xfantazy.com/video/5e364cff61f0be74ac0ccfe4
104.26.0.188302 Found 0 B URL HTTP/1.1 xfantazy.com/video/5e364cff61f0be74ac0ccfe4
IP 104.26.0.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/5e364cff61f0be74ac0ccfe4 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 08 Sep 2022 20:54:02 GMT
Content-Length: 0
Connection: keep-alive
location: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
cache-control: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdvqfhZ%2BVSYNTrfYJfWmwt51HEK8II13sfL1b1%2FvYWDXCM6vRjyJzJhXcqIaTqXJDM9b9oAXqyIUbIlDMaz%2FOLs0S1ScLBERvLK%2BQtLUKmOdJAQZW3a%2BM0X3rQtQCA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 747a93ba2bfdb529-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9690
Expires: Thu, 08 Sep 2022 23:35:32 GMT
Date: Thu, 08 Sep 2022 20:54:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 08 Sep 2022 20:05:24 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: u8dk2r3NgqOngM8tAeYLjRO9DY4mrjSgSKJb3yfIYfC8c9HV-WlDIA==
Age: 2918
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 05cI7iSB46-RQgvLo9tvbltpXX24m5r4rdYRhRWOwl6C4T2Fc1AXmg==
age: 61648
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 08 Sep 2022 20:38:18 GMT
Cache-Control: max-age=3600
Expires: Thu, 08 Sep 2022 21:33:01 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9-rUjDZxM8K4gDMdxh9ufs0X4Tr38KSYDyAUbllASTW53edUkmiBEg==
Age: 945
static-cache.k2s.cc/thumbnail/LeuWtXX3zK_u-W-Q_A/w320h240/0.jpeg
188.72.235.185200 OK 11 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/LeuWtXX3zK_u-W-Q_A/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 17f0fa34334b0f185f10d34ebe7e6e61
5405cd749a9394a4bf4d7e5bdf1deca718176d29
a11850992e9d6c010ce682b7b6e392c4fa49b570464dfe75cd4a0fc33d6ebe46
GET /thumbnail/LeuWtXX3zK_u-W-Q_A/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: image/jpeg
content-length: 11140
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/cemSv3Wgyf--rjiQ9w/w320h240/0.jpeg
188.72.235.185200 OK 12 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/cemSv3Wgyf--rjiQ9w/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 359b0f1afa742ee58a10c9eff8d7f1be
35683089e9d62111c54bd57b7f817cb01a1fb594
dd48e95b7a8a501882f3daffd9906475055f1d6a8b67b52545037664464a80c1
GET /thumbnail/cemSv3Wgyf--rjiQ9w/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: image/jpeg
content-length: 11890
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 652bdaaaca09a66fc9a260163eee7aeb
f59f82dd2c189cdff5c641ff7c53c5f257e1f2d2
bbaf18a14748bb922b9bd19125c78310a564b1aebb7de8f30af0be6fa390e7da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xfantazy.com/_next/static/chunks/7.38d845e9473548212694.js
104.26.1.188200 OK 21 kB URL HTTP/2 xfantazy.com/_next/static/chunks/7.38d845e9473548212694.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (38842), with no line terminators
Hash 1d1027afdcd27c26bf4265155970dc84
109ed12976636f0f065fb23deb28a65a519e1798
8a6b4cddae7e7af3a61917b8f27696045f3646f997cdc0b0a4724c90a580c3ef
GET /_next/static/chunks/7.38d845e9473548212694.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"97ba-181397f9e55"
cf-cache-status: HIT
age: 8110836
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=516g2fqD8hIZ5rEO%2FWgClu5fDXMq0LWLzlTsusaAu9b%2FiLLO4m%2Bu79vzleKI0GItGSKupkn9rFKyu8GWhtuWwfwHVrRKHGGA2E9SvzQXmJAFyIn1eiG6f0S2u%2FCZww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93bebc1fb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/I-vAv3-izPvr_m7C-Q/w320h240/0.jpeg
188.72.235.185200 OK 12 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/I-vAv3-izPvr_m7C-Q/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 2205a1fb64f06fa2afcc8385bb609508
970b18cef6bb5f25f9e1af711a42802e747d5485
e895355bcb8625d28b41292f2f0e4b97ebd6587ebf303809713568972b5498c5
GET /thumbnail/I-vAv3-izPvr_m7C-Q/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: image/jpeg
content-length: 12101
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 91195
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX
142.250.74.72200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX
IP 142.250.74.72:0
File type ASCII text, with very long lines (15971)
Hash b699adea6a45b4aeb4610e77761c99fb
7c6391865a2c477614b52521044cff2222bde25d
4f9ab6545338e3ea8cef403f022f45231a2447e87905e323bf29734981b77452
GET /gtm.js?id=GTM-PLKQLTX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Sep 2022 20:54:03 GMT
expires: Thu, 08 Sep 2022 20:54:03 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Sep 2022 20:11:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52746
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 91195
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 02:02:22 GMT
expires: Sun, 03 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 499901
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5a0d3346bda5d72a6f86212f3b98820c
ea6855fab4b435a761768217d4c3d785f4e40840
4011f83eec0ade2ad603a0c265a27d9b2b62daeed32b4657714c03ffae8f5243
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 15:14:19 GMT
Expires: Tue, 13 Sep 2022 15:14:18 GMT
Etag: "ea6855fab4b435a761768217d4c3d785f4e40840"
Cache-Control: max-age=411014,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747a93bf5fdc0b65-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5a0d3346bda5d72a6f86212f3b98820c
ea6855fab4b435a761768217d4c3d785f4e40840
4011f83eec0ade2ad603a0c265a27d9b2b62daeed32b4657714c03ffae8f5243
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 15:14:19 GMT
Expires: Tue, 13 Sep 2022 15:14:18 GMT
Etag: "ea6855fab4b435a761768217d4c3d785f4e40840"
Cache-Control: max-age=411014,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747a93bf5b5fb517-OSL
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap
142.250.74.10200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap
IP 142.250.74.10:0
Hash fc2044a18a254ab354a6d311076b45c6
898faf10ea647932299e2360bc849a19700f2f55
80babb397a54cc3b86d743d7248d14b19c76d25668b0f87c361308cc7df19462
GET /css?family=Roboto:100,300,400,500,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Sep 2022 20:54:03 GMT
date: Thu, 08 Sep 2022 20:54:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6511
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:03 GMT
Last-Modified: Thu, 08 Sep 2022 19:05:32 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
xfantazy.com/static/xf-small.png
104.26.1.188200 OK 1.2 kB URL HTTP/2 xfantazy.com/static/xf-small.png
IP 104.26.1.188:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 73788af337ff4a5e7c8d8ea19dba155f
e0bd72878475603f40ebd05077c626816ed3285c
be4a320fd44fdaaced2a2056ff7a4c0765a6ed0996c9b4c94a0cb2458967e8df
GET /static/xf-small.png HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: image/png
content-length: 1153
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Fri, 05 Aug 2022 08:39:19 GMT
etag: W/"481-1826d28b1ec"
cf-cache-status: HIT
age: 6052
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQDZUdRX9Gv7eIBMU%2B2ilMJAgGwAgMedUUHOq3mJmlM%2BwuDzMPkoaEiTmzGAvsZzkWC2YPO0T0dw%2FN39FnKRV%2FOl6nnR8vn20rfF%2BW31WCTR4mNwpYSb%2F5%2BDa4%2FlmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c0aec1b4fa-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 652bdaaaca09a66fc9a260163eee7aeb
f59f82dd2c189cdff5c641ff7c53c5f257e1f2d2
bbaf18a14748bb922b9bd19125c78310a564b1aebb7de8f30af0be6fa390e7da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.165.143.157101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.143.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YMmIL7mqfLtWsYqqrj+7Vw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tMwnLmic5cu9NCUMGrHvWREsctY=
static-cache.k2s.cc/thumbnail/88420aa929955/main/0.jpeg
188.72.235.185200 OK 20 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/88420aa929955/main/0.jpeg
IP 188.72.235.185:0
File type gzip compressed data, max compression\012- data
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /thumbnail/88420aa929955/main/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: image/jpeg
content-length: 68249
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: MISS
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
151.101.85.229200 OK 84 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP 151.101.85.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (674)
Hash 6aa24421d085c85fe9b056ed6b00f4ca
b523984f3c64b308f2161af22aab93f1e7449970
1be1ad83f2bf92acac879af7b6ef4ac64719a9a3e33296767476872b4b0d50e2
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.243.0
x-jsd-version-type: version
etag: W/"33a00-wpy5+9RYylDfGju7cv4lX2Cj50o"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Sep 2022 20:54:03 GMT
age: 42208
x-served-by: cache-fra19165-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 83815
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 7b423ef61ece1b56232c7514e0c5a54b
6b055f708038803b843e753b1d3f93eb07924285
0d744d4b3ecced7732ac149d7835ff599da2319a620c7b7350feba67a99f3a52
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:04 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "60B5EA98C236C1A19A73A7EFE9FC1C2F76DE43B7"
Expires: Fri, 09 Sep 2022 07:00:00 GMT
Last-Modified: Thu, 08 Sep 2022 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2058
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747a93c2f8551c0e-OSL
xfantazy.com/_next/static/css/styles.f80584c6.chunk.css
104.26.1.188200 OK 16 kB URL HTTP/2 xfantazy.com/_next/static/css/styles.f80584c6.chunk.css
IP 104.26.1.188:0
File type ASCII text, with very long lines (24334)
Hash a8c2cf2c05f7c4398392153691dbcf9d
83724b617ad485a5b0c2a0883bac7501b3516ff8
5736d78c650de8d21b8513d5584e03e663225ad635da5b566293de7469b0dcd9
GET /_next/static/css/styles.f80584c6.chunk.css HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:04 GMT
content-type: text/css; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Fri, 05 Aug 2022 08:43:45 GMT
etag: W/"2fd40-1826d2cbfbc"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Du96gvn0%2F5WZPyL41EOYR9%2FCH1GC1Ehd1kuWsvNplCj6SqojngixATwzz9DeIJJ%2BW3CSy%2Bz4MxxLFdd9Z1rZYxHOJYfq3XL6BqBD%2FCuFGCvu4F6cm0pmFWK9Or0kaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c2a9a7b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/_app.js
104.26.1.188200 OK 74 kB URL HTTP/2 xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/_app.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash be657086b21973ab5d1fe18766b65a46
52b038388b5a8afc1d260aab6466468dc0c0a77a
938412e4c6e2be7f871dc1484db3db3ccf18eb03798e98f792e224b7be6a892d
GET /_next/static/3NacEFLLfmnQ5HlphqE-l/pages/_app.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:28 GMT
etag: W/"20e2f-1826d2b92e8"
cf-cache-status: HIT
age: 2981339
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqjXdIH85vKOKi3TQKSvznFNiViJifAVRmTBCvczaqFjvHhAE1gITn3%2BduISZmPwH%2BejlcFuZOMpl%2BRvof67GXtWCukYVQ3VG%2FY7paaBZZiwVNw8MQ3s5e7tJ40Leg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93beac18b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/runtime/webpack-f4d22593ad73f080a168.js
104.26.1.188200 OK 39 kB URL HTTP/2 xfantazy.com/_next/static/runtime/webpack-f4d22593ad73f080a168.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (12210), with no line terminators
Hash 38f989467bc65b83516c41c8705bae5c
8376a66b8933eedef04320017f38bfd70bcb5675
57550e3f3d2fdac864fcd4ee6b9a4499588e4ad52146e474434ce27c94aa13ab
GET /_next/static/runtime/webpack-f4d22593ad73f080a168.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:28 GMT
etag: W/"2fb2-1826d2b92c0"
cf-cache-status: HIT
age: 2981384
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKtGjhBY08ErIQ1LkALCsPgUrlyhhURatImMbqpDRRZSfy4bdDKJRrHxfBOW%2BYL3eNp7zUgf2RlkA3WZsi7hmE9l%2BjuZV2weXE%2F%2BxZnCjatiergzYCPb%2FCU6rN52Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93becc3ab4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/70.aeba4e9e28ccf1bae13a.js
104.26.1.188200 OK 805 B URL HTTP/2 xfantazy.com/_next/static/chunks/70.aeba4e9e28ccf1bae13a.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (1389), with no line terminators
Hash be30d94d7cf869f40fcbc95643655ca5
a8a77fd5b1ed8ce33781a4e44d760064ab030ded
34e7865137d7296801630cf66bac4b4483f30b654e20440723b8106aa4a3d963
GET /_next/static/chunks/70.aeba4e9e28ccf1bae13a.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"56d-181397f9e5d"
cf-cache-status: HIT
age: 8116707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYKYxjSSNijPilyPhgT0JE06JK8cWwJSqGfJVEMtKaavi5DoQUTEGFArlqWqFs33Ih1N%2BPiiimTearVfQt11D1HzH2b8c1Swq4vfK1r9EecvviyXV2olfr34REcLlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c39aeeb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dad8f08be4d6d5166c7f54004cb37c64
949b5738d5c880445510774f1da0e0af667308b3
398205f8248c3e00126eb21e6cb1d4e21a981a1b46d59ff4993e6023f33c6b9f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121614197-2&cid=505617016.1662670436&jid=1260945788&gjid=1451806679&_gid=708268016.1662670436&_u=YGBAiEABBAAAAE~&z=1232870529
142.251.1.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121614197-2&cid=505617016.1662670436&jid=1260945788&gjid=1451806679&_gid=708268016.1662670436&_u=YGBAiEABBAAAAE~&z=1232870529
IP 142.251.1.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121614197-2&cid=505617016.1662670436&jid=1260945788&gjid=1451806679&_gid=708268016.1662670436&_u=YGBAiEABBAAAAE~&z=1232870529 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://xfantazy.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 08 Sep 2022 20:54:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 541ad4053937a1ea05f7dd49b9a3f428
a507d3dfbbf4b551aa524bb785ba752cbadd7041
aba86d827f6af641e3b6c645e58e22e66582597f42f0f109d8eb80dc54358191
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ABA86D827F6AF641E3B6C645E58E22E66582597F42F0F109D8EB80DC54358191"
Last-Modified: Tue, 06 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14790
Expires: Fri, 09 Sep 2022 01:00:34 GMT
Date: Thu, 08 Sep 2022 20:54:04 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 745359d372160932e8030c0199354252
1590e053a17d05095a48538fc08ff06245bac4d6
e7f798120d5e587145e512941e7c090ec2720d30d216e241f5b6f96d5b2d1241
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 5293e4cba8ea34be7c86c69577870309
d420ff372d2cdfb01a23843ea4bc1ed704ce99a7
e1b0dfb6053e355a45a4187a0dd0ca12778ead4335d2360ba07fefdc74fbab2a
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:04 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 12 Sep 2022 18:12:17 GMT
ETag: "d420ff372d2cdfb01a23843ea4bc1ed704ce99a7"
Last-Modified: Thu, 08 Sep 2022 18:12:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3342
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747a93c6de3a1c0e-OSL
d192r5l88wrng7.cloudfront.net/?rwlrd=961956
54.230.245.16200 OK 112 kB URL HTTP/2 d192r5l88wrng7.cloudfront.net/?rwlrd=961956
IP 54.230.245.16:0
File type Unicode text, UTF-8 text, with very long lines (15952)
Size 112 kB (111886 bytes)
Hash 2698afd9671c7439301170b1a7d6c0ca
ac41249a1da5d59973e2ab3417642defcc3e84b6
54232ceb362145b5a847b0c4b9264771e8f1239a9e8c044998e45b010580cc40
GET /?rwlrd=961956 HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 111886
date: Thu, 08 Sep 2022 20:54:04 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 50borQlE-U-8QzLaS0AcecrzNETIWkPUWTChNvOzzkzXtRKo8MtWBw==
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1040%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205356%3Aet%3A1662670436%3Ac%3A1%3Arn%3A65737396%3Arqn%3A1%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C20%2C318%2C0%2C353%2C0%2C%2C247%2C7%2C%2C%2C%2C1046%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670436%3At%3APaige%20Owens%20Prince%20Yahshua%20-%20Paige%20Owens%20Gets%20Caught%20Blowing%20A%20Cop%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
93.158.134.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1040%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205356%3Aet%3A1662670436%3Ac%3A1%3Arn%3A65737396%3Arqn%3A1%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C20%2C318%2C0%2C353%2C0%2C%2C247%2C7%2C%2C%2C%2C1046%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670436%3At%3APaige%20Owens%20Prince%20Yahshua%20-%20Paige%20Owens%20Gets%20Caught%20Blowing%20A%20Cop%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 5e1d28d6c11d779600d861165e2b806e
62ef18ff4800552c3e70def4b021aa27af8da498
0e9b9285e26ed28a7fd68829b257d732b17fb60a3aea75b164c217198f9d02a5
GET /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1040%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205356%3Aet%3A1662670436%3Ac%3A1%3Arn%3A65737396%3Arqn%3A1%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C20%2C318%2C0%2C353%2C0%2C%2C247%2C7%2C%2C%2C%2C1046%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670436%3At%3APaige%20Owens%20Prince%20Yahshua%20-%20Paige%20Owens%20Gets%20Caught%20Blowing%20A%20Cop%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Thu, 08 Sep 2022 20:54:04 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 08-Sep-2022 20:54:04 GMT
last-modified: Thu, 08-Sep-2022 20:54:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1575d6872f4e0ff1203c7fb9f5e6b1aa
88509c5515d0c36eb9cd4a1c0f88708da42e50c7
cfa8658eef5311e581a5430dc6d13f81fb5581ccff85ff1962512d3cf83e7a21
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CFA8658EEF5311E581A5430DC6D13F81FB5581CCFF85FF1962512D3CF83E7A21"
Last-Modified: Tue, 06 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19558
Expires: Fri, 09 Sep 2022 02:20:02 GMT
Date: Thu, 08 Sep 2022 20:54:04 GMT
Connection: keep-alive
xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/top.js
104.26.1.188200 OK 1.0 kB URL HTTP/2 xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/top.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (1410), with no line terminators
Hash cd4fab2e95e7b8030482f331deb606a9
87010285b5276108443b1b3548f171d1e1c35630
e0374d5886b58aa554eeefb328778a2eb79f244158e793d5c2f5d827f548ed1c
GET /_next/static/3NacEFLLfmnQ5HlphqE-l/pages/top.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiJmMjkzNmRiYjVmMGI4IiwiaWF0IjoxNjYyNjcwNDQ0LCJleHAiOjE2NjMyNzUyNDR9.q_0MG9R3Zy4ZMWaviYqBUmusd-vowTIyrlFuOzgcOU0; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiMWU4N2M2YThhN2FkMiIsImlhdCI6MTY2MjY3MDQ0NCwiZXhwIjoxNjY1MjYyNDQ0fQ.RSMEvDTB1DXcnrJWMEmk6Hoon8OEgjmKBmOZ9r8Is-E; _ga=GA1.2.505617016.1662670436; _gid=GA1.2.708268016.1662670436; _dc_gtm_UA-121614197-2=1; _ym_uid=16626704361038515420; _ym_d=1662670436; visitorGetPop=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:28 GMT
etag: W/"582-1826d2b94a4"
cf-cache-status: HIT
age: 2981331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0udmIR%2FPKVbSEUYSf9kGR%2BAYY1sYCb4d%2BUBBHWbKVH2%2BDx2QGXtwGVG4%2FgDCjA0NrUPnuVaDijUlo%2Bhc0t2OXmB4DmhRzM%2BfjqDO8aliDLkp9sW3c3AutT1X3TGQlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c63f89b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1575d6872f4e0ff1203c7fb9f5e6b1aa
88509c5515d0c36eb9cd4a1c0f88708da42e50c7
cfa8658eef5311e581a5430dc6d13f81fb5581ccff85ff1962512d3cf83e7a21
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CFA8658EEF5311E581A5430DC6D13F81FB5581CCFF85FF1962512D3CF83E7A21"
Last-Modified: Tue, 06 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19558
Expires: Fri, 09 Sep 2022 02:20:02 GMT
Date: Thu, 08 Sep 2022 20:54:04 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1575d6872f4e0ff1203c7fb9f5e6b1aa
88509c5515d0c36eb9cd4a1c0f88708da42e50c7
cfa8658eef5311e581a5430dc6d13f81fb5581ccff85ff1962512d3cf83e7a21
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CFA8658EEF5311E581A5430DC6D13F81FB5581CCFF85FF1962512D3CF83E7A21"
Last-Modified: Tue, 06 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19558
Expires: Fri, 09 Sep 2022 02:20:02 GMT
Date: Thu, 08 Sep 2022 20:54:04 GMT
Connection: keep-alive
addresseetransportationsyndrome.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 addresseetransportationsyndrome.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37154), with no line terminators
Hash c0dca3f8f2f440967972a7d401a4c25b
3e5285a5475153a51d3a79eaf8991188a6c8c960
e4f72d4c8a55a3b6c687a0dea0fdb507102be223c417f3a8994de4e5b09c90b9
GET /a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js HTTP/1.1
Host: addresseetransportationsyndrome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 08 Sep 2022 20:54:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2420725f56be0b431ee5295d6812ecc0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
rnoddenkn.asia/ekU2WFobJ1U1ZRt4VH4vCCkLfWg8YAQePkt8BCpvFn0OLygUIgF2ORYqQzw8CCpYLHQUIEJ9aDwtZw0cPBBcHTM2LEVoHhAQWRENQgxSaxhCH0E8NDE/b2ECAAMOGhggP3VrGykDfixqNxRdahg9JgcIICMIVQ85CggHYDccAntrAgMPDjwSKBR8CxROH147azcWWW0ePhRAEQ4eHX0bYh0LXjtqMw1RfWg8HVwrNTERAwkAMghyAiJDPWwQPhMCYjQtHg1VGxtIFwUBNkoqeiIbCwN+FiIqElkQEhQhTjwtMwFsED4TFEw8MR4texE+SHwHPSIoP1ULdzN2YzE1DxxxGmkZdnBoAx0DQTsCKHZ3ax8UCXUaDzA8AmE+DQh+PRI0fXcPOUogcRV8EDZZNipHBHIaEEsScBJvCglSbQ
172.67.140.96200 OK 1.2 kB URL HTTP/2 rnoddenkn.asia/ekU2WFobJ1U1ZRt4VH4vCCkLfWg8YAQePkt8BCpvFn0OLygUIgF2ORYqQzw8CCpYLHQUIEJ9aDwtZw0cPBBcHTM2LEVoHhAQWRENQgxSaxhCH0E8NDE/b2ECAAMOGhggP3VrGykDfixqNxRdahg9JgcIICMIVQ85CggHYDccAntrAgMPDjwSKBR8CxROH147azcWWW0ePhRAEQ4eHX0bYh0LXjtqMw1RfWg8HVwrNTERAwkAMghyAiJDPWwQPhMCYjQtHg1VGxtIFwUBNkoqeiIbCwN+FiIqElkQEhQhTjwtMwFsED4TFEw8MR4texE+SHwHPSIoP1ULdzN2YzE1DxxxGmkZdnBoAx0DQTsCKHZ3ax8UCXUaDzA8AmE+DQh+PRI0fXcPOUogcRV8EDZZNipHBHIaEEsScBJvCglSbQ
IP 172.67.140.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3019), with no line terminators
Hash ea4994f5260a5e54e2c76a80f930643a
ccfd3077b8708d8e101574cbb9e32345b12f7cd0
9a588d4f701fa5541f5e7d4f40b56bf1ae195fd73379a699d2e1455af1cd0e3d
GET /ekU2WFobJ1U1ZRt4VH4vCCkLfWg8YAQePkt8BCpvFn0OLygUIgF2ORYqQzw8CCpYLHQUIEJ9aDwtZw0cPBBcHTM2LEVoHhAQWRENQgxSaxhCH0E8NDE/b2ECAAMOGhggP3VrGykDfixqNxRdahg9JgcIICMIVQ85CggHYDccAntrAgMPDjwSKBR8CxROH147azcWWW0ePhRAEQ4eHX0bYh0LXjtqMw1RfWg8HVwrNTERAwkAMghyAiJDPWwQPhMCYjQtHg1VGxtIFwUBNkoqeiIbCwN+FiIqElkQEhQhTjwtMwFsED4TFEw8MR4texE+SHwHPSIoP1ULdzN2YzE1DxxxGmkZdnBoAx0DQTsCKHZ3ax8UCXUaDzA8AmE+DQh+PRI0fXcPOUogcRV8EDZZNipHBHIaEEsScBJvCglSbQ HTTP/1.1
Host: rnoddenkn.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:04 GMT
content-type: text/html
content-length: 1176
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghA9XGrGxf9srQuwGilVTaQKJmuhmpJuDnSmekr6JWKWxVBOBxfZSSDGNZjUWWjdmUzQ5hepdhUQHYKPRBvu0MJH6hpFXFcq5s1x7qgYC%2BLxAv8weC%2FaGgdVrKzE7gneJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c7dd8bb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rnoddenkn.asia/WVoxTTU4OFIgCjhnU2tAKzYMaAcffwMLUWhjAz8ANWIJOkc3PQZjVjU1RClTKzVfORs3P0VoBx8efAtRHwx1D2EWGUI0cWkLFH93EA1aB3c0DAAXZBANYRlsbgJaD0QdCwA0UGsXfQxiMR9zf3g+CV0fRD0Cey5gDTFYLGcDDH4ebykbYxQHEA5oA3cRH0YDZGg+fgkNYAJ3OgcAHWt/dwE2AC5kEBtXNwQ1G2MbXhtpdA50HSlCAl4PE1IjUTIJcCVdHjd4CHMOC3kuZBAbexl7IRsCC0A6aV4McgEQAhdzPQx/DgFuHGAEZz1oYA90Hj4BF3QcDGsVGAwjZhh8IBNLOXwfDWQJVwgDVBcHFDJ1HHB/MEIiWylneRR3Em5/GG0tCg
172.67.140.96200 OK 1.2 kB URL HTTP/2 rnoddenkn.asia/WVoxTTU4OFIgCjhnU2tAKzYMaAcffwMLUWhjAz8ANWIJOkc3PQZjVjU1RClTKzVfORs3P0VoBx8efAtRHwx1D2EWGUI0cWkLFH93EA1aB3c0DAAXZBANYRlsbgJaD0QdCwA0UGsXfQxiMR9zf3g+CV0fRD0Cey5gDTFYLGcDDH4ebykbYxQHEA5oA3cRH0YDZGg+fgkNYAJ3OgcAHWt/dwE2AC5kEBtXNwQ1G2MbXhtpdA50HSlCAl4PE1IjUTIJcCVdHjd4CHMOC3kuZBAbexl7IRsCC0A6aV4McgEQAhdzPQx/DgFuHGAEZz1oYA90Hj4BF3QcDGsVGAwjZhh8IBNLOXwfDWQJVwgDVBcHFDJ1HHB/MEIiWylneRR3Em5/GG0tCg
IP 172.67.140.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2992), with no line terminators
Hash 5c23ddf9213eb7fa17b305450dcb05b2
66112bac7e3cb2163b64a8e22a467821cbc9b0c3
376cb92a4fe0545e632311e9d9306f65f59273ad3cab8e652f7ae4af5fd889f7
GET /WVoxTTU4OFIgCjhnU2tAKzYMaAcffwMLUWhjAz8ANWIJOkc3PQZjVjU1RClTKzVfORs3P0VoBx8efAtRHwx1D2EWGUI0cWkLFH93EA1aB3c0DAAXZBANYRlsbgJaD0QdCwA0UGsXfQxiMR9zf3g+CV0fRD0Cey5gDTFYLGcDDH4ebykbYxQHEA5oA3cRH0YDZGg+fgkNYAJ3OgcAHWt/dwE2AC5kEBtXNwQ1G2MbXhtpdA50HSlCAl4PE1IjUTIJcCVdHjd4CHMOC3kuZBAbexl7IRsCC0A6aV4McgEQAhdzPQx/DgFuHGAEZz1oYA90Hj4BF3QcDGsVGAwjZhh8IBNLOXwfDWQJVwgDVBcHFDJ1HHB/MEIiWylneRR3Em5/GG0tCg HTTP/1.1
Host: rnoddenkn.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:04 GMT
content-type: text/html
content-length: 1154
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AaBkT08I8qRnZz8F2pko0WYEpi5fXG0VL3NV2wA9Ca4uXM0izT1m4fO8yNpFySL7IoLqnizz8veVzV40VdGow8TEAza2k2rM%2BEBA0ZA9zGTg5IKHHqAYXdy%2FWsCM9WARrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c80deab4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ebodyfairesra.xyz/NnM2S2gZTFU4VXhDZH4lBhxwLy0OOFMKKgcidwFQdEBkGypYRxA/AVJOD31ZD0YAbRhfFwt4WhAAQiocQwALeVgGRBAiBlAcC3pOQE4GZVAYShh6TkNOB20cRhJRdlkQA0I/BAtCAH1aAEQGf1sARANz
104.21.87.91204 No Content 0 B URL HTTP/2 ebodyfairesra.xyz/NnM2S2gZTFU4VXhDZH4lBhxwLy0OOFMKKgcidwFQdEBkGypYRxA/AVJOD31ZD0YAbRhfFwt4WhAAQiocQwALeVgGRBAiBlAcC3pOQE4GZVAYShh6TkNOB20cRhJRdlkQA0I/BAtCAH1aAEQGf1sARANz
IP 104.21.87.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NnM2S2gZTFU4VXhDZH4lBhxwLy0OOFMKKgcidwFQdEBkGypYRxA/AVJOD31ZD0YAbRhfFwt4WhAAQiocQwALeVgGRBAiBlAcC3pOQE4GZVAYShh6TkNOB20cRhJRdlkQA0I/BAtCAH1aAEQGf1sARANz HTTP/1.1
Host: ebodyfairesra.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 08 Sep 2022 20:54:04 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ph8uTlk%2FHhRabMFw89A%2FwEgnm%2FFCey%2BD50kA%2F2edKr3hj94xrh5E8Tjik4zUNxcnKzmHfTFn1NgHMDipalHg2Nz7AWZ1Gt8LgB5Z2u3Cz0JTrYEJOONjZ%2Fc68QRGpXb%2FKia2yw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c84cfeb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ebodyfairesra.xyz/dGlHaHdbViQbSiM8DQAkIi81CxsQHh5aQg4+DwAZFTENMBEzPGEcHhBUfl5GTVxxTgcdDXpbRVIaMwkDARp6WVEdByEHSlIfelhZTEd+RkZSHHpZUQAZJg9KRU83HAMYVHZeQUZfcFhDR19wXUI
104.21.87.91204 No Content 0 B URL HTTP/2 ebodyfairesra.xyz/dGlHaHdbViQbSiM8DQAkIi81CxsQHh5aQg4+DwAZFTENMBEzPGEcHhBUfl5GTVxxTgcdDXpbRVIaMwkDARp6WVEdByEHSlIfelhZTEd+RkZSHHpZUQAZJg9KRU83HAMYVHZeQUZfcFhDR19wXUI
IP 104.21.87.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dGlHaHdbViQbSiM8DQAkIi81CxsQHh5aQg4+DwAZFTENMBEzPGEcHhBUfl5GTVxxTgcdDXpbRVIaMwkDARp6WVEdByEHSlIfelhZTEd+RkZSHHpZUQAZJg9KRU83HAMYVHZeQUZfcFhDR19wXUI HTTP/1.1
Host: ebodyfairesra.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 08 Sep 2022 20:54:04 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQ%2Biyz6rw1X0%2BUr8P9JvIVhh3tR2mpHTYrHJM%2F%2FeGvkMF0MBZDUr7d%2FPFWYqYDEYbO6H6MUgowsiTGgMZu7ZjBoBgAGgIWz%2BkYn%2BFU45oaoHRwvRU4qm%2FXTv1nbsVVkU07ZTow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c85d42b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rnoddenkn.asia/SlZ0eW0rNBcUUitrFl8YODpJXF8Mc0Y/CXtvRgtYJm5MDh8kMUNXDiY5AR0LODkaDUMkMwBcXwwZFgMjIRgiEiASFwQtNyIiFTgsIjEjKCsfFDNIJx0EEBgjMm47PzsDJT0+KxIyDR5VEC4QGgsyIj44LCImJy9VDAEOTD4MBzIbIiYfNygBG28wKFgbEw1JCxIXTDAkPRg2OAEpIzMvHgICLEEMHzoYICMiABU6KyFiJx4oIxc8HQsMOi0/Dhg1Ny8/CCc4KzcdFCAsKhIEMjcLDGYwMSx7IDk4OxsTMxYZDDotPyYyPSMvXhgxIytcHx48AQkLIVk3PAUxJho8GzUSITwEADYuAS8XRSw8K2dNLykfNUw6Oz01MT4eOhUYMA8rAxg+OhsHUhMeJTgERBwtIzsrXggnJy0eIw
172.67.140.96200 OK 1.2 kB URL HTTP/2 rnoddenkn.asia/SlZ0eW0rNBcUUitrFl8YODpJXF8Mc0Y/CXtvRgtYJm5MDh8kMUNXDiY5AR0LODkaDUMkMwBcXwwZFgMjIRgiEiASFwQtNyIiFTgsIjEjKCsfFDNIJx0EEBgjMm47PzsDJT0+KxIyDR5VEC4QGgsyIj44LCImJy9VDAEOTD4MBzIbIiYfNygBG28wKFgbEw1JCxIXTDAkPRg2OAEpIzMvHgICLEEMHzoYICMiABU6KyFiJx4oIxc8HQsMOi0/Dhg1Ny8/CCc4KzcdFCAsKhIEMjcLDGYwMSx7IDk4OxsTMxYZDDotPyYyPSMvXhgxIytcHx48AQkLIVk3PAUxJho8GzUSITwEADYuAS8XRSw8K2dNLykfNUw6Oz01MT4eOhUYMA8rAxg+OhsHUhMeJTgERBwtIzsrXggnJy0eIw
IP 172.67.140.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators
Hash 402ea5487ed54b3e6bcd3d312bfa99a8
552bf23da27f64b7c7c876ce9e28fa47cbb232e3
ec67ab9cc4faee9898c53ee4fc6eebd91a5be074c4eecb2548036f8e39e4f0f5
GET /SlZ0eW0rNBcUUitrFl8YODpJXF8Mc0Y/CXtvRgtYJm5MDh8kMUNXDiY5AR0LODkaDUMkMwBcXwwZFgMjIRgiEiASFwQtNyIiFTgsIjEjKCsfFDNIJx0EEBgjMm47PzsDJT0+KxIyDR5VEC4QGgsyIj44LCImJy9VDAEOTD4MBzIbIiYfNygBG28wKFgbEw1JCxIXTDAkPRg2OAEpIzMvHgICLEEMHzoYICMiABU6KyFiJx4oIxc8HQsMOi0/Dhg1Ny8/CCc4KzcdFCAsKhIEMjcLDGYwMSx7IDk4OxsTMxYZDDotPyYyPSMvXhgxIytcHx48AQkLIVk3PAUxJho8GzUSITwEADYuAS8XRSw8K2dNLykfNUw6Oz01MT4eOhUYMA8rAxg+OhsHUhMeJTgERBwtIzsrXggnJy0eIw HTTP/1.1
Host: rnoddenkn.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:04 GMT
content-type: text/html
content-length: 1171
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQTlQYNrsV%2FBrEh6b7IV4NrhRuBZC%2BtKvDKyNfKrx0bGVVZO3Gx3BjWFGO9nHW2V4tKiB5rDUKPbt1BR4I%2FxlIp5cG4gS2gd3BRW5oNbpYSaxQNSo9BMygAhdHeuP%2FPcnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c83e04b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/index.js
104.26.1.188200 OK 1.5 kB URL HTTP/2 xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/index.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (695), with no line terminators
Hash 208367a92d57ce0af1ac095b232418e9
31d03d5eeab9bbd7814ca5a16f8464836da56b85
15e49d0135d3cb75977e472b888f7ff209d48293e9827800bf1664bd2b8b6e14
GET /_next/static/3NacEFLLfmnQ5HlphqE-l/pages/index.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiJmMjkzNmRiYjVmMGI4IiwiaWF0IjoxNjYyNjcwNDQ0LCJleHAiOjE2NjMyNzUyNDR9.q_0MG9R3Zy4ZMWaviYqBUmusd-vowTIyrlFuOzgcOU0; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiMWU4N2M2YThhN2FkMiIsImlhdCI6MTY2MjY3MDQ0NCwiZXhwIjoxNjY1MjYyNDQ0fQ.RSMEvDTB1DXcnrJWMEmk6Hoon8OEgjmKBmOZ9r8Is-E; _ga=GA1.2.505617016.1662670436; _gid=GA1.2.708268016.1662670436; _dc_gtm_UA-121614197-2=1; _ym_uid=16626704361038515420; _ym_d=1662670436; visitorGetPop=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:28 GMT
