oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
186.2.163.70301 Moved Permanently 568 B URL HTTP/1.1 oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
GET /139567/mayaneu-with-new-bf-2022-08-19-05-54-20/ HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Mon, 12 Sep 2022 04:37:11 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Content-Type: text/html; charset=utf8
Content-Length: 568
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 04:08:08 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aOx2VYoCxyKZgOXcwvRU8XFoiyOV68BgbeaNuar14DGrwXPk0n4QcA==
Age: 1743
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20688
Expires: Mon, 12 Sep 2022 10:21:59 GMT
Date: Mon, 12 Sep 2022 04:37:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EKBlK79K_qaIPGXWWBcANhYYncLHzrZbDisLA4ifEyBoKk1NRXChig==
age: 76799
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4c7b5270c206ff4c5b7b8e71c3b9c729
e035ddd29a717c55b837dd9c0b0b66fd2ffb9ed0
f8d411f8dc85a50599cbe7ba546a0e391566c5e77e1b42192dbdb34f66c3afc3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8D411F8DC85A50599CBE7BA546A0E391566C5E77E1B42192DBDB34F66C3AFC3"
Last-Modified: Fri, 09 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2242
Expires: Mon, 12 Sep 2022 05:14:33 GMT
Date: Mon, 12 Sep 2022 04:37:11 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 04:37:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 03:56:07 GMT
Expires: Mon, 12 Sep 2022 04:25:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z1kEL6p2G_ZhnFWOVBmZ7cm0HOGaPLVCDYscEFi2hod1YatOEh8oCg==
Age: 2465
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 26e829ba5f754918e20cbd316dc4348e
ba198501da0812dd11ca3b38a51325b5de6cfa60
4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2304
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 04:37:12 GMT
Last-Modified: Mon, 12 Sep 2022 03:58:48 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.47.107101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.47.107:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Roomhy5p2d+dkumdb3G2fg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VzFc/qLyUfDN968VXX7NxlOXlHM=
oncam.me/templates/bootadult4/images/logo.png?t=1622664292
186.2.163.70200 OK 3.3 kB URL HTTP/2 oncam.me/templates/bootadult4/images/logo.png?t=1622664292
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 156 x 106, 8-bit colormap, non-interlaced\012- data
Hash 931823124f38d29e27fcd3e4a754bb51
9a8db8f862a2686fff596b64ea348beefce7ebb7
506200f8abbdcc53b99af7c467c29da1edd19f69c89c4dc5d853f7c42eb48c10
GET /templates/bootadult4/images/logo.png?t=1622664292 HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 18 Jul 2022 19:43:03 GMT
content-type: image/png
content-length: 3281
last-modified: Wed, 02 Jun 2021 20:04:52 GMT
etag: "60b7e464-cd1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 4784050
ddg-cache-status: HIT
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/000/139/567/2.jpg
186.2.163.70200 OK 32 kB URL HTTP/2 oncam.me/media/videos/tmb/000/139/567/2.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 300x226, components 3\012- data
Hash 1b11c747ab5757933b38d98e4425257d
a1e3a8aaf39e619a142ac70d376c370670dbeaaf
11b7f67031a7265b132c46e11c43539cd4ed6b0526732a093cfcd8c97484b817
GET /media/videos/tmb/000/139/567/2.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 11 Sep 2022 17:09:06 GMT
content-type: image/jpeg
content-length: 32170
last-modified: Fri, 19 Aug 2022 10:34:05 GMT
etag: "62ff671d-7daa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 41287
ddg-cache-status: HIT
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/000/139/567/player.jpg
186.2.163.70200 OK 43 kB URL HTTP/2 oncam.me/media/videos/tmb/000/139/567/player.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 958x538, components 3\012- data
Hash ce1c34f1c7e0977fa7102520f8835fac
488d5170606413260311e958536a94bf1e4a5691
f364265478efab246515eb16c0ab3253d654b8020295089723ea38dc346ff290
GET /media/videos/tmb/000/139/567/player.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 08 Sep 2022 22:45:05 GMT
content-type: image/jpeg
content-length: 42899
last-modified: Fri, 19 Aug 2022 10:34:10 GMT
etag: "62ff6722-a793"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 280328
ddg-cache-status: HIT
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/loading.jpg
186.2.163.70200 OK 4.6 kB URL HTTP/2 oncam.me/media/videos/tmb/loading.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 300x180, components 3\012- data
Hash a39d5cc87195fbfeb34e91d42adf528b
cdfe14ffee9fbdfaea01ba4539524adca756d9c2
53a093ca6b50f6f4fe347aa9f9920d43be8223337edb1ddb6bba6aae56d9ad12
GET /media/videos/tmb/loading.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 02 Jul 2022 00:48:21 GMT
content-type: image/jpeg
content-length: 4555
last-modified: Thu, 14 Nov 2019 20:44:50 GMT
etag: "5dcdbcc2-11cb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 6234532
ddg-cache-status: HIT
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/000/139/567/5.jpg
186.2.163.70200 OK 32 kB URL HTTP/2 oncam.me/media/videos/tmb/000/139/567/5.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 300x226, components 3\012- data
Hash 9fbb94f0beb6f0c5a33c61e5ce6a4e53
aff5bb8e77a573bce9df82b9a647529c4c5fd49a
af67543ab3b51365a499d40afee82b0467231af7a399fc1fa66862a0e3b2781f
GET /media/videos/tmb/000/139/567/5.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 11 Sep 2022 17:09:06 GMT
content-type: image/jpeg
content-length: 32446
last-modified: Fri, 19 Aug 2022 10:34:06 GMT
etag: "62ff671e-7ebe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 41287
ddg-cache-status: HIT
X-Firefox-Spdy: h2
a.realsrv.com/video-slider.js
205.185.216.10200 OK 13 kB URL HTTP/1.1 a.realsrv.com/video-slider.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (45726), with no line terminators
Hash 76da46f4c257b96bfb42e8a22f70e4f3
f64e2431557a6ebc9ce742dae555fe84eb2f5141
73a66ac6767d009e6a2d3727eff796bf8c1bb3221f473d8fb558bdd25dd9aa9b
GET /video-slider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 04:37:13 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 13013
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"d2ce3ee76ea3afea4a58d6d606a"
X-HW: 1662957433.dop016.sk1.t,1662957433.cds230.sk1.shn,1662957433.cds230.sk1.c
Access-Control-Allow-Origin: *, *
oncam.me/media/videos/tmb/000/139/567/6.jpg
186.2.163.70200 OK 31 kB URL HTTP/2 oncam.me/media/videos/tmb/000/139/567/6.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 300x226, components 3\012- data
Hash 1fd74c5c618e435a7787059729dfb76d
eac060e2f80bff65ba526313872bb79ffe260465
0672785319922b0e666fbc3399b077e6767ebdadd9b690d57a5bd3bdc81318fe
GET /media/videos/tmb/000/139/567/6.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 11 Sep 2022 17:09:06 GMT
content-type: image/jpeg
content-length: 30856
last-modified: Fri, 19 Aug 2022 10:34:07 GMT
etag: "62ff671f-7888"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 41287
ddg-cache-status: HIT
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/000/139/567/4.jpg
186.2.163.70200 OK 29 kB URL HTTP/2 oncam.me/media/videos/tmb/000/139/567/4.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 300x226, components 3\012- data
Hash 7f2de77a9c38c5099c6db284aa0d28a8
b71f176e584d8350628034de5f4a10fe4dadb086
e5fbae95b04b759d59399ffb6ee71023d939820bfc077ae1bb9684f42d0a356c
GET /media/videos/tmb/000/139/567/4.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 11 Sep 2022 17:09:06 GMT
content-type: image/jpeg
content-length: 28587
last-modified: Fri, 19 Aug 2022 10:34:06 GMT
etag: "62ff671e-6fab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 41287
ddg-cache-status: HIT
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/000/139/567/1.jpg
186.2.163.70200 OK 34 kB URL HTTP/2 oncam.me/media/videos/tmb/000/139/567/1.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 300x226, components 3\012- data
