Origin
x-ably-serverid: frontend.445a.2.eu-central-1-A.i-0d0383fc8bbbdaf57.e91-B60wQBG1dy
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X1Xw-Ib3Svvpcpg20Tot20RMN54RbTYSZh7WYaTuYPFiQWmxS_EoJQ==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/recv?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=5632213407282716
54.230.111.8200 OK 147 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/recv?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=5632213407282716
IP 54.230.111.8:0
File type JSON data\012- , ASCII text
Hash e128925d0695ac811437eda54dcef713
824300fe07c6c0698c17272c52dd04fffff059ff
5bbcd99d78ee43e37d7bdacd5c0c9f63e34ae6c34eff9328d0cb31cc5d0b2467
GET /comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/recv?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=5632213407282716 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 147
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 20 Sep 2022 19:38:56 GMT
vary: Origin
x-ably-serverid: frontend.445a.2.eu-central-1-A.i-0d0383fc8bbbdaf57.e91-B60wQBG1dy
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cUBjdcIes5ShkJJTJMptCLJr8HQTcuGzUsnBSNnEpM7_oZGSxqSjzQ==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&upgrade=e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy&format=json&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0
54.230.111.8101 Switching Protocols 0 B URL HTTP/1.1 realtime.pa.highwebmedia.com/?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&upgrade=e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy&format=json&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&upgrade=e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy&format=json&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://chaturbate.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BFxFZVEc/ymM7eCTaSI3hg==
Connection: keep-alive, Upgrade
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 20 Sep 2022 19:38:56 GMT
Connection: upgrade
Sec-Websocket-Accept: hnhfyI2/9b93FwVAtOwR1MUubfI=
Upgrade: websocket
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HbbCcHCr6aGSCw819gCXVoRzpty5nhq_lKbhRs4_u1MQ17_RpgYbtQ==
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.4587752375720011
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.4587752375720011
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 064ccf670479c1b551bc36035a470bee
cc85882a0cf8542bc517f429edc30ecafc057fd0
13508dd168fdcc9cedbce8d565a81fef495cfef089a206d0d75234de3141d938
GET /stream?room=addamymar&f=0.4587752375720011 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:56 GMT
content-type: image/jpeg
content-length: 17304
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
www.facebook.com/v2.11/plugins/page.php?adapt_container_width=true&app_id=223861634430782&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb279bd85a2016%26domain%3D94ero.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F94ero.com%252Ff202da5958b928a%26relation%3Dparent.parent&container_width=855&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fav.jgirl%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=true
157.240.200.35200 OK 64 kB URL HTTP/2 www.facebook.com/v2.11/plugins/page.php?adapt_container_width=true&app_id=223861634430782&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb279bd85a2016%26domain%3D94ero.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F94ero.com%252Ff202da5958b928a%26relation%3Dparent.parent&container_width=855&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fav.jgirl%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=true
IP 157.240.200.35:0
File type ASCII text, with no line terminators
Hash 1b93ee9b3714a6c72a77385a7afa1e43
00f3349e9d73bcaec4073a0a9c3ad217ac45384a
0d6e09e8a4a33c5e55c03ad9894ee12d44faf25390525018a63911fb1a429fd0
GET /v2.11/plugins/page.php?adapt_container_width=true&app_id=223861634430782&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb279bd85a2016%26domain%3D94ero.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F94ero.com%252Ff202da5958b928a%26relation%3Dparent.parent&container_width=855&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fav.jgirl%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=true HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v8.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: J21m7PoMu/xauwo5rdUL8MbDyCRHXX4Nj6DpvVwM0ROWX+lQ/6jl2fbWQrDNX8N4CCQJPbwVZzgB9DLrtkuoqA==
date: Tue, 20 Sep 2022 19:38:56 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/send?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=9199026501861246