etag: W/"2b7-1826d2b92e8"
cf-cache-status: HIT
age: 2981331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHHzT00KkoKZaYwXXWEEk771u3bWg1Ab41XH31zJ9SgIReCQ%2BPDBhEA561O3dsSclPulsjOweYZlV6f4UFKsSfOf0oJGWtw4KVagN0jjZ0j%2BWFYLmjQRK6mm6ybFRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c63f7cb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
ebodyfairesra.xyz/bWtxVXRCVBImSTsBPwAQOA8ZFyMrIxc4MSkxNA8ONxwBMiA1KlchHQlWSGNGXVpDcwQED0xkTEsYBTQAGBhMZFIEBRc6SUsdTGRaXUVAe0dLHkxkUhkbEDJJXE0BIQABVkBjQl9dRmVAXl1GY0w
104.21.87.91204 No Content 0 B URL HTTP/2 ebodyfairesra.xyz/bWtxVXRCVBImSTsBPwAQOA8ZFyMrIxc4MSkxNA8ONxwBMiA1KlchHQlWSGNGXVpDcwQED0xkTEsYBTQAGBhMZFIEBRc6SUsdTGRaXUVAe0dLHkxkUhkbEDJJXE0BIQABVkBjQl9dRmVAXl1GY0w
IP 104.21.87.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bWtxVXRCVBImSTsBPwAQOA8ZFyMrIxc4MSkxNA8ONxwBMiA1KlchHQlWSGNGXVpDcwQED0xkTEsYBTQAGBhMZFIEBRc6SUsdTGRaXUVAe0dLHkxkUhkbEDJJXE0BIQABVkBjQl9dRmVAXl1GY0w HTTP/1.1
Host: ebodyfairesra.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 08 Sep 2022 20:54:04 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cr9Wxsf8gjPCcY9Y5%2Bm0fiLEYCetbnccWkGj8iAhX44cAIyOVEB9%2BIIod3U%2BlYP3rjKXTu2327p1nyUilgKcLTap940pNCzunoTjiWxgHmPYWLFD%2BwfAuBy0WuhGySESbjj0jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c85d37b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1575d6872f4e0ff1203c7fb9f5e6b1aa
88509c5515d0c36eb9cd4a1c0f88708da42e50c7
cfa8658eef5311e581a5430dc6d13f81fb5581ccff85ff1962512d3cf83e7a21
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CFA8658EEF5311E581A5430DC6D13F81FB5581CCFF85FF1962512D3CF83E7A21"
Last-Modified: Tue, 06 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19558
Expires: Fri, 09 Sep 2022 02:20:02 GMT
Date: Thu, 08 Sep 2022 20:54:04 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 0eaa482920c47bd42030d69b28e5e08c
a59d707d2339350a0d681acf3d1e7bcb5e67bfae
0dae39030f55d48f02b69ee4d1d4b728128b8559a8bd8a0ea43abac1c42e7a70
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146804
Date: Thu, 08 Sep 2022 20:54:05 GMT
Etag: "6319e082-1d7"
Expires: Sat, 10 Sep 2022 13:40:49 GMT
Last-Modified: Thu, 08 Sep 2022 12:30:58 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ntdt7tqn1GVaAPQmvN9NOfOpssndYwyyQOd02zvDgy9tiHvtK_QFug==
Age: 4191
d192r5l88wrng7.cloudfront.net/hQUFFUjEiLis0DjUoIW8Id3B8ZwdnKzY9XzF8BBZzC3ASFHt0MQk2BGc1PzYMcWcpM18mfGM3XyJ8dHRQJSN4Zhc1MSo5DDQvITdXKC8gNhc0IHg/XjsoKT5QZHMDZx9xZHdiGTlwdHcCA2R3Yl0oLzAqFHNxPWoHHndxdwIDZHdiQzdkdhMId291exRzcS-I3UiouYGB3c3F0YgFwcXR3A3EnLCBUJy49dwMHeHN8AWc0eGM
54.230.245.16200 OK 329 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/hQUFFUjEiLis0DjUoIW8Id3B8ZwdnKzY9XzF8BBZzC3ASFHt0MQk2BGc1PzYMcWcpM18mfGM3XyJ8dHRQJSN4Zhc1MSo5DDQvITdXKC8gNhc0IHg/XjsoKT5QZHMDZx9xZHdiGTlwdHcCA2R3Yl0oLzAqFHNxPWoHHndxdwIDZHdiQzdkdhMId291exRzcS-I3UiouYGB3c3F0YgFwcXR3A3EnLCBUJy49dwMHeHN8AWc0eGM
IP 54.230.245.16:0
File type ASCII text, with very long lines (405), with no line terminators
Hash e639be3ce9ce368fb967ea9d4d1fb0f6
57893501aac92d1873048a7bb133455b6f7d8e4e
6492b91cb7cca1c6785b1851bce4e2462230878ad982895cb66f6eca3080df4c
GET /hQUFFUjEiLis0DjUoIW8Id3B8ZwdnKzY9XzF8BBZzC3ASFHt0MQk2BGc1PzYMcWcpM18mfGM3XyJ8dHRQJSN4Zhc1MSo5DDQvITdXKC8gNhc0IHg/XjsoKT5QZHMDZx9xZHdiGTlwdHcCA2R3Yl0oLzAqFHNxPWoHHndxdwIDZHdiQzdkdhMId291exRzcS-I3UiouYGB3c3F0YgFwcXR3A3EnLCBUJy49dwMHeHN8AWc0eGM HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rnoddenkn.asia/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 329
date: Thu, 08 Sep 2022 20:54:05 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gF45jVP2p17tR-BEfKzHqPfyRYwrtLcJPuy-dAWFFG69s_XmZmAUEw==
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.172.243200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.172.243:0
File type ASCII text, with no line terminators
Hash b347c1c33977e4c24dcf2fde323364e0
5bee1f5c01a7040b9fbd42d5419fd311cc2936de
b722cc9293b6ccefe5f8b39147772905e8e423eeb5dc56403887e6468551393e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:05 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
set-cookie: uid_id2=67490d78-d153-487b-bfc0-c57d76341fd6:3:1; expires=Sun, 05 Sep 2032 20:54:05 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/DMFdFVDBTOCsyD0Q+IWkJBmV1ZQIWPTY7XkBqDQ1ye2MLAWhEB2MgSlRqdXJcUTkiaRZVOSZpARY2ITYNBHEwNQ1dOD89XFw2YGZ2BXl1cQIAfz1lARVkB3ECADssOkVIcndkSAhhGmIEFWQHcQIAJTNxA3Fuc3oAGXJ3ZFdVNC47FQIRd2QBAGd0ZAEVZX-UyWUIyIztIFWUDbQYeZ2MhDQE
54.230.245.16200 OK 185 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/DMFdFVDBTOCsyD0Q+IWkJBmV1ZQIWPTY7XkBqDQ1ye2MLAWhEB2MgSlRqdXJcUTkiaRZVOSZpARY2ITYNBHEwNQ1dOD89XFw2YGZ2BXl1cQIAfz1lARVkB3ECADssOkVIcndkSAhhGmIEFWQHcQIAJTNxA3Fuc3oAGXJ3ZFdVNC47FQIRd2QBAGd0ZAEVZX-UyWUIyIztIFWUDbQYeZ2MhDQE
IP 54.230.245.16:0
File type ASCII text, with no line terminators
Hash 81fef2e28e7d16e48e7d63af2dd28a50
ef160ccbac94cf9f0b6f11de06c494a53224a30c
c3198f8ead2a4afb092bb5ea6cceabd6ddbbebd9642252f5f51531767dc4be27
GET /DMFdFVDBTOCsyD0Q+IWkJBmV1ZQIWPTY7XkBqDQ1ye2MLAWhEB2MgSlRqdXJcUTkiaRZVOSZpARY2ITYNBHEwNQ1dOD89XFw2YGZ2BXl1cQIAfz1lARVkB3ECADssOkVIcndkSAhhGmIEFWQHcQIAJTNxA3Fuc3oAGXJ3ZFdVNC47FQIRd2QBAGd0ZAEVZX-UyWUIyIztIFWUDbQYeZ2MhDQE HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rnoddenkn.asia/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 185
date: Thu, 08 Sep 2022 20:54:05 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t31aX4p90iMevZ_Jb2y1NihVF97ohlrLwnwVBN0Dj1ngy1yQJKqrsg==
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/ObzNkNVkMXApTZhtaAAhgWQFUBG1JWRdaNx8OFVIsIGFXdyg8ZxdcfxtJAAhpSV8FWz5SFQFbOlICQlQ9DQ5QEy0fXA8IIwNBAlcuGVsHTX8aUllYNhVaCFk4SgEiAHdfFlYFcRcCVRBqLRZWBTUGXRFNfF0DHA1vMAVQEGotFlYFKxkWV3RgWR1UHHxdAw-NQOgRcQQcfXQNVBWleA1UQa19VDUc8CVwcEGspClIbaUlGWQQ
54.230.245.16200 OK 604 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/ObzNkNVkMXApTZhtaAAhgWQFUBG1JWRdaNx8OFVIsIGFXdyg8ZxdcfxtJAAhpSV8FWz5SFQFbOlICQlQ9DQ5QEy0fXA8IIwNBAlcuGVsHTX8aUllYNhVaCFk4SgEiAHdfFlYFcRcCVRBqLRZWBTUGXRFNfF0DHA1vMAVQEGotFlYFKxkWV3RgWR1UHHxdAw-NQOgRcQQcfXQNVBWleA1UQa19VDUc8CVwcEGspClIbaUlGWQQ
IP 54.230.245.16:0
File type ASCII text, with very long lines (832), with no line terminators
Hash 52d315a147d89aae9b539bd40caa0948
7cb9ad74458eecb19c6c5c1c7ef2fc8c3f75e509
9bf5b1148ebc6d3416fa05b875d2ed6ee8e228fd3574c5ed588734b471c52264
GET /ObzNkNVkMXApTZhtaAAhgWQFUBG1JWRdaNx8OFVIsIGFXdyg8ZxdcfxtJAAhpSV8FWz5SFQFbOlICQlQ9DQ5QEy0fXA8IIwNBAlcuGVsHTX8aUllYNhVaCFk4SgEiAHdfFlYFcRcCVRBqLRZWBTUGXRFNfF0DHA1vMAVQEGotFlYFKxkWV3RgWR1UHHxdAw-NQOgRcQQcfXQNVBWleA1UQa19VDUc8CVwcEGspClIbaUlGWQQ HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rnoddenkn.asia/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 604
date: Thu, 08 Sep 2022 20:54:05 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qy84qzV9mexlaltNEjdmvx9UL_AAKCjm5UwzccNU0veepokAP8RsxA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2719
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 20:54:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2719
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 20:54:05 GMT
Connection: keep-alive
xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/categories.js
104.26.1.188200 OK 4.2 kB URL HTTP/2 xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/categories.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (9227), with no line terminators
Hash bd1e18215a91dbbfa650eb6ebb2c0086
e5eb7d8713f59937277681757616bd063e04421a
33bddee2e89ffa190c0c6465cb6406bbd4f8cc1d8029587bfa0529447f85da22
GET /_next/static/3NacEFLLfmnQ5HlphqE-l/pages/categories.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiJmMjkzNmRiYjVmMGI4IiwiaWF0IjoxNjYyNjcwNDQ0LCJleHAiOjE2NjMyNzUyNDR9.q_0MG9R3Zy4ZMWaviYqBUmusd-vowTIyrlFuOzgcOU0; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiMWU4N2M2YThhN2FkMiIsImlhdCI6MTY2MjY3MDQ0NCwiZXhwIjoxNjY1MjYyNDQ0fQ.RSMEvDTB1DXcnrJWMEmk6Hoon8OEgjmKBmOZ9r8Is-E; _ga=GA1.2.505617016.1662670436; _gid=GA1.2.708268016.1662670436; _dc_gtm_UA-121614197-2=1; _ym_uid=16626704361038515420; _ym_d=1662670436; visitorGetPop=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:28 GMT
etag: W/"240b-1826d2b92e8"
cf-cache-status: HIT
age: 2981331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3H7P4JQMlhEoGfLltJ3O%2BLT4Rk%2FfupEHQeE6pTWO3W6EGIISspngKXOGMekTs9xT0Mz2hUB6LV1b1S5ZL22C5K%2FA63Xcs7hhaYqVguY4c%2FEBrK42IqL9ZNoUfMlk1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c64f8eb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2719
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 20:54:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1cd778a615e9a4ca3a25119790398434
d6daca74fc85d39274b3c7536f34528bef93ae97
e6b5a7a525e314e09c30985b22da7c34806df09cbe98ad52b00dcbf93a0dc054
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7251
x-amzn-requestid: 26b2021a-4440-47ce-8dba-d971cae60cc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9bmHcmoAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f7d-5471edce7de2374c3b8af888;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: d3MrDEyDFDylQKyfxONQ12_7IBvRAg8o0rSZ64WNRGNvDHqQyDmqJA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:17:17 GMT
age: 81408
etag: "d6daca74fc85d39274b3c7536f34528bef93ae97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 05:29:44 GMT
age: 55461
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xfantazy.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662667200
104.26.1.188200 OK 15 kB URL HTTP/2 xfantazy.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662667200
IP 104.26.1.188:0
File type ASCII text, with very long lines (40921), with no line terminators
Hash d8da39ba612f01f61975f8300b5f29e2
f215ef6bbfc109e70035264200144bc601cf86f4
e75919f558463e11e15c571f1c552612b92b4bc5c7cf1d6af614d67aad423feb
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662667200 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-control-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4QTMKJ7iv7EE%2BdQqt100AkG3rFG6Gx56AzTDKQDQ8vE%2Fz9BsfTCSZFgXvs12ssZDVICZeaTwIECgs0Z6O%2Bn2Tp%2Fq22gK5KvNjQoOfu%2BIwev71X8UmserG%2BeAKlYag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c02e19b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca5b5d4ac26d97b5729a30ecdc688bc
3e633bc6c4ab9adfe84899e5209d73bef1d097eb
2c8275d1819d933f86df9685b76aea030842ba5a341c59ea88ffd2da99a5a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7885
x-amzn-requestid: 305dc6b7-eb3d-40ad-af89-8b60be935637
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThE3DIAMFRtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7c0b58644e26de7f27c5b388;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: MG4_YJuVqfSCQ80FTdo5XU8xIi74XtILVbIQAbByh54QNOoMJCyS-Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:47:05 GMT
age: 83220
etag: "3e633bc6c4ab9adfe84899e5209d73bef1d097eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 09267c271a56ba4c2d4197543f264fac
67ae4acd88571da51b81fa7ed963b7f2a71845b4
906163f9e1bb8908ae7fcfbf4debc2a42fd14a3f90c8814536025a57ee851dbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8162
x-amzn-requestid: decb1d93-bcc9-4a71-a054-c537ad7d1add
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJvndF1fIAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2c95-27cef2465fd0e6c849da81af;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:55:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: C_J0m9xfkCb5qsoO934KB2Ldk1-yMaMXkgiv9gWus7JqjN3M_HCpdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 18:01:20 GMT
age: 10365
etag: "67ae4acd88571da51b81fa7ed963b7f2a71845b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f1e86d2ddbc9e712bef1dad1b5166687
a7708dcb8822d53706beb0c6a5feb021eab57d9d
946849b7035bc3e384c8323c7bbb73ecf182baf5d9b3214ebc78359a6957f3ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4114
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:05 GMT
Last-Modified: Thu, 08 Sep 2022 19:45:31 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f73ee4e91b38eaa36cadd4c437785f8
6ceea057f5ae50b9cef505da0a358e3d3b7d6a38
778d28e14b28c154843403470136d0efdcdd5e93e4b5aab784c12d4344e7af6f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11365
x-amzn-requestid: d50039cd-381c-4221-997e-9231d40ecfbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9V0EHEoAMFeag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f58-11cab61904bd14462cd13d0d;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qhobt81rs5gqg8hcr1Su3J3MNFt4_gR2hLHkIl5xDDS1HF9g_3ecCg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:40:35 GMT
age: 80010
etag: "6ceea057f5ae50b9cef505da0a358e3d3b7d6a38"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a07d553b6441514870ed7e9e989a29a7
98c145b9326d1e6036fa9089d87a25232dd45b0b
373a586b596016baeb8de98022207c25af24c099c06077edbdfd837cffc31a0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7492
x-amzn-requestid: 2c5e9ff3-c7a4-4a8f-96bf-74f0ca5d9137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9dOHguIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f87-70dbe6532b1a241e6dbe729e;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lbCmv9fV9iBGOQvxRzleYwC5dBYeu1kRgSSkC2hycDmavyXj-KlFSw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:24:59 GMT
age: 80946
etag: "98c145b9326d1e6036fa9089d87a25232dd45b0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/51.21792104df3f91cda445.js
104.26.1.188200 OK 1.7 kB URL HTTP/2 xfantazy.com/_next/static/chunks/51.21792104df3f91cda445.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (3301), with no line terminators
Hash 9b078c5f6534493e1c28f051c5d67d16
d6f29ce7622c99efe99b09f97638c08379036526
9acaf9affb27238ecd987b963d0cf8e4334c5ddb2733c63762fdf0c66f7deb40
GET /_next/static/chunks/51.21792104df3f91cda445.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"ce5-181397f9e59"
cf-cache-status: HIT
age: 8116693
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RM8wj5PN5usVzlP2JcEPBlNE0ZXEXJpxqJNa86L4gQr%2Bf0LaPXDQx0dFQAYWAnYa%2FxjMYij9MEuEgw3qA98hTv04jghDbFpKClTbKfDV0rr%2B0UAsimyv0VuGFqpO5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c39ae9b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c0465ff9b3ac1a41eb8497485bc27fe
d4442d741e8d2278901ff9565b895790b7b7acfb
c8db2779b77f006e79da5fbac511fd2e3978dac73c6533a307742ac09585278a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8DB2779B77F006E79DA5FBAC511FD2E3978DAC73C6533A307742AC09585278A"
Last-Modified: Wed, 07 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12911
Expires: Fri, 09 Sep 2022 00:29:16 GMT
Date: Thu, 08 Sep 2022 20:54:05 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3b01a4e1b6e61ede809b68f3b0f21803
f2756ddd77a39e3cd0be033bfefe493b943c65ba
e1f45a9ed2fefd1cd157f7ee4d04c18f5a3c653718b75a65204ab1ba6045247f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3b01a4e1b6e61ede809b68f3b0f21803
f2756ddd77a39e3cd0be033bfefe493b943c65ba
e1f45a9ed2fefd1cd157f7ee4d04c18f5a3c653718b75a65204ab1ba6045247f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c0465ff9b3ac1a41eb8497485bc27fe
d4442d741e8d2278901ff9565b895790b7b7acfb
c8db2779b77f006e79da5fbac511fd2e3978dac73c6533a307742ac09585278a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8DB2779B77F006E79DA5FBAC511FD2E3978DAC73C6533A307742AC09585278A"
Last-Modified: Wed, 07 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12911
Expires: Fri, 09 Sep 2022 00:29:16 GMT
Date: Thu, 08 Sep 2022 20:54:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff4a192bbe7136998c8faf6c3093f619
89fca9413b769fd302dfc33762c87f00ec6e7d80
aaedaf54ffcf303929b5e84dbfd139ea6f6230e3e1f289e77b1a143c4ff64581
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAEDAF54FFCF303929B5E84DBFD139EA6F6230E3E1F289E77B1A143C4FF64581"
Last-Modified: Thu, 08 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20429
Expires: Fri, 09 Sep 2022 02:34:34 GMT
Date: Thu, 08 Sep 2022 20:54:05 GMT
Connection: keep-alive
xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/signup.js
104.26.1.188200 OK 1.2 kB URL HTTP/2 xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/signup.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (2988), with no line terminators
Hash 06859d2e48bdb8e5b84fb7251a6382ee
452ec96574cb9d943a977e17e1d41849943b0f97
77cf1148160e2d433ed7c872df6b6b1946f634f3ac59be8c9ec4efe3869c5a6c
GET /_next/static/3NacEFLLfmnQ5HlphqE-l/pages/signup.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiJmMjkzNmRiYjVmMGI4IiwiaWF0IjoxNjYyNjcwNDQ0LCJleHAiOjE2NjMyNzUyNDR9.q_0MG9R3Zy4ZMWaviYqBUmusd-vowTIyrlFuOzgcOU0; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiMWU4N2M2YThhN2FkMiIsImlhdCI6MTY2MjY3MDQ0NCwiZXhwIjoxNjY1MjYyNDQ0fQ.RSMEvDTB1DXcnrJWMEmk6Hoon8OEgjmKBmOZ9r8Is-E; _ga=GA1.2.505617016.1662670436; _gid=GA1.2.708268016.1662670436; _dc_gtm_UA-121614197-2=1; _ym_uid=16626704361038515420; _ym_d=1662670436; visitorGetPop=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:28 GMT
etag: W/"bac-1826d2b92e8"
cf-cache-status: HIT
age: 2981331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuOC1Lo5YclK%2FtsyGbe5gmiabjy2LA3YyZfTjKHxYRGl%2BAXqmgeURYSI3WMvkWtPfHS31EzvsSvHkGtC%2FRDhzjuV8zI0hPsmPR5Oe0hr2ul86w7SsXxmDBfIj3PZRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c63f86b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c0465ff9b3ac1a41eb8497485bc27fe
d4442d741e8d2278901ff9565b895790b7b7acfb
c8db2779b77f006e79da5fbac511fd2e3978dac73c6533a307742ac09585278a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8DB2779B77F006E79DA5FBAC511FD2E3978DAC73C6533A307742AC09585278A"
Last-Modified: Wed, 07 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12911
Expires: Fri, 09 Sep 2022 00:29:16 GMT
Date: Thu, 08 Sep 2022 20:54:05 GMT
Connection: keep-alive
xfantazy.com/_next/static/chunks/242.e6062ff562716b6e41db.js
104.26.1.188200 OK 39 kB URL HTTP/2 xfantazy.com/_next/static/chunks/242.e6062ff562716b6e41db.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6828bf5b657bed6af1c95e34944b5689
aa2d46a32638825ebad10506ea07b7c93b64a0cd
49cf7cb37aa8a1de25ec840ecf129c8bd5ec58cd9f918c615479931c3fca8c72
GET /_next/static/chunks/242.e6062ff562716b6e41db.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 28 Jun 2022 10:55:52 GMT
etag: W/"26cdb-181a9f40d06"
cf-cache-status: HIT
age: 6256573
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1X59U6LMSckNxG7k1f9%2B6PjZF6wt8UuJj4gjONkeZhHTdEJByBPA6YOX3lYXAnXdARx7Wuq%2Fd7Xt8R3gtznpRbRJlxpNVVIw%2Bfi8qo5G%2Fh0a4ro11R%2Fkr8ccp18ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c2b9aeb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 395 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 858809cbca074c62137d2f0bb2e5d4ac
dd077f1baaec72f128451072388b8c100b0aec0e
29fe7c22478118d5b690e9f8c4d1918d72de40bb0c2b3a9670ec7ba14cd6e802
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Sep 2022 20:54:05 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1895342498%3A1662670445349623&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUPiFJBpXbFY3LanmETuYtTVGqVHjrLqXSdOygtKKF_AubpqHDW1mdVG9S4kjjyDoSaonQ1Hg
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-pM3l0FNd_RRvBVkdRvf3lg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:mZLsWxbfYlDsoNPuDWCrrR91ClOXrw:j5fqO-swHzM7jJDF;Path=/;Expires=Sat, 07-Sep-2024 20:54:05 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 721eb245d022db7af3e30ad4e6b94226
4a53b4e9ad119295498594089826bddea4d0b9a6
6f350e89f4e7a0cea74c003493ea950c768ffcbea234bcf68a818b60842a2f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f1e86d2ddbc9e712bef1dad1b5166687
a7708dcb8822d53706beb0c6a5feb021eab57d9d
946849b7035bc3e384c8323c7bbb73ecf182baf5d9b3214ebc78359a6957f3ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4114
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:05 GMT
Last-Modified: Thu, 08 Sep 2022 19:45:31 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
accounts.google.com/v3/signin/identifier?dsh=S-1895342498%3A1662670445349623&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUPiFJBpXbFY3LanmETuYtTVGqVHjrLqXSdOygtKKF_AubpqHDW1mdVG9S4kjjyDoSaonQ1Hg
216.58.207.237403 Forbidden 845 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1895342498%3A1662670445349623&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUPiFJBpXbFY3LanmETuYtTVGqVHjrLqXSdOygtKKF_AubpqHDW1mdVG9S4kjjyDoSaonQ1Hg
IP 216.58.207.237:0
Hash 744a1ee61b8c2519601fa73c53036b23
f88f0bfd4b70c93fc744119adbd0a5881997dc91
700add00208c28287c17fb1e47896398c71de7d10d2a8cf9da2d1ed4134f9466
GET /v3/signin/identifier?dsh=S-1895342498%3A1662670445349623&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUPiFJBpXbFY3LanmETuYtTVGqVHjrLqXSdOygtKKF_AubpqHDW1mdVG9S4kjjyDoSaonQ1Hg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Sep 2022 20:54:05 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-xcmr8tsbqNL4anTouoJBGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=iTHrrnivtYHvXd23yXoLNCKeEc4V1JsrJvoa_o245-T_2h5kcTgxjQCd54qtP8Qw3sRJ8aMQsVv3ikuAcGfeTOdY9Dh2zjyZa6BGIZfwOMcUmYgMjsw_QtQabSSVlpBKx2ttyvpveQqiylHAfGBYGiUYu4Z_R4DaZ_6mvChpvg0; expires=Fri, 10-Mar-2023 20:54:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
treatycalculator.com/4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js
192.243.59.13200 OK 29 kB URL HTTP/1.1 treatycalculator.com/4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 64071f33872e2fb8a821cdb8a21a72c9
1cb0279346a75bf8bcf913ffc240ef1e0c67e8c8
0d7b820f77e70eda1bed7782d526289a92e677ea53880bdaac878cf65d49e607
Analyzer Verdict Alert quad9 Sinkholed
GET /4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js HTTP/1.1
Host: treatycalculator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 08 Sep 2022 20:54:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 944b460b6ece9b0d2839924e8c68e059
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
52.28.172.243200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.172.243:0
File type ASCII text, with no line terminators
Hash b347c1c33977e4c24dcf2fde323364e0
5bee1f5c01a7040b9fbd42d5419fd311cc2936de
b722cc9293b6ccefe5f8b39147772905e8e423eeb5dc56403887e6468551393e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: uid_id2=67490d78-d153-487b-bfc0-c57d76341fd6:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:05 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A983376373%3Arqn%3A2%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A983376373%3Arqn%3A2%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A983376373%3Arqn%3A2%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 45
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 08 Sep 2022 20:54:05 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 08-Sep-2022 20:54:05 GMT
last-modified: Thu, 08-Sep-2022 20:54:05 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A549598398%3Arqn%3A3%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A549598398%3Arqn%3A3%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A549598398%3Arqn%3A3%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 08 Sep 2022 20:54:05 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 08-Sep-2022 20:54:05 GMT
last-modified: Thu, 08-Sep-2022 20:54:05 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A432850325%3Arqn%3A5%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A432850325%3Arqn%3A5%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A432850325%3Arqn%3A5%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 08 Sep 2022 20:54:05 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 08-Sep-2022 20:54:05 GMT
last-modified: Thu, 08-Sep-2022 20:54:05 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb260f695580f58c6e36d3b8079c85cd
2f38fcf0b1ce3460a59fa60f3d458f71397db491
512582d966d42131bc95e57e129eb31306f3d198f9bce10ccd46e34fd9afb88b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "512582D966D42131BC95E57E129EB31306F3D198F9BCE10CCD46E34FD9AFB88B"
Last-Modified: Wed, 07 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3150
Expires: Thu, 08 Sep 2022 21:46:35 GMT
Date: Thu, 08 Sep 2022 20:54:05 GMT
Connection: keep-alive
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A722101670%3Arqn%3A4%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A722101670%3Arqn%3A4%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A722101670%3Arqn%3A4%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 122
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 08 Sep 2022 20:54:05 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 08-Sep-2022 20:54:05 GMT
last-modified: Thu, 08-Sep-2022 20:54:05 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A7157127%3Arqn%3A6%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A7157127%3Arqn%3A6%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A7157127%3Arqn%3A6%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 99
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 08 Sep 2022 20:54:05 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 08-Sep-2022 20:54:05 GMT
last-modified: Thu, 08-Sep-2022 20:54:05 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A1013413047%3Arqn%3A9%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A1013413047%3Arqn%3A9%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A1013413047%3Arqn%3A9%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 39
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 08 Sep 2022 20:54:05 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 08-Sep-2022 20:54:05 GMT
last-modified: Thu, 08-Sep-2022 20:54:05 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A345968251%3Arqn%3A7%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A345968251%3Arqn%3A7%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A345968251%3Arqn%3A7%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 08 Sep 2022 20:54:05 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 08-Sep-2022 20:54:05 GMT
last-modified: Thu, 08-Sep-2022 20:54:05 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A217564244%3Arqn%3A8%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438%3At%3APaige%20Owens%20Prince%20Yahshua%20-%20Paige%20Owens%20Gets%20Caught%20Blowing%20A%20Cop%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%288%29fip%281%29rqnl%281%29ti%282%29
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A217564244%3Arqn%3A8%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438%3At%3APaige%20Owens%20Prince%20Yahshua%20-%20Paige%20Owens%20Gets%20Caught%20Blowing%20A%20Cop%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%288%29fip%281%29rqnl%281%29ti%282%29
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A217564244%3Arqn%3A8%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438%3At%3APaige%20Owens%20Prince%20Yahshua%20-%20Paige%20Owens%20Gets%20Caught%20Blowing%20A%20Cop%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%288%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 08 Sep 2022 20:54:05 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 08-Sep-2022 20:54:05 GMT
last-modified: Thu, 08-Sep-2022 20:54:05 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A217564244%3Arqn%3A8%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438%3At%3APaige%20Owens%20Prince%20Yahshua%20-%20Paige%20Owens%20Gets%20Caught%20Blowing%20A%20Cop%20-%20XFantazy.com&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 346 B URL HTTP/2 mc.yandex.ru/watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A217564244%3Arqn%3A8%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438%3At%3APaige%20Owens%20Prince%20Yahshua%20-%20Paige%20Owens%20Gets%20Caught%20Blowing%20A%20Cop%20-%20XFantazy.com&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
Hash cb260f695580f58c6e36d3b8079c85cd
2f38fcf0b1ce3460a59fa60f3d458f71397db491
512582d966d42131bc95e57e129eb31306f3d198f9bce10ccd46e34fd9afb88b
GET /watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A217564244%3Arqn%3A8%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438%3At%3APaige%20Owens%20Prince%20Yahshua%20-%20Paige%20Owens%20Gets%20Caught%20Blowing%20A%20Cop%20-%20XFantazy.com&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e364cff61f0be74ac0ccfe4&charset=utf-8&hittoken=1662670444_c0ec16819d5a72b552454542c7742e885a579f931f7a56125494e939c82974f3&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1509919690605%3Ahid%3A468328036%3Az%3A0%3Ai%3A20220908205357%3Aet%3A1662670438%3Ac%3A1%3Arn%3A217564244%3Arqn%3A8%3Au%3A16626704361038515420%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662670434489%3Aco%3A0%3Awv%3A2%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662670438%3At%3APaige%20Owens%20Prince%20Yahshua%20-%20Paige%20Owens%20Gets%20Caught%20Blowing%20A%20Cop%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%288%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 08 Sep 2022 20:54:05 GMT
access-control-allow-origin: https://xfantazy.com
set-cookie: yandexuid=7232922621662670445; Expires=Fri, 08-Sep-2023 20:54:05 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7232922621662670445; Expires=Fri, 08-Sep-2023 20:54:05 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1106714741662670445; Path=/; SameSite=None; Secure