Hash e7c74528950b1807e9825757973bfc76
9de48e6520065d5e09fc9181a18eafbb57f57e52
da6f98c83d65135f75ae31e7e5ac89f682f0993b78d529180ade2a2f6de53a77
GET /media/videos/tmb/000/139/567/1.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 09 Sep 2022 18:41:18 GMT
content-type: image/jpeg
content-length: 33911
last-modified: Fri, 19 Aug 2022 10:34:04 GMT
etag: "62ff671c-8477"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 208555
ddg-cache-status: HIT
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/000/139/567/3.jpg
186.2.163.70200 OK 34 kB URL HTTP/2 oncam.me/media/videos/tmb/000/139/567/3.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 300x226, components 3\012- data
Hash 3fcb641b3330d9dea813eacf891c6976
1364c9195c1890afb9edd46bf684f9d631f3ef83
4d1fc76f72c4a841c184199e44d9d3cfe60cbb98efd7044d5608ad53d7bb256a
GET /media/videos/tmb/000/139/567/3.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 09 Sep 2022 14:16:43 GMT
content-type: image/jpeg
content-length: 34226
last-modified: Fri, 19 Aug 2022 10:34:05 GMT
etag: "62ff671d-85b2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 224430
ddg-cache-status: HIT
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/000/139/567/7.jpg
186.2.163.70200 OK 33 kB URL HTTP/2 oncam.me/media/videos/tmb/000/139/567/7.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 300x226, components 3\012- data
Hash 8b7b1ee7f09cebebe53dd6bcdc063fe9
0ced1ac54350a28cb97b1841370b94f81ad5957b
9ac86e82c40bfaad91eed20b1a96ed6d13e032d3b0df24e512a05f61e1d0596e
GET /media/videos/tmb/000/139/567/7.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 19 Aug 2022 10:55:12 GMT
content-type: image/jpeg
content-length: 33106
last-modified: Fri, 19 Aug 2022 10:34:08 GMT
etag: "62ff6720-8152"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 2050921
ddg-cache-status: HIT
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/000/139/567/8.jpg
186.2.163.70200 OK 35 kB URL HTTP/2 oncam.me/media/videos/tmb/000/139/567/8.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 300x226, components 3\012- data
Hash 0af923e22ac2a1e318314f25fcf1973d
5a19d8c2069006d4f7c1e4d764947816b7776071
25a6c6d897ac3f54b5e3f1750a8bd33e6f7639edba584eb3e949e4568ea6e04f
GET /media/videos/tmb/000/139/567/8.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 11 Sep 2022 17:09:06 GMT
content-type: image/jpeg
content-length: 34610
last-modified: Fri, 19 Aug 2022 10:34:08 GMT
etag: "62ff6720-8732"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 41288
ddg-cache-status: HIT
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/000/139/567/9.jpg
186.2.163.70200 OK 33 kB URL HTTP/2 oncam.me/media/videos/tmb/000/139/567/9.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 300x226, components 3\012- data
Hash 439c7b44428178d57f9e7e47b794e17f
3b444f94f3b85c3d7791f3ce4165930609929329
e19e48223d815ada0cb8376179e78d2195b44ffc46be5b399668db480aa01af2
GET /media/videos/tmb/000/139/567/9.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 09 Sep 2022 18:41:18 GMT
content-type: image/jpeg
content-length: 33446
last-modified: Fri, 19 Aug 2022 10:34:09 GMT
etag: "62ff6721-82a6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 208555
ddg-cache-status: HIT
X-Firefox-Spdy: h2
a.realsrv.com/video-outstream.js
205.185.216.10200 OK 14 kB URL HTTP/1.1 a.realsrv.com/video-outstream.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (51373), with no line terminators
Hash ea3dd374be08ca536c1e949f75cf25d0
ee726c880da79d616eb53b4249a83d767f9572f8
eaf0615f33e4daf970764d47474102281e90f7951c4ceac994ff0c41d91d1e22
GET /video-outstream.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 04:37:13 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 13651
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"fc5d9af25fede9e5e0e3509406d"
X-HW: 1662957433.dop226.sk1.t,1662957433.cds017.sk1.shn,1662957433.cds017.sk1.c
Access-Control-Allow-Origin: *, *
a.realsrv.com/fp-interstitial.js
205.185.216.10200 OK 8.4 kB URL HTTP/1.1 a.realsrv.com/fp-interstitial.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (28737), with no line terminators
Hash fec2dd11d993e1c5029cd6fc5365def8
2b17faffaf8e059a337f146708923ffe80228063
68fed8855f0aa0bd8aa1e9342d18a5c172ca522735a0c5bb4a6e7b743b8b4476
GET /fp-interstitial.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 04:37:13 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 8389
Content-Type: application/javascript
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Cache-Control: max-age=10800
Server: nginx
etag: W/"c8235d0460f36838d9faddcb21d"
X-HW: 1662957433.dop211.sk1.t,1662957433.cds218.sk1.shn,1662957433.dop211.sk1.t,1662957433.cds206.sk1.c
Access-Control-Allow-Origin: *, *
s7.addthis.com/js/300/addthis_widget.js
2.18.172.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 2.18.172.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116325 bytes)
Hash ff4671f71c958029bbf6d9694284da70
7535744f2dbaf99902a54fc529e760b08a73f265
123f781673b2e45e18df36b64984674f489a5f3541c69e295f01f554b8d3c738
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116325
date: Mon, 12 Sep 2022 04:37:13 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 04:37:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oncam.me/media/videos/tmb/000/139/567/10.jpg
186.2.163.70200 OK 31 kB URL HTTP/2 oncam.me/media/videos/tmb/000/139/567/10.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 300x226, components 3\012- data
Hash 37a3c3f1186afa6d7dde0b21a238016e
87a5c25826756c268cdb5bd7fa9f53bacc3704fa
4552cf83a5c62781b34590fbeb3a344078e33ac6c40eff880d4841b699a8b3e3
GET /media/videos/tmb/000/139/567/10.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 10 Sep 2022 17:18:44 GMT
content-type: image/jpeg
content-length: 30891
last-modified: Fri, 19 Aug 2022 10:34:09 GMT
etag: "62ff6721-78ab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 127109
ddg-cache-status: HIT
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-132886189-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-132886189-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash b8839f4bd99786848859aea87945b31a
27d25b9f742e677f21c759cd8b9abce4db5f05d9
902cde49d6c15988444cba6fe008a7c60136d3d21c02f6a3c73e67f6c498ad02
GET /gtag/js?id=UA-132886189-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Sep 2022 04:37:13 GMT
expires: Mon, 12 Sep 2022 04:37:13 GMT
cache-control: private, max-age=900
last-modified: Mon, 12 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41971
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 04:37:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jaavnacsdw.com/solid.gif?z=1906939&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 jaavnacsdw.com/solid.gif?z=1906939&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1906939&abvar=0 HTTP/1.1
Host: jaavnacsdw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oncam.me
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 04:37:13 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
syndication.realsrv.com/splash.php?idzone=4676972&cookieconsent=true
95.211.229.245200 OK 2.4 kB URL HTTP/1.1 syndication.realsrv.com/splash.php?idzone=4676972&cookieconsent=true
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1522)
Hash 81544b8569263bd61f120617bf161522
2e24b22fb5a340b4295b9f4b825146d749f8e7d6
8524edb89def14d4569030b235af28070ced012a640fcd039214cacf1593a132
GET /splash.php?idzone=4676972&cookieconsent=true HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oncam.me
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 04:37:13 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22631eb779d1e5e2.21787658556741999%22%3B%7D; expires=Wed, 11 Sep 2024 04:37:13 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4676972%7C72057292%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Concam.me%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 13 Sep 2022 04:37:13 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://oncam.me