54.230.111.8204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/send?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=9199026501861246
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/send?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=9199026501861246 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Content-Length,Accept,Authorization,X-Ably-Version,X-Ably-Lib,X-Ably-ClientId,Ably-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://chaturbate.com
access-control-max-age: 3600
date: Tue, 20 Sep 2022 19:38:56 GMT
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y1_IX-g4GC0td75UJ0ngCzUjIesfZJrbbanVwrAvhYedceYWN-mh3w==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/recv?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=8270420180516054
54.230.111.8200 OK 1.5 kB URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/recv?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=8270420180516054
IP 54.230.111.8:0
File type JSON data\012- , ASCII text
Hash f98e489a03d79bac2b457b40ed2dacf1
03a1dbdde4b1b9654ef127a748e9ba66e75f0d10
b48c6d5783d84d5760d5eb1675e32fd5cf01954ecb33079c74ff23942a2fbf41
GET /comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/recv?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=8270420180516054 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 1460
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 20 Sep 2022 19:38:56 GMT
vary: Origin
x-ably-serverid: frontend.445a.2.eu-central-1-A.i-0d0383fc8bbbdaf57.e91-B60wQBG1dy
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rHwVnjoCMouCI-br6_x5nUcqDlBGNGaPaE6XxQa6RXe7qWVp0D2YHQ==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/send?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=9199026501861246
54.230.111.8201 Created 2 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/send?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=9199026501861246
IP 54.230.111.8:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/send?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=9199026501861246 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: application/json
Content-Length: 1304
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 20 Sep 2022 19:38:56 GMT
vary: Origin
x-ably-serverid: frontend.445a.2.eu-central-1-A.i-0d0383fc8bbbdaf57.e91-B60wQBG1dy
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 70hDi4JbKsi77PxdqZQqyFYgHCLzQqiI_2rjrBoM_0Dbg76ygvmCeA==
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.13486906537528942
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.13486906537528942
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 43d2f7f0f8e6be2697c8e442a2922b06
6454fc426f89c5dc1ec86d64b6cb9d054b3d9512
bc9e3d0cd11647e1b4430dde7955fd5f6fd4dbdda38d4e04f8c16c7f6d6bb896
GET /stream?room=addamymar&f=0.13486906537528942 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:56 GMT
content-type: image/jpeg
content-length: 17030
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/recv?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=48161494042527675
54.230.111.8200 OK 1.0 kB URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/recv?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=48161494042527675
IP 54.230.111.8:0
File type JSON data\012- , ASCII text
Hash f1bd355c2eb9c94b04ceed1d1be5bfe4
c3523d25d06af4b13eb6082a0cb0cb01589b8e05
2fb0bb6b3ae9e807b9f23f478662f5735b7c3ddd30cd39de06e966484831d194
GET /comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/recv?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=48161494042527675 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 1008
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 20 Sep 2022 19:38:56 GMT
vary: Origin
x-ably-serverid: frontend.445a.2.eu-central-1-A.i-0d0383fc8bbbdaf57.e91-B60wQBG1dy
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N8_lQjheI4bEfRkS2aTMEnaDWAFi0TT6ZWqVkQq7w--VZ2Lk4fSIBA==
X-Firefox-Spdy: h2
cams.com/camschat.cgi?type=check_stream&stream=SelenaRuss&callback=angular.callbacks._1
69.165.103.130308 Permanent Redirect 164 B URL HTTP/2 cams.com/camschat.cgi?type=check_stream&stream=SelenaRuss&callback=angular.callbacks._1
IP 69.165.103.130:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f23c4815ecaef1588f16ac735c0e15d6
026bf8cdd5076014b6fc822878e0086eb44da556
43a81fb3d47b34e7d42d6b8444f592ed9251b8e57db8f67d32419aa40b1480d0
GET /camschat.cgi?type=check_stream&stream=SelenaRuss&callback=angular.callbacks._1 HTTP/1.1
Host: cams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 308 Permanent Redirect
