www.redd.tube/video/223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6
301 Moved Permanently 0 B URL HTTP/1.1 www.redd.tube/video/223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6 HTTP/1.1
Host: www.redd.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 04:11:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 02 Dec 2022 05:11:53 GMT
Location: https://www.redd.tube/video/223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3AJtYvGVNKyAI8wfK3qzhLPZDlxZUFjM0psCvfGnjMAbJcJSQhc%2Fdnd9FQquepR8AnD11fLBBhiFNQ4O%2FN5L1X9IlMY9SgNx2qhjtaLsllMh5HHKu7bKefMXceO9qg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7731389abfbbb509-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3138
Expires: Fri, 02 Dec 2022 05:04:11 GMT
Date: Fri, 02 Dec 2022 04:11:53 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 592
Cache-Control: max-age=109751
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:11:53 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 10:41:04 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13197
Expires: Fri, 02 Dec 2022 07:51:50 GMT
Date: Fri, 02 Dec 2022 04:11:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 03:19:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3123
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9SMqK6DB4xTkq4UEa2FdhPhHmUKGTbHIho58DhKgnOn0eQLg93EBoKG3KJomUieMl5yccedbgkA=
x-amz-request-id: BASM3M0K21NCVT7Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 03:45:57 GMT
age: 1556
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 961a4f40223d269e55c4ce6bfd0b9541
c5246de883d7650361f803c08f02f958285002d8
fe727fff60ab1034634ed8ffc831dd977429c32fba5f41768c16c4afb89905d7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FE727FFF60AB1034634ED8FFC831DD977429C32FBA5F41768C16C4AFB89905D7"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3420
Expires: Fri, 02 Dec 2022 05:08:53 GMT
Date: Fri, 02 Dec 2022 04:11:53 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:11:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 961a4f40223d269e55c4ce6bfd0b9541
c5246de883d7650361f803c08f02f958285002d8
fe727fff60ab1034634ed8ffc831dd977429c32fba5f41768c16c4afb89905d7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FE727FFF60AB1034634ED8FFC831DD977429C32FBA5F41768C16C4AFB89905D7"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3420
Expires: Fri, 02 Dec 2022 05:08:53 GMT
Date: Fri, 02 Dec 2022 04:11:53 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:11:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 472 B IP
Hash e8af240149c1bffcfa3b0ecc0595d420
415c8a792d290854cf08d4ac1b60a6b2bdf9a05d
66c72a69ba9543a6991f9e7c005accc50f7731fb93a3c62bdb2981158b7978fc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:11:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 02:30:24 GMT
Expires: Tue, 06 Dec 2022 02:30:23 GMT
Etag: "415c8a792d290854cf08d4ac1b60a6b2bdf9a05d"
Cache-Control: max-age=338908,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7731389e6a04b4f1-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash e8af240149c1bffcfa3b0ecc0595d420
415c8a792d290854cf08d4ac1b60a6b2bdf9a05d
66c72a69ba9543a6991f9e7c005accc50f7731fb93a3c62bdb2981158b7978fc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:11:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 02:30:24 GMT
Expires: Tue, 06 Dec 2022 02:30:23 GMT
Etag: "415c8a792d290854cf08d4ac1b60a6b2bdf9a05d"
Cache-Control: max-age=338908,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7731389e7f6a1c12-OSL
www.googletagmanager.com/gtag/js?id=G-Z1WP23B83V
200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-Z1WP23B83V
IP
File type ASCII text, with very long lines (22462)
Hash 0560d440bac030aaf47f5ce1a51c3b5b
07f2c03049a141a28ca19caba7901fe6a421de26
ec4a708ef12b272ee9ac3935fbb144636c644788789baeaafcd2eaed3d550e5d
GET /gtag/js?id=G-Z1WP23B83V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 04:11:54 GMT
expires: Fri, 02 Dec 2022 04:11:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76835
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
File type ASCII text, with very long lines (32058)
Hash b51f9d778be466703e73aceee13d836d
cc5cd9dd2b48712dcf90f14a1ff19d729c43e378
f1e36d8f99614eef048fe3cb4275f3234536bff3e3b1b8f763f14a8a0cadab45
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5622944
expires: Wed, 22 Nov 2023 04:11:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YgwZsyVxl5tjqDrLggqfo5bzM3kq27sJ282BjsbR1HbarD4ClDiKepJlnB%2BKKJCLaV3GZ9wnQncdvQh6KS2tHrfS1eX6UJqqFuQgOYdOSU0n7LBzemvv7ESyyWY5rCuVvo9sZHT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7731389eed270b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js
200 OK 2.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js
IP
File type ASCII text, with very long lines (6986)
Hash d52d77d3d2509d28eb46447ac1b61c57
3974e3359a2bd83f267a483ef6e29f6acf5c3f4c
454f974335899785b7299c0d75bb8c443c6f3742699882f75c09e88b6c86b640
GET /ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 2382
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-1bab"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7897296
expires: Wed, 22 Nov 2023 04:11:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ezp8zj2dL4kDoDrvVg3B5gIIdMxWAxevmO4l9X4%2FwCgCO%2FJKc1K8LCSSR1BvUZQBIipKQM6bBwRhGe3yJJTCKPkMCSMxxCUTYn9DccV8yc1QR4XhS0dKD9aGXfEuCzPmtRq0BY9W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7731389efd2c0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.form/4.2.2/jquery.form.min.js
200 OK 5.7 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.form/4.2.2/jquery.form.min.js
IP
File type ASCII text, with very long lines (16246)
Hash 0a2f468dfd31d876bf8b8b9af8531a4f
1f7983e3a69bc95a17e78ad7a691def0acc5c0e4
12e85b61a16b690e16f38d061cc19302a4419a3c1bf0f0214f05fb7fa283645a
GET /ajax/libs/jquery.form/4.2.2/jquery.form.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 5720
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-42d4"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6069899
expires: Wed, 22 Nov 2023 04:11:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sP8WddvUNTBTVZGmv3M1pvuI7JxOlMuA3ozjf7pJpqUxIy34cAaiilOQzaJV5kEWya%2FP%2F96xweqPL1c7AJFttvQDiVH05n4bpxGuMzDjlLAvV8uNSmW4kHuUocYUof%2BdpL2kdYSC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7731389ef811b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/js/bootstrap.min.js
200 OK 12 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (50758)
Hash d9631ece5b18b1e06f7522a52393b387
93403c9f97ebf85b129ece615058f494c00341bb
ce1a904c2a360c75e56e8059f8970fd1fc90058fb528ff3fe57fe2396f0f63ed
GET /ajax/libs/twitter-bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 12265
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-c75f"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2949098
expires: Wed, 22 Nov 2023 04:11:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=co1asEMjHI%2FwWbBTOO%2FY96GbggHD67ymkVdVBigaskoursZB39%2Ft%2F6amLEszF68Ma1PTJ0rdq3rCjcmirwnfiRD5hEYR2ULOs8XS30nc7c%2Fa4l0ExgWa3zrpNF%2B1o9bwBq%2F866dX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7731389efd2e0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdntube.b-cdn.net/thumbnails/5381377869fa93723d34045ab0d0ba98dec75202.jpg
200 OK 8.2 kB URL HTTP/2 cdntube.b-cdn.net/thumbnails/5381377869fa93723d34045ab0d0ba98dec75202.jpg
IP
ASN #34989 ServeTheWorld AS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x225, components 3\012- data
Hash 555a1330de351ec4019f355508bc7a4d
982bcf7a02d7ca04b3dd4505df74a71fc475129e
9febec73803af03f28b7eba89c7385a62c0b4fd3b8d5f91a032c166c98dd4389
GET /thumbnails/5381377869fa93723d34045ab0d0ba98dec75202.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/jpeg
content-length: 8195
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Thu, 16 Dec 2021 07:52:17 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 281
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 12/02/2022 04:11:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a079c295e7ae2588a8fd96c880352349
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:11:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdntube.b-cdn.net/thumbnails/223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6.jpg
200 OK 7.7 kB URL HTTP/2 cdntube.b-cdn.net/thumbnails/223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6.jpg
IP
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f05bc5239fc4a83235fc08966b521da6
8e9ddf097fb3ab65b8e8a201aae4f59f0769df06
026100a6df75942ab84c0cbaf252dc1153f8e9cb5386e377f11999c2940730cb
GET /thumbnails/223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/webp
content-length: 7714
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Thu, 16 Dec 2021 05:24:54 GMT
cdn-storageserver: DE-197
cdn-requestpullsuccess: True
cdn-fileserver: 270
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 12/02/2022 04:11:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ec2c4079914e14d63658d96a3e2e0083
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash e14645a5d64641f43408392e7bca55a4
84a9309034a7c09084d2a9730e01910c7d3c30ed
d07749fc5c9a5efd92dc1e4abeae29655a57dc120f8700a430176d3acfe22882
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:11:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:27:05 GMT
Expires: Tue, 06 Dec 2022 08:27:04 GMT
Etag: "84a9309034a7c09084d2a9730e01910c7d3c30ed"
Cache-Control: max-age=360309,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7731389eff981c12-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash e8af240149c1bffcfa3b0ecc0595d420
415c8a792d290854cf08d4ac1b60a6b2bdf9a05d
66c72a69ba9543a6991f9e7c005accc50f7731fb93a3c62bdb2981158b7978fc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:11:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 02:30:24 GMT
Expires: Tue, 06 Dec 2022 02:30:23 GMT
Etag: "415c8a792d290854cf08d4ac1b60a6b2bdf9a05d"
Cache-Control: max-age=338908,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7731389e6e17b4fd-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash e8af240149c1bffcfa3b0ecc0595d420
415c8a792d290854cf08d4ac1b60a6b2bdf9a05d
66c72a69ba9543a6991f9e7c005accc50f7731fb93a3c62bdb2981158b7978fc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:11:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 02:30:24 GMT
Expires: Tue, 06 Dec 2022 02:30:23 GMT
Etag: "415c8a792d290854cf08d4ac1b60a6b2bdf9a05d"
Cache-Control: max-age=338908,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7731389e98f9b521-OSL
poweredby.jads.co/js/jads.js
301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Dec 2022 04:11:54 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
cdntube.b-cdn.net/sprite/fast-sprite.png
200 OK 952 B URL HTTP/2 cdntube.b-cdn.net/sprite/fast-sprite.png
IP
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash c34ba40ac9883424ecb72a803eb658f7
0ce32aa430af47ad16dc625a4e86d726aae48962
76beac271eb8e61cb2f2081e7e75e718b056e775ce8858c2ed22c08c69e734b9