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15925
Expires: Mon, 12 Sep 2022 09:02:38 GMT
Date: Mon, 12 Sep 2022 04:37:13 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15925
Expires: Mon, 12 Sep 2022 09:02:38 GMT
Date: Mon, 12 Sep 2022 04:37:13 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15925
Expires: Mon, 12 Sep 2022 09:02:38 GMT
Date: Mon, 12 Sep 2022 04:37:13 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15925
Expires: Mon, 12 Sep 2022 09:02:38 GMT
Date: Mon, 12 Sep 2022 04:37:13 GMT
Connection: keep-alive
oncam.me/templates/bootadult4/js/all.min.js?t=1662324101
186.2.163.70200 OK 44 kB URL HTTP/2 oncam.me/templates/bootadult4/js/all.min.js?t=1662324101
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (41849)
Hash f2579aeeaf44ae14c959c6fa0f90fc94
f51de1d2d209ed87943e41a39eaa1a7228114cb2
a0eff15c7b63e92e4b8879b6924d066ce28b0b9e2c66e2eee111dd3f9506957f
GET /templates/bootadult4/js/all.min.js?t=1662324101 HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Sep 2022 04:37:13 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 20:41:46 GMT
vary: Accept-Encoding
etag: W/"63150d8a-17a5a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 5b6def807c7cad81b8721e0c02afb180
e9a6313ffb7ee3baf608623b796bbfc6ce373fce
19562e22f4d077a833ed529a4eab2f1321fc652a882d5b34c665ef974cd1cd44
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 04:37:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 20:56:05 GMT
Expires: Thu, 15 Sep 2022 20:56:04 GMT
Etag: "e9a6313ffb7ee3baf608623b796bbfc6ce373fce"
Cache-Control: max-age=603959,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 355
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7495f25a08d5b500-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2d7711b-185f-4415-a6ae-216ee0963835.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2d7711b-185f-4415-a6ae-216ee0963835.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9070c2246f7d7d014ea10ec1979ea78
e9097147008dc448d25863791d2369a2ae7358a9
95ca30b20347e85a8e5e929323df70f6c2fe3f392ec353344a070d2f5a2e5adc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2d7711b-185f-4415-a6ae-216ee0963835.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14219
x-amzn-requestid: 0add79f7-2621-4c69-ac31-ff460ac8f311
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUJKwH5PIAMFxNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e5577-491126d379680f16038739e0;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:39:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DtE3FC-6x4XLrH94oymXzwlOQB71XmIAV0H8FqjEiT6hVzAC9ZAWXA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:48:09 GMT
age: 24544
etag: "e9097147008dc448d25863791d2369a2ae7358a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca76593aa217eb69a58ed89610d9d59d
d09f2d5acd5945620a2a51d72411c3c464a5166e
7b31c12dad70a30defa8924061b635410d8b2a59e90819c8707ee6d0b5acc98e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7029
x-amzn-requestid: 188bfede-89d9-42f9-914b-13a330675370
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxLHkBIAMFrrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d4-44c167dd64d1756c0280a759;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qbhdBjUA4GNK7U8VQYUPDynJ58slL5aG1bZMDdXc8IKeg0KwZeqn2Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:48:11 GMT
age: 24542
etag: "d09f2d5acd5945620a2a51d72411c3c464a5166e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jaavnacsdw.com/t/9/fret/meow4/1906939/e4aa206a.js
62.122.171.6200 OK 32 kB URL HTTP/2 jaavnacsdw.com/t/9/fret/meow4/1906939/e4aa206a.js
IP 62.122.171.6:0
Hash 85c356c8270d85747909bf8fae495c5d
0bdb01b4c4ec7bc8052133c5cec96c2583810242
7d3d8da9e7adfde6295e7101f97e522e35cccee4ab731fa400d795bc4e1b7bda
Analyzer Verdict Alert quad9 Sinkholed
GET /t/9/fret/meow4/1906939/e4aa206a.js HTTP/1.1
Host: jaavnacsdw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 04:37:13 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1091a"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eee5b4d617dab6f10d7053f5c4f4e98e
6c728c56797ba921e8001919df4d36e56dd37e54
76a53e2c81ec8da2bc469760b2c57098d587c6a36fa70e5b7c743a224a47d362
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8171
x-amzn-requestid: a3eb931f-cd71-4738-acb1-4398fc09f453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOa7QGqoIAMFwlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c0b7b-2a6ed8ca00a0a0640110cf5d;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:58:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QuUPVSWCQk9z9xI03trHifaWzOi5TqBZHLena93lrxhjlAG1PICKKA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 12:19:15 GMT
age: 58678
etag: "6c728c56797ba921e8001919df4d36e56dd37e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 24922
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 04:37:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oncam.me/misc/fluidplayer/fluidplayer.min.css
186.2.163.70200 OK 4.9 kB URL HTTP/2 oncam.me/misc/fluidplayer/fluidplayer.min.css
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (26988), with no line terminators
Hash 06f91037ba69093afcd8cf421a5ea1e5
11b26e36ecd8f341dcba8e5cf267b325595b439d
fe307bcccee573168e8d3db3392fe032d1145f59ca66669cb930f7dabefd685f
GET /misc/fluidplayer/fluidplayer.min.css HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Sep 2022 04:37:13 GMT
content-type: text/css
last-modified: Thu, 13 Dec 2018 17:09:17 GMT
vary: Accept-Encoding
etag: W/"5c12923d-696c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2
limurol.com/ssp/req/1906939/?pb=444e76a9d59631359fafb7d883f560171662964633&psp=SS5YiKsKKgxGmnV54pwsQd8NHJNzkjyySv2xYSvHCb93CngWGTst0Bmlmx1P3hMOc74e6y6ofMF9_pVbY6nRDVtc7d4E4Er5ZJkJRENz5wqG-ZphH8deLMxu1sEftrqaH0FA2M3ZnqdqLYMZF8SSBHXu7rW5-qvMFaCG9QkFi8PkE7iza-REIUxq4_LMSsA8gN8FRA3ov5d7bmKwe0xRnEQd4-WG83Vp3eNWKdlKcUsMRGBbfD9gLQpR2Owhn3pMTa-AZztJ1FLwqPP5s8HXn18mY8cK1SYEYxTBcCy3W3a3nT1G1rnHM6pDEWj0jXQvubcj_UWVBOeXwR2bXYWjUaQCXclmNTiMQkZ9u23wGjUxKv5Pt0DcPQpFkCcoSbL-XoI6GrvThBpENKvY1seHrDaEZOi1xQb71ewZbQu9n7tyCVzu2JD66PH_IOqm9rKY1sKNuvxuEVfDyXc9-HNjHbdyZFH4k3v12QLUoNy80Fel0ar_3r-KAtb6P6UOqraGe0J1EPneI2iKLW0_lueoZr6GXex47_fstLSZ3AixtLnDydDZlyyLUaAvXRWw36y5ij6fl-NgQWOebps5g3LkKg==&cb=_clpuig9fg1uh3gyof95f83&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1906939/?pb=444e76a9d59631359fafb7d883f560171662964633&psp=SS5YiKsKKgxGmnV54pwsQd8NHJNzkjyySv2xYSvHCb93CngWGTst0Bmlmx1P3hMOc74e6y6ofMF9_pVbY6nRDVtc7d4E4Er5ZJkJRENz5wqG-ZphH8deLMxu1sEftrqaH0FA2M3ZnqdqLYMZF8SSBHXu7rW5-qvMFaCG9QkFi8PkE7iza-REIUxq4_LMSsA8gN8FRA3ov5d7bmKwe0xRnEQd4-WG83Vp3eNWKdlKcUsMRGBbfD9gLQpR2Owhn3pMTa-AZztJ1FLwqPP5s8HXn18mY8cK1SYEYxTBcCy3W3a3nT1G1rnHM6pDEWj0jXQvubcj_UWVBOeXwR2bXYWjUaQCXclmNTiMQkZ9u23wGjUxKv5Pt0DcPQpFkCcoSbL-XoI6GrvThBpENKvY1seHrDaEZOi1xQb71ewZbQu9n7tyCVzu2JD66PH_IOqm9rKY1sKNuvxuEVfDyXc9-HNjHbdyZFH4k3v12QLUoNy80Fel0ar_3r-KAtb6P6UOqraGe0J1EPneI2iKLW0_lueoZr6GXex47_fstLSZ3AixtLnDydDZlyyLUaAvXRWw36y5ij6fl-NgQWOebps5g3LkKg==&cb=_clpuig9fg1uh3gyof95f83&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1906939/?pb=444e76a9d59631359fafb7d883f560171662964633&psp=SS5YiKsKKgxGmnV54pwsQd8NHJNzkjyySv2xYSvHCb93CngWGTst0Bmlmx1P3hMOc74e6y6ofMF9_pVbY6nRDVtc7d4E4Er5ZJkJRENz5wqG-ZphH8deLMxu1sEftrqaH0FA2M3ZnqdqLYMZF8SSBHXu7rW5-qvMFaCG9QkFi8PkE7iza-REIUxq4_LMSsA8gN8FRA3ov5d7bmKwe0xRnEQd4-WG83Vp3eNWKdlKcUsMRGBbfD9gLQpR2Owhn3pMTa-AZztJ1FLwqPP5s8HXn18mY8cK1SYEYxTBcCy3W3a3nT1G1rnHM6pDEWj0jXQvubcj_UWVBOeXwR2bXYWjUaQCXclmNTiMQkZ9u23wGjUxKv5Pt0DcPQpFkCcoSbL-XoI6GrvThBpENKvY1seHrDaEZOi1xQb71ewZbQu9n7tyCVzu2JD66PH_IOqm9rKY1sKNuvxuEVfDyXc9-HNjHbdyZFH4k3v12QLUoNy80Fel0ar_3r-KAtb6P6UOqraGe0J1EPneI2iKLW0_lueoZr6GXex47_fstLSZ3AixtLnDydDZlyyLUaAvXRWw36y5ij6fl-NgQWOebps5g3LkKg==&cb=_clpuig9fg1uh3gyof95f83&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 04:37:14 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22091123372d46116ce03344a0bf7a44cdde; Path=/; Expires=Tue, 12 Sep 2023 04:37:14 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