date: Tue, 20 Sep 2022 19:38:56 GMT
content-type: text/html
content-length: 164
location: https://classic.cams.com/camschat.cgi?type=check_stream&stream=SelenaRuss&callback=angular.callbacks._1
x-ingress: PROD
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/disconnect?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=19810970948028828
54.230.111.8204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/disconnect?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=19810970948028828
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comet/e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy/disconnect?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&rnd=19810970948028828 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 20 Sep 2022 19:38:57 GMT
vary: Origin
x-ably-serverid: frontend.445a.2.eu-central-1-A.i-0d0383fc8bbbdaf57.e91-B60wQBG1dy
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gOvmJj0t4D-jKoaJWG39LxE8e74Aui66LHv7E-yUaGib1k-Wnjcr0Q==
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.7357928164827682
131.153.88.90200 OK 18 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.7357928164827682
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash d08db73d21d0bc5855f043116fd86bd9
09b01069b886bd6e468c30404d38dfe640738a0d
0993d44138d85025946953492565828cdc4e0aa83912152289aa234143969301
GET /stream?room=addamymar&f=0.7357928164827682 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:57 GMT
content-type: image/jpeg
content-length: 17550
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
classic.cams.com/camschat.cgi?type=check_stream&stream=SelenaRuss&callback=angular.callbacks._1
69.165.105.13200 OK 246 B URL HTTP/1.1 classic.cams.com/camschat.cgi?type=check_stream&stream=SelenaRuss&callback=angular.callbacks._1
IP 69.165.105.13:0
File type ASCII text, with very long lines (309), with no line terminators
Hash f6e0ffe261c3c8fe66c7096c517a73d5
61af4217f57a57dde919ff2314b4ba71e80ef60c
93a8431ba362410eece20ca40cef14ad7ca1b3b2d173d9d84e31458a5d43b75c
GET /camschat.cgi?type=check_stream&stream=SelenaRuss&callback=angular.callbacks._1 HTTP/1.1
Host: classic.cams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://banners.cams.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:57 GMT
Server: Apache
X-PERF: 0.000494,0.000283,CD_1_0.0000160,CE_1_0.0001950
Strict-Transport-Security: max-age=300; includeSubDomains
P3P: CP="DSP LAW"
X-ApacheServer: si201-102.friendfinderinc.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 246
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/javascript;charset=UTF-8
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.35401802416308337
131.153.88.90200 OK 18 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.35401802416308337
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash d08db73d21d0bc5855f043116fd86bd9
09b01069b886bd6e468c30404d38dfe640738a0d
0993d44138d85025946953492565828cdc4e0aa83912152289aa234143969301
GET /stream?room=addamymar&f=0.35401802416308337 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:57 GMT
content-type: image/jpeg
content-length: 17550
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=671dbadbf37814e321f252eac8aa2500&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=671dbadbf37814e321f252eac8aa2500&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=671dbadbf37814e321f252eac8aa2500&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 19:38:57 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 041a856e10ce3e728e7b9235fbd7c3b6
Strict-Transport-Security: max-age=0; includeSubdomains
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.10811874380088082
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.10811874380088082
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash b5b5ab5923f39355a229e7d75180ea38
1a409a7229bd139a20d05707875854ac3e7cd670
9fe9ee98461e937e73b3594153177d3122880ffffda689d036ccc50c2d293e6e
GET /stream?room=addamymar&f=0.10811874380088082 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:57 GMT
content-type: image/jpeg
content-length: 16947
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.12691429000566123
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.12691429000566123
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash e28995562e9645e40762445959c23fcb
0021fe0b75948aca2c07585349451621b11802f4
d774b31b85a8827a69c0d8588f54cf7d6db5a3a840aba91129ee0aad4829f395
GET /stream?room=addamymar&f=0.12691429000566123 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:57 GMT