GET /sprite/fast-sprite.png HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/webp
content-length: 952
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 23 Feb 2021 21:14:59 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 90
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
cdn-cachedat: 08/16/2022 04:39:17
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b9b9ef8c87d43bbb57716e867588b2d0
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash e8af240149c1bffcfa3b0ecc0595d420
415c8a792d290854cf08d4ac1b60a6b2bdf9a05d
66c72a69ba9543a6991f9e7c005accc50f7731fb93a3c62bdb2981158b7978fc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:11:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 02:30:24 GMT
Expires: Tue, 06 Dec 2022 02:30:23 GMT
Etag: "415c8a792d290854cf08d4ac1b60a6b2bdf9a05d"
Cache-Control: max-age=338908,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7731389eba1bb4f1-OSL
cdntube.b-cdn.net/logo/logo-redd-2x.png
200 OK 2.4 kB URL HTTP/2 cdntube.b-cdn.net/logo/logo-redd-2x.png
IP
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash 21c00320600e74873fd8f868869e86c0
50b86e653e75ad04fff2066446b1f58394f31a6f
8969cb3ece2e5ad806e2fe83fbf476679ae652e32b9a773eb9b6eda8f5de0020
GET /logo/logo-redd-2x.png HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/webp
content-length: 2412
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Wed, 04 May 2022 02:04:27 GMT
cdn-storageserver: DE-168
cdn-requestpullsuccess: True
cdn-fileserver: 290
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 11/26/2022 15:16:04
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 4f7448857891c273dfb1ced71c20d7d9
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.redd.tube/video/223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6
200 OK 13 kB URL HTTP/2 www.redd.tube/video/223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (563), with CRLF, LF line terminators
Hash acb66caa4e8956a835cceded68fc3d5d
27be42ac5cff83fa9ea48e2f034ba305e1555e75
f40d677b47038bcf7729dc9abac895733690335f78f2f7e8420db431f1ec409a
GET /video/223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6 HTTP/1.1
Host: www.redd.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:53 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-frame-options: Deny
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
ischrome: false
country-code: NO
x-name: Mozilla Firefox
ismobile: false
vary: Accept-Encoding
set-cookie: PHPSESSID=0c4ceaf10074985f1b15908ebb9156dd; expires=Fri, 09-Dec-2022 04:11:53 GMT; Max-Age=604800; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrVXy69BRRxcl9L%2FLMiNlRredmsnmp5Ot8VMueuznOyV7iyB%2F2UfltUZ6iWpvHMmNzNkhuGKpfNYjp8ZVssJMoLpuj7ynhQCMpLUnd%2FMnMgKP0ogvaOjS30Gmp1n4Fo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7731389c79f31bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdntube.b-cdn.net/thumbnails/fdc579aa6c35d4347822754a803284fb0a56a47e.jpg
200 OK 2.6 kB URL HTTP/2 cdntube.b-cdn.net/thumbnails/fdc579aa6c35d4347822754a803284fb0a56a47e.jpg
IP
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fa4e298429c095aa0fac0e595829786f
4da2a8399055571a7812ba796736ae75c599f8d6
2de9a2128088c3781703c6378c59a846cc812f41727a18174be4e390ee534e82
GET /thumbnails/fdc579aa6c35d4347822754a803284fb0a56a47e.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/webp
content-length: 2554
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 04 Oct 2022 22:50:00 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 461
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 12/02/2022 04:11:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 11b43c1378e2ad2128444f675995b09e
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdntube.b-cdn.net/thumbnails/e86acc9d6a2967cc0918f47fa9673f4f2afb736e.jpg
200 OK 8.0 kB URL HTTP/2 cdntube.b-cdn.net/thumbnails/e86acc9d6a2967cc0918f47fa9673f4f2afb736e.jpg
IP
ASN #34989 ServeTheWorld AS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x225, components 3\012- data
Hash ba386f8cde7b1951c4e0bf518c89e156
0f7043e07c631c4af4f3454d3a847a87bb1bef52
5ee443225519b3e0b544fdb39c121b84f338a032cd86657c12846908baaa5afe
GET /thumbnails/e86acc9d6a2967cc0918f47fa9673f4f2afb736e.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/jpeg
content-length: 7956
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Thu, 16 Dec 2021 05:24:37 GMT
cdn-storageserver: DE-168
cdn-requestpullsuccess: True
cdn-fileserver: 282
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 12/02/2022 04:11:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: aa24135233f182c7e027717d3880316e
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdntube.b-cdn.net/thumbnails/22406523d54ccce3438b64fffdce594c6d08f5e3.jpg
200 OK 7.3 kB URL HTTP/2 cdntube.b-cdn.net/thumbnails/22406523d54ccce3438b64fffdce594c6d08f5e3.jpg
IP
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 785673faa4a0c8a8e5b4b87c2bcdd519
88530c8de33dc04983c86253fd6a30d5ebf16666
c9389aa58776b8d2b9db067e5b3a8e871690024ef37526e0684baccccfae554c
GET /thumbnails/22406523d54ccce3438b64fffdce594c6d08f5e3.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/webp
content-length: 7328
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 04 Oct 2022 11:30:21 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 440
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 12/02/2022 04:11:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1444b6772190ababf3aef72a1abebf0e
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdntube.b-cdn.net/thumbnails/c7b8efd24d161fbadeb4d26b64055696bcfc0d92.jpg
200 OK 11 kB URL HTTP/2 cdntube.b-cdn.net/thumbnails/c7b8efd24d161fbadeb4d26b64055696bcfc0d92.jpg
IP
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cbcf0a3c402361ed9a4fb9f571ed3696
47e3315216358c66af5d9d060e9454a2ebcc0524
dfe398d91ea723e1d8435771e2bfd6d411e99efc5227264beb06fccccfcd8f88
GET /thumbnails/c7b8efd24d161fbadeb4d26b64055696bcfc0d92.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/webp
content-length: 11222
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 04 Oct 2022 11:29:45 GMT
cdn-storageserver: DE-51
cdn-requestpullsuccess: True
cdn-fileserver: 336
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 12/02/2022 04:11:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6042d6386f355b03ce20a155bd11b201
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
poweredby.jads.co/js/jads2.js
200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redd.tube/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:11:54 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
syndication.realsrv.com/splash.php?native-settings=1&idzone=3651729&cookieconsent=true&&p=https%3A%2F%2Fwww.redd.tube%2Fvideo%2F223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6
200 OK 4.6 kB URL HTTP/1.1 syndication.realsrv.com/splash.php?native-settings=1&idzone=3651729&cookieconsent=true&&p=https%3A%2F%2Fwww.redd.tube%2Fvideo%2F223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (8519), with no line terminators
Hash bcfd4f2504c393b1730d4c1d77c4e3df
5a6f2c8492271654690ae74e7f8b5cd6b3d25e61
c03c0c223404afd898e2763343f15b0cf27e5c13b35360f8daed37ad7802769f
GET /splash.php?native-settings=1&idzone=3651729&cookieconsent=true&&p=https%3A%2F%2Fwww.redd.tube%2Fvideo%2F223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:11:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.redd.tube
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2263897b0a488c50.39504994992229578%22%3B%7D; expires=Sun, 01 Dec 2024 04:11:54 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
impressions=cmmsxrbonxgxaalbmaecegeicmmsxaeenxgxaalbmaecegeimacslbecnxgxaaabssxamgeislsaroornxgxaallsbmomgeicxbmsbxcnxgxaalbmaecegeioslmrxlrnxgxaallrcsxcgeiccmmlmlcnxgxaalmaeerageialbsereanxgxaalrollmegeioslmrxbrnxgxaallsbmomgeicxbmsbcenxgxaallsbmbbgeioslmrxlsnxgxaallsbcmsgeicxbmsbocnxgxaallcccaogeicxbmsboenxgxaalbaaamegeiclsmarcanxgxaaallsxlcgeiclsmrrmanxgxaaallsxlcgeirbabxabbnxgxaalbrlealgeiccmmlleanxgxaalrollmegeimcrxsbcenxgxaameollsmgeimreaoboenxgxaameollsmgeimcclosscnxgxaalccxmexgeimacslbeenxgxaaboslelageioslmroemnxgxaallsbmbbgeioslmrxbmnxgxaallsbcmcgeicaxsscmbnxgxaalmlsmmcgeicaormlxonxgxaamealeoegeicaormbmcnxgxaamealeoegeimcclsxscnxgxaamsmxlcageimccloscanxgxaalbaaamegeimreaomxenxgxaamelbbsbgeimreaobscnxgxaamelbbsbgeimcclosconxgxaallsbmbbgeimcclsoeonxgxaamxaacblgeimacslbeonxgxaaloesaslgeimcclsxsanxgxaamsmxlcageimcclsxlbnxgxaamssmcolgeimaecseaonxgxaamssmcolgeimaecsxeonxgxaamssmcolgeimaecseronxgxaamssmcolgeimrblelrenxgxaamssmcolgeiccmmllebnxgxaalmrsecmgeimcclsxlonxgxaamcsebsxgeimcclsoeenxgxaamcrclalgeimcclsxsbnxgxaamcrclalgeimcclossbnxgxaalbexcrageimcclsxlcnxgxaamrscxmxgeimaecseranxgxaabrlemaegeimcclosccnxgxaamrscxmxgeicaormlxcnxgxaalbxrlcegeicaormbmbnxgxaalrexasogeiclsmrbsenxgxaamaxcsxcgeialbserebnxgxaalmaeerageimcclsxconxgxaallsbmbbgeimcclsxmenxgxaalmbbxcbgeialbserxonxgxaalbcxbsageimccloscenxgxaalmlsmmcgeimcclsxxonxgxaalrcerllgeimcclsxbcnxgxaammclslageicaormlxanxgxaammacmrxgeimcclsxaonxgxaalbrxssogeimrblxxxbnxgxaambboecmgeimrblxelcnxgxaambboecmgeimrblxxrbnxgxaambboecmgeialbserxenxgxaalbxbllogeimacslbeanxgxaablxaelxgeialbserecnxgxaalssbrcxgeiccmmllecnxgxaalbcxbsageisaeeasslnxgxaabrbeccogeimcclossanxgxaabrlemaegeimcclsxronxgxaalraseexgeimaecseabnxgxaabrlemaegeimrblelrcnxgxaabrlemaegeimrblxemonxgxaabrlemaegeimcclsxcanxgxaalrlccrxgeimaecsxoonxgxaabmalbxxgeircsxcxscnxgxaabbxeomsgeicaormbbenxgxaalexxbcxgeiabeocmconxgxaablxrcmmgeimcclsxxcnxgxaalesmxrsgeimrblxeeanxgxaablsaloageimaecsemanxgxaalmmeabageimaecselonxgxaaloaroaageimcclsxacnxgxaalmeeamageimcclselenxgxaalbrxssogeimaecsxronxgxaalxmmoorgeimaecsxsenxgxaalxmmoorgeimaecsercnxgxaalxmmoorgeimaecsembnxgxaalxmmoorgeimaecselenxgxaalxmmoorgeimaecobobnxgxaalsmleergeimaecomoanxgxaalsbbboageimrblxxoenxgxaalsbmacmgeimaecobsbnxgxaalsbbboageimrblxosonxgxaalsbbboageimcclsxmanxgxaalmeeamageimaecsxccnxgxaalmeeamageimrblxeecnxgxaalmeeamageimrblelronxgxaalmeeamageimrblelmonxgxaalmeeamageimaecseacnxgxaalmmeabageimaecsxxcnxgxaalmmeabageicaormbmanxgxaalbxrlcegeimaecsxocnxgxaalbrxssogeixbblrmlanxgxaalbmxrmagxcceimcoaxmxcncgxaalbmxrmagxcceimrcscrsonxgxaalbmxmergxcceimcrxeocbnxgxaalbmxmergxcceimrxccosonsgxaalbmxmergxcceimcrxeorbnxgxaalbmcolmgxcceiaxbscbconxgxaalbmrroxgxcceimcoaxmxoncgxaalbmrbolgxcceimcssmlronsgxaalbmaecegxcceimxlbmxlcnogxaalbmabomgxcceimxxerrecnxgxaalbmabomgxcceimmxerbocnxgxaalbmabobgxcceicloaxxabnxgxaalbmmlrmgxcceimaoolcoonogxaalbmmlrmgxcceialbbeloanxgxaalbmmlrbgxcceicloaxxmonxgxaalbbeabagxcceimxxrecsanogxaalbbxboogxcceimrcscrsanxgxaalblcecxgxcceialbbblbenxgxaalblcrsmgxcceixaoossalnxgxaalblamlrgxcceimeembecenxgxaalblamlrgxcceimeembescnxgxaalblamlrgxcceimmsoxrlenxgxaalblamllgxcceimmsoxrlonxgxaalblamllgxcceimmsoxrlcnxgxaalblabomgxcceimraeelaanxgxaalblabomgxcceimasbmxconxgxaalblabomgxcceimasbmxsenxgxaalblabcxgxcceimasbmxsanxgxaalblabcogxcceimasbmxsbnxgxaalblabrmgxcceimrxmbarenxgxaalblabmxgxcceimraeelabnxgxaalblablogxcceimmxsrbmensgxaalblablogxcceimmxsrbabnsgxaalblablogxcceialbmlesenxgxaalblalxegxcceialbmlexcnxgxaalblalxcgxcceialbmleobnxgxaalblalxlgxcceicloaxxmenxgxaalblalsogxcceicloaxxaanxgxaalblalcmgxcceicloaxxacnxgxaalblalaagxcceicloaecoanxgxaalblmeeogxcceicloaecoenxgxaalblmexagxcceimeelaclansgxaalblmeosgxcceimeelaclcnsgxaalblmeoagxcceimaslbmcanxgxaalblmoragxcceialrexeoonxgxaalblbcolgxcceimaslbmconxgxaalbllolegxcceimxlbmoscnsgxaallesebcgxcceimxlbmosencgxaallesebcgxcceimxxerrxenxgxaallesebcgxcceimmoabamcncgxaallesebcgxcceixaoosscrnxgxaallemlcagxcceimxlbmosanrgxaalloerrbgxcceicmarxbbonsgxaalloerrbgxcceimrxccosanogxaalloxmmrgxcceimaoobrbanrgxaallseoxbgxcceiceecmorsnxgxaallsesbagxcceimexexabbnxgxaallsesbmgxcceimaoobrbcncgxaallselsegxcceimmooobronxgxaallselsegxcceimxlbmxlonsgxaallselsegxcceimaoobbebnxgxaallsooobgxcceimxeoxsacncgxaallsorlxgxcceimcssmlrensgxaallsorlxgxcceimxxerreanxgxaallsorlxgxcceimxlbmxlenogxaallsorlxgxcceimxlbmoconogxaallssemegxcceimeembesonxgxaallssemegxcceimxlbmosonsgxaallssemogxcceimemlxbocnxgxaallscsxsgxcceialbbebsanxgxaallscsxsgxcceimrmoemsensgxaallscsxsgxcceiaaxcambbnxgxaallscsxsgxcceimmsxrlabnxgxaallsbsolgxcceimsacexoonxgxaallsbcmsgxcceimmossscencgxaallsbcmsgxcceimxlbalsbnogxaallsbmomgxcceimxxerrebnxgxaallsbmbbgxcceiallxlmscnxgxaallcccaogxcceicaormlobnxgxaallcccaogeimromobabnxgxaallcccasgxcceimcrxeoscnxgxaallcccasgxcceimmxsrbaonogxaallcrmmegxcceimmxsrbaanxgxaallcrmmegxcceimmsxrlmenxgxaallcrmmegxcceimcssmlrcnogxaallcrbscgxcceimxlbalcenxgxaallcrbscgxcceimxeoxsbenxgxaallcrbscgxcceimxlbmxbbnxgxaallcrbscgxcceimxlbalscnxgxaallcrbscgxcceialbbbllanxgxaallcmaacgxcceimxreaomcnxgxaallclcbsgxcceiraclralcnxgxaallclcbsgxcceimmemalxanxgxaallrxallgxcceimmosssconxgxaallrcsxcgxcceimxlbmoobnxgxaallrcsxcgxcce; expires=Sat, 03 Dec 2022 04:11:54 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C23975195%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cf1e7273746cfd148e172ebc164d30c21%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sat, 03 Dec 2022 04:11:54 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C77233342%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cf1e7273746cfd148e172ebc164d30c21%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sat, 03 Dec 2022 04:11:54 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C71987228%7C100644%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cf1e7273746cfd148e172ebc164d30c21%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sat, 03 Dec 2022 04:11:54 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C74337954%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cf1e7273746cfd148e172ebc164d30c21%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sat, 03 Dec 2022 04:11:54 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8dea19df86e0f81a650c824b251635b2
06983c0ad309181c67002ad3db1a33aef97327d1
7ea9c1289b2c7a6f3495f28c7f6aaca7560e71effb866bd5f251f493d091912b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EA9C1289B2C7A6F3495F28C7F6AACA7560E71EFFB866BD5F251F493D091912B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17814
Expires: Fri, 02 Dec 2022 09:08:48 GMT
Date: Fri, 02 Dec 2022 04:11:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 04:08:57 GMT
cache-control: public,max-age=3600
age: 177
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
syndication.realsrv.com/v1/api.php
200 OK 2.6 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5977), with no line terminators
Hash 7dbc970f4f217831fe048d16bda3d700
07cf20de010f5e3e6f567cdb8cd3c981252611e2
7669ff7b3bb6cae3678e71a74395a5c21a7168aea95eaadd86d8b0306e3b3e48
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 318
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:11:54 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.redd.tube
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263897b0a4ad7b4.432483983331370072%22%3B%7D; expires=Sun, 01-Dec-2024 04:11:54 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1Py24DIQz8lf7AIr9YQ849t1KqfkB3AamXHtpEaqX5+JiNGizDzBibQUhkYVmIn0RPzKdsqJwqJZPEQV5ezzDGd2/t85Iu162DpboZ1qylZhQOVmGe3aUgU6S5rVkQgqqawAgKipCs0RkoEXlBJby/PR/JEUKIfb44oQWm39k1uLu4xtB9NLbS2aVvO6/WlHaZrXQ4vPujeyQWynPqvwBlUwk7Cz+IIRbhKH/8/H3twOO6rceRjwkKtvgGA422Ptyp+xjERUsITZ29SyMZfAOe3LRUUwEAAA==
200 OK 995 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1Py24DIQz8lf7AIr9YQ849t1KqfkB3AamXHtpEaqX5+JiNGizDzBibQUhkYVmIn0RPzKdsqJwqJZPEQV5ezzDGd2/t85Iu162DpboZ1qylZhQOVmGe3aUgU6S5rVkQgqqawAgKipCs0RkoEXlBJby/PR/JEUKIfb44oQWm39k1uLu4xtB9NLbS2aVvO6/WlHaZrXQ4vPujeyQWynPqvwBlUwk7Cz+IIRbhKH/8/H3twOO6rceRjwkKtvgGA422Ptyp+xjERUsITZ29SyMZfAOe3LRUUwEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash 37186381d21bf6e5f80edee91d91d873
f8c441d919ab0f2544c8480b2d6b943e80fe4c17
1bfac0616f6d5547119de5bcc8c68ea131c33d78dccaafd042a9b1f940891024
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1Py24DIQz8lf7AIr9YQ849t1KqfkB3AamXHtpEaqX5+JiNGizDzBibQUhkYVmIn0RPzKdsqJwqJZPEQV5ezzDGd2/t85Iu162DpboZ1qylZhQOVmGe3aUgU6S5rVkQgqqawAgKipCs0RkoEXlBJby/PR/JEUKIfb44oQWm39k1uLu4xtB9NLbS2aVvO6/WlHaZrXQ4vPujeyQWynPqvwBlUwk7Cz+IIRbhKH/8/H3twOO6rceRjwkKtvgGA422Ptyp+xjERUsITZ29SyMZfAOe3LRUUwEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263897b0a4ad7b4.432483983331370072%22%3B%7D; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C74337954%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cf1e7273746cfd148e172ebc164d30c21%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:11:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.redd.tube
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263897b0a4ad7b4.432483983331370072%22%3B%7D; expires=Sun, 01 Dec 2024 04:11:54 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%2263897b0a4ad7b4.432483983331370072%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sun, 01 Dec 2024 04:11:54 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 590
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:11:54 GMT
Last-Modified: Fri, 02 Dec 2022 04:02:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
s3t3d2y8.afcdn.net/library/129744/f45779636ddffd801a99288581b4ea03f5f5212a.jpg
200 OK 25 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/129744/f45779636ddffd801a99288581b4ea03f5f5212a.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 963c069b33b757dbb34e9cf1d81227b3
f45779636ddffd801a99288581b4ea03f5f5212a
d98fb3e059d99aa2d1c22bc1d6240caf1a26f253f994ac15ec097ee509c41c37
GET /library/129744/f45779636ddffd801a99288581b4ea03f5f5212a.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/jpeg
content-length: 25327
last-modified: Thu, 11 Mar 2021 21:52:44 GMT
etag: "604a912c-62ef"
expires: Fri, 30 Jun 2023 18:46:41 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195211
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ0fCRr//93KAA
x-77-nzt-ray: c0a4cc28f7e4f8ad0a7b89634f503325
x-cache: HIT
x-age: 13295103
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
uniqueflatlysorting.com/d4/53/67/d45367c1e1a2457563c268888ecb3001.js
200 OK 14 kB URL HTTP/1.1 uniqueflatlysorting.com/d4/53/67/d45367c1e1a2457563c268888ecb3001.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37192), with no line terminators
Hash 1dabcf0bf93a3323320fd37b0bfbdec3
13d119714a9618f241235a0802e6cc647a0aaa47
5399ae6240d178b9353c65a4f6d205a3279484ee1949da28028beb51be692052
Analyzer Verdict Alert quad9 Sinkholed
GET /d4/53/67/d45367c1e1a2457563c268888ecb3001.js HTTP/1.1
Host: uniqueflatlysorting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 04:11:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 472f0219ac176932920a8bb084a6326c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/140058/a66f2e087f17cd312b112ff9d085f1d86e124d8c.webp
200 OK 10 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/140058/a66f2e087f17cd312b112ff9d085f1d86e124d8c.webp
IP
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9bfaf7271358d3fee1fdab51af536513
a66f2e087f17cd312b112ff9d085f1d86e124d8c
8427b6bf77bd1e1854f29fcd44c318c2acf75013de0f46a40839f0168c97255d
GET /library/140058/a66f2e087f17cd312b112ff9d085f1d86e124d8c.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/webp
content-length: 10548
last-modified: Wed, 03 Nov 2021 11:53:07 GMT
etag: "61827823-2934"
expires: Fri, 30 Jun 2023 11:10:32 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195294
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ0yMav/rN3KAA
x-77-nzt-ray: c0a4cc28f7e4f8ad0a7b8963a90f552c
x-cache: HIT
x-age: 13295020
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/129744/f6cc13c1b36b69218599cb14c5528f3183b188cd.webp
200 OK 8.4 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/129744/f6cc13c1b36b69218599cb14c5528f3183b188cd.webp
IP
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ca7f09249a849864217edbcb3cee12f5
f6cc13c1b36b69218599cb14c5528f3183b188cd
4042159cfe3e49c0d554e9f5e5106aca98af92106635b6c534fe2fd613e7c1b6
GET /library/129744/f6cc13c1b36b69218599cb14c5528f3183b188cd.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/webp
content-length: 8372
last-modified: Thu, 04 Nov 2021 09:42:47 GMT
etag: "6183ab17-20b4"
expires: Fri, 30 Jun 2023 18:46:42 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195211
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ37YFb//93KAA
x-77-nzt-ray: c0a4cc28f7e4f8ad0a7b896346765e2c
x-cache: HIT
x-age: 13295103
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/676799/c8dcd8132d19fbaf195eccaab075f2180db8dd70.webp
200 OK 10 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/676799/c8dcd8132d19fbaf195eccaab075f2180db8dd70.webp
IP
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 21a6ba0d15d51f90b0bb08adaf869ea0
c8dcd8132d19fbaf195eccaab075f2180db8dd70
31487f3242ccf67da001889b69026904d3f5c116d64f5ae642b633fbb941cf45
GET /library/676799/c8dcd8132d19fbaf195eccaab075f2180db8dd70.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/webp
content-length: 9956
last-modified: Thu, 04 Nov 2021 10:09:14 GMT
etag: "6183b14a-26e4"
expires: Fri, 30 Jun 2023 15:10:16 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195325
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ3OaTvvjd3KAA
x-77-nzt-ray: c0a4cc28f7e4f8ad0a7b89633bee6a2c
x-cache: HIT
x-age: 13294989
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/475567/cc7211683ae26562c2df637755f311868f37c8ea.jpg
200 OK 25 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/475567/cc7211683ae26562c2df637755f311868f37c8ea.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash dbe31828ea0277ab9845bf67aa749927
cc7211683ae26562c2df637755f311868f37c8ea
6499cca4ce115e6dcb44a71342a5c705f938fbffbe5c410b55e60051a417b917
GET /library/475567/cc7211683ae26562c2df637755f311868f37c8ea.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/jpeg
content-length: 25056
last-modified: Thu, 30 Mar 2017 09:55:25 GMT
etag: "58dcd60d-61e0"
expires: Fri, 30 Jun 2023 14:29:46 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195223