i=3G69AhvhsRWYIIZ4pwbY1uj/0kHT6/1suCtepGLUcVb2S22JcV28yr22dwvZwmcNnLMnkQUqtnMhBdWe6icTFMW5/wc=; Expires=Sun, 05-Sep-2032 20:53:51 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694206445.yrts.1662670445#1694206445.yrtsi.1662670445; Expires=Fri, 08-Sep-2023 20:54:05 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 08-Sep-2022 20:54:05 GMT
last-modified: Thu, 08-Sep-2022 20:54:05 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
treatycalculator.com/sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2
192.243.59.13200 OK 3.6 kB URL HTTP/1.1 treatycalculator.com/sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (6234), with no line terminators
Hash 01a9737edf079080bcc19d9eb03fb725
57c29ca8b784317662ae0f31674daef9654b0a37
8fc02b393432ba16792df9add91388e4540ee0d6971e6f7be26967edcfb1b1ef
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2 HTTP/1.1
Host: treatycalculator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 08 Sep 2022 20:54:05 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://xfantazy.com
Access-Control-Allow-Origin: https://xfantazy.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15600826; expires=Fri, 09 Sep 2022 20:54:05 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 09 Sep 2022 20:54:05 GMT; secure; SameSite=None
uncs=1; expires=Fri, 09 Sep 2022 20:54:05 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 09 Sep 2022 20:54:05 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 09 Sep 2022 20:54:05 GMT; secure; SameSite=None
sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]; expires=Thu, 08 Sep 2022 20:54:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1fba11ed5c2fce59c752aa0e16812eb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
treatycalculator.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3s3v8MM9%2BJGLLsrgSUEn3T2Tnox7CMaYNRg3a9avk1JdVTMpU93VVHVNT0aEsCuyF2H2P%2Bg8k2xQw6LXBYNMFkQCwo6niAb04NGLsFdlZsMGX2je9%2B3nOTzP89bn2%2B6E%2BHD0ePEt3ZNK0ZnZql954YMguFRZkanrVrpz0UdR%2FVLFdF5pRlX%2FxcplwTb0TOgHvh%2F4QWVJGtHS3ZkxCJntN4Nq06%2FWw2owW0fX%2FHe3zoOlHnjnhDwJyUdT97xpSDZEmnyzKOxGrrOXXk%2Bcork26PC9d9ONVBcpkrOxZTy00r1TNrS9v3QAne5O5EJ3HhFjOSLeDweI071TkYg7OxOdsYJIEfPHUHSGEGoISYdg%2BgYkv08AxnFlFWly%2B4o2Bd18iNIxOiJTD%2F6GLEZk6rdppMmdBSW7lWtauVzq1KLbKiG7Q8j2EJk7RN47B1kcguXXIflPZObBCtJkZ9UqDcnLiXcph5CtIZTog1oPbvxJD67lwWUeEn5cYUEQNHzOqD%2FXZKzGGyKOuB%2FQRiuggR%2FNwbGxvD7yrA%2Bm%2BmBmC5nZwoa8NSLk%2Bg6M%2Bx52vYTlHmw%2BIt7bW%2BjwEoUgKCxBQQkKSVDkBEWn3OXKhra8zZV1cXDaw9NeKwc6b2%2FTXZ23RUq2sxPyxCScvy7cxYY4rtCw1Wz6rcCvNyI%2FClgjaPKABZTWaCgYD2FlCWnPTfz25IhMX%2FwD2fhgn%2F6DmB7CqkMw%2BTioexa0GDRCH3R9UJ%2Fz0Uv3uy2a5rS3WWU6AdclsnwK%2Baa3rU7I0xMdsy9rCHY0%2F%2BMXa6z3%2FK9gpkRmSnws7xG01c3Bmi7IzpouLPl2NctlInt0fMBrOc3F%2F756U2wW2vDlRdv%2F8lU2Bsbj%2FjvC5is05TJtW%2FL1guRcmCVtmCDfLdv3RXzV2fUFZ1KXrVx9bWk5yYywVup0CDq29tQbYHJE%2Fr8gJm%2Fz4sGfkGYI40ok7oicFqQ%2BBMu2YLOj%2Bc96v1%2B%2BM%2F0JrD4Po844ceahcOXAhPHZTyUJlDjbaVzCiqP5Xy4s3%2F1wdh6xeBTItr2JtnkONL%2BBNCnRMSU6qgRVfVh3fpBn5mj%2B59qkECtvECvj7cTKqFsPw7XyuNKo1XwaNWeDRoOKRlwP51pRwCkN61EYRbSG3I7YM%2B8l%2FwIAAP%2F%2FAQAA%2F%2F8IM6jbZgQAAA%3D%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 treatycalculator.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3s3v8MM9%2BJGLLsrgSUEn3T2Tnox7CMaYNRg3a9avk1JdVTMpU93VVHVNT0aEsCuyF2H2P%2Bg8k2xQw6LXBYNMFkQCwo6niAb04NGLsFdlZsMGX2je9%2B3nOTzP89bn2%2B6E%2BHD0ePEt3ZNK0ZnZql954YMguFRZkanrVrpz0UdR%2FVLFdF5pRlX%2FxcplwTb0TOgHvh%2F4QWVJGtHS3ZkxCJntN4Nq06%2FWw2owW0fX%2FHe3zoOlHnjnhDwJyUdT97xpSDZEmnyzKOxGrrOXXk%2Bcork26PC9d9ONVBcpkrOxZTy00r1TNrS9v3QAne5O5EJ3HhFjOSLeDweI071TkYg7OxOdsYJIEfPHUHSGEGoISYdg%2BgYkv08AxnFlFWly%2B4o2Bd18iNIxOiJTD%2F6GLEZk6rdppMmdBSW7lWtauVzq1KLbKiG7Q8j2EJk7RN47B1kcguXXIflPZObBCtJkZ9UqDcnLiXcph5CtIZTog1oPbvxJD67lwWUeEn5cYUEQNHzOqD%2FXZKzGGyKOuB%2FQRiuggR%2FNwbGxvD7yrA%2Bm%2BmBmC5nZwoa8NSLk%2Bg6M%2Bx52vYTlHmw%2BIt7bW%2BjwEoUgKCxBQQkKSVDkBEWn3OXKhra8zZV1cXDaw9NeKwc6b2%2FTXZ23RUq2sxPyxCScvy7cxYY4rtCw1Wz6rcCvNyI%2FClgjaPKABZTWaCgYD2FlCWnPTfz25IhMX%2FwD2fhgn%2F6DmB7CqkMw%2BTioexa0GDRCH3R9UJ%2Fz0Uv3uy2a5rS3WWU6AdclsnwK%2Baa3rU7I0xMdsy9rCHY0%2F%2BMXa6z3%2FK9gpkRmSnws7xG01c3Bmi7IzpouLPl2NctlInt0fMBrOc3F%2F756U2wW2vDlRdv%2F8lU2Bsbj%2FjvC5is05TJtW%2FL1guRcmCVtmCDfLdv3RXzV2fUFZ1KXrVx9bWk5yYywVup0CDq29tQbYHJE%2Fr8gJm%2Fz4sGfkGYI40ok7oicFqQ%2BBMu2YLOj%2Bc96v1%2B%2BM%2F0JrD4Po844ceahcOXAhPHZTyUJlDjbaVzCiqP5Xy4s3%2F1wdh6xeBTItr2JtnkONL%2BBNCnRMSU6qgRVfVh3fpBn5mj%2B59qkECtvECvj7cTKqFsPw7XyuNKo1XwaNWeDRoOKRlwP51pRwCkN61EYRbSG3I7YM%2B8l%2FwIAAP%2F%2FAQAA%2F%2F8IM6jbZgQAAA%3D%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3s3v8MM9%2BJGLLsrgSUEn3T2Tnox7CMaYNRg3a9avk1JdVTMpU93VVHVNT0aEsCuyF2H2P%2Bg8k2xQw6LXBYNMFkQCwo6niAb04NGLsFdlZsMGX2je9%2B3nOTzP89bn2%2B6E%2BHD0ePEt3ZNK0ZnZql954YMguFRZkanrVrpz0UdR%2FVLFdF5pRlX%2FxcplwTb0TOgHvh%2F4QWVJGtHS3ZkxCJntN4Nq06%2FWw2owW0fX%2FHe3zoOlHnjnhDwJyUdT97xpSDZEmnyzKOxGrrOXXk%2Bcork26PC9d9ONVBcpkrOxZTy00r1TNrS9v3QAne5O5EJ3HhFjOSLeDweI071TkYg7OxOdsYJIEfPHUHSGEGoISYdg%2BgYkv08AxnFlFWly%2B4o2Bd18iNIxOiJTD%2F6GLEZk6rdppMmdBSW7lWtauVzq1KLbKiG7Q8j2EJk7RN47B1kcguXXIflPZObBCtJkZ9UqDcnLiXcph5CtIZTog1oPbvxJD67lwWUeEn5cYUEQNHzOqD%2FXZKzGGyKOuB%2FQRiuggR%2FNwbGxvD7yrA%2Bm%2BmBmC5nZwoa8NSLk%2Bg6M%2Bx52vYTlHmw%2BIt7bW%2BjwEoUgKCxBQQkKSVDkBEWn3OXKhra8zZV1cXDaw9NeKwc6b2%2FTXZ23RUq2sxPyxCScvy7cxYY4rtCw1Wz6rcCvNyI%2FClgjaPKABZTWaCgYD2FlCWnPTfz25IhMX%2FwD2fhgn%2F6DmB7CqkMw%2BTioexa0GDRCH3R9UJ%2Fz0Uv3uy2a5rS3WWU6AdclsnwK%2Baa3rU7I0xMdsy9rCHY0%2F%2BMXa6z3%2FK9gpkRmSnws7xG01c3Bmi7IzpouLPl2NctlInt0fMBrOc3F%2F756U2wW2vDlRdv%2F8lU2Bsbj%2FjvC5is05TJtW%2FL1guRcmCVtmCDfLdv3RXzV2fUFZ1KXrVx9bWk5yYywVup0CDq29tQbYHJE%2Fr8gJm%2Fz4sGfkGYI40ok7oicFqQ%2BBMu2YLOj%2Bc96v1%2B%2BM%2F0JrD4Po844ceahcOXAhPHZTyUJlDjbaVzCiqP5Xy4s3%2F1wdh6xeBTItr2JtnkONL%2BBNCnRMSU6qgRVfVh3fpBn5mj%2B59qkECtvECvj7cTKqFsPw7XyuNKo1XwaNWeDRoOKRlwP51pRwCkN61EYRbSG3I7YM%2B8l%2FwIAAP%2F%2FAQAA%2F%2F8IM6jbZgQAAA%3D%3D HTTP/1.1
Host: treatycalculator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 08 Sep 2022 20:54:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e78a0fb6bb9b2293dec7eaaf15f7c48a
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2db764001243d13c739384fdf698f185
54f6f0f91c266c7a7bcf2458509b672d784dec7d
1e5b508cc623ef3d5e35713e70846bbb1aa272a5294c2aeda8f53609740da663
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E5B508CC623EF3D5E35713E70846BBB1AA272A5294C2AEDA8F53609740DA663"
Last-Modified: Wed, 07 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5735
Expires: Thu, 08 Sep 2022 22:29:41 GMT
Date: Thu, 08 Sep 2022 20:54:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3a4f36474c1f82a77217b70767ad9604
b3e5e892f64a497a5ca9db43bf3941e636796c64
88035f17212d931ff1c5c6cd817fe72aba0bb4b25f5b9c7592cbb78fe4e4ab3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88035F17212D931FF1C5C6CD817FE72ABA0BB4B25F5B9C7592CBB78FE4E4AB3F"
Last-Modified: Thu, 08 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10725
Expires: Thu, 08 Sep 2022 23:52:51 GMT
Date: Thu, 08 Sep 2022 20:54:06 GMT
Connection: keep-alive
a.focusde.info/api/spots/382499?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 509 B URL HTTP/2 a.focusde.info/api/spots/382499?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (654)
Hash 262ceb48bc384a9ebf3d9f8d99bbe34a
670c5c149e572c01b067d4ede29350f18ce11530
b18a55d51a4622db502964743830177053b8f4c0bd55d58a23fd2318c9f43bf5
GET /api/spots/382499?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=xTb9omL5Ym68Z50Qktro; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d510006684c41cbdf97ea19087d5d77f
175e3a9e1727d7841003b6c6c228ba2e79d41124
d30f31a4fd293a2bf326f667d47745533d99a6088849033b9086578b3541f741
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D30F31A4FD293A2BF326F667D47745533D99A6088849033B9086578B3541F741"
Last-Modified: Wed, 07 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10553
Expires: Thu, 08 Sep 2022 23:49:59 GMT
Date: Thu, 08 Sep 2022 20:54:06 GMT
Connection: keep-alive
pogothere.xyz/asd100.bin
104.21.86.231200 OK 126 kB IP 104.21.86.231:0
Size 126 kB (125894 bytes)
Hash 833e8f8d3f075cbcf2cd7aa67346e939
6bd349218206dc82c6893b17954e48a17e43aaf6
2b859ba6eaf1c7a9c79bd42e30c7aa64c0c46aef068e749246d3d4d35ccdeb08
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Origin: https://xfantazy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:05 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
last-modified: Thu, 08 Sep 2022 19:24:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rde80jMG3mgfDiirVD99VaOJNHzn%2BIf2LVCz7KSMdat3zng7UdIfhx08WV7nFRgOIFGeqJFM%2BUFoKZAcYolpwwox179q5bfE%2FdhrIO73DQSJG3CS4GmKmUvQHuapOaIB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a93cb3f410b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d510006684c41cbdf97ea19087d5d77f
175e3a9e1727d7841003b6c6c228ba2e79d41124
d30f31a4fd293a2bf326f667d47745533d99a6088849033b9086578b3541f741
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D30F31A4FD293A2BF326F667D47745533D99A6088849033B9086578B3541F741"
Last-Modified: Wed, 07 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10553
Expires: Thu, 08 Sep 2022 23:49:59 GMT
Date: Thu, 08 Sep 2022 20:54:06 GMT
Connection: keep-alive
reapinject.com/pixel/purst?dl=0&th=0&sc=0&rs=3182&rd=3182&fd=764&bv=22.8.v.2&tmpl=136
209.192.156.108200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/purst?dl=0&th=0&sc=0&rs=3182&rd=3182&fd=764&bv=22.8.v.2&tmpl=136
IP 209.192.156.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3182&rd=3182&fd=764&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Sep 2022 20:54:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
treatycalculator.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F18%2F52%2F6a%2F18526a6becad408914fcf53d946360f0%2F1651134763.html&l=1558&fd=296
192.243.59.13200 OK 0 B URL HTTP/1.1 treatycalculator.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F18%2F52%2F6a%2F18526a6becad408914fcf53d946360f0%2F1651134763.html&l=1558&fd=296
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F18%2F52%2F6a%2F18526a6becad408914fcf53d946360f0%2F1651134763.html&l=1558&fd=296 HTTP/1.1
Host: treatycalculator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 08 Sep 2022 20:54:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
static-cache.k2s.cc/thumbnail/IOyW6HH3yK_p8G2R_g/w320h240/0.jpeg
188.72.235.185200 OK 13 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/IOyW6HH3yK_p8G2R_g/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 959fc3ae4d72e902071e1f46cfdd53e1
470c32efc42713bf240c719006bcd2ab296a87b1
bd25c657cf99f5e997159b19ad9e49fcce2e083dfe25178211310c394d857ce9
GET /thumbnail/IOyW6HH3yK_p8G2R_g/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: image/jpeg
content-length: 13280
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
104.21.86.231200 OK 109 kB IP 104.21.86.231:0
Size 109 kB (109127 bytes)
Hash 911bb178db4507f73880c70ca3bc848f
2a79e954bdf0055bf5706190c59f3f4fb696aa10
4b4179e27de14f8e5aa4cc12097957db9041a2d788dab2006ceeeec78fb52109
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Origin: https://xfantazy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:05 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
last-modified: Thu, 08 Sep 2022 19:24:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWZ49R6mIon%2BK5fPOZ8c%2Fdq1ZBSuxrY0J1hG4l%2FjQ8lM1b%2F0b07fRPh%2FzTzsm4SleIkLQbTac9KVHxpIoTTDEyYEYY1Z6G%2FJuVdQTts3ps%2BBX5rpqIZDrMXThhxhZmE3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a93cb4f580b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/I7-a7HT1yKu9-j6RrA/w320h240/0.jpeg
188.72.235.185200 OK 11 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/I7-a7HT1yKu9-j6RrA/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 591c54d56bc236b7cbc003144e47a16a
59da5da8db18cad8d9596394bb762a22ac5e8520
7d2d16a7150050794f22a28a52d9105a24beb36f0a7a451b5a4a73be9d08d6c4
GET /thumbnail/I7-a7HT1yKu9-j6RrA/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: image/jpeg
content-length: 10698
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/commons.9b890646c0aa33eb63fe.js
104.26.1.188200 OK 411 kB URL HTTP/2 xfantazy.com/_next/static/chunks/commons.9b890646c0aa33eb63fe.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 411 kB (410786 bytes)
Hash f4080769e2b1b003454f1b61e9eb419b
d0de89ce769d717c322d8a5f3bb46efce1afcdb0
b4a57ebc6c3150945fc194759c6039f9964b9a0735e7c8a653f27bb364099aa9
GET /_next/static/chunks/commons.9b890646c0aa33eb63fe.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:36 GMT
etag: W/"152f62-1826d2bb0af"
cf-cache-status: HIT
age: 2981384
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tsr4Va0COslIlvHVRINmoBLm3DsAZBtJnQTB3EQzJfVXIad2aCPG48RFFyhyLoNDPpMtEwOOc7lTspnaUIyDB9LbRaxsd79XVzNyV%2F04ZJkv6CpRCci6ANdJ6UTPjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93bebc1bb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/Iu-Xu3fzmPrkrW_C-w/w320h240/0.jpeg
188.72.235.185200 OK 14 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/Iu-Xu3fzmPrkrW_C-w/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 764d917ab919d004ce994913c0e0b1ec
f21df337668d7f95e59acb332d4e1e0a63877f56
3e202d96c184a1ac87f27a91b60fc48e7116a4b60e93d764fa6ef2c8cc5b766f
GET /thumbnail/Iu-Xu3fzmPrkrW_C-w/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: image/jpeg
content-length: 13814
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/JeqQ6yKumaft8TuT_Q/w320h240/0.jpeg
188.72.235.185200 OK 8.9 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/JeqQ6yKumaft8TuT_Q/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash b9ebd040abb2723260710369e4763ab2
05755b6139b40b09e48c2717cc7fb6826bc3e71b
f911f31ed13a79b33550d19d5b8c06afb827182370837b44c8a40d1a190ec2fa
GET /thumbnail/JeqQ6yKumaft8TuT_Q/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: image/jpeg
content-length: 8896
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/cerA6XGmn_q_-T6frA/w320h240/0.jpeg
188.72.235.185200 OK 8.1 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/cerA6XGmn_q_-T6frA/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash c2dcd8bac95f2c882fe76e0f4c7a43eb
cd92ee570411566719b570d0e28f1558b02db88e
f0f22f6cc439b59b013765ad02673550504d6638215b0a46ec947d5f3f419a6f
GET /thumbnail/cerA6XGmn_q_-T6frA/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: image/jpeg
content-length: 8069
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/dbybvyDzwvu5_2iV_A/w320h240/0.jpeg
188.72.235.185200 OK 5.5 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/dbybvyDzwvu5_2iV_A/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 66f996e1f28a8ded57e7153d4bdb25c6
02c78cf81d1c340b9c6c43038639d222853ac6eb
95d57eacb83b2e62c629d670b63fb19d3d8c028238c8d21d977392ee6981649e
GET /thumbnail/dbybvyDzwvu5_2iV_A/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: image/jpeg
content-length: 5451
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 1.2 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash c97020694c856cb299772307add1081f
2777120bda3701f7c64811075ef507af54545338
a837fed287322d7ed93c69aa78d36c1b2dbf3de16ab81d1f55eaf00dde84bbed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54DAF99F14294BD52D5F516AA5CEC0584B8A43DAAE4525FABB7692F9F114AF5B"
Last-Modified: Wed, 07 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10459
Expires: Thu, 08 Sep 2022 23:48:25 GMT
Date: Thu, 08 Sep 2022 20:54:06 GMT
Connection: keep-alive
treatycalculator.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fstyle.css&l=8924&fd=44
192.243.59.13200 OK 0 B URL HTTP/1.1 treatycalculator.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fstyle.css&l=8924&fd=44
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fstyle.css&l=8924&fd=44 HTTP/1.1
Host: treatycalculator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 08 Sep 2022 20:54:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.cloudimagesb.com/si/d0/a0/d8/d0a0d821060389d259eacced98d832d6/1655369780.jpg
45.133.44.10200 OK 11 kB URL HTTP/2 cdn.cloudimagesb.com/si/d0/a0/d8/d0a0d821060389d259eacced98d832d6/1655369780.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 3f40e4f0a14d71c9e6f54240628972a6
40f2097b5d23a3a724f67d7b1a00347638777e69
6917138d08085819df6ded4e805183cbe3987695f8861aea7d84e5449406be1f
GET /si/d0/a0/d8/d0a0d821060389d259eacced98d832d6/1655369780.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: image/jpeg
content-length: 11220
server: nginx/1.17.6
last-modified: Thu, 16 Jun 2022 08:56:28 GMT
etag: "62aaf03c-2bd4"
expires: Sat, 10 Sep 2022 20:54:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
treatycalculator.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=51
192.243.59.13200 OK 0 B URL HTTP/1.1 treatycalculator.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=51
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=51 HTTP/1.1
Host: treatycalculator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 08 Sep 2022 20:54:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.cloudimagesb.com/si/25/f8/67/25f8672a8dede505f1d482a0fae4ce30/1655369803.jpg
45.133.44.10200 OK 11 kB URL HTTP/2 cdn.cloudimagesb.com/si/25/f8/67/25f8672a8dede505f1d482a0fae4ce30/1655369803.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash fdd0d70787cbe32ddf0f337191cd073e
c69ec6c3647241c0fecb67eba56195414120253b
e2014a64037f30864207347c73f351be90f4cf3b5abaed05f86252d9007cb40d
GET /si/25/f8/67/25f8672a8dede505f1d482a0fae4ce30/1655369803.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: image/jpeg
content-length: 11257
server: nginx/1.17.6
last-modified: Thu, 16 Jun 2022 08:56:51 GMT
etag: "62aaf053-2bf9"
expires: Sat, 10 Sep 2022 20:54:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
a.focusde.info/api/click/1212815849760518095?c=90
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/click/1212815849760518095?c=90
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/1212815849760518095?c=90 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw=
Cookie: nauid=rHhgmVqwsfBvBkVUDoky
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:06 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/d-mR6SSnw666rGmX_Q/w320h240/0.jpeg
188.72.235.185200 OK 665 B URL HTTP/2 static-cache.k2s.cc/thumbnail/d-mR6SSnw666rGmX_Q/w320h240/0.jpeg
IP 188.72.235.185:0
Hash 3697209092332e6efe700a51ca307453
88ec1d2ce0eab02648e75aa4fb910b4f6a78c9d2
e69326eb6b42ad44bc24d8e9638b551553cf4eb7eac5fee4a2eb8d29c1c33f38
GET /thumbnail/d-mR6SSnw666rGmX_Q/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: image/jpeg
content-length: 14075
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e2ef799884d1bd707e418aed4600e72
55124359060482a41b6e8af7fbada60cf1abdf82
5204683a7dff6f0b522866e9e55af93ceeaa826b29a706eaed1412a98b824bbb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5204683A7DFF6F0B522866E9E55AF93CEEAA826B29A706EAED1412A98B824BBB"
Last-Modified: Wed, 07 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9225
Expires: Thu, 08 Sep 2022 23:27:52 GMT
Date: Thu, 08 Sep 2022 20:54:07 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash c2ad7e6f4f0faf82667c6ef0f961642b
f5e452fbd3f4863cd929a5d6249f18a96f6aabd2
2a19eef9437fc6fab79d43b41b0790af17fdf530af67059da482c1b08c16e0e5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 17:56:28 GMT
Expires: Mon, 12 Sep 2022 17:56:27 GMT
Etag: "f5e452fbd3f4863cd929a5d6249f18a96f6aabd2"
Cache-Control: max-age=334339,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747a93d5b8e1b518-OSL
cdn.tsyndicate.com/sdk/v1/master.spot.js
8.247.218.249200 OK 13 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/master.spot.js
IP 8.247.218.249:0
File type ASCII text, with very long lines (28232)
Hash 4520e83afc590988f95a471da9bcd876
e8a542d49dd03c3a275698a6ea6d8b128059c26e
2a617aaacef5473d6a1dc19c828d085a570bcb56e8e2787d3f6f425e0fdd3792
GET /sdk/v1/master.spot.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: application/javascript
content-length: 12719
last-modified: Thu, 14 Jul 2022 11:59:44 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"62d00530-887a"
age: 4868826
accept-ranges: bytes
X-Firefox-Spdy: h2
treatycalculator.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3s3v8MM9%2BJGLLsrgSUEn3fM97iEYY9Zg3KxZv05KdVX1pEx1V1PVNT0ZEcKuyF6E2f%2Bg80yyQQ2LXhcMMlkQCQg7niIa0INHL8JelZkNG3yhed%2B3n%2BfwPM9bn2%2B7E%2BLD0ePFt3RfKkXn6mW%2F9MIHQXCptCIT1yv1Wo2PGrVLJdN9pd0o%2By%2BWLgu2oecqfuD7gR%2BUlqQRke7NTUDIdL8dlNt%2BuVYpB%2FUaeua%2Fu3UeLPXAuyfkSUg%2BnrnnzUKyEZL4m0VhNzKdvvR67BTNtEGX772bbCQ6TxCfjZHxECV7p2xoe3%2FpADrZncqF7j4ihnJMvB8OECZ7pyIRdnemOkMFkSDkjyHvjiDUCJKOwPQNSH6fAIzjyiqS%2BPYVbXK6%2BRClE3RMZh78DZmPycxvs0jiOwtK9krXtHKZ1IlFLyogeyPIzgipO0TWPweZH4Jl1yH5T2TuwQqSeGfVKg3Ji6l3KUeQ0QhKDECtBzf5pAcXeXCph5gfl1gQBE2fM%2Bq32oxVeVOEDe4HtBkFNPAbLTg2kTdAlg7A1ADMbCE1W9iQt8aEXN%2BBcd%2FDrhew3IPNxsR7ewtdXiAXBLklyClBLgnyjCDvFrtc2YotbnNlXRic9spprxZDnXW26a7OOiIh2%2BkJeWIazl8X7mJDHJdoJWq3%2FSjwa82G3whYM2jzgAWUVmlFMF6BlQWkPTf125djMnvxD6STg336D0J6CKsOweTjoO5Z0HzYrPig68Nay0c%2F2e9FNMlof7PMdAyuC6TZDLJNb1udkKenOuovawh2NP%2FjF2us%2F%2FyvYKZAagp8LO8RdNTN4ZrOyc6azi35djXNZCz7dHLAaxnNxP%2B%2BelNs5trw5UU7%2BPJVNgEm4%2F47wmYrNOEy6Vjy9YLkXJglbZgg3y3b90V41dn1BWcSl65cfW1pOU6NsFbqZAQ6sfbUG2ByTP6%2FIKZv8%2BLBn5BmBOMKxO6InBakPgRLt2DTo%2FnP%2Br9fvjP7Caw%2BD6POOGHqIXfF0FTCs59KEihxttOwgBVH879cWL77YX0eoXgUyLa9iY55DjS7gSQu0DUFuqoAVQNYd36YpeZo%2FufqtBAqbxgq4%2B2EyqhbD8O18rhU9XkzFJFohqJWr0WC8bBeD30WsbDKWy2GzI7ZM%2B%2FF%2FwIAAP%2F%2FAQAA%2F%2F%2BI530zZgQAAA%3D%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 treatycalculator.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3s3v8MM9%2BJGLLsrgSUEn3fM97iEYY9Zg3KxZv05KdVX1pEx1V1PVNT0ZEcKuyF6E2f%2Bg80yyQQ2LXhcMMlkQCQg7niIa0INHL8JelZkNG3yhed%2B3n%2BfwPM9bn2%2B7E%2BLD0ePFt3RfKkXn6mW%2F9MIHQXCptCIT1yv1Wo2PGrVLJdN9pd0o%2By%2BWLgu2oecqfuD7gR%2BUlqQRke7NTUDIdL8dlNt%2BuVYpB%2FUaeua%2Fu3UeLPXAuyfkSUg%2BnrnnzUKyEZL4m0VhNzKdvvR67BTNtEGX772bbCQ6TxCfjZHxECV7p2xoe3%2FpADrZncqF7j4ihnJMvB8OECZ7pyIRdnemOkMFkSDkjyHvjiDUCJKOwPQNSH6fAIzjyiqS%2BPYVbXK6%2BRClE3RMZh78DZmPycxvs0jiOwtK9krXtHKZ1IlFLyogeyPIzgipO0TWPweZH4Jl1yH5T2TuwQqSeGfVKg3Ji6l3KUeQ0QhKDECtBzf5pAcXeXCph5gfl1gQBE2fM%2Bq32oxVeVOEDe4HtBkFNPAbLTg2kTdAlg7A1ADMbCE1W9iQt8aEXN%2BBcd%2FDrhew3IPNxsR7ewtdXiAXBLklyClBLgnyjCDvFrtc2YotbnNlXRic9spprxZDnXW26a7OOiIh2%2BkJeWIazl8X7mJDHJdoJWq3%2FSjwa82G3whYM2jzgAWUVmlFMF6BlQWkPTf125djMnvxD6STg336D0J6CKsOweTjoO5Z0HzYrPig68Nay0c%2F2e9FNMlof7PMdAyuC6TZDLJNb1udkKenOuovawh2NP%2FjF2us%2F%2FyvYKZAagp8LO8RdNTN4ZrOyc6azi35djXNZCz7dHLAaxnNxP%2B%2BelNs5trw5UU7%2BPJVNgEm4%2F47wmYrNOEy6Vjy9YLkXJglbZgg3y3b90V41dn1BWcSl65cfW1pOU6NsFbqZAQ6sfbUG2ByTP6%2FIKZv8%2BLBn5BmBOMKxO6InBakPgRLt2DTo%2FnP%2Br9fvjP7Caw%2BD6POOGHqIXfF0FTCs59KEihxttOwgBVH879cWL77YX0eoXgUyLa9iY55DjS7gSQu0DUFuqoAVQNYd36YpeZo%2FufqtBAqbxgq4%2B2EyqhbD8O18rhU9XkzFJFohqJWr0WC8bBeD30WsbDKWy2GzI7ZM%2B%2FF%2FwIAAP%2F%2FAQAA%2F%2F%2BI530zZgQAAA%3D%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3s3v8MM9%2BJGLLsrgSUEn3fM97iEYY9Zg3KxZv05KdVX1pEx1V1PVNT0ZEcKuyF6E2f%2Bg80yyQQ2LXhcMMlkQCQg7niIa0INHL8JelZkNG3yhed%2B3n%2BfwPM9bn2%2B7E%2BLD0ePFt3RfKkXn6mW%2F9MIHQXCptCIT1yv1Wo2PGrVLJdN9pd0o%2By%2BWLgu2oecqfuD7gR%2BUlqQRke7NTUDIdL8dlNt%2BuVYpB%2FUaeua%2Fu3UeLPXAuyfkSUg%2BnrnnzUKyEZL4m0VhNzKdvvR67BTNtEGX772bbCQ6TxCfjZHxECV7p2xoe3%2FpADrZncqF7j4ihnJMvB8OECZ7pyIRdnemOkMFkSDkjyHvjiDUCJKOwPQNSH6fAIzjyiqS%2BPYVbXK6%2BRClE3RMZh78DZmPycxvs0jiOwtK9krXtHKZ1IlFLyogeyPIzgipO0TWPweZH4Jl1yH5T2TuwQqSeGfVKg3Ji6l3KUeQ0QhKDECtBzf5pAcXeXCph5gfl1gQBE2fM%2Bq32oxVeVOEDe4HtBkFNPAbLTg2kTdAlg7A1ADMbCE1W9iQt8aEXN%2BBcd%2FDrhew3IPNxsR7ewtdXiAXBLklyClBLgnyjCDvFrtc2YotbnNlXRic9spprxZDnXW26a7OOiIh2%2BkJeWIazl8X7mJDHJdoJWq3%2FSjwa82G3whYM2jzgAWUVmlFMF6BlQWkPTf125djMnvxD6STg336D0J6CKsOweTjoO5Z0HzYrPig68Nay0c%2F2e9FNMlof7PMdAyuC6TZDLJNb1udkKenOuovawh2NP%2FjF2us%2F%2FyvYKZAagp8LO8RdNTN4ZrOyc6azi35djXNZCz7dHLAaxnNxP%2B%2BelNs5trw5UU7%2BPJVNgEm4%2F47wmYrNOEy6Vjy9YLkXJglbZgg3y3b90V41dn1BWcSl65cfW1pOU6NsFbqZAQ6sfbUG2ByTP6%2FIKZv8%2BLBn5BmBOMKxO6InBakPgRLt2DTo%2FnP%2Br9fvjP7Caw%2BD6POOGHqIXfF0FTCs59KEihxttOwgBVH879cWL77YX0eoXgUyLa9iY55DjS7gSQu0DUFuqoAVQNYd36YpeZo%2FufqtBAqbxgq4%2B2EyqhbD8O18rhU9XkzFJFohqJWr0WC8bBeD30WsbDKWy2GzI7ZM%2B%2FF%2FwIAAP%2F%2FAQAA%2F%2F%2BI530zZgQAAA%3D%3D HTTP/1.1
Host: treatycalculator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 08 Sep 2022 20:54:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 10bde32097558e5df435d8006b8f1799
Strict-Transport-Security: max-age=0; includeSubdomains
a.bestcontentfood.top/warp/4787908?r=84356
172.67.200.139200 OK 1.8 kB URL HTTP/2 a.bestcontentfood.top/warp/4787908?r=84356
IP 172.67.200.139:0
File type ASCII text, with very long lines (4178), with no line terminators
Hash 6342f7c17c76b18734ee88062c825f0e
9596e221d74084cc16ee756e58d0d97f2de6d43a
b2d5e5acda1bf7710d46a072024c8ae78788a24352474ca3773fb92851b24710
Analyzer Verdict Alert fortinet Phishing
GET /warp/4787908?r=84356 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SUikh6KZZTjLAO9TMk8tUTKDksUvPKQWbFdY2MopXe1nPdYUI9o9wFDxy0AH%2BnGfbLaYbI4182lozfspDrRq07sYZUc7%2FberUGH6TVvRkGA913n%2F3peJE%2FF%2B0rS3GixIjl5TV6o2wE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93d59d8db4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e2ef799884d1bd707e418aed4600e72
55124359060482a41b6e8af7fbada60cf1abdf82
5204683a7dff6f0b522866e9e55af93ceeaa826b29a706eaed1412a98b824bbb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5204683A7DFF6F0B522866E9E55AF93CEEAA826B29A706EAED1412A98B824BBB"
Last-Modified: Wed, 07 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9225
Expires: Thu, 08 Sep 2022 23:27:52 GMT
Date: Thu, 08 Sep 2022 20:54:07 GMT
Connection: keep-alive
cdn.tsyndicate.com/sdk/v1/video.instant.message.js
8.247.218.249200 OK 3.5 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/video.instant.message.js
IP 8.247.218.249:0
File type ASCII text, with very long lines (539)
Hash b4ccf5d14fbe6be7a62784f96fbed92e
9d3391b4a10cc28bb455ebfbe1caccb3db1c4efd
e3f294d4f9f7227ebaaeb508792345e6bda148885c2d6335e8595338312b67e1
GET /sdk/v1/video.instant.message.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: application/javascript
content-length: 3512
last-modified: Thu, 21 Jul 2022 11:18:31 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"62d93607-21d4"
age: 4267056
accept-ranges: bytes
X-Firefox-Spdy: h2
a.medfoodsafety.com/loader?a=4787908&v=2&t=1&s=4776911&p=8575&if=true
104.21.62.145200 OK 135 kB URL HTTP/2 a.medfoodsafety.com/loader?a=4787908&v=2&t=1&s=4776911&p=8575&if=true
IP 104.21.62.145:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size 135 kB (134947 bytes)
Hash 1b09d3c8e110a5f8e950d7b1fd30163f
1a44a2cbd87fac08463582181d8edcfccea304b0
b402cb325695005e84f26cfaf917d4ece8a5f4259a3471f34e8a97f57b378235
GET /loader?a=4787908&v=2&t=1&s=4776911&p=8575&if=true HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwRl%2FKDGW9R1LkiZ9KWGZMi4aUAIJBy1pNB7Bb2mOKV4ujfQCNBwXwhMUn6Ge89inH%2BFzBut8WeifWzEIffaeIlyq7ctXMsOO94JltI2C8aqsT9zqF3lOYmqfK2QPpk8smOHWnVe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93d6f83ab50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 60e8d1a26fb4d21ab2b65c86524cc473
5451e67f0ab36b344d0968363830c3c5527e4094
118893e422e270f638e21ffd3c72ab632a6502740637df2d60a376dce72f2a42
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 08:27:03 GMT
Expires: Tue, 13 Sep 2022 08:27:02 GMT
Etag: "5451e67f0ab36b344d0968363830c3c5527e4094"
Cache-Control: max-age=386574,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747a93d93edc0b65-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash bb7ed03674a0fea94263bd4fb5706283
12a82f2c23ff610d8b57a394dacb5fdd7c233d08
26302a9c4971da6b32f44242114d76c77ee4f0b2ebc417a76105bbb6d733810f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 03:56:19 GMT
Expires: Wed, 14 Sep 2022 03:56:18 GMT
Etag: "12a82f2c23ff610d8b57a394dacb5fdd7c233d08"
Cache-Control: max-age=456730,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747a93da388c0b02-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b3df226d85e006b0835c081fab72e2f
d9d95716282bf33aaba3bb8eed7345c712926436
b14993246ea35867e99a4fe00ddb665247a0350f5b40c184f8f6f76c25b770a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B14993246EA35867E99A4FE00DDB665247A0350F5B40C184F8F6F76C25B770A8"
Last-Modified: Wed, 07 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11641
Expires: Fri, 09 Sep 2022 00:08:08 GMT
Date: Thu, 08 Sep 2022 20:54:07 GMT
Connection: keep-alive
poweredby.jads.co/js/jads.js
185.94.236.253301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.236.253:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 08 Sep 2022 20:54:07 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1fe0327a01f21c54fc9bfc3efc87c68c
11e6ecf4707288032f021916e04ed93a46434da1
6fcc309bb04b920a7f738685e528507aeb74a0d37b935caf4c387d665c40b6de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FCC309BB04B920A7F738685E528507AEB74A0D37B935CAF4C387D665C40B6DE"
Last-Modified: Thu, 08 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10599
Expires: Thu, 08 Sep 2022 23:50:46 GMT
Date: Thu, 08 Sep 2022 20:54:07 GMT
Connection: keep-alive
tsyndicate.com/iframes2/81050e2dae874825b1263242bcb82944.html?