content-type: image/jpeg
content-length: 16858
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0b3537dce4560e2360202fc39cdca3e4
9dbdd259e514ca7727a908096a3385199c9cb258
42ec315a07f130b8b04febbe7ee081d9ca2536024a57b5b2df7cc118fd2a123b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42EC315A07F130B8B04FEBBE7EE081D9CA2536024A57B5B2DF7CC118FD2A123B"
Last-Modified: Mon, 19 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16156
Expires: Wed, 21 Sep 2022 00:08:13 GMT
Date: Tue, 20 Sep 2022 19:38:57 GMT
Connection: keep-alive
realtime.pa.highwebmedia.com/comet/connect?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&upgrade=e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=5973367095121133
54.230.111.8200 OK 18 kB URL HTTP/2 realtime.pa.highwebmedia.com/comet/connect?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&upgrade=e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=5973367095121133
IP 54.230.111.8:0
Hash 661ef68fb5d64141c7834f350f1707db
2272b3f4b2bd3997a63126b699049f21ac396123
1ff8804339d71c66d6a8a8c470e389cb63ca322bd343dc1c35b43956d17e056d
GET /comet/connect?access_token=KSKw2g.AL36ISg-VP039UfLjSHULfDGlj9DoTglOPKJOOGyYmob-VNn-g&upgrade=e91-B60wQBG1dy!UUQXr9agBSsEyTsG-61b5ce91-B60wQBG1dy&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=5973367095121133 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 20 Sep 2022 19:38:56 GMT
vary: Origin
x-ably-serverid: frontend.445a.2.eu-central-1-A.i-0d0383fc8bbbdaf57.e91-B60wQBG1dy
x-content-type-options: nosniff
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h1A6UVPZniE6mQQ_BxvSpStO4kE0ZstIJKWk69hZZRZ3_pwttB6G-A==
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.8970512760321947
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.8970512760321947
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash a92570808fdf64a17a7413ec96dcc736
f5911cb022fa1076744785cf9a6a8d81a8a0403a
d774dbd77fe686ac30cd00e6778fdd8eb4fddc593b4a87a24c83f13b17278de1
GET /stream?room=addamymar&f=0.8970512760321947 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:57 GMT
content-type: image/jpeg
content-length: 17437
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.9021726900594208
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.9021726900594208
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 3d98cf4809397a449b4c20352cf0e800
c7c6149d17ffd5200a27effc23bffe9fa35d4a63
4fcf00c95515ab1c72f5539b168387efdc6924d9679ed4728d29dbe3ffaabb32
GET /stream?room=addamymar&f=0.9021726900594208 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:58 GMT
content-type: image/jpeg
content-length: 17053
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.5146947597190928
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.5146947597190928
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash dba53f9793fd5d1dc90bfbd9ef75304d
49faf4c003edb93e338482a184a3e5abad4c48c2
d22cee40086b01f9714369f3b736c57e0ec93b453a52fa346d518c67027f50a6
GET /stream?room=addamymar&f=0.5146947597190928 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:58 GMT
content-type: image/jpeg
content-length: 16977
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
images.streamray.com/images/streamray/won/jpg/s/s/selenaruss_640.jpg
69.165.105.23200 OK 54 kB URL HTTP/1.1 images.streamray.com/images/streamray/won/jpg/s/s/selenaruss_640.jpg
IP 69.165.105.23:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 1280x720, components 3\012- data
Hash ee92962ee2d57cff847b6951baa54b6a
28c729257e620e8631a21476f87242981ddcf4d5
b73b183eb5993cb9d6f1f0a77423c22da88ffe62fdf753361daef2019ca8e2a5
GET /images/streamray/won/jpg/s/s/selenaruss_640.jpg HTTP/1.1
Host: images.streamray.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:25:03 GMT
Expires: Tue, 27 Sep 2022 19:25:03 GMT
Cache-Control: max-age=604800
Content-Length: 53490
Last-Modified: Tue, 20 Sep 2022 19:24:33 GMT
X-ApacheServer: si116-114
Content-Type: image/jpeg
Age: 834
X-Cache: HIT
X-Cache-Hits: 298
Accept-Ranges: bytes
Connection: keep-alive
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.5459440914670862
131.153.88.90200 OK 18 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.5459440914670862
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 1a8a4ee0cb25c403780ebf559d73a8b6
be39be5f32ec4f728696eb3c2f0b4b7b49d3f4c8
7e35a5bbdb269f7faa9584dc64b5086923df584fec4f321f557e7bbe28a21080
GET /stream?room=addamymar&f=0.5459440914670862 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:58 GMT
content-type: image/jpeg
content-length: 17700
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.41997043255297284