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ21Zsj/893KAA
x-77-nzt-ray: c0a4cc28f7e4f8ad0a7b8963746e772c
x-cache: HIT
x-age: 13295091
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 22697cff4db5ea5a4c791ce4358a971f
fa4d1ffe6a7354f75e8607231f57a5728e87dfb3
61575c6d3a055a65d09622357da8cdf97d57b96ed8d1d4a7360bd8432931d638
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "61575C6D3A055A65D09622357DA8CDF97D57B96ED8D1D4A7360BD8432931D638"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6246
Expires: Fri, 02 Dec 2022 05:56:00 GMT
Date: Fri, 02 Dec 2022 04:11:54 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f60f02a95664f3be8fd0b4e614010c6a
bb83d56ac8ae98bff5e9954dffc7f2035b47f63f
eddc54420a811685bfd0c2c14dd13340c9380b529bf1bb8c0426baa0375a67f2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Dec 2022 04:11:54 GMT
Last-Modified: Fri, 02 Dec 2022 04:07:24 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: M2c7-UqN9x-ld9hKCjoiCVRKYXZcdDhlay_Xl4q7KNR60_21M3CTfA==
Age: 270
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L550C7dVaGW1WR5G6NDslw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zCHDIkepe2AyeJCZ4ImhV/wz6gE=
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 4794b0af392af3d69b09f9b072918b7a
bd89b218ae4b2857f355169ad783de4a858b7af9
eec3bec1fcc56722e06048359bab64040bbbea0a7919da2dd0ac62557f66f5e2
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.redd.tube
access-control-allow-credentials: true
set-cookie: uid_id2=1b89789e-6aa4-4e48-b7f3-3bf72d673758:2:1; expires=Mon, 29 Nov 2032 04:11:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
cdntube.b-cdn.net/favicon/apple-touch-icon.png
200 OK 2.7 kB URL HTTP/2 cdntube.b-cdn.net/favicon/apple-touch-icon.png
IP
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash b74566546e28a4adc5eb59f574102968
a19aa645f3fb9eda9ffcca603d973c8cbb33a4de
d72c819d338b27e6e697fef0b138e6e0ae36b379fc952e376f2dc23eb6b094b8
GET /favicon/apple-touch-icon.png HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/webp
content-length: 2666
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 19 Feb 2021 03:57:14 GMT
cdn-storageserver: DE-165
cdn-requestpullsuccess: True
cdn-fileserver: 87
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
cdn-cachedat: 08/05/2022 15:40:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 9a2121b27e9d3e661c219c77d76ba07f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdntube.b-cdn.net/favicon/favicon-16x16.png
200 OK 332 B URL HTTP/2 cdntube.b-cdn.net/favicon/favicon-16x16.png
IP
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash ded2b1ef88b4c1826be4981640b88802
1bfcdd5bc5652deab6f80a6c891753507c5eac91
263b1585ee8fad3076fc9599ab934ccbe42d25628a9df35689480a1453c24c99
GET /favicon/favicon-16x16.png HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: image/webp
content-length: 332
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 19 Feb 2021 03:57:29 GMT
cdn-storageserver: DE-164
cdn-requestpullsuccess: True
cdn-fileserver: 113
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 11/29/2022 21:20:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d39c6707d3b4f53c1b938fc692912ca3
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 22697cff4db5ea5a4c791ce4358a971f
fa4d1ffe6a7354f75e8607231f57a5728e87dfb3
61575c6d3a055a65d09622357da8cdf97d57b96ed8d1d4a7360bd8432931d638
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "61575C6D3A055A65D09622357DA8CDF97D57B96ED8D1D4A7360BD8432931D638"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6245
Expires: Fri, 02 Dec 2022 05:56:00 GMT
Date: Fri, 02 Dec 2022 04:11:55 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-Z1WP23B83V>m=2oebu0&_p=1430627087&cid=667383885.1669954313&ul=en-us&sr=1280x1024&_s=1&sid=1669954312&sct=1&seg=0&dl=https%3A%2F%2Fwww.redd.tube%2Fvideo%2F223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6&dt=%F0%9F%94%A5%20%5BBBAN-079%5D%20Aimi%20Yoshikawa%20and%20Wakaba%20Onoue%20%3A%20JapaneseKi...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-Z1WP23B83V>m=2oebu0&_p=1430627087&cid=667383885.1669954313&ul=en-us&sr=1280x1024&_s=1&sid=1669954312&sct=1&seg=0&dl=https%3A%2F%2Fwww.redd.tube%2Fvideo%2F223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6&dt=%F0%9F%94%A5%20%5BBBAN-079%5D%20Aimi%20Yoshikawa%20and%20Wakaba%20Onoue%20%3A%20JapaneseKi...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Z1WP23B83V>m=2oebu0&_p=1430627087&cid=667383885.1669954313&ul=en-us&sr=1280x1024&_s=1&sid=1669954312&sct=1&seg=0&dl=https%3A%2F%2Fwww.redd.tube%2Fvideo%2F223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6&dt=%F0%9F%94%A5%20%5BBBAN-079%5D%20Aimi%20Yoshikawa%20and%20Wakaba%20Onoue%20%3A%20JapaneseKi...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.redd.tube
date: Fri, 02 Dec 2022 04:11:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=972163
200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=972163
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1576), with CRLF, LF line terminators
Hash 0778c447a660e02ff9ee2cea2fb0f818
09135120e41ecc014820fdfdedb4423a28612084
d634ac42d809c188640b78c35ba5f9afa272de178393b198e61e64c3ba9446e7
GET /adshow.php?adzone=972163 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:11:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=8496684d3b87db575bde310954fb58e2; expires=Sat, 02-Dec-2023 04:11:54 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Mon, 05-Dec-2022 04:11:54 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 05-Dec-2022 04:11:54 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/1x1.gif
200 OK 43 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=8496684d3b87db575bde310954fb58e2; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:55 GMT
etag: "1457030838"
cache-control: max-age=17270951
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1669954315.dop026.sk1.t,1669954315.cds251.sk1.hn,1669954315.cds217.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash dbba483714ae9a7faf35e442545a71a6
66453a51dff486d8bb5007b9620c3c0a9fc603fe
23bd7b6970ee3fbb78efc6a47b282adbab40339ef932dcb71984b65562243c9d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 246
Cache-Control: max-age=158684
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:11:55 GMT
Etag: "638942f1-139"
Expires: Sun, 04 Dec 2022 00:16:39 GMT
Last-Modified: Fri, 02 Dec 2022 00:12:33 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 751e53a165aacea66a3736c42ae05095
bc9f28be437eacdbbb07405591f8a98d46ca6b75
2224a82e8bcee8ef6aedb550689943153a26021bfe9c8071a760e199610af02f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2224A82E8BCEE8EF6AEDB550689943153A26021BFE9C8071A760E199610AF02F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13542
Expires: Fri, 02 Dec 2022 07:57:37 GMT
Date: Fri, 02 Dec 2022 04:11:55 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 313 B IP
Hash dbba483714ae9a7faf35e442545a71a6
66453a51dff486d8bb5007b9620c3c0a9fc603fe
23bd7b6970ee3fbb78efc6a47b282adbab40339ef932dcb71984b65562243c9d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 246
Cache-Control: max-age=158684
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:11:55 GMT
Etag: "638942f1-139"
Expires: Sun, 04 Dec 2022 00:16:39 GMT
Last-Modified: Fri, 02 Dec 2022 00:12:33 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
static-assets.highwebmedia.com/images/ico-cams.png?829027f88094
200 OK 549 B URL HTTP/2 static-assets.highwebmedia.com/images/ico-cams.png?829027f88094
IP
File type PNG image data, 13 x 15, 8-bit colormap, non-interlaced\012- data
Hash 4437b02e2efeaa0eb69858a7eb957af6
2dfa9c3fa2fc56c7504c043876eaad9526abed62
52dc5730b7afd3f35531dcca2bd7b9984f0271d15c8b449c4b1d425dddf12a33
GET /images/ico-cams.png?829027f88094 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.ef7436bc2788.css
Cookie: _cfuvid=dxkneuGKVq4bZGvq7XL7jdCCD97JICwDnHbF_whFtR8-1669954315749-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:55 GMT
content-type: image/png
content-length: 549
cache-control: public, max-age=2592000
cf-bgj: imgq:100,h2pri,csam-hash
cf-polished: origSize=1457
etag: "58ecd9d7af4908cce84eccd4cbd6f0d0"
last-modified: Tue, 19 Jan 2021 22:03:22 GMT
x-amz-id-2: uk+Y+mMt51OLA32rfvOrwKQRVhebnzwVD7WNGN89HYS/N/FIKgMltVMzadOcg1MyUuhiPycAlHk=
x-amz-meta-s3cmd-attrs: md5:58ecd9d7af4908cce84eccd4cbd6f0d0
x-amz-request-id: 2BDHEK7PHQPF17BP
cf-cache-status: HIT
age: 1553094
expires: Sun, 01 Jan 2023 04:11:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7xLSi0lZP5Hk5Ba7wxCUYNNlJLidQGLN9Yb80a19B5JlhmXiYe34tKa9FoGozIYTX9EIWkKGWrzao7B6HPMIK8V99udHf9XhTTsc03ZZFs7246u3fMLEaQfa9nGtay9EzZttVjYimR0maZ8MEdcGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773138a9995e0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash ae3e2823db683c8ea8f18db9d6421d05
cf13dbdf46c2abbb537c69ec954a43a57ede1d32
a65de4402a822428c1d0c0534acd12d3990076567efdbca3dfebc62421db552f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6484
Cache-Control: max-age=155290
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:11:55 GMT
Etag: "63891d51-139"
Expires: Sat, 03 Dec 2022 23:20:05 GMT
Last-Modified: Thu, 01 Dec 2022 21:32:01 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash ae3e2823db683c8ea8f18db9d6421d05
cf13dbdf46c2abbb537c69ec954a43a57ede1d32
a65de4402a822428c1d0c0534acd12d3990076567efdbca3dfebc62421db552f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6484
Cache-Control: max-age=155290
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:11:55 GMT
Etag: "63891d51-139"
Expires: Sat, 03 Dec 2022 23:20:05 GMT
Last-Modified: Thu, 01 Dec 2022 21:32:01 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
static-assets.highwebmedia.com/fonts/ubuntur-webfont.woff?896a82003cd1
200 OK 33 kB URL HTTP/2 static-assets.highwebmedia.com/fonts/ubuntur-webfont.woff?896a82003cd1
IP
File type Web Open Font Format, TrueType, length 32960, version 1.0\012- data
Hash 30556905d926944a6ada140546bcf5ce
b9346ce355c8259d71707ab65c13e0629d01a48e
896a82003cd1a9134b0404c129bb7b8292e1d8a91298e275141b21086baa8a9d
GET /fonts/ubuntur-webfont.woff?896a82003cd1 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chaturbate.com
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:55 GMT
content-type: application/font-woff
content-length: 32960
x-amz-id-2: oQRN32iQRWNI2tD7F2N8drq+SpOONefvkFBuj6xfuUwNrtUzFxjUH3DLm/7IAXKOFQJxrDF3NDU=
x-amz-request-id: MA2EZ9YMX1DP219W
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Jan 2021 22:07:55 GMT
etag: "30556905d926944a6ada140546bcf5ce"
x-amz-meta-s3cmd-attrs: md5:30556905d926944a6ada140546bcf5ce
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1553096
expires: Sun, 01 Jan 2023 04:11:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1ztdHLu1ScRtrHyI5x%2By1Cp8n9QnmXSfFoHj5%2Fy7dk%2FnHdPAGfczwl6g8lWI9%2FjFFal7Coa3EM5Nc4eI%2F8jrzxMpnYAelRhjLLW6EZyUdvoBrFShg%2BqI%2BkeNK5NO%2BtTc4zhZbqXxBU0rOQT3q8BvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=.RUdTQrbIQ2fhdN3bgQAtARA3qmcuHoDcC4414yBNy8-1669954315788-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 773138a9a9610af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/fonts/ubuntum-webfont.woff?a7fc63c36394