2.18.172.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 2.18.172.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 12 Sep 2022 04:37:14 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
syndication.realsrv.com/splash.php?idzone=4679724&cookieconsent=true&tags=null
95.211.229.245200 OK 2.6 kB URL HTTP/1.1 syndication.realsrv.com/splash.php?idzone=4679724&cookieconsent=true&tags=null
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1558)
Hash 8c968aff4a92d78ff9dde1dc274af6ea
e2222c90049ae94b0b98ef793cd795519ff39d79
d0d0ffe88553bd1b3b2499717a2f463fcd9435924daa76216d1f3171f1004a55
GET /splash.php?idzone=4679724&cookieconsent=true&tags=null HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oncam.me
Connection: keep-alive
Referer: https://oncam.me/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22631eb779d1e5e2.21787658556741999%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4676972%7C72057292%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Concam.me%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 04:37:14 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22631eb779d1e5e2.21787658556741999%22%3B%7D; expires=Wed, 11 Sep 2024 04:37:14 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4679724%7C75693132%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C631eb779d1e5e2.21787658556741999%7C%7C0%7Concam.me%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 13 Sep 2022 04:37:14 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://oncam.me
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
oncam.me/misc/font-awesome/css/font-awesome.min.css
186.2.163.70200 OK 7.2 kB URL HTTP/2 oncam.me/misc/font-awesome/css/font-awesome.min.css
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (30837)
Hash a37f26fe9ad99a246175ca6fd7815f97
6e3c9c16c818f730aca91e2e7852a328b66955e2
c07e19c18bc78b681fecb532bd344c0f2d8cc4e924ec190234d1abadcc8962b2
GET /misc/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v; __atuvc=1%7C37; __atuvs=631eb76e450f8312000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Sep 2022 04:37:14 GMT
content-type: text/css
last-modified: Thu, 22 Dec 2016 20:50:34 GMT
vary: Accept-Encoding
etag: W/"585c3c9a-7918"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2
syndication.realsrv.com/splash.php?idzone=4679728&cookieconsent=true&tags=null
95.211.229.245200 OK 2.6 kB URL HTTP/1.1 syndication.realsrv.com/splash.php?idzone=4679728&cookieconsent=true&tags=null
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1558)
Hash 14918f851d0bd06332f931da4bc65ede
eb92d3674cdca4db4029e9920bf3c340bee4e700
e55186579f2f5fdad5257672dd56f113a0afa04aad9ed190a3d9a64fab980977
GET /splash.php?idzone=4679728&cookieconsent=true&tags=null HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oncam.me
Connection: keep-alive
Referer: https://oncam.me/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22631eb779d1e5e2.21787658556741999%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4676972%7C72057292%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Concam.me%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 04:37:14 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22631eb779d1e5e2.21787658556741999%22%3B%7D; expires=Wed, 11 Sep 2024 04:37:14 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4679728%7C75693132%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C631eb779d1e5e2.21787658556741999%7C%7C0%7Concam.me%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 13 Sep 2022 04:37:14 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://oncam.me
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/splash.php?idzone=4679730&cookieconsent=true&tags=null
95.211.229.245200 OK 2.6 kB URL HTTP/1.1 syndication.realsrv.com/splash.php?idzone=4679730&cookieconsent=true&tags=null
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1558)
Hash 1ef2e86c735690a60666e2bbb39240d6
1a15d670920da98b9bebc7df0e8baaa4f7c15e76
ac55cbc741ccb453af2062284c5ccc7886676ba9209e39c015de8c906e612977
GET /splash.php?idzone=4679730&cookieconsent=true&tags=null HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oncam.me
Connection: keep-alive
Referer: https://oncam.me/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22631eb779d1e5e2.21787658556741999%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4676972%7C72057292%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Concam.me%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 04:37:14 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22631eb779d1e5e2.21787658556741999%22%3B%7D; expires=Wed, 11 Sep 2024 04:37:14 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4679730%7C75693132%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C631eb779d1e5e2.21787658556741999%7C%7C0%7Concam.me%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 13 Sep 2022 04:37:14 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://oncam.me
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
bcprm.com/promo.php?c=742053&type=banner&size=728x90&name=st_xmas2021;st_wild;st_virgin2021;st_vday22;st_smurf2021;st_slide;st_sex-addicted;st_riding;st_pleasure;st_marshmellow
185.75.254.28200 OK 103 kB URL HTTP/2 bcprm.com/promo.php?c=742053&type=banner&size=728x90&name=st_xmas2021;st_wild;st_virgin2021;st_vday22;st_smurf2021;st_slide;st_sex-addicted;st_riding;st_pleasure;st_marshmellow
IP 185.75.254.28:0
ASN #48684 Viking Host B.V.
Size 103 kB (103279 bytes)
Hash e987d9ea78bfedb32afaa36ffa632949
96c418a38ecd1eeb1203c16a77813ff345d44ceb
ef3e58f70151029f4d5dbfc41b68aa11e79c76cd9826e5aab5c6c51229a5468c
GET /promo.php?c=742053&type=banner&size=728x90&name=st_xmas2021;st_wild;st_virgin2021;st_vday22;st_smurf2021;st_slide;st_sex-addicted;st_riding;st_pleasure;st_marshmellow HTTP/1.1
Host: bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 04:37:15 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin:
expires: Mon, 12 Sep 2022 04:37:14 GMT
x-bcs: ded7384
strict-transport-security: max-age=0;
cache-control: no-cache, public
content-encoding: gzip
x-bc-bl: 105
X-Firefox-Spdy: h2
oncam.me/misc/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
186.2.163.70200 OK 77 kB URL HTTP/2 oncam.me/misc/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /misc/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://oncam.me/misc/font-awesome/css/font-awesome.min.css
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v; __atuvc=1%7C37; __atuvs=631eb76e450f8312000
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 08 Sep 2022 11:09:27 GMT
content-type: font/woff2
content-length: 77160
last-modified: Thu, 22 Dec 2016 20:50:33 GMT
etag: "585c3c99-12d68"
accept-ranges: bytes
age: 322067
ddg-cache-status: HIT
X-Firefox-Spdy: h2
i.bcprm.com/banners/300x250/st_slide/no.gif
64.210.135.147200 OK 148 kB URL HTTP/2 i.bcprm.com/banners/300x250/st_slide/no.gif
IP 64.210.135.147:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 148 kB (147744 bytes)
Hash 85d047810ebc73aa9f1ab5868cb858bf
47ab466a9d809d5bb222234fdd7b3ed70b8b5bc8
16b7e4af874e7179dae0f5d5549c08b95e2324f97715b262f18e3123d93e7890
GET /banners/300x250/st_slide/no.gif HTTP/1.1
Host: i.bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bcprm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 04:37:14 GMT
content-type: image/gif
content-length: 147744
last-modified: Tue, 12 Apr 2022 11:22:08 GMT
cache-control: max-age=2592000
x-bcs-o: 1
expires: Thu, 08 Sep 2022 08:58:43 GMT
x-o1-bcs-ban: EXPIRED
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
x-cdn-diag: ams5-7059-1-28198-h-0-0---;7735-30-28407----0-0-1
X-Firefox-Spdy: h2
i.bcprm.com/banners/300x250/st_snapchat/no.gif