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.41997043255297284
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 6e9d2f310fbcdfcbeeb7fc21851174b3
799371aa5103b81c73eeaad346a7a79f85eb9b48
6f1a42355bb88769e23ad82826762b1ca300d8f51d82fd38eb037843f0ec2fcc
GET /stream?room=addamymar&f=0.41997043255297284 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:58 GMT
content-type: image/jpeg
content-length: 17417
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.8581651876578493
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.8581651876578493
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 8b6e238eb3d89cefbcca0b48b233696f
0fd2a8fd8bb807d1392cc74fd5895dde6a26f345
cf48fd1544be769d91afba157c89c919a842d63cbbd8892d6df2cc41205d2f6e
GET /stream?room=addamymar&f=0.8581651876578493 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:58 GMT
content-type: image/jpeg
content-length: 17178
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.8443782975773928
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.8443782975773928
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 0d20b932fe1684c3ba4e1d6f9b4cb18e
842b956a2906f70d2da45e28db0b96de52048ff4
a302c0c0e955b664dcde6b961b40422fb7512d9703c7c9ca1219098408e652c7
GET /stream?room=addamymar&f=0.8443782975773928 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:58 GMT
content-type: image/jpeg
content-length: 17261
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.4263912441132601
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.4263912441132601
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 98bc5b66d6d02cc635157bb3eaeb64f1
753c45b1d43aff8d72ce252e22dc20a2742abd11
2d5b12abb27f2b618df3746a971197733bc835e8907d48eee69bf6122a29bb64
GET /stream?room=addamymar&f=0.4263912441132601 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:58 GMT
content-type: image/jpeg
content-length: 17191
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.05476994112621569
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.05476994112621569
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 2ccac9383414c093e1a1d5084de9c24a
0cf0e73b91a7ce1e76313c3e18abd0a51ef908d4
129c33e901f0794beaab98a369f010f0ab6fd6abfebfd3cbd08e6d90e3939079
GET /stream?room=addamymar&f=0.05476994112621569 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:59 GMT
content-type: image/jpeg
content-length: 17186
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.6290176109272824
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.6290176109272824
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 2ccac9383414c093e1a1d5084de9c24a
0cf0e73b91a7ce1e76313c3e18abd0a51ef908d4
129c33e901f0794beaab98a369f010f0ab6fd6abfebfd3cbd08e6d90e3939079
GET /stream?room=addamymar&f=0.6290176109272824 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:59 GMT
content-type: image/jpeg
content-length: 17186
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.258191973414709
131.153.88.90200 OK 17 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=addamymar&f=0.258191973414709
IP 131.153.88.90:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash a6aaf2f134cec5cc7913b5ca5300c0b6
7e9f9d178d49f9a5f4353e9cd69fbd91eebbe958
7d1db97d9c976befaa9e1e4eeb9d938ba4c58cb9d7157c687149bda60697ff05
GET /stream?room=addamymar&f=0.258191973414709 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:59 GMT
content-type: image/jpeg
content-length: 17303
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.e1067846ea15.js
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.e1067846ea15.js
IP 104.16.94.42:0
GET /CACHE/js/output.e1067846ea15.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=108152
etag: W/"97a23c5e27826ee4bed1dbcfe0601da8"
last-modified: Thu, 24 Jun 2021 21:24:09 GMT
x-amz-id-2: gJdq637yDaGW5b/k/xLZcaVgKR2zPrz11wa1iwf3/kEEAF2JWIngCVC4T9LIrDSnBaklrTBcytM=
x-amz-meta-s3cmd-attrs: md5:97a23c5e27826ee4bed1dbcfe0601da8
x-amz-request-id: C8A0N4S7KE12CYZQ
cf-cache-status: HIT
age: 252687
expires: Thu, 20 Oct 2022 19:38:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4YzDWspwQxFhy7v4B3veGYImnJKqM%2Be2hKU%2BFVINzVt1YwgrhHAP30jPdPYZAXdXUqDrqe%2BND2RpZarJ5Ouq1rhTAdeMD24QJUg4B%2FTIXPKagSQ%2Ba%2BuR5msKnW1mo5%2FjpBsRagOJhmjosXC%2BRjbpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=hB8dMz6UigZXdNRImgCvhHCFKGKkb_Jv6jNNlQwvdXA-1663702734210-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74dd0628cc751bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=3464y223u254u4q2o2e4536424&u=http%3A%2F%2Fwww.juicyads.rocks