136.243.83.47200 OK 3.0 kB URL HTTP/2 tsyndicate.com/iframes2/81050e2dae874825b1263242bcb82944.html?
IP 136.243.83.47:0
ASN #24940 Hetzner Online GmbH
Hash f82c4b5b223626e93dc6598b145a6a43
e5bbbf9fd943eca0576cdbd441be664d47388c9b
fb5c33088b45b28ddd4b4c7c0d999796c5d467e176178473d0c9d1e69635cfd5
GET /iframes2/81050e2dae874825b1263242bcb82944.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 56242a790290c475
set-cookie: ts_uid=d9b99c48-7ed5-4a88-9dce-5b5131d48bbd; expires=Wed, 08 Mar 2023 20:54:07 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsIGwhg0cNG506aMg; expires=Fri, 09 Sep 2022 20:54:07 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
poweredby.jads.co/js/jads2.js
185.94.236.253200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.236.253:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://media.aso1.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 20:54:07 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash bb7ed03674a0fea94263bd4fb5706283
12a82f2c23ff610d8b57a394dacb5fdd7c233d08
26302a9c4971da6b32f44242114d76c77ee4f0b2ebc417a76105bbb6d733810f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 03:56:19 GMT
Expires: Wed, 14 Sep 2022 03:56:18 GMT
Etag: "12a82f2c23ff610d8b57a394dacb5fdd7c233d08"
Cache-Control: max-age=456730,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747a93da2b46b517-OSL
lcdn.tsyndicate.com/sdk/v1/b.b.js
8.254.252.210200 OK 2.8 kB URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP 8.254.252.210:0
File type ASCII text, with very long lines (2590)
Hash 01c3ce239d639853ba1e41661c115938
704741ca41e890a26eef6190c2d61131ff294f56
9aabcddb7b91826c4b8bf721d77fa448ceba501616a38c6fe0d6c4f11091ed47
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=d9b99c48-7ed5-4a88-9dce-5b5131d48bbd; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsIGwhg0cNG506aMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: application/javascript
content-length: 2808
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 15936184
accept-ranges: bytes
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/sdk/v1/b.b.js
8.254.252.210304 Not Modified 0 B URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP 8.254.252.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: ts_uid=3f8a58b6-8ad3-47af-ba70-1c04f17b3700; bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PYsCHjRg0bOGjc6NJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Feb 2022 13:07:15 GMT
If-None-Match: W/"6214e003-1eb1"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 08 Sep 2022 20:54:07 GMT
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 15936184
X-Firefox-Spdy: h2
cdn.tsyndicate.com/sdk/v1/video.instant.message.css
8.247.218.249200 OK 4.7 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/video.instant.message.css
IP 8.247.218.249:0
File type ASCII text, with very long lines (4667), with no line terminators
Hash 9fba1a3e7202a1124dec5d68f4f07bd1
6d880383c56bbe8244e98f135c7e8ef76e65ebfb
857634cc0df9324a79abf3ae0dc675507c22f020260e3c6ba8b2f2d04c1d24ec
GET /sdk/v1/video.instant.message.css HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Cookie: ts_uid=3f8a58b6-8ad3-47af-ba70-1c04f17b3700; bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PYsCHjRg0bOGjc6NJH
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: text/css
content-length: 4667
etag: "62d93607-123b"
last-modified: Thu, 21 Jul 2022 11:18:31 GMT
server: nginx
x-robots-tag: noindex, nofollow
age: 4267066
accept-ranges: bytes
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=67490d78-d153-487b-bfc0-c57d76341fd6&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=67490d78-d153-487b-bfc0-c57d76341fd6&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=67490d78-d153-487b-bfc0-c57d76341fd6&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 08 Sep 2022 20:54:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0746eb492499ca515c59aae4c9e7458d
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=67490d78-d153-487b-bfc0-c57d76341fd6&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=67490d78-d153-487b-bfc0-c57d76341fd6&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=67490d78-d153-487b-bfc0-c57d76341fd6&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 08 Sep 2022 20:54:08 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3e917ef9592862dd59021bb209214e33
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f10a29d7d8b6d7a5671cdf7afad95dea
5df90138cb0932f49b90efe159807bfff6fa7dbc
9ab5d40edc6f531ae85832ad71a132a2a7d7eba0b2c5fb320f35d5fe3698bf4d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6292
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:08 GMT
Last-Modified: Thu, 08 Sep 2022 19:09:16 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f10a29d7d8b6d7a5671cdf7afad95dea
5df90138cb0932f49b90efe159807bfff6fa7dbc
9ab5d40edc6f531ae85832ad71a132a2a7d7eba0b2c5fb320f35d5fe3698bf4d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6292
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:08 GMT
Last-Modified: Thu, 08 Sep 2022 19:09:16 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd0fe895136a0e096c95b19fc6ce7676
1f259dbb0bd287272089f9619c3857c0df58787b
9f72789f8b06df62e1610110c4664826955da74ca0bb7737a9a1866ae6ae6d53
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9F72789F8B06DF62E1610110C4664826955DA74CA0BB7737A9A1866AE6AE6D53"
Last-Modified: Thu, 08 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12825
Expires: Fri, 09 Sep 2022 00:27:53 GMT
Date: Thu, 08 Sep 2022 20:54:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b8ca336cf66ab267bcd86a34faf76fa4
1f01b8a499a7c7a1211a421f80dacda60aa45d9c
411a7db8ec3690a9377c066e920c2e4fe4b3c9b38bc539ae1e87600f01c9d88f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "411A7DB8EC3690A9377C066E920C2E4FE4B3C9B38BC539AE1E87600F01C9D88F"
Last-Modified: Tue, 06 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15523
Expires: Fri, 09 Sep 2022 01:12:51 GMT
Date: Thu, 08 Sep 2022 20:54:08 GMT
Connection: keep-alive
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
209.197.3.25200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP 209.197.3.25:0
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:08 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10721591
X-HW: 1662670448.dop209.sk1.t,1662670448.cds016.sk1.shn,1662670448.dop209.sk1.t,1662670448.cds228.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
205.185.208.20200 OK 5.0 kB URL HTTP/1.1 hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP 205.185.208.20:0
File type ASCII text, with very long lines (5027), with no line terminators
Hash 5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:08 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10624026
X-HW: 1662670448.dop068.sk1.t,1662670448.cds258.sk1.shn,1662670448.dop068.sk1.t,1662670448.cds225.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/1/49/814954/1040423/1040423_logo.png
205.185.208.20200 OK 3.3 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/1/49/814954/1040423/1040423_logo.png
IP 205.185.208.20:0
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c992f93419cff2c1c149dfc70e710c6
ea1808199ce5bb59a63edea6fd39bbbf5e7511d7
ba89161f62c517bdd776996943f3e26ed2b92d749178f1c24da07c8db904e27c
GET /a7/creatives/1/49/814954/1040423/1040423_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:08 GMT
Connection: Keep-Alive
ETag: "1661264183"
Content-Length: 3346
Content-Type: image/png
Last-Modified: Tue, 23 Aug 2022 14:16:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10597787
X-HW: 1662670448.dop209.sk1.t,1662670448.cds017.sk1.shn,1662670448.dop209.sk1.t,1662670448.cds204.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/1/49/814692/1035698/1035698_logo.png
205.185.208.20200 OK 68 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/1/49/814692/1035698/1035698_logo.png
IP 205.185.208.20:0
File type PNG image data, 900 x 250, 8-bit colormap, non-interlaced\012- data
Hash c1623927236b9d6d03c1c18f7196e9bd
add9ce00456b7e84e876445b1d73c3c1972b6398
2f8381f07794329adae6254af972ca56a9918a3c4b8f190f75bd6bc5506e2977
GET /a7/creatives/1/49/814692/1035698/1035698_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:08 GMT
Connection: Keep-Alive
ETag: "1656009778"
Content-Length: 68180
Content-Type: image/png
Last-Modified: Thu, 23 Jun 2022 18:42:58 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10702536
X-HW: 1662670448.dop071.sk1.t,1662670448.cds202.sk1.shn,1662670448.dop071.sk1.t,1662670448.cds229.sk1.c
Access-Control-Allow-Origin: *
xml.serve-servee.com/thumbnail?i=1KzH6ILEZ7I_0&imgt=icon
172.67.217.88302 Found 0 B URL HTTP/2 xml.serve-servee.com/thumbnail?i=1KzH6ILEZ7I_0&imgt=icon
IP 172.67.217.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=1KzH6ILEZ7I_0&imgt=icon HTTP/1.1
Host: xml.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 08 Sep 2022 20:54:08 GMT
content-length: 0
location: https://static.serve-servee.com/n337/ad/200x200_YRlME4dwikFVJhyiKVfW.jpeg
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBDXwF2P40G%2FGt1CD5MC1ccRkAmFt46KCiEwo%2FkQTcq4T%2Bb%2BaHc4LKeaC0DvRb8Bt4zjYeaVP03IEd3NQe8ud%2FWUikX%2BQ7CoieK%2BqxnocBRRaWV3uRxVOd8V8ddQg1HiLJBS7rznmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93dd1ea3b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd0fe895136a0e096c95b19fc6ce7676
1f259dbb0bd287272089f9619c3857c0df58787b
9f72789f8b06df62e1610110c4664826955da74ca0bb7737a9a1866ae6ae6d53
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9F72789F8B06DF62E1610110C4664826955DA74CA0BB7737A9A1866AE6AE6D53"
Last-Modified: Thu, 08 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12825
Expires: Fri, 09 Sep 2022 00:27:53 GMT
Date: Thu, 08 Sep 2022 20:54:08 GMT
Connection: keep-alive
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XcmGHDBo0bYWC0GEOmhsiPOGi0EBOmTIwWYW7koDEmR40cHMuIEfEwTJ0xGcXYGGMDBxkyMlqUwRFjTAsaSEWKOWoGJo0yY2KYoWGGzNAZPCGSsbPQRg4bMh7CqbNTxwwcNkz2hANn4QwaOG7AeDgHzkQdNBrO4Jjj4Zg2dQHHsHHDxoyeZMxQfCjGjZuFMhrTcPxYRBs3GHVkJqz2c-i4gR_WiZERDR06cOboePEijAuDdEC7GPOmzYszZei8iAGjeA2OM37QSdOmTI-GOWTQyBGDRo0aNGbE4FKnuAwbYeiM6RGYsWPu3sHDEdNDCJs6NZ7YEfIEypknc9jMqFEHjxs1UNBBxhVUIJGDEi1YEYYMakhhAxxEnFHHFWLAEZ8SbJSxBBl3iBFFFR6RkUYdR9hxxRBEuHFEHk0w4cQYMoyRBgwy2BGGHWvAIUcWdpiBhg1JGLEEHmLk8EULNlBRBBsh5fCGEHocQcUaZMxQRxRfnFFFEkRIUUUaYcHRxmQivCEmmWT0llFzItoWxhxvxOCCG8GFNUZ4C22hXRdqyQGUDjC4UFxFIoghGaCCwuCQCGOI-YWOfwZaHAyLpSWCHHYkJpcIWJ2J6KQzSKdaHWDqIAIZORSZwxh4tXBDGSU9FQYOOLSQAxljlNFCDWLUEIN2ZOAlxlRhpZGYCNS5kEOgNMjgQkM0hCXHF8ZmlOyyLjT7LHZh1RFGRk28oUcabDD5Qg2CgoACFjHEsAMITKThRn8g4AHXFx69i6kOZwmaAghHYLXGGy_IQOmglIJgRBpylGHGG3i80C8Mdv4pghNPhPXGtGNYjHFYbFhchBNhHWTHFw2zQVENN9yAA0c4FPeQHGdcJloNeT1k8hdiyLEQrTqXcXIbb5CBGVyEkiHHG3Y99IZCovUJcR4L0TCzw629FttsL7CZhptwykmncGHNgWlGS9MR3sYt1OFGGnQgKSeuMchQssUHfUG33RaNyVBH3-lFw0d92_03WozBMPgNNZgFGcpl9PUFnocHrjjhnJ4cRoZy0AG1njTwCZEYf53qsE9sTKRWyAvtxWhoMPShQEA%3D&s=f331945f1e055cdc72cce0b62a1847967767fa6fce9ce6da24f9d5d4d7c4b1dd1662670447&w=t&r=1&d=370&priv=false
136.243.75.209200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XcmGHDBo0bYWC0GEOmhsiPOGi0EBOmTIwWYW7koDEmR40cHMuIEfEwTJ0xGcXYGGMDBxkyMlqUwRFjTAsaSEWKOWoGJo0yY2KYoWGGzNAZPCGSsbPQRg4bMh7CqbNTxwwcNkz2hANn4QwaOG7AeDgHzkQdNBrO4Jjj4Zg2dQHHsHHDxoyeZMxQfCjGjZuFMhrTcPxYRBs3GHVkJqz2c-i4gR_WiZERDR06cOboePEijAuDdEC7GPOmzYszZei8iAGjeA2OM37QSdOmTI-GOWTQyBGDRo0aNGbE4FKnuAwbYeiM6RGYsWPu3sHDEdNDCJs6NZ7YEfIEypknc9jMqFEHjxs1UNBBxhVUIJGDEi1YEYYMakhhAxxEnFHHFWLAEZ8SbJSxBBl3iBFFFR6RkUYdR9hxxRBEuHFEHk0w4cQYMoyRBgwy2BGGHWvAIUcWdpiBhg1JGLEEHmLk8EULNlBRBBsh5fCGEHocQcUaZMxQRxRfnFFFEkRIUUUaYcHRxmQivCEmmWT0llFzItoWxhxvxOCCG8GFNUZ4C22hXRdqyQGUDjC4UFxFIoghGaCCwuCQCGOI-YWOfwZaHAyLpSWCHHYkJpcIWJ2J6KQzSKdaHWDqIAIZORSZwxh4tXBDGSU9FQYOOLSQAxljlNFCDWLUEIN2ZOAlxlRhpZGYCNS5kEOgNMjgQkM0hCXHF8ZmlOyyLjT7LHZh1RFGRk28oUcabDD5Qg2CgoACFjHEsAMITKThRn8g4AHXFx69i6kOZwmaAghHYLXGGy_IQOmglIJgRBpylGHGG3i80C8Mdv4pghNPhPXGtGNYjHFYbFhchBNhHWTHFw2zQVENN9yAA0c4FPeQHGdcJloNeT1k8hdiyLEQrTqXcXIbb5CBGVyEkiHHG3Y99IZCovUJcR4L0TCzw629FttsL7CZhptwykmncGHNgWlGS9MR3sYt1OFGGnQgKSeuMchQssUHfUG33RaNyVBH3-lFw0d92_03WozBMPgNNZgFGcpl9PUFnocHrjjhnJ4cRoZy0AG1njTwCZEYf53qsE9sTKRWyAvtxWhoMPShQEA%3D&s=f331945f1e055cdc72cce0b62a1847967767fa6fce9ce6da24f9d5d4d7c4b1dd1662670447&w=t&r=1&d=370&priv=false
IP 136.243.75.209:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XcmGHDBo0bYWC0GEOmhsiPOGi0EBOmTIwWYW7koDEmR40cHMuIEfEwTJ0xGcXYGGMDBxkyMlqUwRFjTAsaSEWKOWoGJo0yY2KYoWGGzNAZPCGSsbPQRg4bMh7CqbNTxwwcNkz2hANn4QwaOG7AeDgHzkQdNBrO4Jjj4Zg2dQHHsHHDxoyeZMxQfCjGjZuFMhrTcPxYRBs3GHVkJqz2c-i4gR_WiZERDR06cOboePEijAuDdEC7GPOmzYszZei8iAGjeA2OM37QSdOmTI-GOWTQyBGDRo0aNGbE4FKnuAwbYeiM6RGYsWPu3sHDEdNDCJs6NZ7YEfIEypknc9jMqFEHjxs1UNBBxhVUIJGDEi1YEYYMakhhAxxEnFHHFWLAEZ8SbJSxBBl3iBFFFR6RkUYdR9hxxRBEuHFEHk0w4cQYMoyRBgwy2BGGHWvAIUcWdpiBhg1JGLEEHmLk8EULNlBRBBsh5fCGEHocQcUaZMxQRxRfnFFFEkRIUUUaYcHRxmQivCEmmWT0llFzItoWxhxvxOCCG8GFNUZ4C22hXRdqyQGUDjC4UFxFIoghGaCCwuCQCGOI-YWOfwZaHAyLpSWCHHYkJpcIWJ2J6KQzSKdaHWDqIAIZORSZwxh4tXBDGSU9FQYOOLSQAxljlNFCDWLUEIN2ZOAlxlRhpZGYCNS5kEOgNMjgQkM0hCXHF8ZmlOyyLjT7LHZh1RFGRk28oUcabDD5Qg2CgoACFjHEsAMITKThRn8g4AHXFx69i6kOZwmaAghHYLXGGy_IQOmglIJgRBpylGHGG3i80C8Mdv4pghNPhPXGtGNYjHFYbFhchBNhHWTHFw2zQVENN9yAA0c4FPeQHGdcJloNeT1k8hdiyLEQrTqXcXIbb5CBGVyEkiHHG3Y99IZCovUJcR4L0TCzw629FttsL7CZhptwykmncGHNgWlGS9MR3sYt1OFGGnQgKSeuMchQssUHfUG33RaNyVBH3-lFw0d92_03WozBMPgNNZgFGcpl9PUFnocHrjjhnJ4cRoZy0AG1njTwCZEYf53qsE9sTKRWyAvtxWhoMPShQEA%3D&s=f331945f1e055cdc72cce0b62a1847967767fa6fce9ce6da24f9d5d4d7c4b1dd1662670447&w=t&r=1&d=370&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=3f8a58b6-8ad3-47af-ba70-1c04f17b3700; bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PYsCHjRg0bOGjc6NJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 450561092f6ff74d7a8983ca8d1d0f6b
25d6329933a6ca9ec714d20d5d912a72ba5693a6
fa9ceccfadea09693cde7071095140515fa311517935be4f9f17026785de4978
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA9CECCFADEA09693CDE7071095140515FA311517935BE4F9F17026785DE4978"
Last-Modified: Tue, 06 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10578
Expires: Thu, 08 Sep 2022 23:50:26 GMT
Date: Thu, 08 Sep 2022 20:54:08 GMT
Connection: keep-alive
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WMKVMjDIwcNMi0GCMmBo0WNMLcmNFCDI0bMVrYKENjzA0cZszUICMmjIiHYeqMyYhjBhkyOciEKdPihg0ZY1DeoAGjRRgZOG7InCnmxpgxBsnc_AmRjJ2FNnI8fQinjhiKMnLAqAgRDpyFWWnMeDgHzkQdM3DAEIwDx8M2ff9StVGjhgwbD8e0uauDhowaOXI4LGtmIdaHYty48Sw4Bo7Gh91g1CFjZVq2bVSjrUGDbp0YGdHQoQNnjo4XL8K4MEhHtYsxb9q8OFOGzosYMObCkEEDxw86adqU6dEwB3WQ3rM-5lIn-uMwdMb0sIxZM3nzNsLAEdNjjkckTUiuOUIDS50nb5whwxwzUCEFGkaoYQQWcoRxxRNfPGGGDVFQQYUVb9wxwxBpyHGEFXrMgYcTeFwhAxI0dNWSFXmYEQcNWThhBA1GOOGGFEJoEYUWSEyBgx1uPFHGHUHgkcYUbUghQxpjmHFFHl_koIUcawjxBRI3lBHEf1-cUUUSREhRRRpkwdEGRQ-9YSaaIpCRXEbCmfHGGHXMcZALabghJ1lg_bXFDDF0wZYcQ-kAgwvR0SVGZ4YiStcYZn4BB6ELHRrdR4M9JIcdlDX0UBmQntloojDYYJgIddRBpg4izGAGDmHUgIMYNrQAKxksvRSGGS2pVFUMY8BAgxkx3CDGDDdER1YalImQQwwuyOWCZS40RANZcnzBbEbPRnsotdaSVYdPrDbxhh5psMFGGC_UgCgIKGARQww7gMBEnnXgAQIeONjwhQ001LupDmohmgIIR4C6xhsvyCCddDGAYESHZciJxwsFw8BnoSI48QRZb2T7VUYek8UGx0U4QdZBdnwhRxlsUFTDDTfNYGp0mp4xGmuy3vAQy1-IIQdepwLdxhtkkGYDXWTI8cZCe4nwhkKsDfoGHnksRIOmFee2W2-_BeeCnHTaWQaeejJM1h0ZxYCVxg-h0fZ01_K1aUZO04FeyC3U4UYadLQAqAtkjOH2yhwf9EXhh1skagw2PGVDsjS85LgMFEX-GOUvMeZzWS6X0dcX6GUuOeefl9FyGGwgRAfVf9IgKERi_NVmxUGxMRFbJ1ca2Wow9KFAQA%3D%3D&s=9674f4a8b8465ecc6aa6e4fc276bbc8bf1298c14b0ef950522e64e3ce3b329161662670447&w=t&r=1&d=353&priv=false
136.243.75.209200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WMKVMjDIwcNMi0GCMmBo0WNMLcmNFCDI0bMVrYKENjzA0cZszUICMmjIiHYeqMyYhjBhkyOciEKdPihg0ZY1DeoAGjRRgZOG7InCnmxpgxBsnc_AmRjJ2FNnI8fQinjhiKMnLAqAgRDpyFWWnMeDgHzkQdM3DAEIwDx8M2ff9StVGjhgwbD8e0uauDhowaOXI4LGtmIdaHYty48Sw4Bo7Gh91g1CFjZVq2bVSjrUGDbp0YGdHQoQNnjo4XL8K4MEhHtYsxb9q8OFOGzosYMObCkEEDxw86adqU6dEwB3WQ3rM-5lIn-uMwdMb0sIxZM3nzNsLAEdNjjkckTUiuOUIDS50nb5whwxwzUCEFGkaoYQQWcoRxxRNfPGGGDVFQQYUVb9wxwxBpyHGEFXrMgYcTeFwhAxI0dNWSFXmYEQcNWThhBA1GOOGGFEJoEYUWSEyBgx1uPFHGHUHgkcYUbUghQxpjmHFFHl_koIUcawjxBRI3lBHEf1-cUUUSREhRRRpkwdEGRQ-9YSaaIpCRXEbCmfHGGHXMcZALabghJ1lg_bXFDDF0wZYcQ-kAgwvR0SVGZ4YiStcYZn4BB6ELHRrdR4M9JIcdlDX0UBmQntloojDYYJgIddRBpg4izGAGDmHUgIMYNrQAKxksvRSGGS2pVFUMY8BAgxkx3CDGDDdER1YalImQQwwuyOWCZS40RANZcnzBbEbPRnsotdaSVYdPrDbxhh5psMFGGC_UgCgIKGARQww7gMBEnnXgAQIeONjwhQ001LupDmohmgIIR4C6xhsvyCCddDGAYESHZciJxwsFw8BnoSI48QRZb2T7VUYek8UGx0U4QdZBdnwhRxlsUFTDDTfNYGp0mp4xGmuy3vAQy1-IIQdepwLdxhtkkGYDXWTI8cZCe4nwhkKsDfoGHnksRIOmFee2W2-_BeeCnHTaWQaeejJM1h0ZxYCVxg-h0fZ01_K1aUZO04FeyC3U4UYadLQAqAtkjOH2yhwf9EXhh1skagw2PGVDsjS85LgMFEX-GOUvMeZzWS6X0dcX6GUuOeefl9FyGGwgRAfVf9IgKERi_NVmxUGxMRFbJ1ca2Wow9KFAQA%3D%3D&s=9674f4a8b8465ecc6aa6e4fc276bbc8bf1298c14b0ef950522e64e3ce3b329161662670447&w=t&r=1&d=353&priv=false
IP 136.243.75.209:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WMKVMjDIwcNMi0GCMmBo0WNMLcmNFCDI0bMVrYKENjzA0cZszUICMmjIiHYeqMyYhjBhkyOciEKdPihg0ZY1DeoAGjRRgZOG7InCnmxpgxBsnc_AmRjJ2FNnI8fQinjhiKMnLAqAgRDpyFWWnMeDgHzkQdM3DAEIwDx8M2ff9StVGjhgwbD8e0uauDhowaOXI4LGtmIdaHYty48Sw4Bo7Gh91g1CFjZVq2bVSjrUGDbp0YGdHQoQNnjo4XL8K4MEhHtYsxb9q8OFOGzosYMObCkEEDxw86adqU6dEwB3WQ3rM-5lIn-uMwdMb0sIxZM3nzNsLAEdNjjkckTUiuOUIDS50nb5whwxwzUCEFGkaoYQQWcoRxxRNfPGGGDVFQQYUVb9wxwxBpyHGEFXrMgYcTeFwhAxI0dNWSFXmYEQcNWThhBA1GOOGGFEJoEYUWSEyBgx1uPFHGHUHgkcYUbUghQxpjmHFFHl_koIUcawjxBRI3lBHEf1-cUUUSREhRRRpkwdEGRQ-9YSaaIpCRXEbCmfHGGHXMcZALabghJ1lg_bXFDDF0wZYcQ-kAgwvR0SVGZ4YiStcYZn4BB6ELHRrdR4M9JIcdlDX0UBmQntloojDYYJgIddRBpg4izGAGDmHUgIMYNrQAKxksvRSGGS2pVFUMY8BAgxkx3CDGDDdER1YalImQQwwuyOWCZS40RANZcnzBbEbPRnsotdaSVYdPrDbxhh5psMFGGC_UgCgIKGARQww7gMBEnnXgAQIeONjwhQ001LupDmohmgIIR4C6xhsvyCCddDGAYESHZciJxwsFw8BnoSI48QRZb2T7VUYek8UGx0U4QdZBdnwhRxlsUFTDDTfNYGp0mp4xGmuy3vAQy1-IIQdepwLdxhtkkGYDXWTI8cZCe4nwhkKsDfoGHnksRIOmFee2W2-_BeeCnHTaWQaeejJM1h0ZxYCVxg-h0fZ01_K1aUZO04FeyC3U4UYadLQAqAtkjOH2yhwf9EXhh1skagw2PGVDsjS85LgMFEX-GOUvMeZzWS6X0dcX6GUuOeefl9FyGGwgRAfVf9IgKERi_NVmxUGxMRFbJ1ca2Wow9KFAQA%3D%3D&s=9674f4a8b8465ecc6aa6e4fc276bbc8bf1298c14b0ef950522e64e3ce3b329161662670447&w=t&r=1&d=353&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: ts_uid=3f8a58b6-8ad3-47af-ba70-1c04f17b3700; bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PYsCHjRg0bOGjc6NJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.97a5db11ca63.js
104.16.93.42200 OK 237 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.97a5db11ca63.js
IP 104.16.93.42:0
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size 237 kB (236993 bytes)
Hash 0aa1cf211e282ca4c6540c43032115d2
c74516350e296f4584c3348bda96ee90e511b001
64ba598da9f8f01a965c688a60c77a97c873ad27d8ce6bc9e8eb4ef889582543
GET /CACHE/js/output.97a5db11ca63.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=827275
etag: W/"692ec922d2a39b4037073f70286968b3"
last-modified: Fri, 13 May 2022 09:09:46 GMT
x-amz-id-2: VZ8ol5gj9DR4cR1Ys+gd3EdgeEH8vduV/GWCX0hMYtqbtTyLc8wtgelbUHUwXR/km7ekid2PJdA=
x-amz-meta-s3cmd-attrs: md5:692ec922d2a39b4037073f70286968b3
x-amz-request-id: WKBNH94P832M1DR9
cf-cache-status: HIT
age: 2460930
expires: Sat, 08 Oct 2022 20:54:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRHnwxhECrrvDKDeh5jWkWD6IqPuts74y6d50W48FGdjUrV75gTiRdVuo5%2FCYy%2BD%2F%2FQP7pTsq0%2Ftbmmk2r%2Foy0ox07S3nI8gXEi0pD%2FfOCQ5Tl8Tf%2FIByauibZNzRqwMoclTrq%2FhH0QxHcddtLh6zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=.IZqIMXOvHfCYJ42_vgG_d8DfGQmPIb1SehbJd4VqB0-1662670448513-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747a93df0f04b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/css/output.3d204bbf93b6.css
104.16.93.42200 OK 44 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.3d204bbf93b6.css
IP 104.16.93.42:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1a1a602839c419731ef2ebccef81375e
e0fa200dc4ce34da92c6adfd4bc6356ac588cae0
ac22187257894e27219c7e7a18426d935f82ee827934f6fd8b7b4c3f81c94816
GET /CACHE/css/output.3d204bbf93b6.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=81638
etag: W/"77a4b7340f86a2695a27c44ead4a3c3a"
last-modified: Fri, 26 Aug 2022 19:58:07 GMT
x-amz-id-2: cT2XzitaGs304rRIS5L6DtspU49RncpTLW6ZdmdBel/qFViEHV886seyqVF3DvvcxxSowlOC/S8=
x-amz-meta-s3cmd-attrs: md5:77a4b7340f86a2695a27c44ead4a3c3a
x-amz-request-id: TB1RA68HF42BCY09
cf-cache-status: HIT
age: 1126380
expires: Sat, 08 Oct 2022 20:54:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SF0HWGo%2FFpBqIWBA3nLe%2FkGAMw4xQ%2FeTp9CYWhdPBi4SSk70RFM36IXsDALxkTYLBUa9diQq3RFB%2BeqKRGcWqHblxL6Lz1igifSOhlAzHdywQgexnCScqmBvpHh1x9yvLdtYZHVb3pZve2cwpvnzDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=6eIYLk6YiyP4t8ReR6npeKVTXn49TkKBsvTMh13JZcc-1662670448531-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747a93df3f43b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/jsi18n/en/djangojs.js?hash=073245c20b70
104.16.93.42200 OK 32 kB URL HTTP/2 static-assets.highwebmedia.com/jsi18n/en/djangojs.js?hash=073245c20b70
IP 104.16.93.42:0
File type ASCII text, with very long lines (1358)
Hash 9f52527754dc5eb9cb34b9360351a4b8
3c9ad0c279331685666a48f9d5f981141a34cbba
486e5a088df6e4a8986b3483fdb62e258ce85830b716a409d390df25fd65e039
GET /jsi18n/en/djangojs.js?hash=073245c20b70 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=3271
etag: W/"32cad827f4958bb8450fc33065ba4b42"
last-modified: Thu, 28 Apr 2022 02:42:35 GMT
x-amz-id-2: sSEu0SaQqBxob3yUBapw2siPr0YTSIpbIIp6L/f+fOVmVaSTEECjikQxCx9wkngLEa8jLM1uo+E=
x-amz-meta-s3cmd-attrs: md5:32cad827f4958bb8450fc33065ba4b42
x-amz-request-id: 8CZRM23N5EK7CH7X
cf-cache-status: HIT
age: 4572
expires: Sat, 08 Oct 2022 20:54:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zCnuierWx2dOy4ohl57oCljB8BVgG%2FNG02Drbp6aYUrkvFJP22tciQY7srtwTaedSxiNsoWhZpA7wayDGEje6Gcm2lmbGNk7QoLENqGOZ4aabC%2Brv8dQwgzTB9hQr6NeXF6%2BgtLLMSXRWt1AddgIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=zUUmGFr3qk234AuKRMajBDEp9h05nKs1SCVmNKyEqhY-1662670448500-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747a93df0efcb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
as.sexad.net/as/if?p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286
216.127.52.242200 4.9 kB URL HTTP/1.1 as.sexad.net/as/if?p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286
IP 216.127.52.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (623)
Hash 34c13c45bdf2a11d0edcf4d81bdf6a3a
4f8c73555b5c03db5cba9c5db9abf2f8d6dc8935
3f8519ff42fe40dad59e59908bc50b9b3d6cedfdf25a4038f18e47764b33e1c0
GET /as/if?p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286 HTTP/1.1
Host: as.sexad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx/1.18.0
Date: Thu, 08 Sep 2022 20:54:08 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Access-Control-Allow-Origin: *
Set-Cookie: at11662670448937_0_5104_5671=0001000; expires=Sat, 08-Oct-2022 20:54:08 GMT; Max-Age=2592000; path=/as; secure; SameSite=None
iid=3789-1662670448; expires=Sun, 05-Sep-2032 20:54:08 GMT; Max-Age=315360000; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
Content-Encoding: gzip
static-assets.highwebmedia.com/CACHE/css/output.cc7c3355797b.css
104.16.93.42200 OK 84 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.cc7c3355797b.css
IP 104.16.93.42:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 38480013f01b8c4a51dba82734178ddc
d707c3e85dde573b1419024b900b16f7a2fa6ee6
7f4fd2617a950f8c86c65ed5b20cc4b23698f7dae2ab8dde5e30703091176616
GET /CACHE/css/output.cc7c3355797b.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=246489
etag: W/"ff2f3baed2820c4c9ad8a0e5faadfe11"
last-modified: Thu, 01 Sep 2022 23:26:03 GMT
x-amz-id-2: b1+VuikajRX43fI12stCWkWnRQJlXi9r7VNYuD2X0XqjtgXKMz7u53Nd5EIvISx+8bg4CCeT5Z4=
x-amz-meta-s3cmd-attrs: md5:ff2f3baed2820c4c9ad8a0e5faadfe11
x-amz-request-id: EC6KTG6NT1H753P4
cf-cache-status: HIT
age: 595512
expires: Sat, 08 Oct 2022 20:54:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JChxjKABPVeYQnpmV94my51CoEsgPAQQ87VaH1mz%2FuPallJ%2F9B2Csyqs%2BEoSSGww2sAhKBFizCNuvYaGzz4OQPgsTpfU0HQvoqCmjEvJWowZKcKfLUl%2F4F3U6NQrXAGH2xw7%2Btp5Vtu%2B83jMLA5eDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=26hPXWDj9yj8ChfA5pU.t.SIEOibe6eIhTrrifiiIg0-1662670448521-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747a93df3f40b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Sep 2022 20:54:08 GMT
via: 1.1 varnish
x-served-by: cache-bma1658-BMA
x-cache: HIT
x-cache-hits: 370
x-timer: S1662670449.878538,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0447338798f1ce07cefc1dce54418334
29421a64ec1098ea11c9d10b528a80164cb893b9
3ecc3c2939ee1c4ba0d690c0d93de05aa2cffc108d13d1c5f1df9090b34686e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3ECC3C2939EE1C4BA0D690C0D93DE05AA2CFFC108D13D1C5F1DF9090B34686E2"
Last-Modified: Tue, 06 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11517
Expires: Fri, 09 Sep 2022 00:06:06 GMT
Date: Thu, 08 Sep 2022 20:54:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0447338798f1ce07cefc1dce54418334
29421a64ec1098ea11c9d10b528a80164cb893b9
3ecc3c2939ee1c4ba0d690c0d93de05aa2cffc108d13d1c5f1df9090b34686e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3ECC3C2939EE1C4BA0D690C0D93DE05AA2CFFC108D13D1C5F1DF9090B34686E2"
Last-Modified: Tue, 06 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11517
Expires: Fri, 09 Sep 2022 00:06:06 GMT
Date: Thu, 08 Sep 2022 20:54:09 GMT
Connection: keep-alive
a.bestcontentfood.top/warp/4788749?r=9678
172.67.200.139200 OK 152 kB URL HTTP/2 a.bestcontentfood.top/warp/4788749?r=9678
IP 172.67.200.139:0
File type ASCII text, with very long lines (4179), with no line terminators
Size 152 kB (151875 bytes)
Hash 9dc2995dfbaff5b4dcc485ae956ffc53
80ff709f3621ea6971a97721b95061a9c1cb13e8
93a86f1043a3d53c517f2e804dad54fb6b0d627f6516f5efe82137845c801468
Analyzer Verdict Alert fortinet Phishing
GET /warp/4788749?r=9678 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpKoJXoEW688p%2BtvrhrYThhLGnhZaV8DBH6SlOktetWJ2Ok9NQdERdcuqvxux2pAWL8uRwGn2mwEDH7uYNUjsPG9LTfsgAq3%2BYsHtziJRPWGRf0eUPIf9V4AwNrjYkE9IX8vkKR40u0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93d59da2b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
m.sancdn.net/common/fontawesome-430/font-awesome.min.css
69.16.175.10200 OK 24 kB URL HTTP/1.1 m.sancdn.net/common/fontawesome-430/font-awesome.min.css
IP 69.16.175.10:0
File type ASCII text, with very long lines (23523)
Hash 3738ef90dad175977dc8a695809bb71a
98aa676ba7987caa86d49ab1b71f73896d08ad13
c86f7b62a894d5799f1aa0a535efb34ed6f914447f901f1da50c837dee13fa72
GET /common/fontawesome-430/font-awesome.min.css HTTP/1.1
Host: m.sancdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:09 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 23685
Content-Type: text/css
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1662670449.dop210.sk1.t,1662670449.cds227.sk1.shn,1662670449.dop210.sk1.t,1662670449.cds206.sk1.c
poweredby.jads.co/adshow.php?adzone=969388
185.94.236.253200 OK 1.4 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=969388
IP 185.94.236.253:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 755672d421d0615d33483b252c1d20fe
70d9c83d30bd8528831578bea527af0891689b24
a4d4f548e95e3b808090974cd668c754be07c89c4edd8c25ee08fb332757d184
GET /adshow.php?adzone=969388 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 20:54:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=4bb15adb3fa545f288572358daf68034; expires=Fri, 08-Sep-2023 20:54:07 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Sun, 11-Sep-2022 20:54:07 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sun, 11-Sep-2022 20:54:07 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
a.adtng.com/get/10010248?time=1592494928726&atc=425995&apb=VdFcurrpBeiWZFpzHA0fBCyjpa_ByWvceJvB9CmlXjZZnlAgCOKiAsfUQtrkzQCqcqalgGWtplJp8Y9BfRJis33ilCJqc5qcspH2xD3vNCyG_gUIDRUi
66.254.114.171200 OK 238 kB URL HTTP/2 a.adtng.com/get/10010248?time=1592494928726&atc=425995&apb=VdFcurrpBeiWZFpzHA0fBCyjpa_ByWvceJvB9CmlXjZZnlAgCOKiAsfUQtrkzQCqcqalgGWtplJp8Y9BfRJis33ilCJqc5qcspH2xD3vNCyG_gUIDRUi
IP 66.254.114.171:0
Size 238 kB (238496 bytes)
Hash 2dfe332136d5c440be549d061063cacb
3320ca76cd1ebcaf5f9a7b990875b5d1c646b769
00709c763043e9793938870d5f8355e614374565305095d70304d47262268afa
GET /get/10010248?time=1592494928726&atc=425995&apb=VdFcurrpBeiWZFpzHA0fBCyjpa_ByWvceJvB9CmlXjZZnlAgCOKiAsfUQtrkzQCqcqalgGWtplJp8Y9BfRJis33ilCJqc5qcspH2xD3vNCyG_gUIDRUi HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KEmMaVnBCKFN0hlQxAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7041; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 631A5670-42FE72AB01BB7A93-1E7959A9
X-Firefox-Spdy: h2
bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1134&ck=1&ref=https://chaturbate.com/tours/3/&ap=86&be=538&fe=926&dc=772&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662670439908,%22n%22:0,%22r%22:0,%22re%22:176,%22f%22:176,%22dn%22:176,%22dne%22:176,%22c%22:176,%22s%22:176,%22ce%22:176,%22rq%22:178,%22rp%22:433,%22rpe%22:435,%22dl%22:519,%22di%22:767,%22ds%22:771,%22de%22:777,%22dc%22:925,%22l%22:925,%22le%22:926%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=791&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIOVAACBVIBB1YABlZXDhh4Yy8TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbE1xVAwcFBV9YGF0GVAkUVQBbXU4HXwBdHABTCFRaUVdRAwkDXxNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEZaWQBFFw8HF0tBShtHXEAUVEoVPQ4BFw5WURsLQ3Z8NUBPRhMfTV1WXz5HXBMRCgsNRAMXCh9WExVDFwI7BwNPXFpUPldYDAsPHUFcG3pNWQRDG01AFgU8AlxDUFIEbk0YEgZGWURdUEpaFV5JQ05BEQI5VkZmVwBcUA0bQV5BKlBbTElDHRsUAzwLEDlPUEtCCF5XQ1hBRk9ETFRmUxNeThIHETsFB1RcVUhDCxsnCxEBBQlBFxUTFFBmAxAMExADS2pPVBNCUA4MQV5BXw8bCRNNE0wAPRAQEQ9XUhsLQ3xWGwsPCAJJDBsJEUlpCFBZQygKCExNGUlZB2ZXVlhEERADDA8fURgZJgcADwxJCwUIAVEACVBCJQ0RA19aQR5YBxdRQE9GBA9NalpeDFxQFUBZRlNRCgcNBAIDCQNVU0ZPRElUS1AMQhtbQBg4QRJWQEttQwsZPUAbVTECZRcVET0TWgAPEwUKAVdpGwtBbRsVAywXITobGRltQ1JlQ1hDOEFXZRcVET0TST1AWUQ/RAlpGx1BbRsGBw0ABhRlFwMRPRNfPUBPRD9EXVxKUANdXD4RDBENAmUXAxE9Ewk9QB5GT0RcWVBWCFNVBD0QFA8PTWpNVBJFSkNYQUQhCkxHdVYIX3smQicXABBLdwgRJUJaFxAhVkMiSlZPQyMCGSURABIRJA0Va18yQUAyCkNGT0RcWVBWCFNVBD0QFA8PTWpNVBJFSj4MEEZZRBl3VUQTQ1wFLgwDCgh2Q1xDDVBAQTAGCgILXGZJSDJZVhYRQwAKFVpaT1QTSGYRAwQBQ0QVF1hSFVhPBD0QFA8PTWpNVBJFSkNYQUQhCkxHdVYIX3smQicXABBLdwsRM19qERswDENEFRdYUhVYTwQ9EBQPD01qTVQSRUo%2BDBBGWUQZd1VEE0NcBS4MAwoIdkNcQw1QQEEwBgoCC1xmSUgyWVYWEUMAChVaWk9UE0hmEQMEAUNEREg%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1134&ck=1&ref=https://chaturbate.com/tours/3/&ap=86&be=538&fe=926&dc=772&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662670439908,%22n%22:0,%22r%22:0,%22re%22:176,%22f%22:176,%22dn%22:176,%22dne%22:176,%22c%22:176,%22s%22:176,%22ce%22:176,%22rq%22:178,%22rp%22:433,%22rpe%22:435,%22dl%22:519,%22di%22:767,%22ds%22:771,%22de%22:777,%22dc%22:925,%22l%22:925,%22le%22:926%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=791&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIOVAACBVIBB1YABlZXDhh4Yy8TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbE1xVAwcFBV9YGF0GVAkUVQBbXU4HXwBdHABTCFRaUVdRAwkDXxNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEZaWQBFFw8HF0tBShtHXEAUVEoVPQ4BFw5WURsLQ3Z8NUBPRhMfTV1WXz5HXBMRCgsNRAMXCh9WExVDFwI7BwNPXFpUPldYDAsPHUFcG3pNWQRDG01AFgU8AlxDUFIEbk0YEgZGWURdUEpaFV5JQ05BEQI5VkZmVwBcUA0bQV5BKlBbTElDHRsUAzwLEDlPUEtCCF5XQ1hBRk9ETFRmUxNeThIHETsFB1RcVUhDCxsnCxEBBQlBFxUTFFBmAxAMExADS2pPVBNCUA4MQV5BXw8bCRNNE0wAPRAQEQ9XUhsLQ3xWGwsPCAJJDBsJEUlpCFBZQygKCExNGUlZB2ZXVlhEERADDA8fURgZJgcADwxJCwUIAVEACVBCJQ0RA19aQR5YBxdRQE9GBA9NalpeDFxQFUBZRlNRCgcNBAIDCQNVU0ZPRElUS1AMQhtbQBg4QRJWQEttQwsZPUAbVTECZRcVET0TWgAPEwUKAVdpGwtBbRsVAywXITobGRltQ1JlQ1hDOEFXZRcVET0TST1AWUQ/RAlpGx1BbRsGBw0ABhRlFwMRPRNfPUBPRD9EXVxKUANdXD4RDBENAmUXAxE9Ewk9QB5GT0RcWVBWCFNVBD0QFA8PTWpNVBJFSkNYQUQhCkxHdVYIX3smQicXABBLdwgRJUJaFxAhVkMiSlZPQyMCGSURABIRJA0Va18yQUAyCkNGT0RcWVBWCFNVBD0QFA8PTWpNVBJFSj4MEEZZRBl3VUQTQ1wFLgwDCgh2Q1xDDVBAQTAGCgILXGZJSDJZVhYRQwAKFVpaT1QTSGYRAwQBQ0QVF1hSFVhPBD0QFA8PTWpNVBJFSkNYQUQhCkxHdVYIX3smQicXABBLdwsRM19qERswDENEFRdYUhVYTwQ9EBQPD01qTVQSRUo%2BDBBGWUQZd1VEE0NcBS4MAwoIdkNcQw1QQEEwBgoCC1xmSUgyWVYWEUMAChVaWk9UE0hmEQMEAUNEREg%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1134&ck=1&ref=https://chaturbate.com/tours/3/&ap=86&be=538&fe=926&dc=772&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662670439908,%22n%22:0,%22r%22:0,%22re%22:176,%22f%22:176,%22dn%22:176,%22dne%22:176,%22c%22:176,%22s%22:176,%22ce%22:176,%22rq%22:178,%22rp%22:433,%22rpe%22:435,%22dl%22:519,%22di%22:767,%22ds%22:771,%22de%22:777,%22dc%22:925,%22l%22:925,%22le%22:926%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=791&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIOVAACBVIBB1YABlZXDhh4Yy8TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbE1xVAwcFBV9YGF0GVAkUVQBbXU4HXwBdHABTCFRaUVdRAwkDXxNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEZaWQBFFw8HF0tBShtHXEAUVEoVPQ4BFw5WURsLQ3Z8NUBPRhMfTV1WXz5HXBMRCgsNRAMXCh9WExVDFwI7BwNPXFpUPldYDAsPHUFcG3pNWQRDG01AFgU8AlxDUFIEbk0YEgZGWURdUEpaFV5JQ05BEQI5VkZmVwBcUA0bQV5BKlBbTElDHRsUAzwLEDlPUEtCCF5XQ1hBRk9ETFRmUxNeThIHETsFB1RcVUhDCxsnCxEBBQlBFxUTFFBmAxAMExADS2pPVBNCUA4MQV5BXw8bCRNNE0wAPRAQEQ9XUhsLQ3xWGwsPCAJJDBsJEUlpCFBZQygKCExNGUlZB2ZXVlhEERADDA8fURgZJgcADwxJCwUIAVEACVBCJQ0RA19aQR5YBxdRQE9GBA9NalpeDFxQFUBZRlNRCgcNBAIDCQNVU0ZPRElUS1AMQhtbQBg4QRJWQEttQwsZPUAbVTECZRcVET0TWgAPEwUKAVdpGwtBbRsVAywXITobGRltQ1JlQ1hDOEFXZRcVET0TST1AWUQ/RAlpGx1BbRsGBw0ABhRlFwMRPRNfPUBPRD9EXVxKUANdXD4RDBENAmUXAxE9Ewk9QB5GT0RcWVBWCFNVBD0QFA8PTWpNVBJFSkNYQUQhCkxHdVYIX3smQicXABBLdwgRJUJaFxAhVkMiSlZPQyMCGSURABIRJA0Va18yQUAyCkNGT0RcWVBWCFNVBD0QFA8PTWpNVBJFSj4MEEZZRBl3VUQTQ1wFLgwDCgh2Q1xDDVBAQTAGCgILXGZJSDJZVhYRQwAKFVpaT1QTSGYRAwQBQ0QVF1hSFVhPBD0QFA8PTWpNVBJFSkNYQUQhCkxHdVYIX3smQicXABBLdwsRM19qERswDENEFRdYUhVYTwQ9EBQPD01qTVQSRUo%2BDBBGWUQZd1VEE0NcBS4MAwoIdkNcQw1QQEEwBgoCC1xmSUgyWVYWEUMAChVaWk9UE0hmEQMEAUNEREg%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:09 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 747a93e2afaffac4-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=466fb81c914553fa; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