200 OK 32 kB URL HTTP/2 static-assets.highwebmedia.com/fonts/ubuntum-webfont.woff?a7fc63c36394
IP
File type Web Open Font Format, TrueType, length 31680, version 1.0\012- data
Hash 9968f3d2a16c9ae20a54d0e44ee83d3a
dfd651a49017147b8e8078d530f0930020bfb846
a7fc63c363948d7add8e1dade66045376e2bad22da6697f84d175e5f9a76166e
GET /fonts/ubuntum-webfont.woff?a7fc63c36394 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chaturbate.com
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:55 GMT
content-type: application/font-woff
content-length: 31680
x-amz-id-2: OZxPkQ04a9fsD23r6wJJZ3URrQOlO/HuUUTymwnXMHqFtPj0RCcylGU81ijZxNrBE97yuZCF++o=
x-amz-request-id: 0W3JKYPZE9ZEP39F
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Jan 2021 22:07:54 GMT
etag: "9968f3d2a16c9ae20a54d0e44ee83d3a"
x-amz-meta-s3cmd-attrs: md5:9968f3d2a16c9ae20a54d0e44ee83d3a
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 86
expires: Sun, 01 Jan 2023 04:11:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmFl%2BkX%2BcIP8ulfx6NoVBj4%2F3oDzxG5fhSM6%2BxNQdRBB2rp%2FEfh2NiaSZVX6wiEfxQ7o5cb8MlDdYonRv%2BEf64L2JEBSOkuUnqgpSmkPtK3ntWfw0ZLQ8aix7M2pbOgxGETtMrlxs3vPlFsirnVRUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=O8pGtTxz6Aj1efzOdRklf6gLIt_chpdsGAkOCewiDjk-1669954315789-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 773138a9a9630af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash ae3e2823db683c8ea8f18db9d6421d05
cf13dbdf46c2abbb537c69ec954a43a57ede1d32
a65de4402a822428c1d0c0534acd12d3990076567efdbca3dfebc62421db552f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 107
Cache-Control: max-age=148912
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:11:55 GMT
Etag: "63891d51-139"
Expires: Sat, 03 Dec 2022 21:33:47 GMT
Last-Modified: Thu, 01 Dec 2022 21:32:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
roomimg.stream.highwebmedia.com/riw/candy_kitten69.jpg?1669954290
200 OK 8.2 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/candy_kitten69.jpg?1669954290
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 959x960, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Hash 835a8a68739e9961e5f5985e322273c1
5bb68861c99ce52ba815f671c5130e026a29f9f2
34fcb0fdc3c2ccf53b5fbc8da6c107c24e367ac13ecab8c6219ffdf572fa4bb8
GET /riw/candy_kitten69.jpg?1669954290 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:55 GMT
content-type: image/jpeg
content-length: 8159
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=8209
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 15
last-modified: Fri, 02 Dec 2022 04:11:40 GMT
expires: Fri, 02 Dec 2022 04:12:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3g04z5ySnJZiJ83xndcArS0cJ9yTac7qURNXPVz7T%2BfHDy%2FGTpA8N6xmf38%2F4dsLgeLcolcMQNJzHUZZqYUsgfMGC35%2Fv9uPsyHX5LZ4NvQ%2BrgI%2Fgt4geQgGlLATLTgseNlWyA0uJNkE9GGaqFTP%2FME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=yey15vp3m1OZcgWugDpbg6MCYjvy2u9BdEbEl9hLrJI-1669954315795-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 773138a9ae2fb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/soy_sofia.jpg?1669954290
200 OK 9.9 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/soy_sofia.jpg?1669954290
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Hash 0703aa5075431f980a0d41d5a24bfd59
4807035848a4544753f299bc3985230fc47e9ced
22b8ab134d91094362b7b192ca062b14a4f57d5287b546398491ceb705a2ed80
GET /riw/soy_sofia.jpg?1669954290 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:55 GMT
content-type: image/jpeg
content-length: 9863
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=9954
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 0
last-modified: Fri, 02 Dec 2022 04:11:55 GMT
expires: Fri, 02 Dec 2022 04:12:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BeO8y5j9gd4D3PWDyhbk0f2WktQx1RbUcwr%2F4nS2EjFzZz%2BfW%2FROF%2Bbe%2FGmk8xXD8slVDo%2FAEXdR%2F9aJqgR8d7KSivlbFj4iT8Oe6ShOLNB2Azzp9GympR1RkdaDJIvOtItsdgMhE3gBelvJ5nNDXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=yey15vp3m1OZcgWugDpbg6MCYjvy2u9BdEbEl9hLrJI-1669954315795-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 773138a9ae30b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/x_lily_x.jpg?1669954290
200 OK 10 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/x_lily_x.jpg?1669954290
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Hash 0aaa21b941124776a633b0b219b48e48
2823a1bea184be0c4bfbbfcfb2d528a2248da3ae
7420170c2dc0ff564e22243913107bd836ae2c86cd5478fa7f75c382495e1fe4
GET /riw/x_lily_x.jpg?1669954290 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:55 GMT
content-type: image/jpeg
content-length: 10403
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=10455
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 3
last-modified: Fri, 02 Dec 2022 04:11:52 GMT
expires: Fri, 02 Dec 2022 04:12:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFxprEiYXM%2Fc9Ja4A6ge%2BGnTi%2B3wDD1Jb7gSfiRdmX3SlPDBfyBZ9GSJOyyNzIKSDKirwRp%2FzmJCkOf0QK8soiJ9Quq%2Bxh0nzUVe6olXAYwNUbMcUghV5PX55T4FSTXB%2BUZJF9BnU5tSNMaBPsYPSk8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=lTOv4vzoPbbTg8Zdf6I4P1hl4L5BmkzfZnHClAx3BmI-1669954315796-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 773138a9ae2eb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash ae3e2823db683c8ea8f18db9d6421d05
cf13dbdf46c2abbb537c69ec954a43a57ede1d32
a65de4402a822428c1d0c0534acd12d3990076567efdbca3dfebc62421db552f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6484
Cache-Control: max-age=155290
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:11:55 GMT
Etag: "63891d51-139"
Expires: Sat, 03 Dec 2022 23:20:05 GMT
Last-Modified: Thu, 01 Dec 2022 21:32:01 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 02:41:08 GMT
expires: Fri, 02 Dec 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 5447
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
soldierreproduceadmiration.com/sbar.json?key=d45367c1e1a2457563c268888ecb3001&uuid=1b89789e-6aa4-4e48-b7f3-3bf72d673758%3A2%3A1
200 OK 4.2 kB URL HTTP/1.1 soldierreproduceadmiration.com/sbar.json?key=d45367c1e1a2457563c268888ecb3001&uuid=1b89789e-6aa4-4e48-b7f3-3bf72d673758%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (6019), with no line terminators
Hash d114ecf011b22f5e7354ea6a5353b7aa
62ea725b06a3520fd6fae717d2dbe86f930e49a3
3c6bd6f677b02cc5a6d5caac3186f4f18269bcb80d7e86487a78d523d032a656
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=d45367c1e1a2457563c268888ecb3001&uuid=1b89789e-6aa4-4e48-b7f3-3bf72d673758%3A2%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 02 Dec 2022 04:11:55 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.redd.tube
Access-Control-Allow-Origin: https://www.redd.tube
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17176328; expires=Sat, 03 Dec 2022 04:11:55 GMT; secure; SameSite=None
uid_id2=1b89789e-6aa4-4e48-b7f3-3bf72d673758:2:1; expires=Fri, 09 Dec 2022 04:11:55 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 03 Dec 2022 04:11:55 GMT; secure; SameSite=None
uncs=1; expires=Sat, 03 Dec 2022 04:11:55 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 03 Dec 2022 04:11:55 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 03 Dec 2022 04:11:55 GMT; secure; SameSite=None
slecd45367c1e1a2457563c268888ecb3001=[3830291]; expires=Fri, 02 Dec 2022 04:12:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ca37ecbf15c198dc52941588f40061c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10074
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 04:11:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10074
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 04:11:55 GMT
Connection: keep-alive
chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
200 OK 24 kB URL HTTP/2 chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31162)
Hash ddc67acd11bbc79779fb1d364fc95099
e868ef6a836899f44f26e8ccb65bac6da0d4dfb8
cb705e0eb080f7705a3df59a8f10f92bf120b4f51c6051a97391089704489274
GET /tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Cookie: __cf_bm=UWZooKnm17QhANlxvGdSgl9RSuXkEtasrKeqO_94_ZY-1669954315-0-AbKCiWDYoxr0SaDJyBZYZ0KJlKGf3Yx4uegrrHMMf4ye3tZYBZWuHE3z+rjYhhzOagA91aJkEvBmwjEVSJA6oFA=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:55 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Language, Cookie
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
set-cookie: stcki="iuhY4r=0"; expires=Sun, 01-Jan-2023 04:11:55 GMT; Max-Age=2592000; Path=/
affkey="eJyrVipSslJQyigpKSi20tcvyC9PLUpNSarUy0pMKdZLztdXqgUA0FML6A=="; Domain=.chaturbate.com; expires=Sun, 01-Jan-2023 04:11:55 GMT; Max-Age=2592000; Path=/
sbr=sec:sbrc8b7e4f6-a8dd-4b1a-b059-c1400de97c1a:1p0xP1:sqPF9jRJy-ngeOg8RQ_2KVv83CY; Domain=.chaturbate.com; expires=Wed, 27-Aug-2025 04:11:55 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773138a80c63b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
200 OK 7.5 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
IP
File type ASCII text, with very long lines (316), with no line terminators
Hash 78042b9095268270cb21171fe6e81b70
33530828aaf6f0d6887114a06f51ff5fa6116970
3d93a6c557903ff6aeaf0c1464777ff4f8e39fa3e5739658ac4860bde683de74
GET /CACHE/js/output.6f6724a00cb8.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:55 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"a708027bfbbde438a72a93082d4bc4b5"
last-modified: Thu, 24 Jun 2021 21:24:05 GMT
x-amz-id-2: JSy2VAlm3gAahvlCm5/iqNOQuasckcIrq13CGup8iDmNjJ/I2mSXsAw6q4OzSeK3RH88h3oFZ3U=
x-amz-meta-s3cmd-attrs: md5:a708027bfbbde438a72a93082d4bc4b5
x-amz-request-id: 2D5V5B3Y2TWH6PZC
cf-cache-status: HIT
age: 1320272
expires: Sun, 01 Jan 2023 04:11:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t74l3AOP%2FDoRpUeykHO3vyO5B3vmL4cWs7%2F2rGmFadibyJmswuqiji6yTnBGqgTXxEqC932WMB%2BmjGQ5BenZvvKII1gLFqQNSlXr3U%2BSfjKfynOs2Wo5eV5DxikSq36IE34vQCsb2hTUC3O71%2FNbvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=mnyJF4fRsWvahszzDr4rBK9SQ7gAOFxk3.rIt9I0K.g-1669954315769-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 773138a989560af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/css/output.ef7436bc2788.css
200 OK 14 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.ef7436bc2788.css
IP
File type ASCII text, with very long lines (24522), with no line terminators
Hash 4cdcba9c38f45e311768f0e49b5367af
16bafdb8bd6dae9ecda3827d913fb387e24e7253
58a550ec4f8e227d91ca48f06de14b1a6840c8be8507a36125ea674195bf22cd
GET /CACHE/css/output.ef7436bc2788.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:55 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=29618
etag: W/"ade681e2fa92be6f93f43294ddc58941"
last-modified: Thu, 17 Nov 2022 16:34:23 GMT