143.204.55.76200 OK 0 B URL HTTP/2 js.juicyads.com/jp.php?c=3464y223u254u4q2o2e4536424&u=http%3A%2F%2Fwww.juicyads.rocks
IP 143.204.55.76:0
GET /jp.php?c=3464y223u254u4q2o2e4536424&u=http%3A%2F%2Fwww.juicyads.rocks HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Tue, 20 Sep 2022 19:38:41 GMT
expires: Tue, 20 Sep 2022 19:53:41 GMT
pragma: cache
server: nginx
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZsTT5eyQWly-IVAf87I7NJPT_f2jDBMwrBq-vF00Ad6Y29VSEVHv4A==
age: 10
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.234.254200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.234.254:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: a4d3e74cf4dd18c51510d8e07526b307
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 20 Sep 2022 19:38:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6fe3WXiK5TNwrfquLby227L7rpdZXpJu8JT%2B57wqTI8yPSMyI%2FaBVMB6qWjxOig03KdJOqnvOgpr7h%2BcJaoXb8HCgLRHtUENLDAKd4xHXV8BpDkn%2B%2FVtrmWC5Vmi9BmMTxqQPA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd06219b4c7576-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creative.strpjmp.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&buttonColor=&campaignId=114c61a376af0e4ad32002e9224edc479d0fb30ab4e3ae0988dfb4b60e6dabe2&creativeId=c0012946eb231abe26945e1ec9cb543adcd67f988cfa681b6c1236ecbd1928cd&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=1&showLiveBadge=1&showModelName=1&showTitle=1&sound=off&sourceId=4778569&tag=females&targetDomain=&thumbSizeKey=big&trackOff=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd
172.67.203.28200 OK 0 B URL HTTP/2 creative.strpjmp.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&buttonColor=&campaignId=114c61a376af0e4ad32002e9224edc479d0fb30ab4e3ae0988dfb4b60e6dabe2&creativeId=c0012946eb231abe26945e1ec9cb543adcd67f988cfa681b6c1236ecbd1928cd&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=1&showLiveBadge=1&showModelName=1&showTitle=1&sound=off&sourceId=4778569&tag=females&targetDomain=&thumbSizeKey=big&trackOff=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd
IP 172.67.203.28:0
GET /widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&buttonColor=&campaignId=114c61a376af0e4ad32002e9224edc479d0fb30ab4e3ae0988dfb4b60e6dabe2&creativeId=c0012946eb231abe26945e1ec9cb543adcd67f988cfa681b6c1236ecbd1928cd&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=1&showLiveBadge=1&showModelName=1&showTitle=1&sound=off&sourceId=4778569&tag=females&targetDomain=&thumbSizeKey=big&trackOff=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd HTTP/1.1
Host: creative.strpjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nnteens.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: text/html
last-modified: Mon, 19 Sep 2022 11:33:49 GMT
expires: Tue, 20 Sep 2022 19:39:03 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74dd0624e905b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
94ero.com/videos/700740
104.21.16.154200 OK 0 B IP 104.21.16.154:0
Analyzer Verdict Alert quad9 Sinkholed
GET /videos/700740 HTTP/1.1
Host: 94ero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AM4tm2muX%2FJhPqWUJunzNC%2Fxbo3EKSegfHqo%2Bf6DkwjFi5ORugJYCB1JgFKkwWKLNXlM%2FqUDZSjSgs%2FL1ntyqRetZFMQ8NZQWKmtdEiyD4tnePuIUDKQAPjAbWA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dd0614c8aab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/css/output.810ce50b58bd.css
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.810ce50b58bd.css
IP 104.16.94.42:0
GET /CACHE/css/output.810ce50b58bd.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=82198
etag: W/"e21f99ad90fe190141e69500f694add6"
last-modified: Mon, 19 Sep 2022 19:36:18 GMT
x-amz-id-2: +0+LV+zJId/PGb7GeL5JR1LNQt5vfkr62sdnP5PCM1ZjSnd6zr2gYPjA82t7FhtGMYohsUcoBKM=
x-amz-meta-s3cmd-attrs: md5:e21f99ad90fe190141e69500f694add6
x-amz-request-id: FQBQC4E25FZBCXWH
cf-cache-status: HIT
age: 86311
expires: Thu, 20 Oct 2022 19:38:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oc1EPVmbGbqUvbAkjqTN7Q35tXLOCCLy79mDttVu481RjLBjfThKxr8%2FMnZ%2B6wiCxLkwqyeyAvSqKdWXrAtXQLPuRdPa19%2BpSmjPAtwnTKeAgKre7n8bpFQj6x6rN1NTNBMmNjh%2BMyF8zFYQFu832w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=WeKlvjDwoEzDlffjFCVBDsOSyVbkqLozHygz_fLPmTo-1663702734206-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74dd0628bc6e1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.caee332d326d.js
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.caee332d326d.js
IP 104.16.94.42:0
GET /CACHE/js/output.caee332d326d.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"b61e15511bf0db70d0d422e98c465403"