m.sancdn.net/jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js
69.16.175.10200 OK 20 kB URL HTTP/1.1 m.sancdn.net/jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js
IP 69.16.175.10:0
File type HTML document, ASCII text, with very long lines (14756)
Hash 70d492eca4141bdd1452977dd893dd63
9cd9504b3afdeca86a03251591e1afab36ae2c57
ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260
GET /jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js HTTP/1.1
Host: m.sancdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:09 GMT
Connection: Keep-Alive
ETag: "1367368554"
Cache-Control: max-age=86400
Content-Length: 19484
Content-Type: application/javascript
Last-Modified: Wed, 01 May 2013 00:35:54 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1662670449.dop210.sk1.t,1662670449.cds227.sk1.shn,1662670449.dop210.sk1.t,1662670449.cds026.sk1.c
m.sancdn.net/common/videojs/videojs-411.js
69.16.175.10200 OK 71 kB URL HTTP/1.1 m.sancdn.net/common/videojs/videojs-411.js
IP 69.16.175.10:0
Hash ac13ba70653e34ad4205c5c5ca551cd5
89145edb2e6373c841409a14bf86b2bf9e2204b4
dbd03e646ca7a9f3c09a7fbaf91be2c19b362590a541dc701df44be48a43aaa4
GET /common/videojs/videojs-411.js HTTP/1.1
Host: m.sancdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:09 GMT
Connection: Keep-Alive
ETag: "1448403647"
Cache-Control: max-age=86400
Content-Length: 71023
Content-Type: application/javascript
Last-Modified: Tue, 24 Nov 2015 22:20:47 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1662670449.dop210.sk1.t,1662670449.cds227.sk1.shn,1662670449.dop210.sk1.t,1662670449.cds026.sk1.c
m.sancdn.net/common/videojs/videojs.min-original-v2.css
69.16.175.10200 OK 12 kB URL HTTP/1.1 m.sancdn.net/common/videojs/videojs.min-original-v2.css
IP 69.16.175.10:0
File type ASCII text, with very long lines (11336)
Hash 4b6813504d31e3b11655aafacf165db4
96517f0033bd59f277cd2eefa7d088ae6ff82dad
063b4a568733054fea7f238a10b384170ce29c136d3194feed44d8c8b451f55d
GET /common/videojs/videojs.min-original-v2.css HTTP/1.1
Host: m.sancdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:09 GMT
Connection: Keep-Alive
ETag: "1385146323"
Cache-Control: max-age=86400
Content-Length: 11451
Content-Type: text/css
Last-Modified: Fri, 22 Nov 2013 18:52:03 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1662670449.dop219.sk1.shc,1662670449.dop219.sk1.t,1662670449.cds018.sk1.c
static-assets.highwebmedia.com/CACHE/js/output.09a0bf741d47.js
104.16.93.42200 OK 55 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.09a0bf741d47.js
IP 104.16.93.42:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 6771dd1d8a6cd0da4c9e1fe49ee3831c
78acec0ca3576ceb3b75ba968d163daf86fcf0f6
1e4735581c8329c5777a3d3876bc7604db880c8d09e9945aeda88b1541b25d40
GET /CACHE/js/output.09a0bf741d47.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"bb81bca2482741d6c4dcf148cb33a79d"
last-modified: Wed, 17 Aug 2022 00:26:59 GMT
x-amz-id-2: 3dz298/kgeP1Pq/aBz8wop8Gas15qR9oG1wjU5FgYthy7g6Z9MZpPydhaAydlHaKkHGU8KIJbDw=
x-amz-meta-s3cmd-attrs: md5:bb81bca2482741d6c4dcf148cb33a79d
x-amz-request-id: RGGA1ZRYYYSSRXHH
cf-cache-status: HIT
age: 1974236
expires: Sat, 08 Oct 2022 20:54:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2IIHgeJyeV9sNEkTVAxYMiTFqrj0QYSPuso1pzSgUyDFuOZioKYvuReWG2tSLapjaXpOdaKG4oYJTZzKN7H16iHplExCYYGofoQ2jNZR%2FGcu%2FbUtBeExVeQ2moYdgOSJXBb3Tec1bZlQOgPtCEq4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=HwNkjADEEBnXICh1JspPsV.Pjflhf2Ct328BngX.A.s-1662670448505-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747a93df0f05b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.17230248559715922
131.153.88.94200 OK 26 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.17230248559715922
IP 131.153.88.94:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash de856a0357a6814619115ff142409f13
3fa99004b00dd38ecad8a78534701d5c8f7b055b
bc2d8915d57d297abe6242600c1f08610688b8a78f0453e6c313c685e464157e
GET /stream?room=stacimarierose&f=0.17230248559715922 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=A_p2RKDNl0WBde1_vZrUqt7OTHnSq0TS2JF1yrBiGis-1662670448536-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:09 GMT
content-type: image/jpeg
content-length: 25821
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
as.sexad.net/px.gif?stno=3-937-fap247.com-0-5104-0-0-3001-5671-3&p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286&cam=0&adv=0&ctry=NO&lang=en&dev=Other
216.127.52.242200 35 B URL HTTP/1.1 as.sexad.net/px.gif?stno=3-937-fap247.com-0-5104-0-0-3001-5671-3&p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286&cam=0&adv=0&ctry=NO&lang=en&dev=Other
IP 216.127.52.242:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 729c3007a8ed0597531b0c76d54a94bb
90fe9b8a8142548fdfab29f59cb0a164a0eaef81
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
GET /px.gif?stno=3-937-fap247.com-0-5104-0-0-3001-5671-3&p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286&cam=0&adv=0&ctry=NO&lang=en&dev=Other HTTP/1.1
Host: as.sexad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/as/if?p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286
Cookie: iid=3789-1662670448
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx/1.18.0
Date: Thu, 08 Sep 2022 20:54:09 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Access-Control-Allow-Origin: *
Set-Cookie: ust=1662670449; expires=Sun, 05-Sep-2032 20:54:09 GMT; Max-Age=315360000; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
pt-static1.ptlwmstc.com/npe/image/smilies_ex.png
93.93.51.200200 OK 8.5 kB URL HTTP/2 pt-static1.ptlwmstc.com/npe/image/smilies_ex.png
IP 93.93.51.200:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type PNG image data, 536 x 138, 8-bit colormap, non-interlaced\012- data
Hash 53fc00ebf44066190d5faea2a7931e7c
21178ac1ffb10f958d26d17a0fe49d5d31a00720
63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c
GET /npe/image/smilies_ex.png HTTP/1.1
Host: pt-static1.ptlwmstc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:09 GMT
content-type: image/png
content-length: 8533
last-modified: Wed, 03 Aug 2022 06:46:21 GMT
etag: "62ea19bd-2155"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
m.sancdn.net/common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0
69.16.175.10200 OK 57 kB URL HTTP/1.1 m.sancdn.net/common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0
IP 69.16.175.10:0
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: m.sancdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://as.sexad.net
Connection: keep-alive
Referer: https://m.sancdn.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:09 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 56780
Content-Type: application/octet-stream
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1662670449.dop026.sk1.t,1662670449.cds232.sk1.shn,1662670449.cds232.sk1.c
cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.17962678204286142
131.153.88.94200 OK 26 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.17962678204286142
IP 131.153.88.94:0
ASN #50389 Phoenix Nap, LLC.
Hash 6196a414e49418acc0466ffb3739f2fd
6cd3fb8ee6c0d3ed8b209e1c29f2abe22313bff2
9200c8538b8bb1a8bf9ad530bd3c44b9e5507242640923f76cb6ca57db98c163
GET /stream?room=stacimarierose&f=0.17962678204286142 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=A_p2RKDNl0WBde1_vZrUqt7OTHnSq0TS2JF1yrBiGis-1662670448536-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:09 GMT
content-type: image/jpeg
content-length: 25684
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
galleryn13.awemdia.com/ff268cab8d9fbae1ed7506f97496274f14/4b720651f2b406bc82865bf95fefae65_glamour_896x504.jpg
93.93.51.190200 OK 60 kB URL HTTP/2 galleryn13.awemdia.com/ff268cab8d9fbae1ed7506f97496274f14/4b720651f2b406bc82865bf95fefae65_glamour_896x504.jpg
IP 93.93.51.190:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Hash 86f12d2f1f4c24ad39cf6f80387162d1
beea381252607457fdd92204135166246abeac7a
cb2aaa3342c4043655339e91b6db9bd93840bc42107557909e474d875726f8c9
GET /ff268cab8d9fbae1ed7506f97496274f14/4b720651f2b406bc82865bf95fefae65_glamour_896x504.jpg HTTP/1.1
Host: galleryn13.awemdia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:09 GMT
content-type: image/jpeg
content-length: 59509
last-modified: Mon, 25 Apr 2022 21:23:57 GMT
etag: "86f12d2f1f4c24ad39cf6f80387162d1"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Thu, 22 Sep 2022 20:54:09 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.wmptctl.com/nZpsX/mI6.gif?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
93.93.51.191200 OK 43 B URL HTTP/2 pt.wmptctl.com/nZpsX/mI6.gif?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
IP 93.93.51.191:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /nZpsX/mI6.gif?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net HTTP/1.1
Host: pt.wmptctl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:09 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Sat, 08-Oct-22 20:54:09 GMT; SameSite=None; Secure
expires: Thu, 08 Sep 2022 20:54:08 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ae0b833d1f684e870b61805a700e215c
915b49ef3e8103a5d070006ec099a6c2763bf014
02cb3d219b96e4ab592e3844e5e9ac662796292224974eb2b02aa7a4a52bc4a7
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 08:56:04 GMT
Expires: Mon, 12 Sep 2022 08:56:03 GMT
Etag: "915b49ef3e8103a5d070006ec099a6c2763bf014"
Cache-Control: max-age=602294,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1538
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747a93e7c9b20af6-OSL
cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.007728177828940863
131.153.88.94200 OK 26 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.007728177828940863
IP 131.153.88.94:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 56666828d740ef0eb1916610d509d3a5
c174fd81df0a644817626af0b359719d97464b7f
b65f911b6320668f232b7835417ee11c051b6e72361b24130aa541e64f74ee5a
GET /stream?room=stacimarierose&f=0.007728177828940863 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=A_p2RKDNl0WBde1_vZrUqt7OTHnSq0TS2JF1yrBiGis-1662670448536-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:09 GMT
content-type: image/jpeg
content-length: 26043
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 3.5 kB URL HTTP/2 a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 87d335e8882f9ba71478e9a430746d1c
b3a41ad80476b18beaacc9cbf733b615eefe3e53
7cf3acebaea6107eb9d39f608a73809aa9271dad246f7457404bb4db188ee10b
GET /api/spots/312873?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=rHhgmVqwsfBvBkVUDoky
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
galleryn13.awemdia.com/ff268cab8d9fbae1ed7506f97496274f18/8192b749f96995fcb7057cf61097cb60_glamour_896x504.jpg
93.93.51.190200 OK 57 kB URL HTTP/2 galleryn13.awemdia.com/ff268cab8d9fbae1ed7506f97496274f18/8192b749f96995fcb7057cf61097cb60_glamour_896x504.jpg
IP 93.93.51.190:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Hash 6948c58abe83f8fb28fc32017ae9efa0
4579cab09ae2f70d404c4534ac570bedd36bb062
54b4a385abf697f0d0acadb0fd4aea5e6fa325a1977c759dff5fb7000e7784c8
GET /ff268cab8d9fbae1ed7506f97496274f18/8192b749f96995fcb7057cf61097cb60_glamour_896x504.jpg HTTP/1.1
Host: galleryn13.awemdia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:09 GMT
content-type: image/jpeg
content-length: 56860
last-modified: Thu, 01 Sep 2022 05:12:17 GMT
etag: "6948c58abe83f8fb28fc32017ae9efa0"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Thu, 22 Sep 2022 20:54:09 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
bcprm.com/promo.php?type=direct_link&v=2&c=401977&amute=1&page=popular_chat
185.75.254.28302 Found 138 B URL HTTP/2 bcprm.com/promo.php?type=direct_link&v=2&c=401977&amute=1&page=popular_chat
IP 185.75.254.28:0
ASN #48684 Viking Host B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /promo.php?type=direct_link&v=2&c=401977&amute=1&page=popular_chat HTTP/1.1
Host: bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin:
location: https://bongacams.com/track?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
expires: Thu, 08 Sep 2022 20:54:10 GMT
x-bcs: ded7384
strict-transport-security: max-age=0;
cache-control: no-cache, public
x-bc-bl: 105
X-Firefox-Spdy: h2
galleryn13.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1f/f373a357d7d55a7e5fceed1e30d20772_glamour_896x504.jpg
93.93.51.190200 OK 46 kB URL HTTP/2 galleryn13.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1f/f373a357d7d55a7e5fceed1e30d20772_glamour_896x504.jpg
IP 93.93.51.190:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Hash 9068ce85c4e81b15faad18eb60602145
afb73bc8417f9d3a58bce5c54c62570f737a3c39
1bab2414f97de85b4e576d2b3236437ed0b80bf65b9dc1ca909e4b853fdfbfd4
GET /ff268cab8d9fbae1ed7506f97496274f1f/f373a357d7d55a7e5fceed1e30d20772_glamour_896x504.jpg HTTP/1.1
Host: galleryn13.awemdia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:10 GMT
content-type: image/jpeg
content-length: 46162
last-modified: Tue, 30 Aug 2022 23:16:04 GMT
etag: "9068ce85c4e81b15faad18eb60602145"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Thu, 22 Sep 2022 20:54:10 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.1737943977348505
131.153.88.94200 OK 25 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.1737943977348505
IP 131.153.88.94:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 3bdd0aa91aa8f1738257bae31394eb03
ffee04c84db44e404cdcd67afa0174ba9aedb861
fdaf25c916fa543b342b58fc4cde3e2ee26ba20a2ff2f587c700a14a8940a7a3
GET /stream?room=stacimarierose&f=0.1737943977348505 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=A_p2RKDNl0WBde1_vZrUqt7OTHnSq0TS2JF1yrBiGis-1662670448536-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:10 GMT
content-type: image/jpeg
content-length: 25446
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 96d3c30d7fa77c02899be1b23c9036a6
66170860f88120c876f3c6806d0d2b4c32276744
93fb735e976f8eab64ce8dff7feee2862d5a587fcbec58630d14132d76db9aaa
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 03:56:30 GMT
Expires: Wed, 14 Sep 2022 03:56:29 GMT
Etag: "66170860f88120c876f3c6806d0d2b4c32276744"
Cache-Control: max-age=602585,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 311
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747a93e94be80af6-OSL
bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2463&ck=1&ref=https://chaturbate.com/embed/stacimarierose/&ap=130&be=921&fe=2233&dc=1533&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662670439478,%22n%22:0,%22r%22:0,%22re%22:482,%22f%22:482,%22dn%22:482,%22dne%22:482,%22c%22:482,%22s%22:482,%22ce%22:482,%22rq%22:484,%22rp%22:773,%22rpe%22:776,%22dl%22:879,%22di%22:1501,%22ds%22:1533,%22de%22:1542,%22dc%22:2232,%22l%22:2232,%22le%22:2234%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fcp=2001&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIOVAACBVNbBFJWBlZXDhh4Yy8TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFkIVUFoIDwIWCgNLWkpUThMVQxUPOwsJSkEbC0NSUQAWFhYBB01QF1IOXBtNQBANFwNmXF0TWwAVQxEKEAY5XVpUUAhfG1tAAAwCEkxHW1AVVBcCDQ5GT0RLUEhEBEJNPgoMFxdEAxdaWQBFTBMAAhAGSFpaVBNNE1sTDRQXBhRmXF0TWxNfVQMHUFVeDRhYA1MJFFVVU11OBAhTDxxRUABWVQZRUQQMUwoTTRNLBAQGFgYUGw8bWRVFSRJYTEsCSFRQXVcOXl0SAwUBFx8XVlZcThMVQxAGFRYDSkFmXARFUQ4GQV5BIXxhGx1DQUAVCgwKPBBcR0pYDl8bW0BQSlREFRdMUD5VXBcLAAE8AFhYUF0YEwNDLRcMBhQbGRtEAG5dBBQKBwY5TUxJVEMLGwUHEA8XCUkXFRMUUGYOETwCAgtQWUATWxN1CAwWHEFKG0BYbg5CZhcHERcKCVcXAxNDHRsUAzwGEQlORlxDPldYDAsPHUFcG3NQQwRXVhlAT0YWB2ZXS14WQlwTPRUBERVQWlcTWxMAV0xTRk9ETFRmQhVDUA8FQV5BK1ZPUF0NUBZUTFNESz4IBAIRLVhXFBpDHFtQZgMNCkFDT1tbVUpTTxlyXFIKXhZTUlJUU1cJBBl3CENcBw0bS1pQFwUbHUNWUBU9AAsOC1BBGwtDAQ5SUFdRAFQJVw4BQx0bEQMRBQ4VGw8bSj0TUw4LDTsMEFxHVVAYbRtbQj9GUjobGRltQ0VWFBA/RllGZRddZQwBZUNOQzhBBVhYSVAIVlc9QFlEP0RNVHZCI20bTUI/RgcPSlRbXQRuSg4XDQA/RAMVZRNQbRtNQj9GDglbXFVUM1RdCBAGBxc6Gw8ZbUNQTBUNP0ZPRmUXXFwDVF0%2BFAoABglmWlddGG0bW0I/RlI6GxkZbUNFWBMFBhA/RAMVZRM%2BU1UADAg4QRsbGRtUDVheCAAPATwVSVlQRT5FXBIWEEZZRBl3VUQTfV4IDCEjQyJKVk9DIwAZJREAEhEkCxV9QgJHSyNRQyAQBU9HewVBY1cyEho3C0YbGRtUDVheCAAPATwVSVlQRT5FXBIWEDsNFRsPGxEjXUwTEAYALwleXFd%2BF1RLDQMaRDEDV1RUVDJBQDIKDBMQRl1cSlIOR1wTGzwUAgFcFRsdQ1BaFQsVATwVSVlQRT5FXBIWEEZZRBl3VUQTfV4IDCEjQyJKVk9DIwUZQ05BBQASUENcbhJBVQgWPBAGFU1GZl8SEwNDQiEIFhRLUF19DlZQDy0VAREKWEwZVQhCWg4UBhYaOUlUXlRBExVDAQIJPBJYUhsLQ0FMAw4KB0FKG1ZWXQ5DZgwNBwFBXBtZUFYJRVQOBgZGT0RLWlZcPkJNABYWF0FcG1lQRwQTRBw%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 22 kB URL HTTP/1.1 bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2463&ck=1&ref=https://chaturbate.com/embed/stacimarierose/&ap=130&be=921&fe=2233&dc=1533&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662670439478,%22n%22:0,%22r%22:0,%22re%22:482,%22f%22:482,%22dn%22:482,%22dne%22:482,%22c%22:482,%22s%22:482,%22ce%22:482,%22rq%22:484,%22rp%22:773,%22rpe%22:776,%22dl%22:879,%22di%22:1501,%22ds%22:1533,%22de%22:1542,%22dc%22:2232,%22l%22:2232,%22le%22:2234%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fcp=2001&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIOVAACBVNbBFJWBlZXDhh4Yy8TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFkIVUFoIDwIWCgNLWkpUThMVQxUPOwsJSkEbC0NSUQAWFhYBB01QF1IOXBtNQBANFwNmXF0TWwAVQxEKEAY5XVpUUAhfG1tAAAwCEkxHW1AVVBcCDQ5GT0RLUEhEBEJNPgoMFxdEAxdaWQBFTBMAAhAGSFpaVBNNE1sTDRQXBhRmXF0TWxNfVQMHUFVeDRhYA1MJFFVVU11OBAhTDxxRUABWVQZRUQQMUwoTTRNLBAQGFgYUGw8bWRVFSRJYTEsCSFRQXVcOXl0SAwUBFx8XVlZcThMVQxAGFRYDSkFmXARFUQ4GQV5BIXxhGx1DQUAVCgwKPBBcR0pYDl8bW0BQSlREFRdMUD5VXBcLAAE8AFhYUF0YEwNDLRcMBhQbGRtEAG5dBBQKBwY5TUxJVEMLGwUHEA8XCUkXFRMUUGYOETwCAgtQWUATWxN1CAwWHEFKG0BYbg5CZhcHERcKCVcXAxNDHRsUAzwGEQlORlxDPldYDAsPHUFcG3NQQwRXVhlAT0YWB2ZXS14WQlwTPRUBERVQWlcTWxMAV0xTRk9ETFRmQhVDUA8FQV5BK1ZPUF0NUBZUTFNESz4IBAIRLVhXFBpDHFtQZgMNCkFDT1tbVUpTTxlyXFIKXhZTUlJUU1cJBBl3CENcBw0bS1pQFwUbHUNWUBU9AAsOC1BBGwtDAQ5SUFdRAFQJVw4BQx0bEQMRBQ4VGw8bSj0TUw4LDTsMEFxHVVAYbRtbQj9GUjobGRltQ0VWFBA/RllGZRddZQwBZUNOQzhBBVhYSVAIVlc9QFlEP0RNVHZCI20bTUI/RgcPSlRbXQRuSg4XDQA/RAMVZRNQbRtNQj9GDglbXFVUM1RdCBAGBxc6Gw8ZbUNQTBUNP0ZPRmUXXFwDVF0%2BFAoABglmWlddGG0bW0I/RlI6GxkZbUNFWBMFBhA/RAMVZRM%2BU1UADAg4QRsbGRtUDVheCAAPATwVSVlQRT5FXBIWEEZZRBl3VUQTfV4IDCEjQyJKVk9DIwAZJREAEhEkCxV9QgJHSyNRQyAQBU9HewVBY1cyEho3C0YbGRtUDVheCAAPATwVSVlQRT5FXBIWEDsNFRsPGxEjXUwTEAYALwleXFd%2BF1RLDQMaRDEDV1RUVDJBQDIKDBMQRl1cSlIOR1wTGzwUAgFcFRsdQ1BaFQsVATwVSVlQRT5FXBIWEEZZRBl3VUQTfV4IDCEjQyJKVk9DIwUZQ05BBQASUENcbhJBVQgWPBAGFU1GZl8SEwNDQiEIFhRLUF19DlZQDy0VAREKWEwZVQhCWg4UBhYaOUlUXlRBExVDAQIJPBJYUhsLQ0FMAw4KB0FKG1ZWXQ5DZgwNBwFBXBtZUFYJRVQOBgZGT0RLWlZcPkJNABYWF0FcG1lQRwQTRBw%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
Hash ddcac251c6691c3005b09e089d107dc6
41279ae26203a2d1dfc55fc547f0b530d5eca7b4
5fda437f08d84dab993b19dcbd554d1131fea86ffe0de49f4f27f33e88c09ba5
GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2463&ck=1&ref=https://chaturbate.com/embed/stacimarierose/&ap=130&be=921&fe=2233&dc=1533&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662670439478,%22n%22:0,%22r%22:0,%22re%22:482,%22f%22:482,%22dn%22:482,%22dne%22:482,%22c%22:482,%22s%22:482,%22ce%22:482,%22rq%22:484,%22rp%22:773,%22rpe%22:776,%22dl%22:879,%22di%22:1501,%22ds%22:1533,%22de%22:1542,%22dc%22:2232,%22l%22:2232,%22le%22:2234%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fcp=2001&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIOVAACBVNbBFJWBlZXDhh4Yy8TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFkIVUFoIDwIWCgNLWkpUThMVQxUPOwsJSkEbC0NSUQAWFhYBB01QF1IOXBtNQBANFwNmXF0TWwAVQxEKEAY5XVpUUAhfG1tAAAwCEkxHW1AVVBcCDQ5GT0RLUEhEBEJNPgoMFxdEAxdaWQBFTBMAAhAGSFpaVBNNE1sTDRQXBhRmXF0TWxNfVQMHUFVeDRhYA1MJFFVVU11OBAhTDxxRUABWVQZRUQQMUwoTTRNLBAQGFgYUGw8bWRVFSRJYTEsCSFRQXVcOXl0SAwUBFx8XVlZcThMVQxAGFRYDSkFmXARFUQ4GQV5BIXxhGx1DQUAVCgwKPBBcR0pYDl8bW0BQSlREFRdMUD5VXBcLAAE8AFhYUF0YEwNDLRcMBhQbGRtEAG5dBBQKBwY5TUxJVEMLGwUHEA8XCUkXFRMUUGYOETwCAgtQWUATWxN1CAwWHEFKG0BYbg5CZhcHERcKCVcXAxNDHRsUAzwGEQlORlxDPldYDAsPHUFcG3NQQwRXVhlAT0YWB2ZXS14WQlwTPRUBERVQWlcTWxMAV0xTRk9ETFRmQhVDUA8FQV5BK1ZPUF0NUBZUTFNESz4IBAIRLVhXFBpDHFtQZgMNCkFDT1tbVUpTTxlyXFIKXhZTUlJUU1cJBBl3CENcBw0bS1pQFwUbHUNWUBU9AAsOC1BBGwtDAQ5SUFdRAFQJVw4BQx0bEQMRBQ4VGw8bSj0TUw4LDTsMEFxHVVAYbRtbQj9GUjobGRltQ0VWFBA/RllGZRddZQwBZUNOQzhBBVhYSVAIVlc9QFlEP0RNVHZCI20bTUI/RgcPSlRbXQRuSg4XDQA/RAMVZRNQbRtNQj9GDglbXFVUM1RdCBAGBxc6Gw8ZbUNQTBUNP0ZPRmUXXFwDVF0%2BFAoABglmWlddGG0bW0I/RlI6GxkZbUNFWBMFBhA/RAMVZRM%2BU1UADAg4QRsbGRtUDVheCAAPATwVSVlQRT5FXBIWEEZZRBl3VUQTfV4IDCEjQyJKVk9DIwAZJREAEhEkCxV9QgJHSyNRQyAQBU9HewVBY1cyEho3C0YbGRtUDVheCAAPATwVSVlQRT5FXBIWEDsNFRsPGxEjXUwTEAYALwleXFd%2BF1RLDQMaRDEDV1RUVDJBQDIKDBMQRl1cSlIOR1wTGzwUAgFcFRsdQ1BaFQsVATwVSVlQRT5FXBIWEEZZRBl3VUQTfV4IDCEjQyJKVk9DIwUZQ05BBQASUENcbhJBVQgWPBAGFU1GZl8SEwNDQiEIFhRLUF19DlZQDy0VAREKWEwZVQhCWg4UBhYaOUlUXlRBExVDAQIJPBJYUhsLQ0FMAw4KB0FKG1ZWXQ5DZgwNBwFBXBtZUFYJRVQOBgZGT0RLWlZcPkJNABYWF0FcG1lQRwQTRBw%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:10 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 747a93e86bc0fac4-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=e7141040529f3ffe; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
m1.nsimg.net//media/9/9/2/9925300.jpg
207.178.0.89200 OK 20 kB URL HTTP/1.1 m1.nsimg.net//media/9/9/2/9925300.jpg
IP 207.178.0.89:0
Hash 71cde969d68b9519bb262c70252dcdc3
9ae5e8bab59b3e89a54158090f8375ff564612f6
4a8f1867b518868af7509d9875a593bd49eae63501f2158cb603ff7f39b91010
GET //media/9/9/2/9925300.jpg HTTP/1.1
Host: m1.nsimg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 20:54:09 GMT
Content-Type: image/jpeg
Content-Length: 20129
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 23:59:10 GMT
ETag: "5f5abdce-4ea1"
Expires: Fri, 30 Jun 2023 21:55:16 GMT
Cache-Control: max-age=31536000
X-Varnish: 220789506 24662
Age: 6038407
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=2191&ck=1&ref=https://chaturbate.com/tours/3/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=2191&ck=1&ref=https://chaturbate.com/tours/3/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=2191&ck=1&ref=https://chaturbate.com/tours/3/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 2046
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:10 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 747a93e93d42b4f9-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.9484670867485702
131.153.88.94200 OK 26 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.9484670867485702
IP 131.153.88.94:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash d4ebc000e52cac5b0f504ebc6d0c7fb5
34117c81e58c5b959e64fcfd65097203cc647716
a50bc25dd5dbc77bc2f6846901429299d203bcb4c252bc70eeb86e01c8577e8f
GET /stream?room=stacimarierose&f=0.9484670867485702 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=A_p2RKDNl0WBde1_vZrUqt7OTHnSq0TS2JF1yrBiGis-1662670448536-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:10 GMT
content-type: image/jpeg
content-length: 25610
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=8615423766568306
54.230.111.84204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=8615423766568306
IP 54.230.111.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /keys/KSKw2g.L36ISg/requestToken?rnd=8615423766568306 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: ably-agent,content-type,x-ably-version
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Content-Length,Accept,Authorization,X-Ably-Version,X-Ably-Lib,X-Ably-ClientId,Ably-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://chaturbate.com
access-control-max-age: 3600
date: Thu, 08 Sep 2022 20:54:10 GMT
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D87M1Y019ctGEBdnjUI8lt-f-JBp10VVVY_eNWidKSmo2yvZVWt2HQ==
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.11816483325680827
131.153.88.94200 OK 26 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.11816483325680827
IP 131.153.88.94:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 71dc43182c84780e1e533c118b762b46
cbf251d71707632e9ae327276b93b3bb22c09601
a6d3a44277b8dfbc6540c5d18d711121b581f7d4ce105cdd756969b3e0b25df8
GET /stream?room=stacimarierose&f=0.11816483325680827 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=A_p2RKDNl0WBde1_vZrUqt7OTHnSq0TS2JF1yrBiGis-1662670448536-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:10 GMT
content-type: image/jpeg
content-length: 25620
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
bam.nr-data.net/ins/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2965&ck=1&ref=https://chaturbate.com/embed/stacimarierose/&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIOVAACBVNbBFJWBlZXDhh4Yy8TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFkIVUFoIDwIWCgNLWkpUThMVQxUPOwsJSkEbC0NSUQAWFhYBB01QF1IOXBtNQBANFwNmXF0TWwAVQxEKEAY5XVpUUAhfG1tAAAwCEkxHW1AVVBcCDQ5GT0RLUEhEBEJNPgoMFxdEAxdaWQBFTBMAAhAGSFpaVBNNE1sTDRQXBhRmXF0TWxNfVQMHUFVeDRhYA1MJFFVVU11OBAhTDxxRUABWVQZRUQQMUwoTTRNLBAQGFgYUGw8bWRVFSRJYTEsCSFRQXVcOXl0SAwUBFx8XVlZcThMVQxAGFRYDSkFmXARFUQ4GQV5BIXxhGx1DQUAVCgwKPBBcR0pYDl8bW0BQSlREFRdMUD5VXBcLAAE8AFhYUF0YEwNDLRcMBhQbGRtEAG5dBBQKBwY5TUxJVEMLGwUHEA8XCUkXFRMUUGYOETwCAgtQWUATWxN1CAwWHEFKG0BYbg5CZhcHERcKCVcXAxNDHRsUAzwGEQlORlxDPldYDAsPHUFcG3NQQwRXVhlAT0YWB2ZXS14WQlwTPRUBERVQWlcTWxMAV0xTRk9ETFRmQhVDUA8FQV5BK1ZPUF0NUBZUTFNESz4IBAIRLVhXFBpDHFtQZgMNCkFDT1tbVUpTTxlyXFIKXhZTUlJUU1cJBBl3CENcBw0bS1pQFwUbHUNWUBU9AAsOC1BBGwtDAQ5SUFdRAFQJVw4BQx0bEQMRBQ4VGw8bSj0TUw4LDTsMEFxHVVAYbRtbQj9GUjobGRltQ0VWFBA/RllGZRddZQwBZUNOQzhBBVhYSVAIVlc9QFlEP0RNVHZCI20bTUI/RgcPSlRbXQRuSg4XDQA/RAMVZRNQbRtNQj9GDglbXFVUM1RdCBAGBxc6Gw8ZbUNQTBUNP0ZPRmUXXFwDVF0%2BFAoABglmWlddGG0bW0I/RlI6GxkZbUNFWBMFBhA/RAMVZRM%2BU1UADAg4QRsbGRtUDVheCAAPATwVSVlQRT5FXBIWEEZZRBl3VUQTfV4IDCEjQyJKVk9DIwAZJREAEhEkCxV9QgJHSyNRQyAQBU9HewVBY1cyEho3C0YbGRtUDVheCAAPATwVSVlQRT5FXBIWEDsNFRsPGxEjXUwTEAYALwleXFd%2BF1RLDQMaRDEDV1RUVDJBQDIKDBMQRl1cSlIOR1wTGzwUAgFcFRsdQ1BaFQsVATwVSVlQRT5FXBIWEEZZRBl3VUQTfV4IDCEjQyJKVk9DIwUZQ05BBQASUENcbhJBVQgWPBAGFU1GZl8SEwNDQiEIFhRLUF19DlZQDy0VAREKWEwZVQhCWg4UBhYaOUlUXlRBExVDAQIJPBJYUhsLQ0FMAw4KB0FKG1ZWXQ5DZgwNBwFBXBtZUFYJRVQOBgZGT0RLWlZcPkJNABYWF0FcG1lQRwQTRBw%3D
162.247.241.14204 No Content 0 B URL HTTP/1.1 bam.nr-data.net/ins/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2965&ck=1&ref=https://chaturbate.com/embed/stacimarierose/&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIOVAACBVNbBFJWBlZXDhh4Yy8TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFkIVUFoIDwIWCgNLWkpUThMVQxUPOwsJSkEbC0NSUQAWFhYBB01QF1IOXBtNQBANFwNmXF0TWwAVQxEKEAY5XVpUUAhfG1tAAAwCEkxHW1AVVBcCDQ5GT0RLUEhEBEJNPgoMFxdEAxdaWQBFTBMAAhAGSFpaVBNNE1sTDRQXBhRmXF0TWxNfVQMHUFVeDRhYA1MJFFVVU11OBAhTDxxRUABWVQZRUQQMUwoTTRNLBAQGFgYUGw8bWRVFSRJYTEsCSFRQXVcOXl0SAwUBFx8XVlZcThMVQxAGFRYDSkFmXARFUQ4GQV5BIXxhGx1DQUAVCgwKPBBcR0pYDl8bW0BQSlREFRdMUD5VXBcLAAE8AFhYUF0YEwNDLRcMBhQbGRtEAG5dBBQKBwY5TUxJVEMLGwUHEA8XCUkXFRMUUGYOETwCAgtQWUATWxN1CAwWHEFKG0BYbg5CZhcHERcKCVcXAxNDHRsUAzwGEQlORlxDPldYDAsPHUFcG3NQQwRXVhlAT0YWB2ZXS14WQlwTPRUBERVQWlcTWxMAV0xTRk9ETFRmQhVDUA8FQV5BK1ZPUF0NUBZUTFNESz4IBAIRLVhXFBpDHFtQZgMNCkFDT1tbVUpTTxlyXFIKXhZTUlJUU1cJBBl3CENcBw0bS1pQFwUbHUNWUBU9AAsOC1BBGwtDAQ5SUFdRAFQJVw4BQx0bEQMRBQ4VGw8bSj0TUw4LDTsMEFxHVVAYbRtbQj9GUjobGRltQ0VWFBA/RllGZRddZQwBZUNOQzhBBVhYSVAIVlc9QFlEP0RNVHZCI20bTUI/RgcPSlRbXQRuSg4XDQA/RAMVZRNQbRtNQj9GDglbXFVUM1RdCBAGBxc6Gw8ZbUNQTBUNP0ZPRmUXXFwDVF0%2BFAoABglmWlddGG0bW0I/RlI6GxkZbUNFWBMFBhA/RAMVZRM%2BU1UADAg4QRsbGRtUDVheCAAPATwVSVlQRT5FXBIWEEZZRBl3VUQTfV4IDCEjQyJKVk9DIwAZJREAEhEkCxV9QgJHSyNRQyAQBU9HewVBY1cyEho3C0YbGRtUDVheCAAPATwVSVlQRT5FXBIWEDsNFRsPGxEjXUwTEAYALwleXFd%2BF1RLDQMaRDEDV1RUVDJBQDIKDBMQRl1cSlIOR1wTGzwUAgFcFRsdQ1BaFQsVATwVSVlQRT5FXBIWEEZZRBl3VUQTfV4IDCEjQyJKVk9DIwUZQ05BBQASUENcbhJBVQgWPBAGFU1GZl8SEwNDQiEIFhRLUF19DlZQDy0VAREKWEwZVQhCWg4UBhYaOUlUXlRBExVDAQIJPBJYUhsLQ0FMAw4KB0FKG1ZWXQ5DZgwNBwFBXBtZUFYJRVQOBgZGT0RLWlZcPkJNABYWF0FcG1lQRwQTRBw%3D
IP 162.247.241.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ins/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2965&ck=1&ref=https://chaturbate.com/embed/stacimarierose/&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIOVAACBVNbBFJWBlZXDhh4Yy8TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFkIVUFoIDwIWCgNLWkpUThMVQxUPOwsJSkEbC0NSUQAWFhYBB01QF1IOXBtNQBANFwNmXF0TWwAVQxEKEAY5XVpUUAhfG1tAAAwCEkxHW1AVVBcCDQ5GT0RLUEhEBEJNPgoMFxdEAxdaWQBFTBMAAhAGSFpaVBNNE1sTDRQXBhRmXF0TWxNfVQMHUFVeDRhYA1MJFFVVU11OBAhTDxxRUABWVQZRUQQMUwoTTRNLBAQGFgYUGw8bWRVFSRJYTEsCSFRQXVcOXl0SAwUBFx8XVlZcThMVQxAGFRYDSkFmXARFUQ4GQV5BIXxhGx1DQUAVCgwKPBBcR0pYDl8bW0BQSlREFRdMUD5VXBcLAAE8AFhYUF0YEwNDLRcMBhQbGRtEAG5dBBQKBwY5TUxJVEMLGwUHEA8XCUkXFRMUUGYOETwCAgtQWUATWxN1CAwWHEFKG0BYbg5CZhcHERcKCVcXAxNDHRsUAzwGEQlORlxDPldYDAsPHUFcG3NQQwRXVhlAT0YWB2ZXS14WQlwTPRUBERVQWlcTWxMAV0xTRk9ETFRmQhVDUA8FQV5BK1ZPUF0NUBZUTFNESz4IBAIRLVhXFBpDHFtQZgMNCkFDT1tbVUpTTxlyXFIKXhZTUlJUU1cJBBl3CENcBw0bS1pQFwUbHUNWUBU9AAsOC1BBGwtDAQ5SUFdRAFQJVw4BQx0bEQMRBQ4VGw8bSj0TUw4LDTsMEFxHVVAYbRtbQj9GUjobGRltQ0VWFBA/RllGZRddZQwBZUNOQzhBBVhYSVAIVlc9QFlEP0RNVHZCI20bTUI/RgcPSlRbXQRuSg4XDQA/RAMVZRNQbRtNQj9GDglbXFVUM1RdCBAGBxc6Gw8ZbUNQTBUNP0ZPRmUXXFwDVF0%2BFAoABglmWlddGG0bW0I/RlI6GxkZbUNFWBMFBhA/RAMVZRM%2BU1UADAg4QRsbGRtUDVheCAAPATwVSVlQRT5FXBIWEEZZRBl3VUQTfV4IDCEjQyJKVk9DIwAZJREAEhEkCxV9QgJHSyNRQyAQBU9HewVBY1cyEho3C0YbGRtUDVheCAAPATwVSVlQRT5FXBIWEDsNFRsPGxEjXUwTEAYALwleXFd%2BF1RLDQMaRDEDV1RUVDJBQDIKDBMQRl1cSlIOR1wTGzwUAgFcFRsdQ1BaFQsVATwVSVlQRT5FXBIWEEZZRBl3VUQTfV4IDCEjQyJKVk9DIwUZQ05BBQASUENcbhJBVQgWPBAGFU1GZl8SEwNDQiEIFhRLUF19DlZQDy0VAREKWEwZVQhCWg4UBhYaOUlUXlRBExVDAQIJPBJYUhsLQ0FMAw4KB0FKG1ZWXQ5DZgwNBwFBXBtZUFYJRVQOBgZGT0RLWlZcPkJNABYWF0FcG1lQRwQTRBw%3D HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1937