64.210.135.147200 OK 142 kB URL HTTP/2 i.bcprm.com/banners/300x250/st_snapchat/no.gif
IP 64.210.135.147:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 142 kB (142008 bytes)
Hash 9bcf1dc8e2b6ea81b10be02f3dd0d925
c9f569ecce553eb8918283817ea5e19823e716ac
0e3848fc80112ff142b8ef470a6ef5cff81a9232c6bbc03a2ed1bc6c4c7ccab8
GET /banners/300x250/st_snapchat/no.gif HTTP/1.1
Host: i.bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bcprm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 04:37:14 GMT
content-type: image/gif
content-length: 142008
last-modified: Wed, 20 May 2020 04:58:09 GMT
cache-control: max-age=2592000
x-bcs-o: 1
expires: Sat, 08 Jan 2022 08:39:27 GMT
x-o1-bcs-ban: MISS
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
x-cdn-diag: ams5-7060-5-35319-h-0-0---;7735-30-28407----0-1-0
X-Firefox-Spdy: h2
i.bcprm.com/banners/300x250/ST_small_big_huge/no.gif
64.210.135.147200 OK 131 kB URL HTTP/2 i.bcprm.com/banners/300x250/ST_small_big_huge/no.gif
IP 64.210.135.147:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 131 kB (130574 bytes)
Hash 00fcd26752f4804968df8798ae1f78af
800b4aed91e284f19316975bb2a69fef3cdd8c83
4783b86fdc3b29a24f61c4125b156003363eadf16626ddaa606793719060f544
GET /banners/300x250/ST_small_big_huge/no.gif HTTP/1.1
Host: i.bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bcprm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 04:37:14 GMT
content-type: image/gif
content-length: 130574
last-modified: Wed, 20 May 2020 10:39:45 GMT
cache-control: max-age=2592000
x-bcs-o: 1
expires: Sat, 11 Dec 2021 11:46:58 GMT
x-o1-bcs-ban: HIT
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
x-cdn-diag: ams5-6577-1-9694-h-0-0---;7735-26-28407----0-0-1
X-Firefox-Spdy: h2
u3y8v8u4.aucdn.net/library/41682/84ab19bf397fcb63019de803f0c959b10ab898d6.mp4
185.76.9.15206 Partial Content 5.0 MB URL HTTP/2 u3y8v8u4.aucdn.net/library/41682/84ab19bf397fcb63019de803f0c959b10ab898d6.mp4
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 5.0 MB (4971347 bytes)
Hash fade5d37a2a6b7c48a70bc6b44a42c4c
b4bd5ba4e95b2a85c148583b26f8604de5c40d06
be204ded10cb7c7c85d103b306e35de2f86298d193eca221990c1e05f64c9905
GET /library/41682/84ab19bf397fcb63019de803f0c959b10ab898d6.mp4 HTTP/1.1
Host: u3y8v8u4.aucdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Mon, 12 Sep 2022 04:37:14 GMT
content-type: video/mp4
content-length: 7138221
last-modified: Thu, 28 Apr 2022 01:31:21 GMT
etag: "6269ee69-6cebad"
expires: Fri, 30 Jun 2023 11:08:43 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195242
server: CDN77-Turbo
x-77-nzt: AblMCQ3eat3/UBpgAA
x-77-nzt-ray: car6MB7qA3A
x-cache: HIT
x-age: 6298192
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-7138220/7138221
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/000/139/567/sprite.vtt
186.2.163.70200 OK 79 kB URL HTTP/2 oncam.me/media/videos/tmb/000/139/567/sprite.vtt
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
Hash caa41edd14e8cf64bfe797735c5d7857
b09df3a8feae74d3f3f8040ade74ad194c8af394
041e90975f8d65d8f6195288c2e977a3d7e749ab79e396738096041519c92475
GET /media/videos/tmb/000/139/567/sprite.vtt HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v; __atuvc=1%7C37; __atuvs=631eb76e450f8312000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Sep 2022 04:37:14 GMT
content-type: application/octet-stream
content-length: 78989
last-modified: Fri, 19 Aug 2022 10:38:21 GMT
etag: "62ff681d-1348d"
accept-ranges: bytes
X-Firefox-Spdy: h2
limurol.com/ssp/req/1906939/?pb=444e76a9d59631359fafb7d883f560171662964633&psp=SS5YiKsKKgxGmnV54pwsQd8NHJNzkjyySv2xYSvHCb93CngWGTst0Bmlmx1P3hMOc74e6y6ofMF9_pVbY6nRDVtc7d4E4Er5ZJkJRENz5wqG-ZphH8deLMxu1sEftrqaH0FA2M3ZnqdqLYMZF8SSBHXu7rW5-qvMFaCG9QkFi8PkE7iza-REIUxq4_LMSsA8gN8FRA3ov5d7bmKwe0xRnEQd4-WG83Vp3eNWKdlKcUsMRGBbfD9gLQpR2Owhn3pMTa-AZztJ1FLwqPP5s8HXn18mY8cK1SYEYxTBcCy3W3a3nT1G1rnHM6pDEWj0jXQvubcj_UWVBOeXwR2bXYWjUaQCXclmNTiMQkZ9u23wGjUxKv5Pt0DcPQpFkCcoSbL-XoI6GrvThBpENKvY1seHrDaEZOi1xQb71ewZbQu9n7tyCVzu2JD66PH_IOqm9rKY1sKNuvxuEVfDyXc9-HNjHbdyZFH4k3v12QLUoNy80Fel0ar_3r-KAtb6P6UOqraGe0J1EPneI2iKLW0_lueoZr6GXex47_fstLSZ3AixtLnDydDZlyyLUaAvXRWw36y5ij6fl-NgQWOebps5g3LkKg==&cb=_clpuig9fg1uh3gyof95f83&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1906939/?pb=444e76a9d59631359fafb7d883f560171662964633&psp=SS5YiKsKKgxGmnV54pwsQd8NHJNzkjyySv2xYSvHCb93CngWGTst0Bmlmx1P3hMOc74e6y6ofMF9_pVbY6nRDVtc7d4E4Er5ZJkJRENz5wqG-ZphH8deLMxu1sEftrqaH0FA2M3ZnqdqLYMZF8SSBHXu7rW5-qvMFaCG9QkFi8PkE7iza-REIUxq4_LMSsA8gN8FRA3ov5d7bmKwe0xRnEQd4-WG83Vp3eNWKdlKcUsMRGBbfD9gLQpR2Owhn3pMTa-AZztJ1FLwqPP5s8HXn18mY8cK1SYEYxTBcCy3W3a3nT1G1rnHM6pDEWj0jXQvubcj_UWVBOeXwR2bXYWjUaQCXclmNTiMQkZ9u23wGjUxKv5Pt0DcPQpFkCcoSbL-XoI6GrvThBpENKvY1seHrDaEZOi1xQb71ewZbQu9n7tyCVzu2JD66PH_IOqm9rKY1sKNuvxuEVfDyXc9-HNjHbdyZFH4k3v12QLUoNy80Fel0ar_3r-KAtb6P6UOqraGe0J1EPneI2iKLW0_lueoZr6GXex47_fstLSZ3AixtLnDydDZlyyLUaAvXRWw36y5ij6fl-NgQWOebps5g3LkKg==&cb=_clpuig9fg1uh3gyof95f83&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1906939/?pb=444e76a9d59631359fafb7d883f560171662964633&psp=SS5YiKsKKgxGmnV54pwsQd8NHJNzkjyySv2xYSvHCb93CngWGTst0Bmlmx1P3hMOc74e6y6ofMF9_pVbY6nRDVtc7d4E4Er5ZJkJRENz5wqG-ZphH8deLMxu1sEftrqaH0FA2M3ZnqdqLYMZF8SSBHXu7rW5-qvMFaCG9QkFi8PkE7iza-REIUxq4_LMSsA8gN8FRA3ov5d7bmKwe0xRnEQd4-WG83Vp3eNWKdlKcUsMRGBbfD9gLQpR2Owhn3pMTa-AZztJ1FLwqPP5s8HXn18mY8cK1SYEYxTBcCy3W3a3nT1G1rnHM6pDEWj0jXQvubcj_UWVBOeXwR2bXYWjUaQCXclmNTiMQkZ9u23wGjUxKv5Pt0DcPQpFkCcoSbL-XoI6GrvThBpENKvY1seHrDaEZOi1xQb71ewZbQu9n7tyCVzu2JD66PH_IOqm9rKY1sKNuvxuEVfDyXc9-HNjHbdyZFH4k3v12QLUoNy80Fel0ar_3r-KAtb6P6UOqraGe0J1EPneI2iKLW0_lueoZr6GXex47_fstLSZ3AixtLnDydDZlyyLUaAvXRWw36y5ij6fl-NgQWOebps5g3LkKg==&cb=_clpuig9fg1uh3gyof95f83&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 04:37:14 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2209112337e530db37f26147be957cf85ee3; Path=/; Expires=Tue, 12 Sep 2023 04:37:14 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
go.xlirdr.com/smartpop/8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20?userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&memberId=ooc4ASOprsusoldZVXdRNRO6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrom30ssu2m3q3njnmstsrqtqqrspmuuuc6VwQa5_x_7uc6V0rpXSuldK6V0rpXB9g
104.18.42.40302 Found 0 B URL HTTP/2 go.xlirdr.com/smartpop/8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20?userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&memberId=ooc4ASOprsusoldZVXdRNRO6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrom30ssu2m3q3njnmstsrqtqqrspmuuuc6VwQa5_x_7uc6V0rpXSuldK6V0rpXB9g
IP 104.18.42.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20?userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&memberId=ooc4ASOprsusoldZVXdRNRO6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrom30ssu2m3q3njnmstsrqtqqrspmuuuc6VwQa5_x_7uc6V0rpXSuldK6V0rpXB9g HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oncam.me
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 12 Sep 2022 04:37:14 GMT
content-length: 0
location: https://go.xlirdr.com/api/models/vast?campaignId=8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20&campaignType=smartpop&creativeId=4ed558a087c6df7cff4e819ba54b153a8ab30017481c5f5a95dac4f4cd3c0f48&duration=00%3A00%3A30&endpoint=room&iterationId=245959&masterSmartpopId=2683&memberId=ooc4ASOprsusoldZVXdRNRO6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrom30ssu2m3q3njnmstsrqtqqrspmuuuc6VwQa5_x_7uc6V0rpXSuldK6V0rpXB9g&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=7237&tag=-girls%2Findian&userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&variationId=29011&videosList=oil-show
access-control-allow-origin: https://oncam.me
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=67574152.29011; Path=/; HttpOnly; SameSite=Strict
__cflb=04dToQvE4FPLng5Mz6amGAT9NT3YTMNutEmfeSExmS; SameSite=None; Secure; path=/; expires=Tue, 13-Sep-22 03:37:14 GMT; HttpOnly
server: cloudflare