last-modified: Thu, 24 Jun 2021 21:24:08 GMT
x-amz-id-2: gAJe87IyJM0OkbaBgua73HTcoEANURYYk4wpsNNClr414DBIRL/v+K+9hxRFHrgcwnw38qlmXmM=
x-amz-meta-s3cmd-attrs: md5:b61e15511bf0db70d0d422e98c465403
x-amz-request-id: 2D5TZ021KE4200HB
cf-cache-status: HIT
age: 252693
expires: Thu, 20 Oct 2022 19:38:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVrVxELJcaNfatkZRvOMIzH7Va%2Ba90UGXKmBUboPm8iljIMjVTtSkBa%2BpAg1ygtX4efEIdXV0xT5niZZcUgTe4uSSsUIVo4F%2B2X3kjkbKSazZAA5BTJT3uu2saq6rJDdDxQIfGgni50Dno1Af1GwGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=LcVzcSs_IW94.mB34lWJc_bImvMBO..edeNj47CQaeE-1663702734209-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74dd0628cc721bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat
IP 142.250.74.10:0
GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 19:38:51 GMT
date: Tue, 20 Sep 2022 19:38:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/cachebust/chatembed-prod-99ac1da77e01.js
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/cachebust/chatembed-prod-99ac1da77e01.js
IP 104.16.94.42:0
GET /cachebust/chatembed-prod-99ac1da77e01.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=910044
etag: W/"5c630ab97ecaf3a22bb1ec9be7db2926"
last-modified: Tue, 20 Sep 2022 17:13:17 GMT
x-amz-id-2: Utc/Z+4whpyfpCCse3mV0MWkryEzuLi2CLrrMUFcCzB8K8ei9rekCnhyBPsiWidI/divyEBQvcM=
x-amz-meta-s3cmd-attrs: md5:5c630ab97ecaf3a22bb1ec9be7db2926
x-amz-request-id: 2NXX1ZZM81AKW8HB
cf-cache-status: HIT
age: 8551
expires: Thu, 20 Oct 2022 19:38:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmpXR23dH5vzOIcBoqK8H0u6po5guNsHc2Cnw5mgJvx3ZZpZj9oXdwzEYyyejM5WS7RQNMcjZOxs4ChpXG0J6YdYdxu%2BNDjZA%2FdBWJWou84GbBcKPHaxo9ZPD0RRW625JTUqV160PktT4IsU188Smg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74dd0628cc8b1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zz.bdstatic.com/linksubmit/push.js
58.254.150.48200 OK 0 B URL HTTP/2 zz.bdstatic.com/linksubmit/push.js
IP 58.254.150.48:0
ASN #136958 China Unicom Guangdong IP network
GET /linksubmit/push.js HTTP/1.1
Host: zz.bdstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: application/x-javascript
last-modified: Sun, 31 Jul 2022 09:23:08 GMT
etag: "62e649fc-134"
cache-control: max-age=86400
content-encoding: br
age: 42575
accept-ranges: bytes
tracecode: 03532554600310087434092014
ohc-cache-hit: gz3un61 [2], zhuzuncache58 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.97a5db11ca63.js
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.97a5db11ca63.js
IP 104.16.94.42:0
GET /CACHE/js/output.97a5db11ca63.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=827275
etag: W/"692ec922d2a39b4037073f70286968b3"
last-modified: Fri, 13 May 2022 09:09:46 GMT
x-amz-id-2: VZ8ol5gj9DR4cR1Ys+gd3EdgeEH8vduV/GWCX0hMYtqbtTyLc8wtgelbUHUwXR/km7ekid2PJdA=
x-amz-meta-s3cmd-attrs: md5:692ec922d2a39b4037073f70286968b3
x-amz-request-id: WKBNH94P832M1DR9
cf-cache-status: HIT
age: 901215
expires: Thu, 20 Oct 2022 19:38:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqxLDVwbmjOQQTrhsMLEQPGYCepKvi3%2F7VH5spLe7jAQx5B%2BwKmgF0sGPHzlCgA5d9Q5BivsYpIDgM5CYKV5Nkj0Edx%2BEAYywSulHem4w%2BfwoUe3S5%2FpvucDDIpdBCruNR6xBYHRkfR7WNklQnGJIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=hB8dMz6UigZXdNRImgCvhHCFKGKkb_Jv6jNNlQwvdXA-1663702734210-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74dd0628cc781bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/cachebust/theatermode-react-99ac1da77e01.js
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/cachebust/theatermode-react-99ac1da77e01.js
IP 104.16.94.42:0
GET /cachebust/theatermode-react-99ac1da77e01.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=193979
etag: W/"9addfe54ae91605192ec56420f31ce6b"
last-modified: Tue, 20 Sep 2022 17:13:15 GMT
x-amz-id-2: +uA2aoelOX5HMIRRvIA5cfs50ODnJqDchjGYpDj+GbzzN8UIFt4PV9YgHSFZEy3mXDHt0UMCbNM=
x-amz-meta-s3cmd-attrs: md5:9addfe54ae91605192ec56420f31ce6b
x-amz-request-id: 2NXY11196AXAQDHA
cf-cache-status: HIT
age: 8551
expires: Thu, 20 Oct 2022 19:38:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7bvmYhqttf1Er%2BJTaCG2%2BrPg7NBuFyfw8GkXPWTwOc0WDqgRCGQbbp%2Bk9hNcAn9g7C0391cTPteStDgvhw1MahauXr2qRqb1O4OjldrOMjGKdd03gLTIbTwFMuiurIH8TAHihxDNkmlD%2BmsBGjDsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=MoIY5M6TfeCnUGrWLO7m3J1Dl6TYyALTGgrEbRLbsms-1663702734216-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74dd0628cc7f1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.juicyads.com/jam_min.js
143.204.55.76200 OK 0 B URL HTTP/2 js.juicyads.com/jam_min.js