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 08 Sep 2022 20:54:10 GMT
Connection: keep-alive
CF-Ray: 747a93eb4dbffac4-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=8615423766568306
54.230.111.84201 Created 1.0 kB URL HTTP/2 realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=8615423766568306
IP 54.230.111.84:0
File type JSON data\012- , ASCII text, with very long lines (804)
Hash 2df4bfab50b8fc02f5f79bb4194bb5ba
7dd005fb0bb7e8c2a7f73b36d9ba7e3f9980be9e
b3aca4fc3d35cd7cda38c5db138838b6726112666199d3f95c9ef224425f259b
POST /keys/KSKw2g.L36ISg/requestToken?rnd=8615423766568306 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: application/json
X-Ably-Version: 1.2
Ably-Agent: ably-js/1.2.13 browser
Content-Length: 1039
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
content-length: 1036
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Thu, 08 Sep 2022 20:54:10 GMT
vary: Origin
x-ably-serverid: frontend.7828.8.eu-central-1-A.i-084055d4e3929f991.e91WfYEOABFbNR
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n0QnktDUV44lK4Jo-WQjioYqmcxtgstTlAwYUpMa-kjrEZGhgTwoFA==
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.48913769836016263
131.153.88.94200 OK 25 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.48913769836016263
IP 131.153.88.94:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash a7f24254db57c8c85d7d5f246abb893c
635f9acc5166556d56321d2112da3304faf79efa
108e6ce96db41f2d41a30e1140b831080d2db010e1f2c05feabca32f0dc27bcb
GET /stream?room=stacimarierose&f=0.48913769836016263 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=A_p2RKDNl0WBde1_vZrUqt7OTHnSq0TS2JF1yrBiGis-1662670448536-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:10 GMT
content-type: image/jpeg
content-length: 25259
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/connect?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=8963556510055668
54.230.111.84200 OK 572 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/connect?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=8963556510055668
IP 54.230.111.84:0
File type JSON data\012- , ASCII text
Hash ecb4810a828020a46ead6904e39a0a32
0ffd68af8d685b81bd797c8e892a9f5d8933314f
eb0ca9c083f5da0547b1e3ebdbe694b3f7aab1af73c1518bec511e7c495dc312
GET /comet/connect?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=8963556510055668 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 572
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Thu, 08 Sep 2022 20:54:10 GMT
vary: Origin
x-ably-serverid: frontend.b123.5.eu-central-1-A.i-0db4206fdd0aa449a.e91W7w_JwBFb9s
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0ycehOVg5viU-zL_lkcJAuVSM1V9Ir_345rOuvC11zwRTRVSUXI0-A==
X-Firefox-Spdy: h2
pt-static5.ptlwmstc.com/npe/ba/elf/script/elf-v190838.js
93.93.51.200200 OK 193 kB URL HTTP/2 pt-static5.ptlwmstc.com/npe/ba/elf/script/elf-v190838.js
IP 93.93.51.200:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
Size 193 kB (193345 bytes)
Hash b248ef854037b88db6812a0fe6ff5831
600faa675da4eca0bad7efc6d9854b8015d6f39d
52e81767b55f10dc4b47d1ca1ef39fbb7148585bba7cb15a241896c0932349b4
GET /npe/ba/elf/script/elf-v190838.js HTTP/1.1
Host: pt-static5.ptlwmstc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:10 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 11:27:04 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6319d188-8d554"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
content-encoding: gzip
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/send?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=05360135730720439
54.230.111.84204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/send?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=05360135730720439
IP 54.230.111.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/send?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=05360135730720439 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Content-Length,Accept,Authorization,X-Ably-Version,X-Ably-Lib,X-Ably-ClientId,Ably-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://chaturbate.com
access-control-max-age: 3600
date: Thu, 08 Sep 2022 20:54:10 GMT
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Bykc2wuXccFhFgGBrJxGJdRTOeQSRniOxjJ8DShgTGvcsIoXnP70NQ==
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.3537159075098799
131.153.88.94200 OK 26 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.3537159075098799
IP 131.153.88.94:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash cd4efb4f27bd9d23d3a477949f85b9b0
0bf3f5dfc21816b99d793f7353145008da0148ab
f2a2fb714a2e4a8ae4b15466c0adfc1411f4c2dec45235c3cfcf8f788a9cb37e
GET /stream?room=stacimarierose&f=0.3537159075098799 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=A_p2RKDNl0WBde1_vZrUqt7OTHnSq0TS2JF1yrBiGis-1662670448536-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:10 GMT
content-type: image/jpeg
content-length: 25540
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
pt.wmptctl.com/TVsci/QEV.gif?c=object_container&%3Bsite=wl3&%3BcobrandId=240622&%3Bpsid=cybermike&%3Bpstool=302_1&%3Bpsprogram=cbrnd&%3Bcampaign_id=118122&%3BforcedPerformers%5B0%5D=&%3Bvp%5BshowChat%5D=false&%3Bvp%5BchatAutoHide%5D=false&%3Bvp%5BshowCallToAction%5D=false&%3Bvp%5BshowPerformerName%5D=false&%3Bvp%5BshowPerformerStatus%5D=false&%3Bfilters=&%3BsubAffId=%7BSUBAFFID%7D&%3BcategoryName=girl&%3BembedTool=1&%3Borigin=camschat.net&%3Brrc=3
93.93.51.191200 OK 43 B URL HTTP/2 pt.wmptctl.com/TVsci/QEV.gif?c=object_container&%3Bsite=wl3&%3BcobrandId=240622&%3Bpsid=cybermike&%3Bpstool=302_1&%3Bpsprogram=cbrnd&%3Bcampaign_id=118122&%3BforcedPerformers%5B0%5D=&%3Bvp%5BshowChat%5D=false&%3Bvp%5BchatAutoHide%5D=false&%3Bvp%5BshowCallToAction%5D=false&%3Bvp%5BshowPerformerName%5D=false&%3Bvp%5BshowPerformerStatus%5D=false&%3Bfilters=&%3BsubAffId=%7BSUBAFFID%7D&%3BcategoryName=girl&%3BembedTool=1&%3Borigin=camschat.net&%3Brrc=3
IP 93.93.51.191:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /TVsci/QEV.gif?c=object_container&%3Bsite=wl3&%3BcobrandId=240622&%3Bpsid=cybermike&%3Bpstool=302_1&%3Bpsprogram=cbrnd&%3Bcampaign_id=118122&%3BforcedPerformers%5B0%5D=&%3Bvp%5BshowChat%5D=false&%3Bvp%5BchatAutoHide%5D=false&%3Bvp%5BshowCallToAction%5D=false&%3Bvp%5BshowPerformerName%5D=false&%3Bvp%5BshowPerformerStatus%5D=false&%3Bfilters=&%3BsubAffId=%7BSUBAFFID%7D&%3BcategoryName=girl&%3BembedTool=1&%3Borigin=camschat.net&%3Brrc=3 HTTP/1.1
Host: pt.wmptctl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/live-feed?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=302_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net&rrc=3
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Sat, 08-Oct-22 20:54:10 GMT; SameSite=None; Secure
expires: Thu, 08 Sep 2022 20:54:09 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/send?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=05360135730720439
54.230.111.84201 Created 2 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/send?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=05360135730720439
IP 54.230.111.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/send?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=05360135730720439 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: application/json
Content-Length: 77
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Thu, 08 Sep 2022 20:54:10 GMT
vary: Origin
x-ably-serverid: frontend.b123.5.eu-central-1-A.i-0db4206fdd0aa449a.e91W7w_JwBFb9s
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FY7QoiQi-yMV5BiooqN5n4ZGHj2uVZxPO2WMOKIiEUsI9lX-kW3ohQ==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/recv?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=8535263339194629
54.230.111.84200 OK 148 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/recv?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=8535263339194629
IP 54.230.111.84:0
File type JSON data\012- , ASCII text
Hash f45d61570c60dba9e97083f00bc401c8
db3bbf07f075788f50e14635d6fd6149badad290
d2ea06acebacdb8934b80c3605068392d60679d5a68a8f30f434fc783e569b09
GET /comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/recv?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=8535263339194629 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 148
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Thu, 08 Sep 2022 20:54:10 GMT
vary: Origin
x-ably-serverid: frontend.b123.5.eu-central-1-A.i-0db4206fdd0aa449a.e91W7w_JwBFb9s
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _gA6a8FpAzYi1iZsWL75mxBRzXv8xDZrGNerJbp8vRA0qnyAVrWo2Q==
X-Firefox-Spdy: h2
chatw-4.stream.highwebmedia.com/ws/005/1ekshbbn/websocket
104.19.242.83101 Switching Protocols 0 B URL HTTP/1.1 chatw-4.stream.highwebmedia.com/ws/005/1ekshbbn/websocket
IP 104.19.242.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/005/1ekshbbn/websocket HTTP/1.1
Host: chatw-4.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://chaturbate.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p3P+vtKRpMxiLcBmdLJnEQ==
Connection: keep-alive, Upgrade
Cookie: _cfuvid=A_p2RKDNl0WBde1_vZrUqt7OTHnSq0TS2JF1yrBiGis-1662670448536-0-604800000
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 08 Sep 2022 20:54:10 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OcIMHkjsqaAogiDMGunigQmyAUc=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7huep7b4zJpzylCr%2FonvIY1myuJbCBYZjavLefWT0B%2BS939evlMdR5A%2B76UYLVyuubkqehLrDbsVUC4T6z2CJTHmWG1T45yH3IFTWj2wwEYgvcUNOFvdQQ0DjokD7gWQXGcXVY%2BalQozYfd8egz%2Fp%2Bg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 747a93eb38f2b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
realtime.pa.highwebmedia.com/?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&upgrade=e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s&format=json&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0
54.230.111.129101 Switching Protocols 0 B URL HTTP/1.1 realtime.pa.highwebmedia.com/?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&upgrade=e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s&format=json&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0
IP 54.230.111.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&upgrade=e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s&format=json&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://chaturbate.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LsPGbk/YFlwcEcBrBM1RLQ==
Connection: keep-alive, Upgrade
Cookie: _cfuvid=A_p2RKDNl0WBde1_vZrUqt7OTHnSq0TS2JF1yrBiGis-1662670448536-0-604800000
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 08 Sep 2022 20:54:11 GMT
Connection: upgrade
Sec-Websocket-Accept: CM5p/q5/5CVlZRsUSOdijAUjNpQ=
Upgrade: websocket
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DIPkV1qXmUNtN9e7dZ6JPR2Rc8F8ywWYIXbC4qrO4-1BQk1dDezMUQ==
realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/send?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=6244559710962375
54.230.111.84204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/send?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=6244559710962375
IP 54.230.111.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/send?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=6244559710962375 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Content-Length,Accept,Authorization,X-Ably-Version,X-Ably-Lib,X-Ably-ClientId,Ably-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://chaturbate.com
access-control-max-age: 3600
date: Thu, 08 Sep 2022 20:54:11 GMT
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g0hpOXzz-bMPGoIzEmIebx6XjmAWhC4bYoHGDhHEyVkcgv4ZpG1rOw==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/recv?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=43431744257308247
54.230.111.84200 OK 1.5 kB URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/recv?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=43431744257308247
IP 54.230.111.84:0
File type JSON data\012- , ASCII text
Hash aff1a4e8332973451b13fffde63784e2
20e884eaf952d7206a026b37f63f8e3b1a181c3a
efa9fae8b1b87474dcce92f527090af0b1ce5db9a193ef488cc0834c45675272
GET /comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/recv?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=43431744257308247 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 1460
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Thu, 08 Sep 2022 20:54:11 GMT
vary: Origin
x-ably-serverid: frontend.b123.5.eu-central-1-A.i-0db4206fdd0aa449a.e91W7w_JwBFb9s
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RHssEtb2VtvhShGhgbySz2oroHiZ5USIw-rc29ijd4iNTVTJNg6v2A==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/send?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=6244559710962375
54.230.111.84201 Created 2 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/send?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=6244559710962375
IP 54.230.111.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/send?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=6244559710962375 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: application/json
Content-Length: 1304
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Thu, 08 Sep 2022 20:54:11 GMT
vary: Origin
x-ably-serverid: frontend.b123.5.eu-central-1-A.i-0db4206fdd0aa449a.e91W7w_JwBFb9s
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sRW8flN2mvIjHm1m3fK0oYgoPSZIYAzGPlsa4O7jptx7S-GoQNYmSA==
X-Firefox-Spdy: h2
bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3414&ck=1&ref=https://chaturbate.com/embed/stacimarierose/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3414&ck=1&ref=https://chaturbate.com/embed/stacimarierose/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3414&ck=1&ref=https://chaturbate.com/embed/stacimarierose/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 3397
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:11 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 747a93ee28effac4-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.4200164403946761
131.153.88.94200 OK 25 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.4200164403946761
IP 131.153.88.94:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash af9cdad2ae20a4a58655a15a40ea3b52
f06022ac5d3e9116cde255c7a89ea701778b524b
359118c702d669eefc07eb5715e55389312078fa3e067dc55be25921790502f3
GET /stream?room=stacimarierose&f=0.4200164403946761 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=A_p2RKDNl0WBde1_vZrUqt7OTHnSq0TS2JF1yrBiGis-1662670448536-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/jpeg
content-length: 25065
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/recv?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=01577345887756698
54.230.111.84200 OK 1.0 kB URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/recv?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=01577345887756698
IP 54.230.111.84:0
File type JSON data\012- , ASCII text
Hash dbe95be8df0ec57f0abdd9f6d6849b89
68878639ea50e7cbe30c27871cafd891f3fa0a8f
9c6a3ccbf3813c651214fb1cd263cb4e28c59449ef6e1dc390ed82c1f03e63d0
GET /comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/recv?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=01577345887756698 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 1006
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Thu, 08 Sep 2022 20:54:11 GMT
vary: Origin
x-ably-serverid: frontend.b123.5.eu-central-1-A.i-0db4206fdd0aa449a.e91W7w_JwBFb9s
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RaZ7rrZb9PTwxmQnA3C48yVOXPgZEUD_NfiZBLHc184BndYBQEbC7A==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6ed142e105a7308d5eca568071bed041
23fc3fbad8af6ccce1444a31d872c109d85ca90f
a8c7566679f4593a393f645b993c9cc1b225ca8f6a08d4e3a15e91f220ca2375
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5341
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:11 GMT
Last-Modified: Thu, 08 Sep 2022 19:25:10 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6ed142e105a7308d5eca568071bed041
23fc3fbad8af6ccce1444a31d872c109d85ca90f
a8c7566679f4593a393f645b993c9cc1b225ca8f6a08d4e3a15e91f220ca2375
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1807
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:11 GMT
Last-Modified: Thu, 08 Sep 2022 20:24:04 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6ed142e105a7308d5eca568071bed041
23fc3fbad8af6ccce1444a31d872c109d85ca90f
a8c7566679f4593a393f645b993c9cc1b225ca8f6a08d4e3a15e91f220ca2375
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5341
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:11 GMT
Last-Modified: Thu, 08 Sep 2022 19:25:10 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6ed142e105a7308d5eca568071bed041
23fc3fbad8af6ccce1444a31d872c109d85ca90f
a8c7566679f4593a393f645b993c9cc1b225ca8f6a08d4e3a15e91f220ca2375
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1807
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:11 GMT
Last-Modified: Thu, 08 Sep 2022 20:24:04 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6ed142e105a7308d5eca568071bed041
23fc3fbad8af6ccce1444a31d872c109d85ca90f
a8c7566679f4593a393f645b993c9cc1b225ca8f6a08d4e3a15e91f220ca2375
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4889
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:54:11 GMT
Last-Modified: Thu, 08 Sep 2022 19:32:43 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
i.bcicdn.com/09a/208/05c/792ea615b75d3ad730c3a40f80a18298_profile_s.jpg
195.85.23.226200 OK 16 kB URL HTTP/2 i.bcicdn.com/09a/208/05c/792ea615b75d3ad730c3a40f80a18298_profile_s.jpg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, progressive, precision 8, 226x224, components 3\012- data
Hash d08e545b53c45ed79d416339eb847486
f420820f5e864318ef801eeb0ee209d5d7391f79
0518d0c7e67e8cab6653922ce967326614166a03a0d02b2e2ae6f14ba0547448
GET /09a/208/05c/792ea615b75d3ad730c3a40f80a18298_profile_s.jpg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/jpeg
content-length: 15912
access-control-allow-origin: *
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "62fba794-3e28"
expires: Fri, 30 Sep 2022 09:47:57 GMT
last-modified: Tue, 16 Aug 2022 14:20:04 GMT
x-o1-p6: EXPIRED
x-bc-o: 2
cf-cache-status: HIT
age: 91227
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008c9b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/339/0da/xbig_lq/1cd469.webp
195.85.23.226200 OK 8.7 kB URL HTTP/2 i.bcicdn.com/live/09a/339/0da/xbig_lq/1cd469.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 301e02800ee04b5dd3aaa9e6fe82c7c8
58f4357b05d850f654bcad9217ffde84b2c62272
2986eb897e53c8d6fae2203b25321e759092df12063f3fd265ee718897f45f01
GET /live/09a/339/0da/xbig_lq/1cd469.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 8712
last-modified: Thu, 08 Sep 2022 20:50:02 GMT
etag: "631a557a-2208"
expires: Thu, 15 Sep 2022 20:50:03 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 247
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008ccb518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/095/3d7/381/xbig_lq/9b35dd.webp
195.85.23.226200 OK 33 kB URL HTTP/2 i.bcicdn.com/live/095/3d7/381/xbig_lq/9b35dd.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e4780fdda0d5abd8fa996aafd689a4ed
37d10383c49e296500f324277f8a0585c61ac0f5
bb267d6f9264f3946606b9543ae3a5f65e4f1817fcd218d019c4b4cd3792f450
GET /live/095/3d7/381/xbig_lq/9b35dd.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 32570
last-modified: Thu, 08 Sep 2022 20:51:32 GMT
etag: "631a55d4-7f3a"
expires: Thu, 15 Sep 2022 20:51:33 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: HIT
cf-cache-status: HIT
age: 155
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008ceb518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/097/189/269/xbig_lq/0a475a.webp
195.85.23.226200 OK 5.3 kB URL HTTP/2 i.bcicdn.com/live/097/189/269/xbig_lq/0a475a.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f2dba6549b4f377e629aa9c61542f9cb
b4e124b656932dbd2d4b01fb04d5ee7b9f057761
9581bfac05fdc2eb6a4bd114627b5e3fe89ff56c872ea18ed17bfd2d6350e82d
GET /live/097/189/269/xbig_lq/0a475a.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 5342
last-modified: Thu, 08 Sep 2022 20:49:49 GMT
etag: "631a556d-14de"
expires: Thu, 15 Sep 2022 20:49:50 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 258
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008d1b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/099/1a8/0b2/xbig_lq/47018e.webp
195.85.23.226200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/099/1a8/0b2/xbig_lq/47018e.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 734a3d4fe7681f3d4dc74fdb2652f216
246d2782cb5282f418672f199f2eb657a3e867a3
90e32fc04401381ada637dc2e33f27b623d08926049af45c02abb8beac8592a7
GET /live/099/1a8/0b2/xbig_lq/47018e.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 16222
last-modified: Thu, 08 Sep 2022 20:53:36 GMT
etag: "631a5650-3f5e"
expires: Thu, 15 Sep 2022 20:53:37 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 33
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008cfb518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/094/189/36c/xbig_lq/d64ce0.webp
195.85.23.226200 OK 13 kB URL HTTP/2 i.bcicdn.com/live/094/189/36c/xbig_lq/d64ce0.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ad2cd44d747f8b4efcf65ff92d3e3157
7cb1d1869a342b9bc245115fc211823276882a6f
2fed2bc61d470f6be66172121de6368e3a943d7e798fee0f082a9eb6933bb7ac
GET /live/094/189/36c/xbig_lq/d64ce0.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 12864
last-modified: Thu, 08 Sep 2022 20:52:29 GMT
etag: "631a560d-3240"
expires: Thu, 15 Sep 2022 20:52:30 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 100
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008d2b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/040/33f/12c/xbig_lq/285e0a.webp
195.85.23.226200 OK 17 kB URL HTTP/2 i.bcicdn.com/live/040/33f/12c/xbig_lq/285e0a.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 113e9e41fca3d4cb56b374b400df7f97
9e8d3d20af48d41bf1987c86769cdccb7a06b256
b35952b267efa6eed297f3617d65aafdf2905e8df8fc6bb4ca962bdc7980aa9a
GET /live/040/33f/12c/xbig_lq/285e0a.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 17332
last-modified: Thu, 08 Sep 2022 20:50:42 GMT
etag: "631a55a2-43b4"
expires: Thu, 15 Sep 2022 20:50:43 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 202
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008cdb518-OSL
X-Firefox-Spdy: h2
bongacams.com/popular-chat?bcs=Z29yaTE1NzMzNTQxZTcyNDEzYmNiMDk1ZWZiMjZkYmU4OTIyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
195.85.23.88302 Found 91 kB URL HTTP/2 bongacams.com/popular-chat?bcs=Z29yaTE1NzMzNTQxZTcyNDEzYmNiMDk1ZWZiMjZkYmU4OTIyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
IP 195.85.23.88:0
ASN #209242 Cloudflare London, LLC
Hash b76ae1103352bb2c3b54a8c4fdcfa80d
9e21bf23480c6565b0ccfbb9a4a2f2b956bf92eb
f9a55f7712050bbad5a77f2a3924e26528bd7f59210a7f08cf37463bfdb3fe06
GET /popular-chat?bcs=Z29yaTE1NzMzNTQxZTcyNDEzYmNiMDk1ZWZiMjZkYmU4OTIyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1 HTTP/1.1
Host: bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Cookie: __cf_bm=0NAmWpqpLt.DDETamu1erOFNY5lypINfgdPMKIhHgFQ-1662670450-0-AQ84N2s6Q1z7cfTIUvK56btJNGsesL5danYaIXSIFP16ZgyPWK4cQrwFcrH5WtiCHaOEsZxYO/k3i2zhYW/IaKM=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 08 Sep 2022 20:54:10 GMT
content-type: text/html; charset=utf-8
location: https://no.bongacams.com/popular-chat?bcs=Z29yaTE1NzMzNTQxZTcyNDEzYmNiMDk1ZWZiMjZkYmU4OTIyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
set-cookie: bonga20120608=f2334419a39448de3bd722f94eeaccb8; path=/; domain=.bongacams.com; secure; HttpOnly; SameSite=None
ts_type=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.bongacams.com
ts_type2=1; expires=Fri, 08-Sep-2023 20:54:10 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
fv=ZQH0ZQp2ZwL2ZD==; expires=Fri, 08-Sep-2023 20:54:10 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
uh=HR5ZpwV1M0x1GTWasz9krxgWqGqQMN==; expires=Fri, 08-Sep-2023 20:54:10 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
ratr=189420%3A%3A401977%3A%3A2022-09-08%2023%3A54%3A10%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A; expires=Fri, 26-Aug-2072 20:54:10 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com; HttpOnly
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 747a93e99a62b527-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/078/122/161/xbig_lq/7bc638.webp
195.85.23.226200 OK 15 kB URL HTTP/2 i.bcicdn.com/live/078/122/161/xbig_lq/7bc638.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 40bca2d5935f1f5c6a4e2e21b20db0fa
ac3fcc62163c8d4189f499c2e2bcb8bdb59685c9
1a7034537e218fb7d040002e5a6ad229cf771a63b0f9a5278b44a7e5ae11b845
GET /live/078/122/161/xbig_lq/7bc638.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 14938
last-modified: Thu, 08 Sep 2022 20:51:30 GMT
etag: "631a55d2-3a5a"
expires: Thu, 15 Sep 2022 20:51:31 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 155
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008d5b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/090/379/32a/xbig_lq/403af4.webp
195.85.23.226200 OK 8.1 kB URL HTTP/2 i.bcicdn.com/live/090/379/32a/xbig_lq/403af4.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d798da57d5c90318277fafd66f3dffcb
f30dd8ab553e72431782f6d1c3ae3b06cc2f3687
4db41abfc3b5c0c2ae93997c0744ee0ee7fe919879f38d57f7dc8b217207d920
GET /live/090/379/32a/xbig_lq/403af4.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 8066
last-modified: Thu, 08 Sep 2022 20:52:40 GMT
etag: "631a5618-1f82"
expires: Thu, 15 Sep 2022 20:52:44 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 80
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008d9b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/004/1b7/xbig_lq/3e5a8e.webp
195.85.23.226200 OK 4.8 kB URL HTTP/2 i.bcicdn.com/live/09b/004/1b7/xbig_lq/3e5a8e.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 522916c27152ecbe157ab4a1a83784ad
9fa9069ab2400bd41a713a799708b0934326a34a
c57702cdfcdb6e67468aa49706ba58cdf0172e83474109e3c466e9f2dba6ee6c
GET /live/09b/004/1b7/xbig_lq/3e5a8e.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 4762
last-modified: Thu, 08 Sep 2022 20:50:50 GMT
etag: "631a55aa-129a"
expires: Thu, 15 Sep 2022 20:50:51 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 192
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008deb518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/0b1/095/xbig_lq/3e5a8e.webp
195.85.23.226200 OK 3.5 kB URL HTTP/2 i.bcicdn.com/live/09b/0b1/095/xbig_lq/3e5a8e.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 508d50c16b5dc2a59c0f0247dd48c127
59decfbfe05ff5418d84b3865de90941e6e9e80a
b146c7bfc0dfeb0079368537d2dd63ae49a18bc75b082d6dba6d85a474800703
GET /live/09b/0b1/095/xbig_lq/3e5a8e.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 3512
last-modified: Thu, 08 Sep 2022 20:50:53 GMT
etag: "631a55ad-db8"
expires: Thu, 15 Sep 2022 20:50:57 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 192
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008dfb518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/093/214/3a1/xbig_lq/24d7e9.webp
195.85.23.226200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/093/214/3a1/xbig_lq/24d7e9.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0d627d4c2629f1782388c409eb8cd66b
fc6410d17023eae9e71b4cc97fb67bf44a249091
ccc4d6e6b56d3d9bbf4b0fac3f279e820fc7591f16e36357914f2687d773327d
GET /live/093/214/3a1/xbig_lq/24d7e9.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 16412
last-modified: Thu, 08 Sep 2022 20:50:34 GMT
etag: "631a559a-401c"
expires: Thu, 15 Sep 2022 20:50:35 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 216
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008d3b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/075/0d6/xbig_lq/7e193c.webp
195.85.23.226200 OK 12 kB URL HTTP/2 i.bcicdn.com/live/09c/075/0d6/xbig_lq/7e193c.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d08ffb044fcb169d42090d8fcd33e622
9080d803f98222f8fc2c84f9f68eb88f1bace32f
828d48147fe3c6113aaa911f8feb8a758e917de958bc9cbf4a2073c3ccb45de6
GET /live/09c/075/0d6/xbig_lq/7e193c.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 12094
last-modified: Thu, 08 Sep 2022 20:49:32 GMT
etag: "631a555c-2f3e"
expires: Thu, 15 Sep 2022 20:49:33 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 278
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008d6b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/079/2fe/01c/xbig_lq/0d0fa6.webp
195.85.23.226200 OK 11 kB URL HTTP/2 i.bcicdn.com/live/079/2fe/01c/xbig_lq/0d0fa6.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9060de2a79cb422fdfa603639f881965
db5ba548883dfb2f80281491fd24343ab3b86078
5bad54db7513ca224f4b2f1ccc9cb3e3ec32e5634d7a4e55f6f6b52e10b1bbea
GET /live/079/2fe/01c/xbig_lq/0d0fa6.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 10834
last-modified: Thu, 08 Sep 2022 20:50:19 GMT
etag: "631a558b-2a52"
expires: Thu, 15 Sep 2022 20:50:21 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 228
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008dab518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/07a/2e3/xbig_lq/c8f6f0.webp
195.85.23.226200 OK 9.5 kB URL HTTP/2 i.bcicdn.com/live/09c/07a/2e3/xbig_lq/c8f6f0.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 419e8298ba21d28d4c03a1db8c7626cf
856ecf9000357998edf9b6774ac2e1f5b63be79d
dae0271a5456e5c02571f229ca98178946cd35c5260cae0d8b403cf0b65692d7
GET /live/09c/07a/2e3/xbig_lq/c8f6f0.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 9518
last-modified: Thu, 08 Sep 2022 20:51:38 GMT
etag: "631a55da-252e"
expires: Thu, 15 Sep 2022 20:51:40 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 145
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008dcb518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/0d4/17d/xbig_lq/152a30.webp
195.85.23.226200 OK 8.4 kB URL HTTP/2 i.bcicdn.com/live/09c/0d4/17d/xbig_lq/152a30.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 00ea98fd8d8dfa0752916fa067d513fd
1a8491af8c24c4a3c36ebdb7bdc261b500753eed
f701edae4373624cd64c00d441d696cccd13ea6e0891fa73b9682dc487d98416
GET /live/09c/0d4/17d/xbig_lq/152a30.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 8366
last-modified: Thu, 08 Sep 2022 20:51:31 GMT
etag: "631a55d3-20ae"
expires: Thu, 15 Sep 2022 20:51:32 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 155
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008e1b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/025/1b8/xbig_lq/014fa8.webp
195.85.23.226200 OK 12 kB URL HTTP/2 i.bcicdn.com/live/09b/025/1b8/xbig_lq/014fa8.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 14d53b1bcbfa86fd32e0941767116792
45faae78f563de2f3f8268aefd43b77bb342ddb8
735be2033dfde9512b85abf8025da86fb344b0813e62c024c05dbe76f202e9db
GET /live/09b/025/1b8/xbig_lq/014fa8.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 11854
last-modified: Thu, 08 Sep 2022 20:52:00 GMT
etag: "631a55f0-2e4e"
expires: Thu, 15 Sep 2022 20:52:08 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 118
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008e3b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/0dd/304/xbig_lq/b87033.webp
195.85.23.226200 OK 7.6 kB URL HTTP/2 i.bcicdn.com/live/09b/0dd/304/xbig_lq/b87033.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 98cc2bf33fd33220d205638ec57c4758