cf-ray: 7495f25ecc59b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.xlirdr.com/smartpop/8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20?userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&memberId=ooc4ASOprsusntdZVXdRNRO6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrom30ssu2m3q3njnmstsrqtqqrspmuuuc6VwQa5_x_7uc6V0rpXSuldK6V0rpXB9g
104.18.42.40302 Found 0 B URL HTTP/2 go.xlirdr.com/smartpop/8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20?userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&memberId=ooc4ASOprsusntdZVXdRNRO6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrom30ssu2m3q3njnmstsrqtqqrspmuuuc6VwQa5_x_7uc6V0rpXSuldK6V0rpXB9g
IP 104.18.42.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20?userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&memberId=ooc4ASOprsusntdZVXdRNRO6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrom30ssu2m3q3njnmstsrqtqqrspmuuuc6VwQa5_x_7uc6V0rpXSuldK6V0rpXB9g HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oncam.me
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 12 Sep 2022 04:37:14 GMT
content-length: 0
location: https://go.xlirdr.com/api/models/vast?campaignId=8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20&campaignType=smartpop&creativeId=4ed558a087c6df7cff4e819ba54b153a8ab30017481c5f5a95dac4f4cd3c0f48&duration=00%3A00%3A30&endpoint=room&iterationId=245959&masterSmartpopId=2683&memberId=ooc4ASOprsusntdZVXdRNRO6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrom30ssu2m3q3njnmstsrqtqqrspmuuuc6VwQa5_x_7uc6V0rpXSuldK6V0rpXB9g&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=7237&tag=-girls%2Findian&userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&variationId=29011&videosList=oil-show
access-control-allow-origin: https://oncam.me
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=67574152.29011; Path=/; HttpOnly; SameSite=Strict
__cflb=0H28uukSkGJRy5UBr2St4i2aEH3UZ9ZdEWuMM9TDRYY; SameSite=None; Secure; path=/; expires=Tue, 13-Sep-22 03:37:14 GMT; HttpOnly
server: cloudflare
cf-ray: 7495f25ecc60b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.xlirdr.com/smartpop/8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20?userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&memberId=ooc4ASOprsusnpdZVXdRNRO6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrom30ssu2m3q3njnmstsrqtqqrspmuuuc6VwQa5_x_7uc6V0rpXSuldK6V0rpXB9g
104.18.42.40302 Found 0 B URL HTTP/2 go.xlirdr.com/smartpop/8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20?userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&memberId=ooc4ASOprsusnpdZVXdRNRO6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrom30ssu2m3q3njnmstsrqtqqrspmuuuc6VwQa5_x_7uc6V0rpXSuldK6V0rpXB9g
IP 104.18.42.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20?userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&memberId=ooc4ASOprsusnpdZVXdRNRO6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrom30ssu2m3q3njnmstsrqtqqrspmuuuc6VwQa5_x_7uc6V0rpXSuldK6V0rpXB9g HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oncam.me
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 12 Sep 2022 04:37:14 GMT
content-length: 0
location: https://go.xlirdr.com/api/models/vast?campaignId=8d895a7a3b4847a30c0a159b2850ec6cd538abf45b153ead926036436ae26b20&campaignType=smartpop&creativeId=4ed558a087c6df7cff4e819ba54b153a8ab30017481c5f5a95dac4f4cd3c0f48&duration=00%3A00%3A30&endpoint=room&iterationId=245959&masterSmartpopId=2683&memberId=ooc4ASOprsusnpdZVXdRNRO6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrom30ssu2m3q3njnmstsrqtqqrspmuuuc6VwQa5_x_7uc6V0rpXSuldK6V0rpXB9g&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=7237&tag=-girls%2Findian&userId=9b65bf46ffaa65f3a0e9f48617bfce410a91e0834859e07cbac61729433ad6e8&variationId=29011&videosList=oil-show
access-control-allow-origin: https://oncam.me
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=67574152.29011; Path=/; HttpOnly; SameSite=Strict
__cflb=02DiuDfsBaY2bRYJiCeSF4mw3pyDiW7pyGw7ZQtD8QhGx; SameSite=None; Secure; path=/; expires=Tue, 13-Sep-22 03:37:14 GMT; HttpOnly
server: cloudflare
cf-ray: 7495f25ecc5fb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
limurol.com/ssp/req/1906939/?pb=444e76a9d59631359fafb7d883f560171662964633&psp=SS5YiKsKKgxGmnV54pwsQd8NHJNzkjyySv2xYSvHCb93CngWGTst0Bmlmx1P3hMOc74e6y6ofMF9_pVbY6nRDVtc7d4E4Er5ZJkJRENz5wqG-ZphH8deLMxu1sEftrqaH0FA2M3ZnqdqLYMZF8SSBHXu7rW5-qvMFaCG9QkFi8PkE7iza-REIUxq4_LMSsA8gN8FRA3ov5d7bmKwe0xRnEQd4-WG83Vp3eNWKdlKcUsMRGBbfD9gLQpR2Owhn3pMTa-AZztJ1FLwqPP5s8HXn18mY8cK1SYEYxTBcCy3W3a3nT1G1rnHM6pDEWj0jXQvubcj_UWVBOeXwR2bXYWjUaQCXclmNTiMQkZ9u23wGjUxKv5Pt0DcPQpFkCcoSbL-XoI6GrvThBpENKvY1seHrDaEZOi1xQb71ewZbQu9n7tyCVzu2JD66PH_IOqm9rKY1sKNuvxuEVfDyXc9-HNjHbdyZFH4k3v12QLUoNy80Fel0ar_3r-KAtb6P6UOqraGe0J1EPneI2iKLW0_lueoZr6GXex47_fstLSZ3AixtLnDydDZlyyLUaAvXRWw36y5ij6fl-NgQWOebps5g3LkKg==&cb=_clpuig9fg1uh3gyof95f83&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1906939/?pb=444e76a9d59631359fafb7d883f560171662964633&psp=SS5YiKsKKgxGmnV54pwsQd8NHJNzkjyySv2xYSvHCb93CngWGTst0Bmlmx1P3hMOc74e6y6ofMF9_pVbY6nRDVtc7d4E4Er5ZJkJRENz5wqG-ZphH8deLMxu1sEftrqaH0FA2M3ZnqdqLYMZF8SSBHXu7rW5-qvMFaCG9QkFi8PkE7iza-REIUxq4_LMSsA8gN8FRA3ov5d7bmKwe0xRnEQd4-WG83Vp3eNWKdlKcUsMRGBbfD9gLQpR2Owhn3pMTa-AZztJ1FLwqPP5s8HXn18mY8cK1SYEYxTBcCy3W3a3nT1G1rnHM6pDEWj0jXQvubcj_UWVBOeXwR2bXYWjUaQCXclmNTiMQkZ9u23wGjUxKv5Pt0DcPQpFkCcoSbL-XoI6GrvThBpENKvY1seHrDaEZOi1xQb71ewZbQu9n7tyCVzu2JD66PH_IOqm9rKY1sKNuvxuEVfDyXc9-HNjHbdyZFH4k3v12QLUoNy80Fel0ar_3r-KAtb6P6UOqraGe0J1EPneI2iKLW0_lueoZr6GXex47_fstLSZ3AixtLnDydDZlyyLUaAvXRWw36y5ij6fl-NgQWOebps5g3LkKg==&cb=_clpuig9fg1uh3gyof95f83&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1906939/?pb=444e76a9d59631359fafb7d883f560171662964633&psp=SS5YiKsKKgxGmnV54pwsQd8NHJNzkjyySv2xYSvHCb93CngWGTst0Bmlmx1P3hMOc74e6y6ofMF9_pVbY6nRDVtc7d4E4Er5ZJkJRENz5wqG-ZphH8deLMxu1sEftrqaH0FA2M3ZnqdqLYMZF8SSBHXu7rW5-qvMFaCG9QkFi8PkE7iza-REIUxq4_LMSsA8gN8FRA3ov5d7bmKwe0xRnEQd4-WG83Vp3eNWKdlKcUsMRGBbfD9gLQpR2Owhn3pMTa-AZztJ1FLwqPP5s8HXn18mY8cK1SYEYxTBcCy3W3a3nT1G1rnHM6pDEWj0jXQvubcj_UWVBOeXwR2bXYWjUaQCXclmNTiMQkZ9u23wGjUxKv5Pt0DcPQpFkCcoSbL-XoI6GrvThBpENKvY1seHrDaEZOi1xQb71ewZbQu9n7tyCVzu2JD66PH_IOqm9rKY1sKNuvxuEVfDyXc9-HNjHbdyZFH4k3v12QLUoNy80Fel0ar_3r-KAtb6P6UOqraGe0J1EPneI2iKLW0_lueoZr6GXex47_fstLSZ3AixtLnDydDZlyyLUaAvXRWw36y5ij6fl-NgQWOebps5g3LkKg==&cb=_clpuig9fg1uh3gyof95f83&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 04:37:14 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22091123379709e38754a84b4a9da9d43f95; Path=/; Expires=Tue, 12 Sep 2023 04:37:14 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
95.101.172.146200 OK 364 kB URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 95.101.172.146:0
Size 364 kB (364248 bytes)
Hash 57fb6ffd091dbe3683005102a6142320
a41a1ff89dd8cce6f429426cc15db1eb01eae09a
2b36dc069d48d0293fde3aecd989ea6601ac7bba420efa6f4cfcb1ca8f9afd3c
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=54774
date: Mon, 12 Sep 2022 04:37:14 GMT
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 12 Sep 2022 02:41:12 GMT
expires: Mon, 12 Sep 2022 04:41:12 GMT
cache-control: public, max-age=7200
age: 6962
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
oncam.me/favicon.ico
186.2.163.70200 OK 1.3 kB IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
Hash 2bbd8ee06287bd934cbb309416b10e02
3483512ae1116789b4b3c7d6b0ce1c4e50bdf675
a4d652509dcacbb1f9f79a185829ae73b376069ae2f4afca0c3e147e89b7655b
GET /favicon.ico HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v; __atuvc=1%7C37; __atuvs=631eb76e450f8312000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 10 May 2022 16:34:46 GMT
content-type: image/x-icon
last-modified: Thu, 26 Nov 2020 19:00:06 GMT
etag: W/"5fbffb36-28de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 10756948
ddg-cache-status: HIT