x-amz-id-2: azvjfLhsZQz0cag4muV1nCoqw4kMQf5PSauhF7VXnYrO6hWxTMgQHmT8X4/+31fVT28kfu+Uu6Q=
x-amz-meta-s3cmd-attrs: md5:ade681e2fa92be6f93f43294ddc58941
x-amz-request-id: X33R15MJ639RYB32
cf-cache-status: HIT
age: 1251321
expires: Sun, 01 Jan 2023 04:11:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEnUY2e8WkF8W9f4oOOHWb4bLQyfEgNjkqG0pfcPaZMoKysVKbaPpdDTtTk601PKNqB9cshpdjBW0GdguAvHH5Gj1EwU2CfQuM9icU5%2FHRisMHorlYTaEVxY3gvKIjJpBLVr5ON2W2jAT8Q%2F1DyD%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=dxkneuGKVq4bZGvq7XL7jdCCD97JICwDnHbF_whFtR8-1669954315749-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 773138a9694b0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89e1a735e16f55c78fa75ae434294029
6c56f4015305eff04a99cec9758cd40bf4e5f704
26e8b042c0bbef2c7f93f77451563cf6e12af282251ef864652574be2b2c5b15
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3711
x-amzn-requestid: 68772438-16c4-40ab-a40e-860425d8301c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGyhHVsIAMFmsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e76-21d27db6708228002e738938;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JOCSKxy4WUDbS22Gd9BlyN1gmcDsDNlNWnT57KITGlNwfOe_Iaco9g==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:59 GMT
age: 22976
etag: "6c56f4015305eff04a99cec9758cd40bf4e5f704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg
200 OK 1.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 367a113e3826442861c63ba501d2d67d
764f6910ecc1ee436a70aa83f5bd363c2e500341
5e5cc53aba99e68211c86a2fd83ac4a023d1c82875d60a09d52875ef129cbb71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 1654
x-amzn-requestid: 537d523f-a3fb-4514-bda5-ecc834c1ed39
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgBEFNIAMFTjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dff-0c12ccea20e953c236ca2b1b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IXNpFJsiqPvrg8f-op2tcIVW2qoV7ZPm12wsTTXfYu0369N4Csy8BA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:06:58 GMT
age: 21898
etag: "764f6910ecc1ee436a70aa83f5bd363c2e500341"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 23829
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:11:56 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 297
x-timer: S1669954316.226673,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
soldierreproduceadmiration.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz48URRTHq1cwRi4KJMaDcQ4eNHFnu6e75wccNiA%2FJK5AAEPiyfrVu%2BXWdHWquqeHxQORBOG2aIwee7%2BzsFEJkT9AgrMcNJuQ0B7MHlwjCUdPJpzNLBs3vkO9V%2FV9h%2Ff9vLq2UmwRHwXdPPuhWVJa05m46TfevqhSYUrXOH2hEfhN%2F3Djokrb0eHGcHLYwaHAj5v%2BO42Tki%2BamZYf%2BH7gB40TysrEDGe2VajsTi9o9vxm1GoGcYSh%2Ff%2FdFR4c9SAGW2Q%2FlKj3Lvx6D4qPkfZ%2FPCbdYm6yd4%2F3C01zYzEQax%2Bli6kpU%2FR3y8R6SNK1nW4YVxPy7RRMurbjAGawOnEApmri%2FR6ApWs7Y4INbj2flGnIFEzsQzkYQ%2BoxFB2Dm6tQ4jEBuMDpM0j7t08bW9JLz1U6UWuy59k%2FUGVN9vxxEGn%2F7lGtho3zRhe5MqnDMKmghmOo%2BTGyYh35kgdVroPnn0OJR2Tm2RzS%2FuoZpw2U2HwrYN1ep9uT021Ko%2BlIRt1p1knC6ZAlnZZod8JO3N1GpNQYKhlDy2VQN4XCeSiUhyLxUGQe%2BmKzQeNe4vudhCVh2I0452HIedxti1iEUTfxUfCJh2Xk2TK4Xga3V5DZK1hUXz2O99eEfPnx4%2FgJbPEAbqGCEx5cTjAQFUpJUDqCkhKUiqDMCcpBdUto13LVbaFdwYKd3NrJYTUy%2BfwKvWXyeZmSlWyLvDph6L342ktYlJsNEcVhu8MDGdBWFHfidshb7W6325Wchb4fwKkKyk2BOg9LqiYH3r%2BPTNVk6sY1MLoOp9fB1SugxRug5ajT8kEXRlHXx1J6h4qhk3Ygm9z0IUyFLN%2BL%2FJK3orfI69u7PGQPQPKN2V%2BejB7d%2FrkCtxUyW%2BFT9ZBgXl8fnTMlWT1nSkfuncly1VdLdLLn8znN5d7vP5CXSmPFqWNu%2BbsjfCJMyjsXpMvnaCpUOu%2FID0eVENKeMJZL8tMpd1Gys4VbOFrYtMjmzr534lQ%2Fs9I5ZdIxqKoJufknuKrJy183t%2F%2Fwm8e%2FgbJj2KJCv9ggOwFl1sGzK3DZxuzDpb9O3j14Gc4QWL3bwzIPZVGNbIvtPmpVk%2BiLp9ByY%2FbB00%2BO3OjMgbIKTm7M3o9nP%2Fv75gKY%2FA%2FKiruOeeuB5leR9isMbIWBrkD1MlzxwijP7Mbsb%2BF2gGlvxLT1Vpm2%2BuZzwE5tNmSc%2BIn0W5IlPZZ0qC96SdRjtBfIDotpgNzV%2FMblff8CAAD%2F%2FwEAAP%2F%2F98U0U58EAAA%3D
200 OK 7 B URL HTTP/1.1 soldierreproduceadmiration.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz48URRTHq1cwRi4KJMaDcQ4eNHFnu6e75wccNiA%2FJK5AAEPiyfrVu%2BXWdHWquqeHxQORBOG2aIwee7%2BzsFEJkT9AgrMcNJuQ0B7MHlwjCUdPJpzNLBs3vkO9V%2FV9h%2Ff9vLq2UmwRHwXdPPuhWVJa05m46TfevqhSYUrXOH2hEfhN%2F3Djokrb0eHGcHLYwaHAj5v%2BO42Tki%2BamZYf%2BH7gB40TysrEDGe2VajsTi9o9vxm1GoGcYSh%2Ff%2FdFR4c9SAGW2Q%2FlKj3Lvx6D4qPkfZ%2FPCbdYm6yd4%2F3C01zYzEQax%2Bli6kpU%2FR3y8R6SNK1nW4YVxPy7RRMurbjAGawOnEApmri%2FR6ApWs7Y4INbj2flGnIFEzsQzkYQ%2BoxFB2Dm6tQ4jEBuMDpM0j7t08bW9JLz1U6UWuy59k%2FUGVN9vxxEGn%2F7lGtho3zRhe5MqnDMKmghmOo%2BTGyYh35kgdVroPnn0OJR2Tm2RzS%2FuoZpw2U2HwrYN1ep9uT021Ko%2BlIRt1p1knC6ZAlnZZod8JO3N1GpNQYKhlDy2VQN4XCeSiUhyLxUGQe%2BmKzQeNe4vudhCVh2I0452HIedxti1iEUTfxUfCJh2Xk2TK4Xga3V5DZK1hUXz2O99eEfPnx4%2FgJbPEAbqGCEx5cTjAQFUpJUDqCkhKUiqDMCcpBdUto13LVbaFdwYKd3NrJYTUy%2BfwKvWXyeZmSlWyLvDph6L342ktYlJsNEcVhu8MDGdBWFHfidshb7W6325Wchb4fwKkKyk2BOg9LqiYH3r%2BPTNVk6sY1MLoOp9fB1SugxRug5ajT8kEXRlHXx1J6h4qhk3Ygm9z0IUyFLN%2BL%2FJK3orfI69u7PGQPQPKN2V%2BejB7d%2FrkCtxUyW%2BFT9ZBgXl8fnTMlWT1nSkfuncly1VdLdLLn8znN5d7vP5CXSmPFqWNu%2BbsjfCJMyjsXpMvnaCpUOu%2FID0eVENKeMJZL8tMpd1Gys4VbOFrYtMjmzr534lQ%2Fs9I5ZdIxqKoJufknuKrJy183t%2F%2Fwm8e%2FgbJj2KJCv9ggOwFl1sGzK3DZxuzDpb9O3j14Gc4QWL3bwzIPZVGNbIvtPmpVk%2BiLp9ByY%2FbB00%2BO3OjMgbIKTm7M3o9nP%2Fv75gKY%2FA%2FKiruOeeuB5leR9isMbIWBrkD1MlzxwijP7Mbsb%2BF2gGlvxLT1Vpm2%2BuZzwE5tNmSc%2BIn0W5IlPZZ0qC96SdRjtBfIDotpgNzV%2FMblff8CAAD%2F%2FwEAAP%2F%2F98U0U58EAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz48URRTHq1cwRi4KJMaDcQ4eNHFnu6e75wccNiA%2FJK5AAEPiyfrVu%2BXWdHWquqeHxQORBOG2aIwee7%2BzsFEJkT9AgrMcNJuQ0B7MHlwjCUdPJpzNLBs3vkO9V%2FV9h%2Ff9vLq2UmwRHwXdPPuhWVJa05m46TfevqhSYUrXOH2hEfhN%2F3Djokrb0eHGcHLYwaHAj5v%2BO42Tki%2BamZYf%2BH7gB40TysrEDGe2VajsTi9o9vxm1GoGcYSh%2Ff%2FdFR4c9SAGW2Q%2FlKj3Lvx6D4qPkfZ%2FPCbdYm6yd4%2F3C01zYzEQax%2Bli6kpU%2FR3y8R6SNK1nW4YVxPy7RRMurbjAGawOnEApmri%2FR6ApWs7Y4INbj2flGnIFEzsQzkYQ%2BoxFB2Dm6tQ4jEBuMDpM0j7t08bW9JLz1U6UWuy59k%2FUGVN9vxxEGn%2F7lGtho3zRhe5MqnDMKmghmOo%2BTGyYh35kgdVroPnn0OJR2Tm2RzS%2FuoZpw2U2HwrYN1ep9uT021Ko%2BlIRt1p1knC6ZAlnZZod8JO3N1GpNQYKhlDy2VQN4XCeSiUhyLxUGQe%2BmKzQeNe4vudhCVh2I0452HIedxti1iEUTfxUfCJh2Xk2TK4Xga3V5DZK1hUXz2O99eEfPnx4%2FgJbPEAbqGCEx5cTjAQFUpJUDqCkhKUiqDMCcpBdUto13LVbaFdwYKd3NrJYTUy%2BfwKvWXyeZmSlWyLvDph6L342ktYlJsNEcVhu8MDGdBWFHfidshb7W6325Wchb4fwKkKyk2BOg9LqiYH3r%2BPTNVk6sY1MLoOp9fB1SugxRug5ajT8kEXRlHXx1J6h4qhk3Ygm9z0IUyFLN%2BL%2FJK3orfI69u7PGQPQPKN2V%2BejB7d%2FrkCtxUyW%2BFT9ZBgXl8fnTMlWT1nSkfuncly1VdLdLLn8znN5d7vP5CXSmPFqWNu%2BbsjfCJMyjsXpMvnaCpUOu%2FID0eVENKeMJZL8tMpd1Gys4VbOFrYtMjmzr534lQ%2Fs9I5ZdIxqKoJufknuKrJy183t%2F%2Fwm8e%2FgbJj2KJCv9ggOwFl1sGzK3DZxuzDpb9O3j14Gc4QWL3bwzIPZVGNbIvtPmpVk%2BiLp9ByY%2FbB00%2BO3OjMgbIKTm7M3o9nP%2Fv75gKY%2FA%2FKiruOeeuB5leR9isMbIWBrkD1MlzxwijP7Mbsb%2BF2gGlvxLT1Vpm2%2BuZzwE5tNmSc%2BIn0W5IlPZZ0qC96SdRjtBfIDotpgNzV%2FMblff8CAAD%2F%2FwEAAP%2F%2F98U0U58EAAA%3D HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Cookie: u_pl=17176328; uid_id2=1b89789e-6aa4-4e48-b7f3-3bf72d673758:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd45367c1e1a2457563c268888ecb3001=[3830291]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 02 Dec 2022 04:11:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d23db4f359da1d07547e82905cc2bd1d
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c770ed8e1043091817cf67c2338116d2
eb799e23dbf7d7fd82d63ec0220007e5b8196e48
addff025294dc6a89ff5f686910eb51ba8791c40f50b1c6b63ddc4c8db5808cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADDFF025294DC6A89FF5F686910EB51BA8791C40F50B1C6B63DDC4C8DB5808CF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7844
Expires: Fri, 02 Dec 2022 06:22:40 GMT
Date: Fri, 02 Dec 2022 04:11:56 GMT
Connection: keep-alive
bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1055&ck=1&ref=https://chaturbate.com/tours/3/&ap=18&be=400&fe=879&dc=492&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669954313658,%22n%22:0,%22r%22:1,%22re%22:215,%22f%22:215,%22dn%22:215,%22dne%22:215,%22c%22:215,%22s%22:215,%22ce%22:215,%22rq%22:217,%22rp%22:387,%22rpe%22:387,%22dl%22:391,%22di%22:489,%22ds%22:491,%22de%22:493,%22dc%22:878,%22l%22:878,%22le%22:880%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=497&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEKBAoJAAkJAlRQBlZWXxh4Yy8TFUMhJTshCU0XAwNNE3onPSELFyNBQUtQQwsbBwMPFwZKX1RVQgQTFUMQBgUPOVBFGwtDCAhPW1NKV1QXBAwFQx0bAAwMCjwAVVReQkMLG0NOQQYGFU1qXkQEQko%2BCxNGWUQABBcIUR8NU0xSUVdEFRdbVBJFZgYXBhcQOV5QVhNbE3cuQE9GChZmVlZED0VLGEBZRi0pGxkbWBFuWg4XDRARH2ZWVl8HWF0EDAABQVwbAAkTTRNQET0NARcRVkdSE1sTWw0LG0oACVQXFRMIQWYOEAQFDQ9DVE1YDl8bW0AhCAoeGWZWXRRFUA4MEEZPRFBFZlgSQRtbQCEICh4ZZlZdFEVQDgwQRk9EUEVmUBJfG1tXU1dTUhUXUEE%2BUEoPPQwWBEQDF3tdCEkZMg0PERcPVltKESBiG01AChQ8BVZbV1QCRVAODDwQGhZcFwMTIlBbDQdMIDAqGxkbWBFuTBIHETsXH0lQGwtDQ1wSCwcBDRJQVFUTTRNLBBMWARASZkVYRQkTA0NNFwsWFEoaCh5DHRsWDjwMDBVNFwMTAllYFRcRBgISXBtaXgwTFUMRChAGOVBRGwtQHRsSCxcBPAJWWFhYDxMDQwELBRcTS1dYRQQfWg4PQUhBFFxETFQSRWYJDRAQQVwbVlFQFURLAwMXAU0FVlgbHUNTSw4VEAEROVBRGwtDUgEDVQZQBVAUVAFVBRwNA1MCSQFWDAwUUlAFCVEGBl1UBQhUGx1DQ1wHBxEBEUQDF1FFFUFKW01MFAwRXEdcVQNIFwsDBxdNBVYaGx1DQ1wQFwYXFzlUUE1ZDlUbW0AkITdEFRdJSBVZVg89FQERFVBaVxNbEwpPVUFIQRNYal1UF1haBD0FBQ4PVUwbC0N%2BTQkHEUZPRExUZlUER1ACBzwQGhZcFwMTBVRKChYMFEFKG0BYbg5CZgcDDg0PHxsPG2YIX10OFRBGT0RMVGZeEm5PBBAQDQwIGw8bAFETFUMXAjsBFFZCSlQTbl8ADwoIGkQDF39YE1RfDhpBSEETWGpbQw5GSgQQPBIGFEpcVl9DCxtQUlZKU0QVF0xQPkJNEwsNA0FcG3hWSwhdVQBNVkpTRhFiUF8FXk4SQi0wQ1cJGwkKQWZQD1RXX0MeDwECERNHA1BSVkpTTxlyXFIKXhZTUlJUU1cJBBl3CENcBw0bS1JWDBsJE00TXggWPAcMC1RcTRNbE1xVU1YGU1AAVltUWBMVQxICFgILShcDExptGxUNFhY/RAMVZRMZAGsFPkFIQzobVlhcEVBQBgw/RllGZRd3UiBIbD1AT0Q/RFppGwtBbRtSPkFIQzobRWUTWxFlQ1I/Rk9GZRdeVA9VXBM%2BQV5DOhtTZRNNEWVDBgoXAgRVUGZCDkRXBT5BXkM6GwVlExwTFUMHDw0ED1tZXG4SQVUIFjwQBhVNRhsLQxFpMi4KEgZGGxkbVA1YXggADwE8FUlZUEU%2BRVwSFhA7DRUbDxsREURKCT0WDUNEREg%3D&jsonp=NREUM.setToken
200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1055&ck=1&ref=https://chaturbate.com/tours/3/&ap=18&be=400&fe=879&dc=492&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669954313658,%22n%22:0,%22r%22:1,%22re%22:215,%22f%22:215,%22dn%22:215,%22dne%22:215,%22c%22:215,%22s%22:215,%22ce%22:215,%22rq%22:217,%22rp%22:387,%22rpe%22:387,%22dl%22:391,%22di%22:489,%22ds%22:491,%22de%22:493,%22dc%22:878,%22l%22:878,%22le%22:880%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=497&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEKBAoJAAkJAlRQBlZWXxh4Yy8TFUMhJTshCU0XAwNNE3onPSELFyNBQUtQQwsbBwMPFwZKX1RVQgQTFUMQBgUPOVBFGwtDCAhPW1NKV1QXBAwFQx0bAAwMCjwAVVReQkMLG0NOQQYGFU1qXkQEQko%2BCxNGWUQABBcIUR8NU0xSUVdEFRdbVBJFZgYXBhcQOV5QVhNbE3cuQE9GChZmVlZED0VLGEBZRi0pGxkbWBFuWg4XDRARH2ZWVl8HWF0EDAABQVwbAAkTTRNQET0NARcRVkdSE1sTWw0LG0oACVQXFRMIQWYOEAQFDQ9DVE1YDl8bW0AhCAoeGWZWXRRFUA4MEEZPRFBFZlgSQRtbQCEICh4ZZlZdFEVQDgwQRk9EUEVmUBJfG1tXU1dTUhUXUEE%2BUEoPPQwWBEQDF3tdCEkZMg0PERcPVltKESBiG01AChQ8BVZbV1QCRVAODDwQGhZcFwMTIlBbDQdMIDAqGxkbWBFuTBIHETsXH0lQGwtDQ1wSCwcBDRJQVFUTTRNLBBMWARASZkVYRQkTA0NNFwsWFEoaCh5DHRsWDjwMDBVNFwMTAllYFRcRBgISXBtaXgwTFUMRChAGOVBRGwtQHRsSCxcBPAJWWFhYDxMDQwELBRcTS1dYRQQfWg4PQUhBFFxETFQSRWYJDRAQQVwbVlFQFURLAwMXAU0FVlgbHUNTSw4VEAEROVBRGwtDUgEDVQZQBVAUVAFVBRwNA1MCSQFWDAwUUlAFCVEGBl1UBQhUGx1DQ1wHBxEBEUQDF1FFFUFKW01MFAwRXEdcVQNIFwsDBxdNBVYaGx1DQ1wQFwYXFzlUUE1ZDlUbW0AkITdEFRdJSBVZVg89FQERFVBaVxNbEwpPVUFIQRNYal1UF1haBD0FBQ4PVUwbC0N%2BTQkHEUZPRExUZlUER1ACBzwQGhZcFwMTBVRKChYMFEFKG0BYbg5CZgcDDg0PHxsPG2YIX10OFRBGT0RMVGZeEm5PBBAQDQwIGw8bAFETFUMXAjsBFFZCSlQTbl8ADwoIGkQDF39YE1RfDhpBSEETWGpbQw5GSgQQPBIGFEpcVl9DCxtQUlZKU0QVF0xQPkJNEwsNA0FcG3hWSwhdVQBNVkpTRhFiUF8FXk4SQi0wQ1cJGwkKQWZQD1RXX0MeDwECERNHA1BSVkpTTxlyXFIKXhZTUlJUU1cJBBl3CENcBw0bS1JWDBsJE00TXggWPAcMC1RcTRNbE1xVU1YGU1AAVltUWBMVQxICFgILShcDExptGxUNFhY/RAMVZRMZAGsFPkFIQzobVlhcEVBQBgw/RllGZRd3UiBIbD1AT0Q/RFppGwtBbRtSPkFIQzobRWUTWxFlQ1I/Rk9GZRdeVA9VXBM%2BQV5DOhtTZRNNEWVDBgoXAgRVUGZCDkRXBT5BXkM6GwVlExwTFUMHDw0ED1tZXG4SQVUIFjwQBhVNRhsLQxFpMi4KEgZGGxkbVA1YXggADwE8FUlZUEU%2BRVwSFhA7DRUbDxsREURKCT0WDUNEREg%3D&jsonp=NREUM.setToken