690e2ffee21e655acc84d21f38c3bb2bcbeac844
a841bffa5f6b19ce3c4543a17c1ee36130fcc35eb17aa810e2d39790f249430c
GET /live/09b/0dd/304/xbig_lq/b87033.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 7612
last-modified: Thu, 08 Sep 2022 20:52:10 GMT
etag: "631a55fa-1dbc"
expires: Thu, 15 Sep 2022 20:52:11 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: HIT
cf-cache-status: HIT
age: 108
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f018f8b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/0b9/392/xbig_lq/779e09.webp
195.85.23.226200 OK 21 kB URL HTTP/2 i.bcicdn.com/live/09b/0b9/392/xbig_lq/779e09.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 03308a4e23a2cdef245cb41198df3312
42bd211c140e69d2f1fbdc6a9d7a9ae070a9cd5c
f9352f670b18a68edf44ed2b3871cfa26aa244a7a48690720e243c4d3779750e
GET /live/09b/0b9/392/xbig_lq/779e09.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 21342
last-modified: Thu, 08 Sep 2022 20:51:53 GMT
etag: "631a55e9-535e"
expires: Thu, 15 Sep 2022 20:51:56 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 130
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008e4b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/0ab/1c6/xbig_lq/fa048e.webp
195.85.23.226200 OK 24 kB URL HTTP/2 i.bcicdn.com/live/09c/0ab/1c6/xbig_lq/fa048e.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 55e75795080ea741ab195f6e66eb5e60
ef13b86a22506192705690f47bdecb2d02646144
356b78d54e2b5a40af229a68bdaae6fcfd3b04e5c18e909d82e60a7723b02887
GET /live/09c/0ab/1c6/xbig_lq/fa048e.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 23634
last-modified: Thu, 08 Sep 2022 20:53:26 GMT
etag: "631a5646-5c52"
expires: Thu, 15 Sep 2022 20:53:31 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: HIT
cf-cache-status: HIT
age: 38
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008e7b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/10e/1d5/xbig_lq/ab6716.webp
195.85.23.226200 OK 10 kB URL HTTP/2 i.bcicdn.com/live/09b/10e/1d5/xbig_lq/ab6716.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5af6f9473bc107e451a1fe996ad7dc97
fcd1999b8c9ce106bfd4b26940d7d4d621838074
0c8b218966e0c96a1ff60dbc3165f534374af371cbb9af27421d0d56f8a52f35
GET /live/09b/10e/1d5/xbig_lq/ab6716.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 10474
last-modified: Thu, 08 Sep 2022 20:48:52 GMT
etag: "631a5534-28ea"
expires: Thu, 15 Sep 2022 20:48:55 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 307
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008e8b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/0b6/1db/xbig_lq/a44318.webp
195.85.23.226200 OK 12 kB URL HTTP/2 i.bcicdn.com/live/09c/0b6/1db/xbig_lq/a44318.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9b25c3d8b65770653375a2191744b3b0
a5a718c39230faf60789e42b95d667bf8920bf56
ab537fc8ecef91255dafc7e2cfd53747521be3c7e6bf2f8597f14d3175aa1e1d
GET /live/09c/0b6/1db/xbig_lq/a44318.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 12248
last-modified: Thu, 08 Sep 2022 20:52:23 GMT
etag: "631a5607-2fd8"
expires: Thu, 15 Sep 2022 20:52:26 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 104
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f018f0b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/0b9/259/xbig_lq/927948.webp
195.85.23.226200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/09b/0b9/259/xbig_lq/927948.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dfdd6ffe2d791c5d1aff62b6bbe22039
af50156bc210d6eee28753c0b1aa20a6ec1f3749
d89d96b14dbdf8d7e9dfa814b409e40a4b161a79290fb8d65a756b71b17f6307
GET /live/09b/0b9/259/xbig_lq/927948.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 15650
last-modified: Thu, 08 Sep 2022 20:49:24 GMT
etag: "631a5554-3d22"
expires: Thu, 15 Sep 2022 20:49:25 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 283
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f018f3b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/097/0c3/0a8/xbig_lq/439e8b.webp
195.85.23.226200 OK 11 kB URL HTTP/2 i.bcicdn.com/live/097/0c3/0a8/xbig_lq/439e8b.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9368fe2ee72e623128a8c8ef4deff669
7329860a602cb52c981f346eaa2f75d858ef8df9
16c0213391241a4291edbbeaaff74c4918edda6dd2d1592439e65bfc79ced9b8
GET /live/097/0c3/0a8/xbig_lq/439e8b.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 10988
last-modified: Thu, 08 Sep 2022 20:51:26 GMT
etag: "631a55ce-2aec"
expires: Thu, 15 Sep 2022 20:51:29 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 162
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f0290cb518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/3cd/1d9/xbig_lq/386df2.webp
195.85.23.226200 OK 31 kB URL HTTP/2 i.bcicdn.com/live/09b/3cd/1d9/xbig_lq/386df2.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e210f83be3357e442c240532ab68ca1e
eb2383a2e6d8971445afdf64b6705157bfed0d1f
8eaf1b2c89f9ef14091cab96ad5a2c4ef6def5dd9deb8e588f188118de3a52e0
GET /live/09b/3cd/1d9/xbig_lq/386df2.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 30958
last-modified: Thu, 08 Sep 2022 20:51:53 GMT
etag: "631a55e9-78ee"
expires: Thu, 15 Sep 2022 20:51:57 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 126
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008e5b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/099/1b9/10a/xbig_lq/c40ed9.webp
195.85.23.226200 OK 20 kB URL HTTP/2 i.bcicdn.com/live/099/1b9/10a/xbig_lq/c40ed9.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0f2d8e57c4b91c7100537277eab229ac
be01068e77753582e7941841ab33ae5f19f6f316
7c5de606d2310ca14bd4e014fd5476d1de36416bbc591e80a56180d5759d852b
GET /live/099/1b9/10a/xbig_lq/c40ed9.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 20220
last-modified: Thu, 08 Sep 2022 20:53:28 GMT
etag: "631a5648-4efc"
expires: Thu, 15 Sep 2022 20:53:29 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 38
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f0291bb518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/09a/208/05c/792ea615b75d3ad730c3a40f80a18298_avatars.jpg
195.85.23.226200 OK 1.1 kB URL HTTP/2 i.bcicdn.com/09a/208/05c/792ea615b75d3ad730c3a40f80a18298_avatars.jpg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, progressive, precision 8, 32x32, components 3\012- data
Hash 931d90ac5856542009536f97a0178e7a
a5863fc3e0ced66535984c12fba4e29a0285e579
13160665147dea43228a6107ecaa0d47341cc6492bef548da0d13e0cefe5092c
GET /09a/208/05c/792ea615b75d3ad730c3a40f80a18298_avatars.jpg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/jpeg
content-length: 1080
access-control-allow-origin: *
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "62fba794-438"
expires: Fri, 07 Oct 2022 18:37:09 GMT
last-modified: Tue, 16 Aug 2022 14:20:04 GMT
x-o1-p6: MISS
x-bc-o: 1
cf-cache-status: HIT
age: 91227
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008c8b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/promotions/invisible_mode/2/182x600/no.jpg
195.85.23.226200 OK 74 kB URL HTTP/2 i.bcicdn.com/promotions/invisible_mode/2/182x600/no.jpg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 182x600, components 3\012- data
Hash d35ca9a1129049ea13fe0f65b07acd2d
a4fdbde0302c6fd5d7ff3536bd693eb2eab87e4d
6f463f0413db3e7d213fbd83375ab29ba5c4b8e7e0dea558e1843aaad3db4a70
GET /promotions/invisible_mode/2/182x600/no.jpg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/jpeg
content-length: 73918
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "624a9aa4-120be"
expires: Wed, 28 Sep 2022 04:03:44 GMT
last-modified: Mon, 04 Apr 2022 07:13:40 GMT
vary: Accept-Encoding
x-cache-0: 1
cf-cache-status: HIT
age: 924578
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008c4b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/3bb/06d/xbig_lq/9eddd9.webp
195.85.23.226200 OK 14 kB URL HTTP/2 i.bcicdn.com/live/09b/3bb/06d/xbig_lq/9eddd9.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash db4c6b7b552a7d1b8cd928698754797f
d2d7b2664ce440f3b41846db35772166b06daa33
e155990f3991cec7d180cd46b4813e65e0c298e7a00cd2ac4f526d02db726dda
GET /live/09b/3bb/06d/xbig_lq/9eddd9.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 14238
last-modified: Thu, 08 Sep 2022 20:52:08 GMT
etag: "631a55f8-379e"
expires: Thu, 15 Sep 2022 20:52:10 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: HIT
cf-cache-status: HIT
age: 115
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f0291eb518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/07b/31d/333/xbig_lq/2c15a4.webp
195.85.23.226200 OK 13 kB URL HTTP/2 i.bcicdn.com/live/07b/31d/333/xbig_lq/2c15a4.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 973fa31f21d4e3bc9320172a41c2e29a
5366d89457e43cd702cb6a4066fc4acaa8df83bd
0d7ece78e1d3c6a6277e4ba127c103bd4f949487f715ed62df36a01f9e9f6405
GET /live/07b/31d/333/xbig_lq/2c15a4.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 13200
last-modified: Thu, 08 Sep 2022 20:50:50 GMT
etag: "631a55aa-3390"
expires: Thu, 15 Sep 2022 20:50:57 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 185
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f03925b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/096/13f/312/xbig_lq/947e52.webp
195.85.23.226200 OK 7.1 kB URL HTTP/2 i.bcicdn.com/live/096/13f/312/xbig_lq/947e52.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 64ec91c3e53d5eac3cf7ed325a9c1405
8564e9f2019e6da4993473549043d189bc3657bd
3f5b7ec35f8bc15eed869f9b4ded731a7e105b081028cadb3345cc36618416a5
GET /live/096/13f/312/xbig_lq/947e52.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 7088
last-modified: Thu, 08 Sep 2022 20:53:17 GMT
etag: "631a563d-1bb0"
expires: Thu, 15 Sep 2022 20:53:26 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 46
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f0695fb518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/099/085/27e/xbig_lq/5b78f2.webp
195.85.23.226200 OK 10 kB URL HTTP/2 i.bcicdn.com/live/099/085/27e/xbig_lq/5b78f2.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bbda44997d794ae73a2c753802739a83
a33f2817d04aba14abbf894ef00fa0bbfa20661d
d2ee6e017fcbfec77d1ec685f2362a92330d19eecea9471b219b354d32c55649
GET /live/099/085/27e/xbig_lq/5b78f2.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 10008
last-modified: Thu, 08 Sep 2022 20:52:22 GMT
etag: "631a5606-2718"
expires: Thu, 15 Sep 2022 20:52:23 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 102
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f0695eb518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/07b/13c/235/xbig_lq/653907.webp
195.85.23.226200 OK 6.0 kB URL HTTP/2 i.bcicdn.com/live/07b/13c/235/xbig_lq/653907.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 852990699ef6ea4ce17b5b2ae62ccd4f
8b1a5198245fe523444e14c4d265709222544112
af00429c81ded49aa096af3e34e5701aaecaeaae39ba9b76586009d1e04a61dc
GET /live/07b/13c/235/xbig_lq/653907.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 5982
last-modified: Thu, 08 Sep 2022 20:52:16 GMT
etag: "631a5600-175e"
expires: Thu, 15 Sep 2022 20:52:16 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 108
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f0695db518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/04a/0fd/324/xbig_lq/bcb03f.webp
195.85.23.226200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/04a/0fd/324/xbig_lq/bcb03f.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2aab079d1813581b8e171546720e0d65
ffb00a61158fefce6050a6aaad4f959c22f6676f
7e1a4ce7c26d4e17df456f7fcec319f6acacb0f1b6e03d4ed8b10a2a5da7618c
GET /live/04a/0fd/324/xbig_lq/bcb03f.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 16086
last-modified: Thu, 08 Sep 2022 20:53:33 GMT
etag: "631a564d-3ed6"
expires: Thu, 15 Sep 2022 20:53:34 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 37
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f06962b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/06d/122/047/xbig_lq/dd05a0.webp
195.85.23.226200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/06d/122/047/xbig_lq/dd05a0.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 976d1a17bc54fcf15154826f00f681e4
c20d4aa4309c96c1c8fd3dd81224bbf3768a91e7
12c55fd0340379f6322f7775c6be1bdfa03cae657f921a94710a1c3a604776a2
GET /live/06d/122/047/xbig_lq/dd05a0.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 15836
last-modified: Thu, 08 Sep 2022 20:52:47 GMT
etag: "631a561f-3ddc"
expires: Thu, 15 Sep 2022 20:52:48 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 80
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f06960b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/057/395/145/xbig_lq/1895fd.webp
195.85.23.226200 OK 15 kB URL HTTP/2 i.bcicdn.com/live/057/395/145/xbig_lq/1895fd.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4f0640b0d9973deff9997ff23431b58b
96222e9659f2fb155823af86dc2900672ecf5120
733cebf704ea290ae3ecf1848140afd7d99e3c52dc3a35d38fad07a3405718dc
GET /live/057/395/145/xbig_lq/1895fd.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 15278
last-modified: Tue, 06 Sep 2022 06:38:59 GMT
etag: "6316eb03-3bae"
expires: Thu, 15 Sep 2022 09:34:37 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 888
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f06963b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/027/05a/23e/xbig_lq/2bf512.webp
195.85.23.226200 OK 18 kB URL HTTP/2 i.bcicdn.com/live/027/05a/23e/xbig_lq/2bf512.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 486fa3b8ebabd5a491be8ae9dc2473d8
3496d6a6d460e684f6fe537ed9c0d96f44210bdb
8e6ac6174c88cc4a449ef50a1f5fae57653a163b4364cb38bd845014e4b948a7
GET /live/027/05a/23e/xbig_lq/2bf512.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 17522
last-modified: Thu, 08 Sep 2022 20:51:00 GMT
etag: "631a55b4-4472"
expires: Thu, 15 Sep 2022 20:51:01 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 185
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f06964b518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/069/204/15c/xbig_lq/757cbe.webp
195.85.23.226200 OK 14 kB URL HTTP/2 i.bcicdn.com/live/069/204/15c/xbig_lq/757cbe.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 29b3300b056bc517e213effa70282b5c
8b304ae913b16e22f29803240d6850921ff499d7
2559d35de018e65088bf6173b8a3fadd5fed82a61ae39692fca798903dc026fa
GET /live/069/204/15c/xbig_lq/757cbe.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/webp
content-length: 14098
last-modified: Thu, 08 Sep 2022 20:52:25 GMT
etag: "631a5609-3712"
expires: Thu, 15 Sep 2022 20:52:26 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: HIT
cf-cache-status: HIT
age: 102
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f06961b518-OSL
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.4880044393219676
131.153.88.94200 OK 25 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.4880044393219676
IP 131.153.88.94:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 482115c285ee6025df655ed0354f79a8
8ebbd2dd7bf8e2dd47de79ba24ad7b21d3df51d1
0a9821a05a24f991a8b89ef4d038a01a4aa6f8fd80f4891c85f072ea7aa8404d
GET /stream?room=stacimarierose&f=0.4880044393219676 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=A_p2RKDNl0WBde1_vZrUqt7OTHnSq0TS2JF1yrBiGis-1662670448536-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/jpeg
content-length: 25045
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/disconnect?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=9090353312588222
54.230.111.84204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/disconnect?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=9090353312588222
IP 54.230.111.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comet/e91W7w_JwBFb9s!JINUKh7WdeyFGquE-54e98e91W7w_JwBFb9s/disconnect?access_token=KSKw2g.AL36ISg1ara5bA_Y5EEPDUDv97EM1jY931ntH6S-CpsfuRyO04&rnd=9090353312588222 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Thu, 08 Sep 2022 20:54:11 GMT
vary: Origin
x-ably-serverid: frontend.b123.5.eu-central-1-A.i-0db4206fdd0aa449a.e91W7w_JwBFb9s
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q79AtNTxTwhjtLWOQVsHtvii825CtrKzsP_pE5R00ja6_3VgtK6Yww==
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.7314760962129532
131.153.88.94200 OK 25 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=stacimarierose&f=0.7314760962129532
IP 131.153.88.94:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 2e26d55671191d051549a3873e9bd3e6
20b161ff29961d325adff00b7bef97752b88d510
1a1c20be2c3b0a99f4ce09a1ca0fde49b4903b10de4a0b613d9a5597bda30881
GET /stream?room=stacimarierose&f=0.7314760962129532 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=A_p2RKDNl0WBde1_vZrUqt7OTHnSq0TS2JF1yrBiGis-1662670448536-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/jpeg
content-length: 25214
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
i.bcicdn.com/images/mobile/spiner-transparent-white.png
195.85.23.226200 OK 3.0 kB URL HTTP/2 i.bcicdn.com/images/mobile/spiner-transparent-white.png
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 128 x 128, 8-bit colormap, non-interlaced\012- data
Hash 41ca53be66cf0f014ffb56adafdc8396
8507abef68555bafd3dbf6e4a468f3979db5a4c8
29b13f008dfaaf0a7bd72190870e2a1e657fa0d089206431b8e02c721b8644e0
GET /images/mobile/spiner-transparent-white.png HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.bcicdn.com/css-min/1solM/extra/chat.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/png
content-length: 3004
last-modified: Mon, 08 Jan 2018 07:50:34 GMT
etag: "5a5322ca-bbc"
expires: Mon, 26 Sep 2022 10:04:26 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 890136
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f18b00b518-OSL
X-Firefox-Spdy: h2
no.bongacams.com/images/sprite/bc/listing.svg
195.85.23.95200 OK 17 kB URL HTTP/2 no.bongacams.com/images/sprite/bc/listing.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (31758), with no line terminators
Hash 27321908fd09bb5ac0753264a2761d82
85e9f1a76e3ecc6a33709ee25348d0c49448c2d4
30c44688d95bcf9dfae0c38b6191fb7a4778d3f5c1217beda999e7aafe181d1b
GET /images/sprite/bc/listing.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=Z29yaTE1NzMzNTQxZTcyNDEzYmNiMDk1ZWZiMjZkYmU4OTIyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=0NAmWpqpLt.DDETamu1erOFNY5lypINfgdPMKIhHgFQ-1662670450-0-AQ84N2s6Q1z7cfTIUvK56btJNGsesL5danYaIXSIFP16ZgyPWK4cQrwFcrH5WtiCHaOEsZxYO/k3i2zhYW/IaKM=; bonga20120608=f2334419a39448de3bd722f94eeaccb8; BONGAH_HIT=15733541e72413bcb095efb26dbe8922%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-09-08%2023%3A54%3A10; sg=94; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Oct 2020 03:17:08 GMT
etag: W/"5f963fb4-7c0e"
expires: Sat, 08 Oct 2022 20:54:11 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1288421
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a93f15fd2b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
no.bongacams.com/images/sprite/bc/ui2.svg
195.85.23.95200 OK 15 kB URL HTTP/2 no.bongacams.com/images/sprite/bc/ui2.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2337), with no line terminators
Hash f2670414164a5f113b491b1d44ed8400
f257b9b3453546041e7d16e2454e50d095c86149
e860c2d20be72b786c843cc28c98f6c437773629413dc8c476987fa3baff3cf9
GET /images/sprite/bc/ui2.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=Z29yaTE1NzMzNTQxZTcyNDEzYmNiMDk1ZWZiMjZkYmU4OTIyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=0NAmWpqpLt.DDETamu1erOFNY5lypINfgdPMKIhHgFQ-1662670450-0-AQ84N2s6Q1z7cfTIUvK56btJNGsesL5danYaIXSIFP16ZgyPWK4cQrwFcrH5WtiCHaOEsZxYO/k3i2zhYW/IaKM=; bonga20120608=f2334419a39448de3bd722f94eeaccb8; BONGAH_HIT=15733541e72413bcb095efb26dbe8922%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-09-08%2023%3A54%3A10; sg=94; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/svg+xml
last-modified: Tue, 21 Dec 2021 07:10:25 GMT
etag: W/"61c17de1-921"
expires: Sat, 08 Oct 2022 20:54:11 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 340882
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a93f16fd8b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/fonts/open_sans/v23/regular/latin.woff2
195.85.23.226200 OK 14 kB URL HTTP/2 i.bcicdn.com/fonts/open_sans/v23/regular/latin.woff2
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type Web Open Font Format (Version 2), TrueType, length 14440, version 1.0\012- data
Hash ff9d619b59f5cb3529b100448f398ac5
f821770af8dcac25fd51b691be779fb56dde7783
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
GET /fonts/open_sans/v23/regular/latin.woff2 HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://no.bongacams.com
Connection: keep-alive
Referer: https://i.bcicdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/octet-stream
content-length: 14440
last-modified: Wed, 15 Sep 2021 03:49:40 GMT
etag: "61416d54-3868"
expires: Fri, 23 Sep 2022 06:31:25 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 343929
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f20bbfb518-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/fonts/open_sans/v23/bold/latin.woff2
195.85.23.226200 OK 15 kB URL HTTP/2 i.bcicdn.com/fonts/open_sans/v23/bold/latin.woff2
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type Web Open Font Format (Version 2), TrueType, length 15112, version 1.0\012- data
Hash b596676fc00af9806c16a12e9a0350f8
056bafe30541a1926905966fa58b0df058504e36
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
GET /fonts/open_sans/v23/bold/latin.woff2 HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://no.bongacams.com
Connection: keep-alive
Referer: https://i.bcicdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/octet-stream
content-length: 15112
last-modified: Wed, 15 Sep 2021 03:49:40 GMT
etag: "61416d54-3b08"
expires: Fri, 23 Sep 2022 16:21:04 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 530218
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f1fbbdb518-OSL
X-Firefox-Spdy: h2
no.bongacams.com/images/sprite/bc/layout3.svg
195.85.23.95200 OK 38 kB URL HTTP/2 no.bongacams.com/images/sprite/bc/layout3.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4519), with no line terminators
Hash 7e456e962a2075ebf5b7db7948a947ff
8088545f852dd6088379dba3ad2c599e2b6fe670
d66ef84fe0c4c67b8b6e3c96a1a593939864d2bcee47ba493bdad9b5c896d801
GET /images/sprite/bc/layout3.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=Z29yaTE1NzMzNTQxZTcyNDEzYmNiMDk1ZWZiMjZkYmU4OTIyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=0NAmWpqpLt.DDETamu1erOFNY5lypINfgdPMKIhHgFQ-1662670450-0-AQ84N2s6Q1z7cfTIUvK56btJNGsesL5danYaIXSIFP16ZgyPWK4cQrwFcrH5WtiCHaOEsZxYO/k3i2zhYW/IaKM=; bonga20120608=f2334419a39448de3bd722f94eeaccb8; BONGAH_HIT=15733541e72413bcb095efb26dbe8922%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-09-08%2023%3A54%3A10; sg=94; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/svg+xml
last-modified: Fri, 10 Sep 2021 08:12:27 GMT
etag: W/"613b136b-11a7"
expires: Sat, 08 Oct 2022 20:54:11 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1288443
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a93f16fd6b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9a0f9299c55f6945276fd1c604988e5e
87c5265716b80c1d2b523af2d936299ebac5ef37
de0697da395c9f834374a1337925c0d3a48780e8e8d8af7c521c94eddbeaf44f
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 20:54:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 03:32:23 GMT
Expires: Thu, 15 Sep 2022 03:32:22 GMT
Etag: "87c5265716b80c1d2b523af2d936299ebac5ef37"
Cache-Control: max-age=602852,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1674
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747a93f21e890af6-OSL
i.bcicdn.com/fonts/open_sans/v23/semibold/latin.woff2
195.85.23.226200 OK 15 kB URL HTTP/2 i.bcicdn.com/fonts/open_sans/v23/semibold/latin.woff2
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type Web Open Font Format (Version 2), TrueType, length 14956, version 1.0\012- data
Hash 4334c2753ff9f057d9de926e66882c9e
36352b82f41b8de16636e5dee0c52cc70ef56080
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
GET /fonts/open_sans/v23/semibold/latin.woff2 HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://no.bongacams.com
Connection: keep-alive
Referer: https://i.bcicdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/octet-stream
content-length: 14956
last-modified: Wed, 15 Sep 2021 03:49:40 GMT
etag: "61416d54-3a6c"
expires: Tue, 27 Sep 2022 23:18:12 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 340861
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f21bdab518-OSL
X-Firefox-Spdy: h2
mobile-edge2.bcvcdn.com/stream_demonsmaylove.jpg?t=1662670450
31.192.120.231200 OK 18 kB URL HTTP/1.1 mobile-edge2.bcvcdn.com/stream_demonsmaylove.jpg?t=1662670450
IP 31.192.120.231:0
ASN #48684 Viking Host B.V.
File type JPEG image data, baseline, precision 8, 480x270, components 3\012- data
Hash b4a622613069f7207f413df3ee56ecf1
e2b3b740e8e25ef3aabfbd635b64c2c12444e729
d17553718fbda3f6269040ba2b26d312b1b4e7ed6bfa2869d448a0ce5748a42c
GET /stream_demonsmaylove.jpg?t=1662670450 HTTP/1.1
Host: mobile-edge2.bcvcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 20:54:11 GMT
Content-Type: image/jpeg
Content-Length: 18515
Last-Modified: Thu, 08 Sep 2022 20:54:11 GMT
Connection: keep-alive
ETag: "631a5673-4853"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
i.bcicdn.com/js-min/1sKcK/5122e.js
195.85.23.226200 OK 8.2 kB URL HTTP/2 i.bcicdn.com/js-min/1sKcK/5122e.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (9693), with no line terminators
Hash 83843031b8d231fe92bf3d119c30ad6e
a7318f824f0a24d76f72b1cf0d0a6e2751733c50
bc7eedb3702b59c7f564f0af05b3ab503966a3ef6387f1f7acf7b46a0c8a5fa1
GET /js-min/1sKcK/5122e.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:34:18 GMT
etag: W/"63199afa-25dd"
expires: Sat, 08 Oct 2022 07:35:15 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47927
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f36e0db518-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.bestcontentfood.top/warp/4788752?r=31946
172.67.200.139200 OK 0 B URL HTTP/2 a.bestcontentfood.top/warp/4788752?r=31946
IP 172.67.200.139:0
Analyzer Verdict Alert fortinet Phishing
GET /warp/4788752?r=31946 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hONcIVKVIjvdpS2kWLDSyFWyWeZZdSPQXaJeWRkVieVTyd9zNzHej9YwOj8aFyAA1FLebovpUHdGeyk7JwRCHSBLWedTCHX%2F03wo6sgZ%2BAx9eJoqWn8KZssjsLPrEx3CMEFpMaMd6Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93d59d95b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pt.wmptctl.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
93.93.51.191200 OK 0 B URL HTTP/2 pt.wmptctl.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
IP 93.93.51.191:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
GET /live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net HTTP/1.1
Host: pt.wmptctl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache
date: Thu, 08 Sep 2022 20:54:08 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Sat, 08-Oct-22 20:54:08 GMT; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/images/replace/10/arial/999/bnct_add1_v2.svg
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/images/replace/10/arial/999/bnct_add1_v2.svg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /images/replace/10/arial/999/bnct_add1_v2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Mar 2022 11:31:02 GMT
etag: W/"6231ca76-35ac"
expires: Mon, 12 Sep 2022 11:34:41 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-p4: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 338673
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f0696bb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1solM/hg.css
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1solM/hg.css
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1solM/hg.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 08:14:14 GMT
etag: W/"631852d6-c440"
expires: Fri, 07 Oct 2022 08:14:40 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 131956
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f06972b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1sKcK/5e5b7.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1sKcK/5e5b7.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1sKcK/5e5b7.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:34:18 GMT
etag: W/"63199afa-11ce"
expires: Sat, 08 Oct 2022 07:35:15 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47922
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f3cec2b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.focusde.info/api/spots/391867?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/391867?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/391867?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=XvwA2wLJ1s69AQ0Rjmos; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
camschat.net/900250/adnium.php
66.230.180.98200 OK 0 B URL HTTP/2 camschat.net/900250/adnium.php
IP 66.230.180.98:0
GET /900250/adnium.php HTTP/1.1
Host: camschat.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.medfoodsafety.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.3
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/images/replace/10/arial/999/bnct_add2.svg
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/images/replace/10/arial/999/bnct_add2.svg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /images/replace/10/arial/999/bnct_add2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jun 2021 09:45:11 GMT
etag: W/"60c08da7-2a63"
expires: Mon, 12 Sep 2022 11:34:41 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-p4: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2279961
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f0696cb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1solM/extra/listing.css
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1solM/extra/listing.css
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1solM/extra/listing.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 08:14:15 GMT
etag: W/"631852d7-120e6"
expires: Fri, 07 Oct 2022 08:14:42 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 131956
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f06970b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
104.21.234.233200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.233:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:05 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: bf21eb4442dc834ed9c3433e8a2fde15
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 08 Sep 2022 20:54:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5lbj1UdJHxock3Xrdlj1W8yGEzS8i4XZRpwPlb0HOTulszd7vVPgCl2iTrZ4bZCp22xe8vWZDPPfERO2v7mtwuIDXoMSCpS9nmKHJj1F4C%2FSU7gDfps%2BmFEBUt7ujKLx164cM4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a93c909fe775c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.focusde.info/api/spots/303892?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/303892?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/303892?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=rHhgmVqwsfBvBkVUDoky
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
a.focusde.info/api/spots/391866?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/391866?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/391866?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=oADvjcG3CIxwMgvJe2RL; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
trkbng.com/hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
31.192.112.221302 Found 0 B URL HTTP/2 trkbng.com/hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
IP 31.192.112.221:0
ASN #48684 Viking Host B.V.