IP 143.204.55.76:0
GET /jam_min.js HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 20 Sep 2022 05:44:45 GMT
etag: W/"5e01075c-5394"
last-modified: Mon, 23 Dec 2019 18:28:44 GMT
server: nginx
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JWoECv6Kw9Eem0WYKgOCZ2kqmsdosjJULQ8u_1OledKRcsnDiiyOUQ==
age: 50046
X-Firefox-Spdy: h2
nnteens.com/adnium728902.php?id=4778569
66.230.180.98200 OK 0 B URL HTTP/2 nnteens.com/adnium728902.php?id=4778569
IP 66.230.180.98:0
GET /adnium728902.php?id=4778569 HTTP/1.1
Host: nnteens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.medfoodsafety.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.3
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 0 B IP 93.184.220.29:0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2508
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Last-Modified: Tue, 20 Sep 2022 18:57:03 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
chatw-24.stream.highwebmedia.com/ws/info?t=1663702735707
104.19.241.83200 OK 0 B URL HTTP/2 chatw-24.stream.highwebmedia.com/ws/info?t=1663702735707
IP 104.19.241.83:0
GET /ws/info?t=1663702735707 HTTP/1.1
Host: chatw-24.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Cookie: _cfuvid=ITUwsrJF3fzyWvYRTun6qzpzndzi8MJrMim0cgsCkco-1663702734217-0-604800000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:55 GMT
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXiQU%2BuQWcWe9sNHN4zUx4Xj0T0VUgrwUVYJsrEdKnFj7OhC1AVa94FjjPfckoAKMqtqnxLPC1%2FnxNDavuaT5GFLx5ugu6SjMb3S%2B%2FVZJ%2BYkYQnXqLiCz0IuDqVZegApme7gXhbdLWja%2FNPirbNnbKgx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dd06325e4c0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
chaturbate.com/topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1
104.18.101.40302 Found 0 B URL HTTP/2 chaturbate.com/topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1
IP 104.18.101.40:0
GET /topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nnteens.com/
Connection: keep-alive
Cookie: __cf_bm=e6rHLeyW_cQfvVWOQ8.LdE7BoRPpctvrNy76erFBF2A-1663702733-0-AcskkrYb9ilqLSSrJgiDOkArsEj+Qc+py2a/V1risr8rj+JBVAHtHbWi/EGjzhuCFc/ths/aPhsYntWqCqjABXk=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: text/html; charset=utf-8
location: /embed/addamymar/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
set-cookie: stcki="pOtSwZ=0\054FqPd9a=0\0546pduSG=1\054aDBbcK=0"; expires=Thu, 20-Oct-2022 19:38:53 GMT; Max-Age=2592000; Path=/
affkey="eJyrVipSslJQyigpKSi20tfPyytJTc0r1kvOz9VXqgUAi/UJrw=="; Domain=.chaturbate.com; expires=Thu, 20-Oct-2022 19:38:53 GMT; Max-Age=2592000; Path=/
sbr=sec:sbrcc9f44a4-d173-4fb1-b493-4334f176063f:1oaj53:7M_LXoU-Eiv7862IQC5sVdRE4Qk; Domain=.chaturbate.com; expires=Sun, 15-Jun-2025 19:38:53 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74dd06257dbab4f7-OSL
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.1486cd5aa4f0.js
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.1486cd5aa4f0.js
IP 104.16.94.42:0
GET /CACHE/js/output.1486cd5aa4f0.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=117895
etag: W/"eb2259ff6dbd950ae158f73065752aa1"
last-modified: Thu, 21 Oct 2021 18:11:54 GMT
x-amz-id-2: k6NhlyRh+XXZM7+pSOMylQwAMSlxLRy7teDHalfRWz7mnIIf6Ig6amIFaKAolUjBHmL3PkEkULk=
x-amz-meta-s3cmd-attrs: md5:eb2259ff6dbd950ae158f73065752aa1
x-amz-request-id: FHZ86T60E9WK32PB
cf-cache-status: HIT
age: 1375525
expires: Thu, 20 Oct 2022 19:38:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c872zBPL7EFRHsbwSV%2B3Vz8FzD%2Burd159OqDe2qMwki72rpD%2FeK7bgEoIFxfMmkVuDelkAIjenx5tsyroj%2FFNigE0x4tus6rAU3MXL1p8omVWZeSX67fex5YOVmL%2FnV2FmBu8Ev3ZVYAv4c0oldvPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=vzRvQU.DUSe_FDEekThGJzABNrxL6jXsU1bWvpLkfDU-1663702734224-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74dd0628dc9d1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato
IP 142.250.74.10:0
GET /css?family=Lato HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 19:38:51 GMT
date: Tue, 20 Sep 2022 19:38:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.bestcontentfood.top/warp/4788326?r=78646
172.64.104.34200 OK 0 B URL HTTP/2 a.bestcontentfood.top/warp/4788326?r=78646
IP 172.64.104.34:0
Analyzer Verdict Alert fortinet Phishing
GET /warp/4788326?r=78646 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FNMDsTb6j489I9bfn2i8qNCC7orvg3MSwt426yi%2BTD4k1VZty6y%2Fw6ApxuD%2FqQOPKYhncRsa70wLwipGjkqDZduoz704l0BzS5ASJaQRPEDqXWe5FkZ7GC01jyLTnIeRV6Nf2uZ484%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dd061a585371c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2