IP
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1055&ck=1&ref=https://chaturbate.com/tours/3/&ap=18&be=400&fe=879&dc=492&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669954313658,%22n%22:0,%22r%22:1,%22re%22:215,%22f%22:215,%22dn%22:215,%22dne%22:215,%22c%22:215,%22s%22:215,%22ce%22:215,%22rq%22:217,%22rp%22:387,%22rpe%22:387,%22dl%22:391,%22di%22:489,%22ds%22:491,%22de%22:493,%22dc%22:878,%22l%22:878,%22le%22:880%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=497&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEKBAoJAAkJAlRQBlZWXxh4Yy8TFUMhJTshCU0XAwNNE3onPSELFyNBQUtQQwsbBwMPFwZKX1RVQgQTFUMQBgUPOVBFGwtDCAhPW1NKV1QXBAwFQx0bAAwMCjwAVVReQkMLG0NOQQYGFU1qXkQEQko%2BCxNGWUQABBcIUR8NU0xSUVdEFRdbVBJFZgYXBhcQOV5QVhNbE3cuQE9GChZmVlZED0VLGEBZRi0pGxkbWBFuWg4XDRARH2ZWVl8HWF0EDAABQVwbAAkTTRNQET0NARcRVkdSE1sTWw0LG0oACVQXFRMIQWYOEAQFDQ9DVE1YDl8bW0AhCAoeGWZWXRRFUA4MEEZPRFBFZlgSQRtbQCEICh4ZZlZdFEVQDgwQRk9EUEVmUBJfG1tXU1dTUhUXUEE%2BUEoPPQwWBEQDF3tdCEkZMg0PERcPVltKESBiG01AChQ8BVZbV1QCRVAODDwQGhZcFwMTIlBbDQdMIDAqGxkbWBFuTBIHETsXH0lQGwtDQ1wSCwcBDRJQVFUTTRNLBBMWARASZkVYRQkTA0NNFwsWFEoaCh5DHRsWDjwMDBVNFwMTAllYFRcRBgISXBtaXgwTFUMRChAGOVBRGwtQHRsSCxcBPAJWWFhYDxMDQwELBRcTS1dYRQQfWg4PQUhBFFxETFQSRWYJDRAQQVwbVlFQFURLAwMXAU0FVlgbHUNTSw4VEAEROVBRGwtDUgEDVQZQBVAUVAFVBRwNA1MCSQFWDAwUUlAFCVEGBl1UBQhUGx1DQ1wHBxEBEUQDF1FFFUFKW01MFAwRXEdcVQNIFwsDBxdNBVYaGx1DQ1wQFwYXFzlUUE1ZDlUbW0AkITdEFRdJSBVZVg89FQERFVBaVxNbEwpPVUFIQRNYal1UF1haBD0FBQ4PVUwbC0N%2BTQkHEUZPRExUZlUER1ACBzwQGhZcFwMTBVRKChYMFEFKG0BYbg5CZgcDDg0PHxsPG2YIX10OFRBGT0RMVGZeEm5PBBAQDQwIGw8bAFETFUMXAjsBFFZCSlQTbl8ADwoIGkQDF39YE1RfDhpBSEETWGpbQw5GSgQQPBIGFEpcVl9DCxtQUlZKU0QVF0xQPkJNEwsNA0FcG3hWSwhdVQBNVkpTRhFiUF8FXk4SQi0wQ1cJGwkKQWZQD1RXX0MeDwECERNHA1BSVkpTTxlyXFIKXhZTUlJUU1cJBBl3CENcBw0bS1JWDBsJE00TXggWPAcMC1RcTRNbE1xVU1YGU1AAVltUWBMVQxICFgILShcDExptGxUNFhY/RAMVZRMZAGsFPkFIQzobVlhcEVBQBgw/RllGZRd3UiBIbD1AT0Q/RFppGwtBbRtSPkFIQzobRWUTWxFlQ1I/Rk9GZRdeVA9VXBM%2BQV5DOhtTZRNNEWVDBgoXAgRVUGZCDkRXBT5BXkM6GwVlExwTFUMHDw0ED1tZXG4SQVUIFjwQBhVNRhsLQxFpMi4KEgZGGxkbVA1YXggADwE8FUlZUEU%2BRVwSFhA7DRUbDxsREURKCT0WDUNEREg%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:11:56 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 773138ad9f12b4f9-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=61f83c78a1346511; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 7007a042a79310c8938c279ae7eec8e5
8b72d7da27205ce31ff5497ba5428808a498dd7e
8188a5b1208fea4f2bdb97e404aefeb04a89ad62bc16ba2512e3a660b68b67af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8188A5B1208FEA4F2BDB97E404AEFEB04A89AD62BC16BA2512E3A660B68B67AF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14264
Expires: Fri, 02 Dec 2022 08:09:40 GMT
Date: Fri, 02 Dec 2022 04:11:56 GMT
Connection: keep-alive
cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
200 OK 403 B URL HTTP/2 cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text
Hash 7af11c609bc1cd0ba8692aac78ce0a48
93a7a4b2afc623533ffec6edf15adab365812b45
eb5b706390e15df5ffe68b8eddf9c1448617ff910c0e49822c0c210c02bed8d8
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:56 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 13 Jul 2022 12:11:03 GMT
etag: W/"62ceb657-4a6"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 02 Dec 2022 05:11:56 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 77a6b6638e0ee5ec4eeb988d3d3af050
219272781fc7a6ac331496b257c7976daa7b62de
d3092d8548c448fab08751eb00cce0ffb883786084d77320da1e0a858b70c5cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3092D8548C448FAB08751EB00CCE0FFB883786084D77320DA1E0A858B70C5CB"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14765
Expires: Fri, 02 Dec 2022 08:18:01 GMT
Date: Fri, 02 Dec 2022 04:11:56 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 7007a042a79310c8938c279ae7eec8e5
8b72d7da27205ce31ff5497ba5428808a498dd7e
8188a5b1208fea4f2bdb97e404aefeb04a89ad62bc16ba2512e3a660b68b67af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8188A5B1208FEA4F2BDB97E404AEFEB04A89AD62BC16BA2512E3A660B68B67AF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14264
Expires: Fri, 02 Dec 2022 08:09:40 GMT
Date: Fri, 02 Dec 2022 04:11:56 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/img/close.png
200 OK 6.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/img/close.png
IP
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/chat/mob/ssp/v2/new/3/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:56 GMT
content-type: image/png
content-length: 5982
last-modified: Tue, 05 Jul 2022 10:43:39 GMT
etag: "62c415db-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1434056
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyucNWOV9A%2B5z1pWMTYc%2FCmoPXe5YNYX%2B%2BiMLnjR0W8iO78Tvvxqz4nSffn0oQEbtxLrXeOwCi74WrPxspcM7FgnbseBED1vC7bvU6g2efMWFUM9%2BgWpcdt5KnsptUfMcajcaMJt2dZR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773138af5a907753-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3c0282fb1989711e4a48dce935bf7813
30bed8a42fc820e4feb64bd22ddfefe120889014
81e304f070d6b7aa4dc67c727523578cd18a665a5cfe674a3b1391f3f39fc11a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81E304F070D6B7AA4DC67C727523578CD18A665A5CFE674A3B1391F3F39FC11A"
Last-Modified: Thu, 01 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17649
Expires: Fri, 02 Dec 2022 09:06:05 GMT
Date: Fri, 02 Dec 2022 04:11:56 GMT
Connection: keep-alive
soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fanimate.css&l=79313&fd=127
200 OK 0 B URL HTTP/1.1 soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fanimate.css&l=79313&fd=127
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fanimate.css&l=79313&fd=127 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Cookie: u_pl=17176328; uid_id2=1b89789e-6aa4-4e48-b7f3-3bf72d673758:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd45367c1e1a2457563c268888ecb3001=[3830291]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 02 Dec 2022 04:11:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cloudimagesb.com/si/f4/a8/ed/f4a8ed430612a925dc86bd58df50d2a8/1669910249.png
200 OK 62 kB URL HTTP/2 cdn.cloudimagesb.com/si/f4/a8/ed/f4a8ed430612a925dc86bd58df50d2a8/1669910249.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 0532530b2b970bb865dfc106c03f8764
cda2b48610c814f5fb4fa1136ce78e732bb072fe
7872088467dd23255a1f437561e6a828b5777b978442cd138a6973bf683c2a35
GET /si/f4/a8/ed/f4a8ed430612a925dc86bd58df50d2a8/1669910249.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:56 GMT
content-type: image/png
content-length: 61978
server: nginx/1.17.6
last-modified: Thu, 01 Dec 2022 15:57:37 GMT
etag: "6388cef1-f21a"
expires: Sun, 04 Dec 2022 04:11:56 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fstyle.css&l=4649&fd=138
200 OK 0 B URL HTTP/1.1 soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fstyle.css&l=4649&fd=138
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fstyle.css&l=4649&fd=138 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Cookie: u_pl=17176328; uid_id2=1b89789e-6aa4-4e48-b7f3-3bf72d673758:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd45367c1e1a2457563c268888ecb3001=[3830291]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 02 Dec 2022 04:11:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=1b89789e-6aa4-4e48-b7f3-3bf72d673758&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d45367c1e1a2457563c268888ecb3001&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=1b89789e-6aa4-4e48-b7f3-3bf72d673758&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d45367c1e1a2457563c268888ecb3001&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=1b89789e-6aa4-4e48-b7f3-3bf72d673758&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d45367c1e1a2457563c268888ecb3001&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 04:11:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a438f18df164684204f6fec637f8e7dc
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/jquery.min.js
200 OK 32 kB URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 8e4c5c8f087d4fbea2d1f0419b7902f5
9193cc618519781b5ff244f14fdb37589ce938d2
cd6a84a8191032c71363e231fed99241e3ce615a89f299d92c1cc2f9d16f44dc
GET /sb/chat/mob/ssp/v2/new/3/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:56 GMT
content-type: application/javascript
last-modified: Wed, 13 Jul 2022 12:13:58 GMT
etag: W/"62ceb706-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1434056
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ys4BS2dYjfXBzA4839b8aWIaySCYG3bpiYnpNzWxAkvXUDQnatf8PanMMON0XvfhXmsqro5UBZLBBolv6VYPQuxMjaSIGm%2BFU6BsLjJ7tSfWyKBGo0sh3G4kSU385VrKRL0u35Xt0%2BY%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773138af5a8f7753-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
200 OK 5.3 kB URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
IP
Hash 8eab0cd331e509a201df59a8b5419d9b
88d4d66619ebb4b53a012da0707f2d47c1355fe4
a1ac70d3cb2cb96f572b529deb932432033733aa3dc3815918cc12d57db02f25
GET /sb/chat/mob/ssp/v2/new/3/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:56 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:56 GMT
etag: W/"62ceb704-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1433805
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsK5PNkWyWojnAVZIoboKjgFOGLxveKtmd1o9clq%2BWErGzqoaRg25sZKS0GcElWt6iwhyhhYKYmYdFIz3xm4ZrIuDuC%2B1z9LW0J3P06GPLD2kdOCAO4ciYEAFm2W42g7TMbVj95Z%2FK%2F3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773138aecf6d7692-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 117462
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 117483
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1260&ck=1&ref=https://chaturbate.com/tours/3/
200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1260&ck=1&ref=https://chaturbate.com/tours/3/
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1260&ck=1&ref=https://chaturbate.com/tours/3/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1784
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:11:57 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 773138ae9f85b4f9-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