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-4f9d8c433d6f0bfa/_ate.track.config_resp
2.18.172.123200 OK 230 kB URL HTTP/2 v1.addthisedge.com/live/boost/ra-4f9d8c433d6f0bfa/_ate.track.config_resp
IP 2.18.172.123:0
Size 230 kB (230043 bytes)
Hash 8d08211a970a5e06cfe5cf413ded34f8
ed40e689970bc3ed060bc6f25d28202cbcf282e9
c49a180df4c4608f07176455d27f8bc3713b7e7060dfc218493c11275f646850
GET /live/boost/ra-4f9d8c433d6f0bfa/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 335
etag: 547718925--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=8, s-maxage=86400
date: Mon, 12 Sep 2022 04:37:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
2.18.172.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 2.18.172.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash ac1b5db6377f89a6d7f517c571b8ddba
87205f72f7338d717dd2966119ecb6aae22d5835
9164225c4ffa9eded3fd96fd8403249cf67e2047354fc245fb349216565d00a2
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77691
date: Mon, 12 Sep 2022 04:37:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=631eb76e0f1e38a2&bkl=0&bl=1&pdt=2163&sid=631eb76e0f1e38a2&pub=ra-4f9d8c433d6f0bfa&rev=v8.28.8-wp&ln=en&pc=men&cb=1&ab=-&dp=oncam.me&fp=139567%2Fmayaneu-with-new-bf-2022-08-19-05-54-20%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1662957422561&jsl=1&uvs=631eb76e450f8312000&skipb=1&callback=addthis.cbs.jsonp__50190258585578510
2.18.172.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=631eb76e0f1e38a2&bkl=0&bl=1&pdt=2163&sid=631eb76e0f1e38a2&pub=ra-4f9d8c433d6f0bfa&rev=v8.28.8-wp&ln=en&pc=men&cb=1&ab=-&dp=oncam.me&fp=139567%2Fmayaneu-with-new-bf-2022-08-19-05-54-20%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1662957422561&jsl=1&uvs=631eb76e450f8312000&skipb=1&callback=addthis.cbs.jsonp__50190258585578510
IP 2.18.172.123:0
File type ASCII text, with no line terminators
Hash 0ad83cc96b16d9b21d15f06c687fce35
9903e0a5914988f3f53c3424afeda0eda5d66462
6a0b8bd925e56fec91c08009b508d3eb6d94b734d40fce1a8a197009be2f9fe0
GET /live/red_lojson/300lo.json?si=631eb76e0f1e38a2&bkl=0&bl=1&pdt=2163&sid=631eb76e0f1e38a2&pub=ra-4f9d8c433d6f0bfa&rev=v8.28.8-wp&ln=en&pc=men&cb=1&ab=-&dp=oncam.me&fp=139567%2Fmayaneu-with-new-bf-2022-08-19-05-54-20%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1662957422561&jsl=1&uvs=631eb76e450f8312000&skipb=1&callback=addthis.cbs.jsonp__50190258585578510 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Mon, 12 Sep 2022 04:37:15 GMT
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Foncam.me%2F139567%2Fmayaneu-with-new-bf-2022-08-19-05-54-20%2F&callback=_ate.cbs.sc_httpsoncamme139567mayaneuwithnewbf202208190554200
2.18.172.123200 OK 95 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=https%3A%2F%2Foncam.me%2F139567%2Fmayaneu-with-new-bf-2022-08-19-05-54-20%2F&callback=_ate.cbs.sc_httpsoncamme139567mayaneuwithnewbf202208190554200
IP 2.18.172.123:0
File type ASCII text, with no line terminators
Hash 8f84ffcadaee583ea743f07d2b4c17e8
ec390c9ec0b89b227f4ef152017383200856c8f9
8e7c6d23fd8d89edf9cd2f41292a101f45a113507adff7bef4c586725a7c0bde
GET /url/shares.json?url=https%3A%2F%2Foncam.me%2F139567%2Fmayaneu-with-new-bf-2022-08-19-05-54-20%2F&callback=_ate.cbs.sc_httpsoncamme139567mayaneuwithnewbf202208190554200 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
last-modified: Mon, 12 Sep 2022 04:21:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 95
date: Mon, 12 Sep 2022 04:37:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/000/138/323/7.jpg
186.2.163.70200 OK 42 kB URL HTTP/2 oncam.me/media/videos/tmb/000/138/323/7.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 300x226, components 3\012- data
Hash 4327ba4a7c200e3e3d6dd513ba08a8b5
86d13bb1e5b2eb023bd6ea4f55b042b8081ccef3
4e25e8cfd548e3c9cb20c317afbd11772871da2a29d09f341956f4e4f33757af
GET /media/videos/tmb/000/138/323/7.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v; __atuvc=1%7C37; __atuvs=631eb76e450f8312000; _ga=GA1.2.1459761264.1662957423; _gid=GA1.2.1698558286.1662957423; _gat_gtag_UA_132886189_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 10 Aug 2022 23:31:16 GMT
content-type: image/jpeg
content-length: 41473
last-modified: Wed, 10 Aug 2022 23:28:11 GMT
etag: "62f43f0b-a201"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 2783159
ddg-cache-status: HIT
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/000/141/027/4.jpg
186.2.163.70200 OK 39 kB URL HTTP/2 oncam.me/media/videos/tmb/000/141/027/4.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 300x226, components 3\012- data
Hash 230e66b4ae1805f2c613ba6c15c0b9ab
4c75faed08147e96e08bded29531445494a6cb88
f99452d419faaddbc8db2b683ca9965c8848cee3ad3bb8d88bd0239bf48778e7
GET /media/videos/tmb/000/141/027/4.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v; __atuvc=1%7C37; __atuvs=631eb76e450f8312000; _ga=GA1.2.1459761264.1662957423; _gid=GA1.2.1698558286.1662957423; _gat_gtag_UA_132886189_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 13:58:21 GMT
content-type: image/jpeg
content-length: 38590
last-modified: Thu, 01 Sep 2022 11:41:07 GMT
etag: "63109a53-96be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 916734
ddg-cache-status: HIT
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/000/141/563/2.jpg
186.2.163.70200 OK 40 kB URL HTTP/2 oncam.me/media/videos/tmb/000/141/563/2.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 300x226, components 3\012- data
Hash f8f5347b632b50fe280b6d1bf7e06b61
6d1291f7abd535aa78892b343f1f2a4fe4b4bdbd
0664c2818dc13a65736bdaf88812f2cc152dbfdd40124e24ecd63d6be3b3b159
GET /media/videos/tmb/000/141/563/2.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v; __atuvc=1%7C37; __atuvs=631eb76e450f8312000; _ga=GA1.2.1459761264.1662957423; _gid=GA1.2.1698558286.1662957423; _gat_gtag_UA_132886189_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 09 Sep 2022 08:25:05 GMT
content-type: image/jpeg
content-length: 39686
last-modified: Fri, 09 Sep 2022 08:08:05 GMT
etag: "631af465-9b06"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 245530
ddg-cache-status: HIT
X-Firefox-Spdy: h2
oncam.me/media/videos/tmb/000/141/207/1.jpg
186.2.163.70200 OK 35 kB URL HTTP/2 oncam.me/media/videos/tmb/000/141/207/1.jpg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 300x226, components 3\012- data
Hash fe783f9ce16a8975835ec4d13a40c933
efca2f9482ae01849ed605b5040a205bf5566d4d
10898cd5db8f69dd445cfa8b388fa6f234c55bcf7de0cacee1bf7773ce81712c
GET /media/videos/tmb/000/141/207/1.jpg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v; __atuvc=1%7C37; __atuvs=631eb76e450f8312000; _ga=GA1.2.1459761264.1662957423; _gid=GA1.2.1698558286.1662957423; _gat_gtag_UA_132886189_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 04 Sep 2022 07:27:31 GMT
content-type: image/jpeg
content-length: 35403
last-modified: Sun, 04 Sep 2022 06:57:07 GMT
etag: "63144c43-8a4b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 680984
ddg-cache-status: HIT
X-Firefox-Spdy: h2
oncam.me/misc/jquery3/jquery.min.js
186.2.163.70200 OK 0 B URL HTTP/2 oncam.me/misc/jquery3/jquery.min.js
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
GET /misc/jquery3/jquery.min.js HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Sep 2022 04:37:13 GMT
content-type: application/javascript
last-modified: Wed, 01 May 2019 21:14:27 GMT
vary: Accept-Encoding
etag: W/"5cca0c33-15851"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2
bcprm.com/promo.php?c=742053&type=banner&size=300x250&name=st_xmas2021;st_wild;st_virgin2021;st_vday22;st_smurf2021;st_slide;st_sex-addicted;st_riding;st_pleasure;st_marshmellow
185.75.254.28200 OK 0 B URL HTTP/2 bcprm.com/promo.php?c=742053&type=banner&size=300x250&name=st_xmas2021;st_wild;st_virgin2021;st_vday22;st_smurf2021;st_slide;st_sex-addicted;st_riding;st_pleasure;st_marshmellow
IP 185.75.254.28:0
ASN #48684 Viking Host B.V.