soldierreproduceadmiration.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz48URRTHq1cwRi4KJMaDcQ4eNHFnu6e7p3vgsAH5IXEFAhgST1ZX1eyWW93VqeqeHhYPRBKE26Ixeuz9zsJGJUT%2BAAnOctBsQkJ7MHtwjSQcPZlwNrNs3PgO9V7V9x3e9%2FPq2kq5RVyUdPPsh3pJKkVnwrbbevuizLiubOv0hZbntt3DrYsy6waHW8PJYQaHPDdsu%2B%2B0Tgq2qGc6rue6nuu1Tkgj%2Bno4s61C5nd6XrvntoNO2wsDDM3%2F77Z0YKkDPtgi%2ByF5s3fh13uQbIws%2FfGYsIuFzt89npaKFtpgwNc%2ByhYzXWVId8u%2BcdDP1na6oW1DyLdT0NnajgPowerEARLZEOd3D0m2tjMmksGt55MmCiJDwvehGowh1BiSjsH0VUj%2BmACM4%2FQZZOnt09pU9NJzlU7Uhux59g9k1ZA9fxxElt49quSwdV6rspA6sxj2a8jhGHJ%2BjLxcR7HkQFbrYMXnkPwRmXk2hyxdPWOVhuSbb3lJ3IvinpjuUhpMByKIp5Oo70%2F7ST%2Fq8G7kR2G8jUjKMWR%2FDCWWQe0USuuglA7KvoMyd5DyzRYNe33XjfpJ3%2FfjgDHm%2B4yFcZeH3A%2FivouSTTwso8iXwdQymLmC3FzBovzqcbi%2FIeTLjx%2BHT2DKB7ALNSx3YAuCAa9RCYLKElSUoJIEVUFQDepbXNmOrW9zZcvE28mdnezXI13Mr9BbupgXGVnJt8irE4bOi6%2B9hEWx2eJB6Hcj5gmPdoIwCrs%2B63TjOI4FS3zX9WBlDWmnQK2DJdmQA%2B%2FfRy4bMnXjGhK6DqvWweQroOUboNUo6rigC6MgdrGU3aF8aIUZiDbTKbiukRd7UVxyVtQWeX17l4fMAQi2MfvLk9Gj2z%2FXYKZGbmp8Kh8SzKvro3O6IqvndGXJvTN5IVO5RCd7Pl%2FQQuz9%2FgNxqdKGnzpml787wibCpLxzQdhijmZcZvOW%2FHBUci7MCW2YID%2BdshdFcra0C0dLk5X53Nn3TpxKcyOslTobg8qGkJt%2FgsmGvPx1e%2FsPv3n8G0gzhilrpOUG2QlIvQ6WX4HNN2YfLv118u7By7CawKjdniR3UJX1yHSS3UclGxJ88RRKbMw%2BePrJkRvRHGhSw4qN2fvh7Gd%2F31xAIv6DsmKvY944oMVVZGmNgakxUDWoWoYtXxgVudmY%2Fc3fDiTKGSXKOKuJMurmc8BWbrZCLxBxEkeM80Qw7kUdP%2FZdt8N5EPWE10NhG3bj8r5%2FAQAA%2F%2F8BAAD%2F%2F%2BPNurWfBAAA
200 OK 7 B URL HTTP/1.1 soldierreproduceadmiration.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz48URRTHq1cwRi4KJMaDcQ4eNHFnu6e7p3vgsAH5IXEFAhgST1ZX1eyWW93VqeqeHhYPRBKE26Ixeuz9zsJGJUT%2BAAnOctBsQkJ7MHtwjSQcPZlwNrNs3PgO9V7V9x3e9%2FPq2kq5RVyUdPPsh3pJKkVnwrbbevuizLiubOv0hZbntt3DrYsy6waHW8PJYQaHPDdsu%2B%2B0Tgq2qGc6rue6nuu1Tkgj%2Bno4s61C5nd6XrvntoNO2wsDDM3%2F77Z0YKkDPtgi%2ByF5s3fh13uQbIws%2FfGYsIuFzt89npaKFtpgwNc%2ByhYzXWVId8u%2BcdDP1na6oW1DyLdT0NnajgPowerEARLZEOd3D0m2tjMmksGt55MmCiJDwvehGowh1BiSjsH0VUj%2BmACM4%2FQZZOnt09pU9NJzlU7Uhux59g9k1ZA9fxxElt49quSwdV6rspA6sxj2a8jhGHJ%2BjLxcR7HkQFbrYMXnkPwRmXk2hyxdPWOVhuSbb3lJ3IvinpjuUhpMByKIp5Oo70%2F7ST%2Fq8G7kR2G8jUjKMWR%2FDCWWQe0USuuglA7KvoMyd5DyzRYNe33XjfpJ3%2FfjgDHm%2B4yFcZeH3A%2FivouSTTwso8iXwdQymLmC3FzBovzqcbi%2FIeTLjx%2BHT2DKB7ALNSx3YAuCAa9RCYLKElSUoJIEVUFQDepbXNmOrW9zZcvE28mdnezXI13Mr9BbupgXGVnJt8irE4bOi6%2B9hEWx2eJB6Hcj5gmPdoIwCrs%2B63TjOI4FS3zX9WBlDWmnQK2DJdmQA%2B%2FfRy4bMnXjGhK6DqvWweQroOUboNUo6rigC6MgdrGU3aF8aIUZiDbTKbiukRd7UVxyVtQWeX17l4fMAQi2MfvLk9Gj2z%2FXYKZGbmp8Kh8SzKvro3O6IqvndGXJvTN5IVO5RCd7Pl%2FQQuz9%2FgNxqdKGnzpml787wibCpLxzQdhijmZcZvOW%2FHBUci7MCW2YID%2BdshdFcra0C0dLk5X53Nn3TpxKcyOslTobg8qGkJt%2FgsmGvPx1e%2FsPv3n8G0gzhilrpOUG2QlIvQ6WX4HNN2YfLv118u7By7CawKjdniR3UJX1yHSS3UclGxJ88RRKbMw%2BePrJkRvRHGhSw4qN2fvh7Gd%2F31xAIv6DsmKvY944oMVVZGmNgakxUDWoWoYtXxgVudmY%2Fc3fDiTKGSXKOKuJMurmc8BWbrZCLxBxEkeM80Qw7kUdP%2FZdt8N5EPWE10NhG3bj8r5%2FAQAA%2F%2F8BAAD%2F%2F%2BPNurWfBAAA
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz48URRTHq1cwRi4KJMaDcQ4eNHFnu6e7p3vgsAH5IXEFAhgST1ZX1eyWW93VqeqeHhYPRBKE26Ixeuz9zsJGJUT%2BAAnOctBsQkJ7MHtwjSQcPZlwNrNs3PgO9V7V9x3e9%2FPq2kq5RVyUdPPsh3pJKkVnwrbbevuizLiubOv0hZbntt3DrYsy6waHW8PJYQaHPDdsu%2B%2B0Tgq2qGc6rue6nuu1Tkgj%2Bno4s61C5nd6XrvntoNO2wsDDM3%2F77Z0YKkDPtgi%2ByF5s3fh13uQbIws%2FfGYsIuFzt89npaKFtpgwNc%2ByhYzXWVId8u%2BcdDP1na6oW1DyLdT0NnajgPowerEARLZEOd3D0m2tjMmksGt55MmCiJDwvehGowh1BiSjsH0VUj%2BmACM4%2FQZZOnt09pU9NJzlU7Uhux59g9k1ZA9fxxElt49quSwdV6rspA6sxj2a8jhGHJ%2BjLxcR7HkQFbrYMXnkPwRmXk2hyxdPWOVhuSbb3lJ3IvinpjuUhpMByKIp5Oo70%2F7ST%2Fq8G7kR2G8jUjKMWR%2FDCWWQe0USuuglA7KvoMyd5DyzRYNe33XjfpJ3%2FfjgDHm%2B4yFcZeH3A%2FivouSTTwso8iXwdQymLmC3FzBovzqcbi%2FIeTLjx%2BHT2DKB7ALNSx3YAuCAa9RCYLKElSUoJIEVUFQDepbXNmOrW9zZcvE28mdnezXI13Mr9BbupgXGVnJt8irE4bOi6%2B9hEWx2eJB6Hcj5gmPdoIwCrs%2B63TjOI4FS3zX9WBlDWmnQK2DJdmQA%2B%2FfRy4bMnXjGhK6DqvWweQroOUboNUo6rigC6MgdrGU3aF8aIUZiDbTKbiukRd7UVxyVtQWeX17l4fMAQi2MfvLk9Gj2z%2FXYKZGbmp8Kh8SzKvro3O6IqvndGXJvTN5IVO5RCd7Pl%2FQQuz9%2FgNxqdKGnzpml787wibCpLxzQdhijmZcZvOW%2FHBUci7MCW2YID%2BdshdFcra0C0dLk5X53Nn3TpxKcyOslTobg8qGkJt%2FgsmGvPx1e%2FsPv3n8G0gzhilrpOUG2QlIvQ6WX4HNN2YfLv118u7By7CawKjdniR3UJX1yHSS3UclGxJ88RRKbMw%2BePrJkRvRHGhSw4qN2fvh7Gd%2F31xAIv6DsmKvY944oMVVZGmNgakxUDWoWoYtXxgVudmY%2Fc3fDiTKGSXKOKuJMurmc8BWbrZCLxBxEkeM80Qw7kUdP%2FZdt8N5EPWE10NhG3bj8r5%2FAQAA%2F%2F8BAAD%2F%2F%2BPNurWfBAAA HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Cookie: u_pl=17176328; uid_id2=1b89789e-6aa4-4e48-b7f3-3bf72d673758:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd45367c1e1a2457563c268888ecb3001=[3830291]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 02 Dec 2022 04:11:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6b02d7d5b11f02227e891fb40183dc39
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
soldierreproduceadmiration.com/pixel/sbs?c=1
200 OK 0 B URL HTTP/1.1 soldierreproduceadmiration.com/pixel/sbs?c=1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Cookie: u_pl=17176328; uid_id2=1b89789e-6aa4-4e48-b7f3-3bf72d673758:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd45367c1e1a2457563c268888ecb3001=[3830291]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 02 Dec 2022 04:11:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
a.realsrv.com/nativeads-v2.js
200 OK 0 B URL HTTP/2 a.realsrv.com/nativeads-v2.js
IP
ASN #60068 Datacamp Limited
GET /nativeads-v2.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: application/javascript
etag: W/"3eb4c0066ecfc78c36ab17afea4"
expires: Tue, 29 Nov 2022 13:18:12 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669954753
server: CDN77-Turbo
x-77-nzt: AblMCRR0Czv/eSgAAA
x-77-nzt-ray: af585630d99b38c30a7b8963fd5f7505
x-cache: HIT
x-age: 10361
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.realsrv.com/ad-provider.js
200 OK 0 B URL HTTP/2 a.realsrv.com/ad-provider.js
IP
ASN #60068 Datacamp Limited
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: application/javascript
etag: W/"f26c91d131ffc1bbddb296d644e"
expires: Tue, 29 Nov 2022 13:18:12 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669954753
server: CDN77-Turbo
x-77-nzt: AblMCRSFtjf/eSgAAA
x-77-nzt-ray: af585630d99b38c30a7b89637577e705
x-cache: HIT
x-age: 10361
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2d9af9a179e672db79b85863a96e3084
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 02 Dec 2022 04:11:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRBUaluM5uOHzpEql0pnUMKVZ1Xqwp9jqWx132Cq%2BKkHOm7WEzjg%2FZi%2BYiudMIxNrrwa3goo5goqegaGRi9gRu9cjUuRxaoFM8vtnFvsurgmCiyiyilo4P3Xiw34fwFMAbnqRfY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773138a3dc637309-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/images/ico-female.svg?818c9c4c368f
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/images/ico-female.svg?818c9c4c368f
IP
GET /images/ico-female.svg?818c9c4c368f HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.ef7436bc2788.css
Cookie: _cfuvid=dxkneuGKVq4bZGvq7XL7jdCCD97JICwDnHbF_whFtR8-1669954315749-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:55 GMT
content-type: image/svg+xml
x-amz-id-2: SJJrNwVRov8N2XC88Y79re1WW5F9HPkqgb23MKyJYfSKA/6A8G8zqZPx3mPabUpoYiIi2DaJyOo=
x-amz-request-id: B65B7C33MY399T80
last-modified: Tue, 09 Mar 2021 22:37:01 GMT
etag: W/"304b64c8f4b6c7e0c36c86b419151c45"
x-amz-meta-s3cmd-attrs: md5:304b64c8f4b6c7e0c36c86b419151c45
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352626
expires: Sun, 01 Jan 2023 04:11:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXlUEl841UM7GswecXSYDwy51sOvAvvvTxxcYJG%2FhYxH%2Fmc720x%2BO069MK3B631Wrg3rfMbsWTEl4u46DM94MVG%2BejWblpI39FUrp%2FPSG9kJWVRTq2a7OzJOAYR063pKLXpku6RgvuAVidKxR%2B%2ByLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773138a9995d0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdntube2.b-cdn.net/mp4/223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6.mp4?v=19700101120000
206 Partial Content 0 B URL HTTP/2 cdntube2.b-cdn.net/mp4/223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6.mp4?v=19700101120000
IP
ASN #60068 Datacamp Limited
GET /mp4/223f173fd25ce577a6c3c0cc5a0b0f494d2c00b6.mp4?v=19700101120000 HTTP/1.1
Host: cdntube2.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Fri, 02 Dec 2022 04:11:54 GMT
content-type: video/mp4
content-length: 57084103
server: BunnyCDN-DE1-865
cdn-pullzone: 116943
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Thu, 16 Dec 2021 05:24:44 GMT
cdn-storageserver: DE-200
cdn-fileserver: 270
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 12/02/2022 04:11:54
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: ed942f0f4e682b1303bf3e2a34ce69d4
cdn-cache: MISS
content-disposition: attachment;
content-range: bytes 0-57084102/57084103
X-Firefox-Spdy: h2
chaturbate.com/in/?track=reddit&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f
302 Found 0 B URL HTTP/2 chaturbate.com/in/?track=reddit&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f
IP
GET /in/?track=reddit&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 02 Dec 2022 04:11:55 GMT
content-type: text/html; charset=utf-8
location: /tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_x1Rd=1; expires=Wed, 07-Dec-2022 04:11:55 GMT; Max-Age=432000; Path=/
us_x1Rd=1; Path=/
affkey="eJyrVipRslJQqjAMSlHSUVBKzi0Acf2SHStDQfySomwQvyg1JSWzBCRQBOJmlJQUFFvp6xfkl6cCpZIq9bISU4r1kvP1QUoS09JAinITKyoqclNTMhONDAwtQBJgo40MlWoBrNohbw=="; Domain=.chaturbate.com; expires=Sun, 01-Jan-2023 04:11:55 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Fri, 02-Dec-2022 10:11:55 GMT; Max-Age=21600; Path=/
stcki="iuhY4r=0"; expires=Sun, 01-Jan-2023 04:11:55 GMT; Max-Age=2592000; Path=/
sbr=sec:sbr1f8114ed-879c-4054-b74f-15072c7a9575:1p0xP1:uPb_4w3FySwuHMt3QiSFBAPKA24; Domain=.chaturbate.com; expires=Wed, 27-Aug-2025 04:11:55 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
__cf_bm=UWZooKnm17QhANlxvGdSgl9RSuXkEtasrKeqO_94_ZY-1669954315-0-AbKCiWDYoxr0SaDJyBZYZ0KJlKGf3Yx4uegrrHMMf4ye3tZYBZWuHE3z+rjYhhzOagA91aJkEvBmwjEVSJA6oFA=; path=/; expires=Fri, 02-Dec-22 04:41:55 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773138a6fbe7b50f-OSL
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/style.css
200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/style.css
IP
GET /sb/chat/mob/ssp/v2/new/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:11:56 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:55 GMT
etag: W/"62ceb703-1229"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1433805
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5JUE9aWRejvywmb%2B84KfDblyCT0xWOt%2Fzys%2FaPRXa0Qe3nssG6TDO2Hnk%2FRm7HveVPnTuIVlQGlWt4J1yxEsWOl8Z1mOmRLM6vn0GfQ3P86mn8xsedQ7aFThQSSUVoesvfAEjlJkpnT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773138aeef817692-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 04:11:56 GMT
date: Fri, 02 Dec 2022 04:11:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
172.67.74.32
185.76.9.15
52.28.211.11
104.18.101.40
185.94.237.102
23.36.76.226
93.184.220.29