GET /promo.php?c=742053&type=banner&size=300x250&name=st_xmas2021;st_wild;st_virgin2021;st_vday22;st_smurf2021;st_slide;st_sex-addicted;st_riding;st_pleasure;st_marshmellow HTTP/1.1
Host: bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 04:37:15 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin:
expires: Mon, 12 Sep 2022 04:37:14 GMT
x-bcs: ded7013
strict-transport-security: max-age=0;
cache-control: no-cache, public
content-encoding: gzip
x-bc-bl: 105
X-Firefox-Spdy: h2
oncam.me/templates/bootadult4/css/all-dark.min.css?t=1662324101
186.2.163.70200 OK 0 B URL HTTP/2 oncam.me/templates/bootadult4/css/all-dark.min.css?t=1662324101
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
GET /templates/bootadult4/css/all-dark.min.css?t=1662324101 HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v; __atuvc=1%7C37; __atuvs=631eb76e450f8312000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Sep 2022 04:37:14 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 20:41:42 GMT
vary: Accept-Encoding
etag: W/"63150d86-bd69"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2
oncam.me/misc/fluidplayer/images/fluid_icons.svg
186.2.163.70200 OK 0 B URL HTTP/2 oncam.me/misc/fluidplayer/images/fluid_icons.svg
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
GET /misc/fluidplayer/images/fluid_icons.svg HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/misc/fluidplayer/fluidplayer.min.css
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v; __atuvc=1%7C37; __atuvs=631eb76e450f8312000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Sep 2022 04:37:14 GMT
content-type: image/svg+xml
last-modified: Thu, 13 Dec 2018 17:09:17 GMT
vary: Accept-Encoding
etag: W/"5c12923d-1826"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2
oncam.me/misc/fluidplayer//scripts/webvtt.min.js
186.2.163.70200 OK 0 B URL HTTP/2 oncam.me/misc/fluidplayer//scripts/webvtt.min.js
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
GET /misc/fluidplayer//scripts/webvtt.min.js HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v; __atuvc=1%7C37; __atuvs=631eb76e450f8312000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Sep 2022 04:37:14 GMT
content-type: application/javascript
last-modified: Thu, 13 Dec 2018 17:09:17 GMT
vary: Accept-Encoding
etag: W/"5c12923d-2298"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2
oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
186.2.163.70200 OK 0 B URL HTTP/2 oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
GET /139567/mayaneu-with-new-bf-2022-08-19-05-54-20/ HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Sep 2022 04:37:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.19
set-cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; Domain=.oncam.me; HttpOnly; Path=/; Expires=Tue, 12-Sep-2023 04:37:11 GMT
ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
bcprm.com/promo.php?c=742053&type=banner&size=300x250&name=st_true;st_small_big_huge;st_random_all;st_molly;st_snapchat;st-boobs;double2;how_long;st-squirt;crazy
185.75.254.28200 OK 0 B URL HTTP/2 bcprm.com/promo.php?c=742053&type=banner&size=300x250&name=st_true;st_small_big_huge;st_random_all;st_molly;st_snapchat;st-boobs;double2;how_long;st-squirt;crazy
IP 185.75.254.28:0
ASN #48684 Viking Host B.V.
GET /promo.php?c=742053&type=banner&size=300x250&name=st_true;st_small_big_huge;st_random_all;st_molly;st_snapchat;st-boobs;double2;how_long;st-squirt;crazy HTTP/1.1
Host: bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 04:37:15 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin:
expires: Mon, 12 Sep 2022 04:37:14 GMT
x-bcs: ded7724
strict-transport-security: max-age=0;
cache-control: no-cache, public
content-encoding: gzip
x-bc-bl: 105
X-Firefox-Spdy: h2
bcprm.com/promo.php?c=742053&type=banner&size=300x250&name=st_true;st_small_big_huge;st_random_all;st_molly;st_snapchat;st-boobs;double2;how_long;st-squirt;crazy
185.75.254.28200 OK 0 B URL HTTP/2 bcprm.com/promo.php?c=742053&type=banner&size=300x250&name=st_true;st_small_big_huge;st_random_all;st_molly;st_snapchat;st-boobs;double2;how_long;st-squirt;crazy
IP 185.75.254.28:0
ASN #48684 Viking Host B.V.
GET /promo.php?c=742053&type=banner&size=300x250&name=st_true;st_small_big_huge;st_random_all;st_molly;st_snapchat;st-boobs;double2;how_long;st-squirt;crazy HTTP/1.1
Host: bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 04:37:15 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin:
expires: Mon, 12 Sep 2022 04:37:14 GMT
x-bcs: ded7724
strict-transport-security: max-age=0;
cache-control: no-cache, public
content-encoding: gzip
x-bc-bl: 105
X-Firefox-Spdy: h2
oncam.me/misc/popper/umd/popper.min.js
186.2.163.70200 OK 0 B URL HTTP/2 oncam.me/misc/popper/umd/popper.min.js
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
GET /misc/popper/umd/popper.min.js HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Sep 2022 04:37:13 GMT
content-type: application/javascript
last-modified: Thu, 04 Apr 2019 13:25:58 GMT
vary: Accept-Encoding
etag: W/"5ca605e6-52aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2
oncam.me/misc/bootstrap4/js/bootstrap.min.js
186.2.163.70200 OK 0 B URL HTTP/2 oncam.me/misc/bootstrap4/js/bootstrap.min.js
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
GET /misc/bootstrap4/js/bootstrap.min.js HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Sep 2022 04:37:13 GMT
content-type: application/javascript
last-modified: Wed, 13 Feb 2019 14:47:50 GMT
vary: Accept-Encoding
etag: W/"5c642e16-e2d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2
bcprm.com/promo.php?c=742053&type=banner&size=300x250&name=st_true;st_small_big_huge;st_random_all;st_molly;st_snapchat;st-boobs;double2;how_long;st-squirt;crazy
185.75.254.28200 OK 0 B URL HTTP/2 bcprm.com/promo.php?c=742053&type=banner&size=300x250&name=st_true;st_small_big_huge;st_random_all;st_molly;st_snapchat;st-boobs;double2;how_long;st-squirt;crazy
IP 185.75.254.28:0
ASN #48684 Viking Host B.V.
GET /promo.php?c=742053&type=banner&size=300x250&name=st_true;st_small_big_huge;st_random_all;st_molly;st_snapchat;st-boobs;double2;how_long;st-squirt;crazy HTTP/1.1
Host: bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 04:37:15 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin:
expires: Mon, 12 Sep 2022 04:37:14 GMT
x-bcs: ded7383
strict-transport-security: max-age=0;
cache-control: no-cache, public
content-encoding: gzip
x-bc-bl: 105
X-Firefox-Spdy: h2
oncam.me/misc/fluidplayer/fluidplayer.min.js
186.2.163.70200 OK 0 B URL HTTP/2 oncam.me/misc/fluidplayer/fluidplayer.min.js
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
GET /misc/fluidplayer/fluidplayer.min.js HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Sep 2022 04:37:13 GMT
content-type: application/javascript
last-modified: Thu, 13 Dec 2018 17:09:17 GMT
vary: Accept-Encoding
etag: W/"5c12923d-159a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2
oncam.me/misc/bootstrap4/css/bootstrap-extra.min.css
186.2.163.70200 OK 0 B URL HTTP/2 oncam.me/misc/bootstrap4/css/bootstrap-extra.min.css
IP 186.2.163.70:0
ASN #262254 DDOS-GUARD CORP.
GET /misc/bootstrap4/css/bootstrap-extra.min.css HTTP/1.1
Host: oncam.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oncam.me/139567/mayaneu-with-new-bf-2022-08-19-05-54-20/
Cookie: __ddg1_=nLQrse73QiQMeKYBYVPI; ASPro_e9694da344=dkbm9crt10ljetk7qg9kav8n2v; __atuvc=1%7C37; __atuvs=631eb76e450f8312000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Sep 2022 04:37:14 GMT
content-type: text/css
last-modified: Tue, 19 Nov 2019 20:36:18 GMT
vary: Accept-Encoding
etag: W/"5dd45242-1028e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2