GET /hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat HTTP/1.1
Host: trkbng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 08 Sep 2022 20:54:12 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.promo-bc.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.bongocams.biz
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.bongacams.org
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.bongacams10.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.bcmspt.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.bngwlt.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.bngpt.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.bngpst.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.bngprl.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.bngpop.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.bngosv.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.bngvs.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.bngdyn.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.dynspt.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.ecdyn.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.trkbc.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.trkbng.com
BCH_H=15733541e72413bcb095efb26dbe8922%7C2022-09-08; expires=Fri, 26-Aug-2072 20:54:12 GMT; Max-Age=1576800000; path=/; domain=.bcprm.com
location: https://bongacams.com/popular-chat?bcs=Z29yaTE1NzMzNTQxZTcyNDEzYmNiMDk1ZWZiMjZkYmU4OTIyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
expires: Thu, 08 Sep 2022 20:54:11 GMT
x-bcs: ded7384
strict-transport-security: max-age=0;
cache-control: no-cache, public
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1solM/extra/chat.css
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1solM/extra/chat.css
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1solM/extra/chat.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 08:14:15 GMT
etag: W/"631852d7-57c13"
expires: Fri, 07 Oct 2022 08:14:42 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 131946
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008c7b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1sKcK/ec452.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1sKcK/ec452.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1sKcK/ec452.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:34:18 GMT
etag: W/"63199afa-807"
expires: Sat, 08 Oct 2022 07:35:14 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47922
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f36e11b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1sKcK/61f90.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1sKcK/61f90.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1sKcK/61f90.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:34:18 GMT
etag: W/"63199afa-32e"
expires: Sat, 08 Oct 2022 07:35:13 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47927
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f3deceb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-616"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 08 Sep 2022 21:54:06 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
media.aso1.net/js/ifr.html
104.21.234.154200 OK 0 B URL HTTP/2 media.aso1.net/js/ifr.html
IP 104.21.234.154:0
GET /js/ifr.html HTTP/1.1
Host: media.aso1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: text/html
last-modified: Thu, 28 Jul 2022 09:55:04 GMT
etag: W/"62e25cf8-6ea"
expires: Tue, 02 Aug 2022 06:53:11 GMT
cache-control: max-age=259200
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-cache-status: HIT
age: 855772
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2F%2B%2B1jfRAqa2w%2BXMNVRXRtaO0JdJz9xo0e1r6bDLkdu7yfNKvk2seMJQkcFyv64Wz8wucwZ40BP%2BYaME5ox30a7EHqdxZQQAMWfh8Cw8rWMVS3LjYAUDE8XPXcagrYvAAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a93d43b9f76ea-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tsyndicate.com/do2/gtpedNcWKkqbcJr5gX4hNBaeGvryR5tY/master?w=1280&h=1024&tz=0&count=5
136.243.83.47200 OK 0 B URL HTTP/2 tsyndicate.com/do2/gtpedNcWKkqbcJr5gX4hNBaeGvryR5tY/master?w=1280&h=1024&tz=0&count=5
IP 136.243.83.47:0
ASN #24940 Hetzner Online GmbH
GET /do2/gtpedNcWKkqbcJr5gX4hNBaeGvryR5tY/master?w=1280&h=1024&tz=0&count=5 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.focusde.info
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://a.focusde.info
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 3750af9826a594ac
set-cookie: ts_uid=3f8a58b6-8ad3-47af-ba70-1c04f17b3700; expires=Wed, 08 Mar 2023 20:54:07 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PYsCHjRg0bOGjc6NJH; expires=Fri, 09 Sep 2022 20:54:07 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/i18n-min/1662545218/messages/no.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/i18n-min/1662545218/messages/no.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /i18n-min/1662545218/messages/no.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 10:07:28 GMT
etag: W/"63186d60-23f7b"
expires: Fri, 07 Oct 2022 10:08:21 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 125018
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f0696eb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/sprite/bc/flag_pack-7fa3aa73.svg
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/images/sprite/bc/flag_pack-7fa3aa73.svg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /images/sprite/bc/flag_pack-7fa3aa73.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.bcicdn.com/css-min/1solM/cr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/svg+xml
last-modified: Thu, 30 May 2019 03:12:25 GMT
etag: W/"5cef4a19-5775"
expires: Fri, 23 Sep 2022 00:45:59 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 338699
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f17ae3b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/sprite/bc/listing_atlas8.svg
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/images/sprite/bc/listing_atlas8.svg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /images/sprite/bc/listing_atlas8.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.bcicdn.com/css-min/1solM/extra/listing.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 12:30:04 GMT
etag: W/"620a4b4c-a703"
expires: Mon, 12 Sep 2022 12:37:44 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-p4: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1385609
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f1ab4eb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/video/5e364cff61f0be74ac0ccfe4
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/video/5e364cff61f0be74ac0ccfe4
IP 104.26.1.188:0
GET /video/5e364cff61f0be74ac0ccfe4 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: text/html; charset=utf-8
vary: Origin
set-cookie: visitorId=fayfi6j1tcchqjeduw33w9; Domain=xfantazy.com; Path=/; Expires=Wed, 08 Sep 2032 20:54:02 GMT; HttpOnly
experiment-popup-payment-7=0; Path=/; Expires=Thu, 15 Sep 2022 20:54:02 GMT
experiment-save-to-button-2=0; Path=/; Expires=Thu, 15 Sep 2022 20:54:02 GMT
x-powered-by: Next.js
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wn50reEZnl381abmpG7re0jqekMSVh%2FApphOcgjXj%2FuvSdefu49z6mwLin0WCVAx18YEK3ss77Q9psMzjb2NDGiS6q5g%2BrQRptjoaXD9ds5MvEJlaGJ2whgJfIRlLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93bbefb8b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
pt.wmptctl.com/live-feed?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=302_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net&rrc=3
93.93.51.191200 OK 0 B URL HTTP/2 pt.wmptctl.com/live-feed?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=302_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net&rrc=3
IP 93.93.51.191:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
GET /live-feed?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=302_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net&rrc=3 HTTP/1.1
Host: pt.wmptctl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache
date: Thu, 08 Sep 2022 20:54:10 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Sat, 08-Oct-22 20:54:10 GMT; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1solM/extra/listing_catrows.css
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1solM/extra/listing_catrows.css
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1solM/extra/listing_catrows.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 08:14:15 GMT
etag: W/"631852d7-13ff"
expires: Fri, 07 Oct 2022 08:14:52 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 131956
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f06975b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1sKcK/h.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1sKcK/h.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1sKcK/h.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:34:18 GMT
etag: W/"63199afa-a7ecb"
expires: Sat, 08 Oct 2022 07:35:13 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47923
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f0696fb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/video.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/video.js
IP 104.26.1.188:0
GET /_next/static/3NacEFLLfmnQ5HlphqE-l/pages/video.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:28 GMT
etag: W/"597e-1826d2b94a4"
cf-cache-status: HIT
age: 2981362
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ly12K4kuSTBNXQ9XXnwsbhNhj08paXeP6NiljvP4AiimywVUyKGrrhs2sgfnNfx9uwsfDJ5KKstviMjQoQUq8txDFKCd9GnHWE2LE4vUTYgWzAvsJ7jZs5aKE%2BNu3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93beac12b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/sprite/bc/c2c_prime_atlas.svg
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/images/sprite/bc/c2c_prime_atlas.svg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /images/sprite/bc/c2c_prime_atlas.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.bcicdn.com/css-min/1solM/extra/chat.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/svg+xml
last-modified: Thu, 24 Sep 2020 09:15:27 GMT
etag: W/"5f6c63af-274c"
expires: Thu, 22 Sep 2022 07:38:53 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 889779
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f18b0bb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/47.6c9a4510342e4dd3af77.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/47.6c9a4510342e4dd3af77.js
IP 104.26.1.188:0
GET /_next/static/chunks/47.6c9a4510342e4dd3af77.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"620-181397f9e59"
cf-cache-status: HIT
age: 8111604
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=va26U66MbCHYhUW4gqMBnC9Hc0k6K1gmQXmjT4mQ6yynyqlr6LJpM4p%2FBEPdwkCfvF5ClmHM%2BNhKruGHJB0xCb6QuaBA4OH2WieYuJ4gp0Sf%2Bct%2FqXKFzUpNS1c4HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93bebc32b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js
IP 104.26.1.188:0
GET /_next/static/runtime/main-8daa673a54696bb62abb.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:19:48 GMT
etag: W/"11cd7-179fb717a09"
cf-cache-status: HIT
age: 29127510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuCZXQR7yMBw5tybM38OhXJVI6YhekzjRRSzr2l42ZyfjjN%2B0EB4pQcZTqYRVRyWggXgVcnDhsD9C%2BLJ0hgDmcMFI0l2XAA6Eg8Qsi1URnhvt3qf9xnQuh9QAdneog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93becc3bb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/59.edff5ae0d8d83054b552.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/59.edff5ae0d8d83054b552.js
IP 104.26.1.188:0
GET /_next/static/chunks/59.edff5ae0d8d83054b552.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:20:14 GMT
etag: W/"c8b-179fb71df0d"
cf-cache-status: HIT
age: 29127511
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgz2qLV6BjmFaPN0EXppfj%2BIzMZk1PWJtBczk2aNMF8bviy5PkZHgif%2BGnir6trc3eReasCbysGOm7HzgtA3xl4p9F6F3VF36P3sohipd6UjdGPKTyc1s%2FdLqi4NGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93bebc2db4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
chaturbate.com/topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
104.18.101.40302 Found 0 B URL HTTP/2 chaturbate.com/topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
IP 104.18.101.40:0
GET /topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.medfoodsafety.com/
Connection: keep-alive
Cookie: __cf_bm=lqPTChHFzYfMx8NJLy0l9vOnsJdsfS_qZ48orqjmW40-1662670447-0-AcYnq3X+htpXJY3mKOnBSOsPbkbsGfYvRUwoqspBr1GP3WQaFMcpFqZ+kK8IcrLE2GuOnsDDoX1/R76V+2n8WaM=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: text/html; charset=utf-8
location: /embed/stacimarierose/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
set-cookie: stcki="pOtSwZ=0\054FqPd9a=1\0546pduSG=0\054aDBbcK=0\0548UAXRV=1"; expires=Sat, 08-Oct-2022 20:54:07 GMT; Max-Age=2592000; Path=/
affkey=eJyrVipSslJQyigpKSi20tdP1MtNTUnLz08pTkxLLanUS87P1VeqBQDmXQyt; Domain=.chaturbate.com; expires=Sat, 08-Oct-2022 20:54:07 GMT; Max-Age=2592000; Path=/
sbr=sec:sbrd97678c8-817a-4a19-ac1a-7af0cacdcf15:1oWOXH:CSY0ZDGJ57l364PCBoexWjVbyFk; Domain=.chaturbate.com; expires=Tue, 03-Jun-2025 20:54:07 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 747a93da78d00b02-OSL
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/blonde_riderxxx.jpg?1662670440
104.19.242.83200 OK 0 B URL HTTP/2 roomimg.stream.highwebmedia.com/riw/blonde_riderxxx.jpg?1662670440
IP 104.19.242.83:0
GET /riw/blonde_riderxxx.jpg?1662670440 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: image/jpeg
content-length: 12126
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=12212
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 21
last-modified: Thu, 08 Sep 2022 20:53:47 GMT
expires: Thu, 08 Sep 2022 20:54:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RouB2BwwpZJW%2BEJVOpozGIMNbF%2F3VwH2hycgK2kpaBTmnXbWEY7XpEvPZ5RNUaMxsreTINLmKmwjL88NwsRR6J%2F2HBbppr2nhAONG97dEGhohhaKVCEgjx8vVz%2FT37QITutOwYvlzsvlLZdTbTtqEoc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=A_p2RKDNl0WBde1_vZrUqt7OTHnSq0TS2JF1yrBiGis-1662670448536-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747a93df4c1db51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/16.2fcecc4fbe403da70f1d.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/16.2fcecc4fbe403da70f1d.js
IP 104.26.1.188:0
GET /_next/static/chunks/16.2fcecc4fbe403da70f1d.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:18:49 GMT
etag: W/"4f4a-179fb7093d6"
cf-cache-status: HIT
age: 29127511
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3%2B9kcqCwD4DLQ9cJl267n5GBqMdVFiFITqnosm1odE4IWx%2FtNx6crGS0E%2Fl6e%2FJ4Fhg%2FLpWO6wyygrG5MowBif9rJF7l1VZEjDC6faW0t5KAZxYMBD8q21GOyyYFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93bebc25b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js
IP 104.26.1.188:0
GET /_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:19:48 GMT
etag: W/"61c-179fb7179e1"
cf-cache-status: HIT
age: 29127511
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXD4oA8jsp0NGc16PBgTaSZRhw65puOajR4eTyRISMxOacs%2BiSqNixAzah6FjuddMi1GxIaTaKvzQm%2Fmbu0pF%2FC5Yj3gQvcS7j1MzTO86whwS0GCEKj3WudhDSiASg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93becc39b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
tsyndicate.com/do2/b5346988f58b4a3986d63c85fcf561b2/vast?w=1280&h=1024&keywords=ifr&tz=0
136.243.83.47200 OK 0 B URL HTTP/2 tsyndicate.com/do2/b5346988f58b4a3986d63c85fcf561b2/vast?w=1280&h=1024&keywords=ifr&tz=0
IP 136.243.83.47:0
ASN #24940 Hetzner Online GmbH
GET /do2/b5346988f58b4a3986d63c85fcf561b2/vast?w=1280&h=1024&keywords=ifr&tz=0 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://media.aso1.net
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://media.aso1.net
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-vast: 3.0
x-request-id: 7d3477382e4237b9
set-cookie: ts_uid=1fec7df9-c3e7-4147-ad12-785e5fcd5204; expires=Wed, 08 Mar 2023 20:54:07 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZOWjAiDFDRhcWIsYU3BLjoYgyE2PYsCHjRg0bOGjc6NJH; expires=Fri, 09 Sep 2022 20:54:07 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
camschat.net/900250/awe900250.php
66.230.180.98200 OK 0 B URL HTTP/2 camschat.net/900250/awe900250.php
IP 66.230.180.98:0
GET /900250/awe900250.php HTTP/1.1
Host: camschat.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/900250/adnium.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.3
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1sKcK/e0e50.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1sKcK/e0e50.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1sKcK/e0e50.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:34:18 GMT
etag: W/"63199afa-4300"
expires: Sat, 08 Oct 2022 07:35:14 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47922
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f36e1cb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
chaturbate.com/in/?track=adnium-xfantazy.com&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
104.18.101.40302 Found 0 B URL HTTP/2 chaturbate.com/in/?track=adnium-xfantazy.com&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
IP 104.18.101.40:0
GET /in/?track=adnium-xfantazy.com&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.medfoodsafety.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: text/html; charset=utf-8
location: /topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_dTm0=1; expires=Tue, 13-Sep-2022 20:54:07 GMT; Max-Age=432000; Path=/
us_dTm0=1; Path=/
affkey="eJwdjUEOQDAQRa8is0axtHQBGxcYbSdERqUdiRJ3l7F8/73kPyDQF+AmbqAswPKhKDimQVnipoxuX0+uLsJd8M61Daw2qltEjtQbgzV7RyG4hOTlb4xGSKSZzbOPvG5et/+ka+H9AHQbJg4="; Domain=.chaturbate.com; expires=Sat, 08-Oct-2022 20:54:07 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Fri, 09-Sep-2022 02:54:07 GMT; Max-Age=21600; Path=/
stcki="pOtSwZ=0\054FqPd9a=1\0546pduSG=0\054aDBbcK=0\0548UAXRV=0"; expires=Sat, 08-Oct-2022 20:54:07 GMT; Max-Age=2592000; Path=/
sbr=sec:sbr9326c1f6-b95a-41a3-8567-fe1acd86ae1d:1oWOXH:N0JducDKw3ZCUJBz4euM2syGGsA; Domain=.chaturbate.com; expires=Tue, 03-Jun-2025 20:54:07 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
__cf_bm=lqPTChHFzYfMx8NJLy0l9vOnsJdsfS_qZ48orqjmW40-1662670447-0-AcYnq3X+htpXJY3mKOnBSOsPbkbsGfYvRUwoqspBr1GP3WQaFMcpFqZ+kK8IcrLE2GuOnsDDoX1/R76V+2n8WaM=; path=/; expires=Thu, 08-Sep-22 21:24:07 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 747a93d94f6b0b02-OSL
X-Firefox-Spdy: h2
a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=YTGvpBW7z-zY11pTLLRHLoIJqL3gfdW6iiNqtne8VrjhZnrH_Gq3SUdaIoNxQa8lvCLo9k6v3EOtf2yWFhackBD_Zve1ZnK9qf9emU13Vnk23Q_gUIDRUi
66.254.114.171200 OK 0 B URL HTTP/2 a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=YTGvpBW7z-zY11pTLLRHLoIJqL3gfdW6iiNqtne8VrjhZnrH_Gq3SUdaIoNxQa8lvCLo9k6v3EOtf2yWFhackBD_Zve1ZnK9qf9emU13Vnk23Q_gUIDRUi
IP 66.254.114.171:0
GET /get/10005363?time=1592491455431&atc=416763&apb=YTGvpBW7z-zY11pTLLRHLoIJqL3gfdW6iiNqtne8VrjhZnrH_Gq3SUdaIoNxQa8lvCLo9k6v3EOtf2yWFhackBD_Zve1ZnK9qf9emU13Vnk23Q_gUIDRUi HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KEmMaVnBCKFNRchzlAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7041; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 631A5670-42FE72AB01BB7A93-1E7959B0
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1solM/cr.css
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1solM/cr.css
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1solM/cr.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 08:14:14 GMT
etag: W/"631852d6-13356"
expires: Fri, 07 Oct 2022 08:14:39 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 131956
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93eff8c0b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1solM/ft.css
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1solM/ft.css
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1solM/ft.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 08:14:14 GMT
etag: W/"631852d6-3a14"
expires: Fri, 07 Oct 2022 08:14:53 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 131956
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f06967b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1sKcK/dfbb5.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1sKcK/dfbb5.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1sKcK/dfbb5.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:34:18 GMT
etag: W/"63199afa-1b5"
expires: Sat, 08 Oct 2022 07:35:14 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47922
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f3ceb8b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.medfoodsafety.com/loader?a=4787912&v=2&t=1&s=4776911&p=8575&if=true
104.21.62.145200 OK 0 B URL HTTP/2 a.medfoodsafety.com/loader?a=4787912&v=2&t=1&s=4776911&p=8575&if=true
IP 104.21.62.145:0
GET /loader?a=4787912&v=2&t=1&s=4776911&p=8575&if=true HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyPkmTGykpOJtMRCX9Oc87mnPbjo2yYe7KHIldA05%2FIoJk9tDw8wJMdeWFaY%2B40JySssVZguG3ULeykCqZbFCQk5Xym58gNJuWy8TxDoOSp%2BAo9trXwbqe5DeCtHQkYRL94AONCd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93d7185db50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/css/output.b58b81ee448a.css
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.b58b81ee448a.css
IP 104.16.93.42:0
GET /CACHE/css/output.b58b81ee448a.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=63822
etag: W/"c3fdd95cae57f9313b0d3ed8cf554d51"
last-modified: Thu, 01 Sep 2022 23:26:03 GMT
x-amz-id-2: fr1yko4z/v9+BX/DSjFkdytjkSfujKRNWb+420tBUkb0Vn/Wi8s6tkBg/7ga1SzX/q5eTCKepOgq6wLIfbHmoA==
x-amz-meta-s3cmd-attrs: md5:c3fdd95cae57f9313b0d3ed8cf554d51
x-amz-request-id: WQ99MTD0E25C2VMF
cf-cache-status: HIT
age: 595529
expires: Sat, 08 Oct 2022 20:54:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IDSfP0D50H6QgLW2cthmBDK51v2TMSnzKlDmLy4DscbNrYHQfllSuTRrI%2FpdTUR1VCVGmBFsWQ0MjGg7wyFDsbw%2FNPudeK6Ftuk0xdcz6I9%2BRPcVkPbbJeUcsoaslo8Ffkra%2F3FC6W958lGvWZBUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=HwNkjADEEBnXICh1JspPsV.Pjflhf2Ct328BngX.A.s-1662670448505-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747a93df0f0ab50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/cachebust/chatembed-prod-073245c20b70.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/cachebust/chatembed-prod-073245c20b70.js
IP 104.16.93.42:0
GET /cachebust/chatembed-prod-073245c20b70.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=902959
etag: W/"5403d147e6bf18891a9c75f58ab8b55b"
last-modified: Thu, 08 Sep 2022 19:35:12 GMT
x-amz-id-2: XvxYemZI1rsIMzow/OzydkNc5XapirUEQzV2wuPiSjOg2CoGlcVnuJxBVnJowMk8bosTfsFwXJ4=
x-amz-meta-s3cmd-attrs: md5:5403d147e6bf18891a9c75f58ab8b55b
x-amz-request-id: 25W067HCVX6TYESJ
cf-cache-status: HIT
age: 4549
expires: Sat, 08 Oct 2022 20:54:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSdnobOQdV6DJJtu9y00nfMKM1AJdO4CjzfAuv2rGv03uh9ZZ7wjGKEI9fpODQQxrPtBZu%2FOy33fO%2BJbrFbYcZC%2FNQidcnNlMYlxsaK6sstWNt8BsR7FwtfhgRcwNYNFE6B%2Bhn%2BHbVhfji97KstIHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=F8S.TiOVg.oVIbI9Q2EP.6_YuZk72zqlDWFi.xympo0-1662670448510-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747a93df0f08b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
as.sexad.net/as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=900&adHeight=75&niche=female&fontSize=15&font_color=%23fff&background_color=%23000000&hn=fap247.com&AFNO=1-286
216.127.52.242200 0 B URL HTTP/1.1 as.sexad.net/as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=900&adHeight=75&niche=female&fontSize=15&font_color=%23fff&background_color=%23000000&hn=fap247.com&AFNO=1-286
IP 216.127.52.242:0
GET /as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=900&adHeight=75&niche=female&fontSize=15&font_color=%23fff&background_color=%23000000&hn=fap247.com&AFNO=1-286 HTTP/1.1
Host: as.sexad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx/1.18.0
Date: Thu, 08 Sep 2022 20:54:08 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Access-Control-Allow-Origin: *
Set-Cookie: at11662670448937_0_5106_4398=0001000; expires=Sat, 08-Oct-2022 20:54:08 GMT; Max-Age=2592000; path=/as; secure; SameSite=None
iid=2432-1662670448; expires=Sun, 05-Sep-2032 20:54:08 GMT; Max-Age=315360000; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
Content-Encoding: gzip
no.bongacams.com/images/sprite/bc/icon11.svg
195.85.23.95200 OK 0 B URL HTTP/2 no.bongacams.com/images/sprite/bc/icon11.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
GET /images/sprite/bc/icon11.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=Z29yaTE1NzMzNTQxZTcyNDEzYmNiMDk1ZWZiMjZkYmU4OTIyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=0NAmWpqpLt.DDETamu1erOFNY5lypINfgdPMKIhHgFQ-1662670450-0-AQ84N2s6Q1z7cfTIUvK56btJNGsesL5danYaIXSIFP16ZgyPWK4cQrwFcrH5WtiCHaOEsZxYO/k3i2zhYW/IaKM=; bonga20120608=f2334419a39448de3bd722f94eeaccb8; BONGAH_HIT=15733541e72413bcb095efb26dbe8922%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-09-08%2023%3A54%3A10; sg=94; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/svg+xml
last-modified: Wed, 07 Sep 2022 03:04:44 GMT
etag: W/"63180a4c-5ab6"
expires: Sat, 08 Oct 2022 20:54:11 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 150048
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a93f15fd0b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/9.be198c87e436634bf765.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/9.be198c87e436634bf765.js
IP 104.26.1.188:0
GET /_next/static/chunks/9.be198c87e436634bf765.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"9c95-181397f9e55"
cf-cache-status: HIT
age: 8111202
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpjEbI7VLD9Wni3CPmyqiRsneGHiWbFbN7F2S4vY3kyotE60GRjBTr0Rz8%2FQQW6geU5eajpFuLx%2FboH8oNd1UbIPdvmS96N%2FSunH3x20xqQ23BtmqKkPUUuh%2BhXMlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93bebc21b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/tags.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/tags.js
IP 104.26.1.188:0
GET /_next/static/3NacEFLLfmnQ5HlphqE-l/pages/tags.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiJmMjkzNmRiYjVmMGI4IiwiaWF0IjoxNjYyNjcwNDQ0LCJleHAiOjE2NjMyNzUyNDR9.q_0MG9R3Zy4ZMWaviYqBUmusd-vowTIyrlFuOzgcOU0; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiMWU4N2M2YThhN2FkMiIsImlhdCI6MTY2MjY3MDQ0NCwiZXhwIjoxNjY1MjYyNDQ0fQ.RSMEvDTB1DXcnrJWMEmk6Hoon8OEgjmKBmOZ9r8Is-E; _ga=GA1.2.505617016.1662670436; _gid=GA1.2.708268016.1662670436; _dc_gtm_UA-121614197-2=1; _ym_uid=16626704361038515420; _ym_d=1662670436; visitorGetPop=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:28 GMT
etag: W/"f20-1826d2b94a4"
cf-cache-status: HIT
age: 2981207
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMrv2%2FaYN6DflUZHuc9uiIalA2TDpLyvw0%2FejWTbap54BMa53fFfQyFj6FDN0tYpCh7EsktS0plj2w8%2FWk0ajAnxhQ8%2BbgMxfO7kNHZAxAlIh9Q762F7NEKwWsTfRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c63f8bb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.focusde.info/api/spots/391865?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/391865?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/391865?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=8gMgz77fi5vlgzMpaF8J; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/images/svg/bc/model_of_hour/female_1.svg
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/images/svg/bc/model_of_hour/female_1.svg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /images/svg/bc/model_of_hour/female_1.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Dec 2019 03:04:32 GMT
etag: W/"5e096940-31eb"
expires: Mon, 26 Sep 2022 10:06:22 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 889659
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f008cab518-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.1486cd5aa4f0.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.1486cd5aa4f0.js
IP 104.16.93.42:0
GET /CACHE/js/output.1486cd5aa4f0.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=117895
etag: W/"eb2259ff6dbd950ae158f73065752aa1"
last-modified: Thu, 21 Oct 2021 18:11:54 GMT
x-amz-id-2: k6NhlyRh+XXZM7+pSOMylQwAMSlxLRy7teDHalfRWz7mnIIf6Ig6amIFaKAolUjBHmL3PkEkULk=
x-amz-meta-s3cmd-attrs: md5:eb2259ff6dbd950ae158f73065752aa1
x-amz-request-id: FHZ86T60E9WK32PB
cf-cache-status: HIT
age: 343239
expires: Sat, 08 Oct 2022 20:54:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFf%2FCR8%2BtikjZk84X0T66EMttXZE68nkA5nYkyuoZxI5sR9LlaBaxmJke0dIgW%2BmhKIxuxeT4MiWnG99doEB4x%2BhnS2u%2Fc5DDf0q90t1R7fygsWM8StQ%2B4yRw6702t7ovm%2BwSk325rCOw5WAsEuXaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=Q5SSyaLD3iAgUP4XxDM21qOVJpX9EHxKZCBlBySAmCI-1662670448520-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747a93df3f44b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/images/replace/10/arial/999/bnct_v2.svg
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/images/replace/10/arial/999/bnct_v2.svg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /images/replace/10/arial/999/bnct_v2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Mar 2022 11:31:02 GMT
etag: W/"6231ca76-345d"
expires: Mon, 12 Sep 2022 11:34:41 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-p4: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 341058
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f06965b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1sKcK/f0051.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1sKcK/f0051.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1sKcK/f0051.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:34:18 GMT
etag: W/"63199afa-10c4"
expires: Sat, 08 Oct 2022 07:35:13 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47922
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f36e21b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
api-protected.protoawegw.com/v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&product=livejasmin&presets=&certified=0&streamType=rtmp&category=girl&performerIds[]=VikkyMeow
93.93.51.225200 OK 0 B URL HTTP/2 api-protected.protoawegw.com/v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&product=livejasmin&presets=&certified=0&streamType=rtmp&category=girl&performerIds[]=VikkyMeow
IP 93.93.51.225:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
GET /v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&product=livejasmin&presets=&certified=0&streamType=rtmp&category=girl&performerIds[]=VikkyMeow HTTP/1.1
Host: api-protected.protoawegw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pt.wmptctl.com/
Origin: https://pt.wmptctl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE, PATCH
server: unknown
content-encoding: gzip
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
IP 104.16.93.42:0
GET /CACHE/js/output.6f6724a00cb8.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"a708027bfbbde438a72a93082d4bc4b5"
last-modified: Thu, 24 Jun 2021 21:24:05 GMT
x-amz-id-2: JSy2VAlm3gAahvlCm5/iqNOQuasckcIrq13CGup8iDmNjJ/I2mSXsAw6q4OzSeK3RH88h3oFZ3U=
x-amz-meta-s3cmd-attrs: md5:a708027bfbbde438a72a93082d4bc4b5
x-amz-request-id: 2D5V5B3Y2TWH6PZC
cf-cache-status: HIT
age: 1812408
expires: Sat, 08 Oct 2022 20:54:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZdYkcLwjwAR52xM%2F8SDFUdxaWSlbWzZ4cQGpg7ReWgY09oexBNAQ8V4nsNOZXUS3tnKhg0oLAmBVRN2gKIrsEcheYoXi%2Fgtk2iLqBXyKkt8505t%2FoD0hWBc7H9PmaCQ8qeYI0TaSSjpyfSZlDfdBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=HwNkjADEEBnXICh1JspPsV.Pjflhf2Ct328BngX.A.s-1662670448505-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747a93df0f0bb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1sKcK/0b855.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1sKcK/0b855.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1sKcK/0b855.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:12 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:34:18 GMT
etag: W/"63199afa-38cb"
expires: Sat, 08 Oct 2022 07:35:16 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47923
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f558e5b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1sKcK/ada8m.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1sKcK/ada8m.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1sKcK/ada8m.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:34:18 GMT
etag: W/"63199afa-ef"
expires: Sat, 08 Oct 2022 07:35:16 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47922
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f3dedfb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/category.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/3NacEFLLfmnQ5HlphqE-l/pages/category.js
IP 104.26.1.188:0
GET /_next/static/3NacEFLLfmnQ5HlphqE-l/pages/category.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e364cff61f0be74ac0ccfe4
Cookie: visitorId=fayfi6j1tcchqjeduw33w9; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiJmMjkzNmRiYjVmMGI4IiwiaWF0IjoxNjYyNjcwNDQ0LCJleHAiOjE2NjMyNzUyNDR9.q_0MG9R3Zy4ZMWaviYqBUmusd-vowTIyrlFuOzgcOU0; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiMWU4N2M2YThhN2FkMiIsImlhdCI6MTY2MjY3MDQ0NCwiZXhwIjoxNjY1MjYyNDQ0fQ.RSMEvDTB1DXcnrJWMEmk6Hoon8OEgjmKBmOZ9r8Is-E; _ga=GA1.2.505617016.1662670436; _gid=GA1.2.708268016.1662670436; _dc_gtm_UA-121614197-2=1; _ym_uid=16626704361038515420; _ym_d=1662670436; visitorGetPop=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:28 GMT
etag: W/"818-1826d2b92e8"
cf-cache-status: HIT
age: 2981251
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9RuwZijzMYKMa64gHmLSdkOvF5LPHwn1erjwybgip7IcQMrvPlbJpTdvolBYInarOezG2EfFg4Yt17UTRvxQWYbi%2BNGnrYRiAuzo0uMu2h54YChSe%2BXuEXmv%2FudDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93c64f99b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S621337808%3A1662670445338748&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXRu9cdHhJgh7RB96ymTHiyM_NQEZXRHcxxCeM3-v269U0klWpJQ1iBTkwawFxADuM-FztKiw
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S621337808%3A1662670445338748&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXRu9cdHhJgh7RB96ymTHiyM_NQEZXRHcxxCeM3-v269U0klWpJQ1iBTkwawFxADuM-FztKiw
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S621337808%3A1662670445338748&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXRu9cdHhJgh7RB96ymTHiyM_NQEZXRHcxxCeM3-v269U0klWpJQ1iBTkwawFxADuM-FztKiw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Sep 2022 20:54:05 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-r-J1lkcKPjv3qzti5vJoZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=jREQ91rxFa-w12qv7qfrdYrerwnOOEGBn2dl8FdqKpQhWXlFQDxF5aW2Sb-L6ZinoPjQiA-Xvk8QRtwd_PHkk02-3n5F9Tave7MPmgxLiHQVh6dwvBPEFkwzy7AG1cNPjy1qrvXtOrFwPtTofd91ISv9DTLn9H-eZs0qS5akGwk; expires=Fri, 10-Mar-2023 20:54:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
no.bongacams.com/images/sprite/bc/chat9.svg
195.85.23.95200 OK 0 B URL HTTP/2 no.bongacams.com/images/sprite/bc/chat9.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
GET /images/sprite/bc/chat9.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=Z29yaTE1NzMzNTQxZTcyNDEzYmNiMDk1ZWZiMjZkYmU4OTIyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=0NAmWpqpLt.DDETamu1erOFNY5lypINfgdPMKIhHgFQ-1662670450-0-AQ84N2s6Q1z7cfTIUvK56btJNGsesL5danYaIXSIFP16ZgyPWK4cQrwFcrH5WtiCHaOEsZxYO/k3i2zhYW/IaKM=; bonga20120608=f2334419a39448de3bd722f94eeaccb8; BONGAH_HIT=15733541e72413bcb095efb26dbe8922%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-09-08%2023%3A54%3A10; sg=94; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: image/svg+xml
last-modified: Wed, 04 May 2022 07:04:22 GMT
etag: W/"62722576-9a48"
expires: Sat, 08 Oct 2022 20:54:11 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 343925
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a93f15fd3b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1sKcK/0595.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1sKcK/0595.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1sKcK/0595.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:34:18 GMT
etag: W/"63199afa-17ce"
expires: Sat, 08 Oct 2022 07:35:14 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47927
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f36e0cb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.focusde.info/api/spots/303894?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/303894?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/303894?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=rHhgmVqwsfBvBkVUDoky
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:54:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
a.bestcontentfood.top/warp/4787912?r=25482
172.67.200.139200 OK 0 B URL HTTP/2 a.bestcontentfood.top/warp/4787912?r=25482
IP 172.67.200.139:0
Analyzer Verdict Alert fortinet Phishing
GET /warp/4787912?r=25482 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xh4ovBIr%2FCSqdZFtNlR1i%2FRBtLbcneXhSNk%2B%2Bs5jcGVm4ky9Yl1wwHMB9oyYuWkvuyXAg8keGYDQ%2BrJ6EmZ8dtbZPCjIvCqic9%2Bwtumx3lTn9cTyV6TgFLqiVQ2yn3ruNAN19QQgPt8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93d59da7b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.medfoodsafety.com/loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true
104.21.62.145200 OK 0 B URL HTTP/2 a.medfoodsafety.com/loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true
IP 104.21.62.145:0
GET /loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:07 GMT
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChfYY%2BkVIzhUlj6HfyoEdjNIA5S%2BKU3RM3fOq1UUv7QSU1s8QEWEZIeeFpqYJzr2dNB4dXNLRrWlQt1XVXXqsSWBS6PsI%2BcnCOblSL7%2FMg5jNG1u0%2F1xHH6x%2BLB%2FYeU5gEF88%2B3A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a93d6f83cb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/cachebust/theatermode-react-073245c20b70.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/cachebust/theatermode-react-073245c20b70.js
IP 104.16.93.42:0
GET /cachebust/theatermode-react-073245c20b70.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=193983
etag: W/"7f0d39549efd61165139403fd540b137"
last-modified: Thu, 08 Sep 2022 19:35:15 GMT
x-amz-id-2: 3OjfNdvViriyk4NS0LDsNwcKC3xiChNv5oAnaWNvwbQJmZjG6B/HqJLa4niB1nIx0qzIMe8Bq6g=
x-amz-meta-s3cmd-attrs: md5:7f0d39549efd61165139403fd540b137
x-amz-request-id: 41JGVP18V158CVT8
cf-cache-status: HIT
age: 4567
expires: Sat, 08 Oct 2022 20:54:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zm%2FPZ2xUfIfpnQMMHuFQFOGXITsJMSXtDYCHHz6lLhm8n%2BOTf5Umb5pxL64pa004HTA5zgFU4XEkQ61XQhhZVcU9N%2BL%2F89EGirFU3Zrs5xsi2zubAKiLIeKjdhJdOKA0eEffbuiCxonATB0DRQrSUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=VrLGLLQB6lhxrq7DJV7MyMOUuUMCrKxlLNmogf1dpik-1662670448503-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747a93df0f06b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.9b823bb2f723.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.9b823bb2f723.js
IP 104.16.93.42:0
GET /CACHE/js/output.9b823bb2f723.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"1360376b8f5657814f662391b765d655"
last-modified: Tue, 24 May 2022 17:14:17 GMT
x-amz-id-2: KTWJY/HCZAzfCN7zvoTtoCRDkjCDtsx43npe+RSp0Ebo2HF6WHgess4Ct9QL7Zi8XExzaRuhmCw=
x-amz-meta-s3cmd-attrs: md5:1360376b8f5657814f662391b765d655
x-amz-request-id: M1HHWCFNA8C6CV81
cf-cache-status: HIT
age: 336023
expires: Sat, 08 Oct 2022 20:54:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2B5gt0dfbsbOe5Fv6sW3kNkoqaCgpMVw35xq12YxVZTHSXX%2Fsy4D9bMYjCIbfpfUNr73cwHwidEJQ62XCqBZXOHpezTosHpxb3Ytelq7R16jEAHUbbut2GytCnUVg5Hld4Rtqt7E%2BMJzVLKbiTPKdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=26hPXWDj9yj8ChfA5pU.t.SIEOibe6eIhTrrifiiIg0-1662670448521-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747a93df3f46b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.caee332d326d.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.caee332d326d.js
IP 104.16.93.42:0
GET /CACHE/js/output.caee332d326d.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:08 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"b61e15511bf0db70d0d422e98c465403"
last-modified: Thu, 24 Jun 2021 21:24:08 GMT
x-amz-id-2: gAJe87IyJM0OkbaBgua73HTcoEANURYYk4wpsNNClr414DBIRL/v+K+9hxRFHrgcwnw38qlmXmM=
x-amz-meta-s3cmd-attrs: md5:b61e15511bf0db70d0d422e98c465403
x-amz-request-id: 2D5TZ021KE4200HB
cf-cache-status: HIT
age: 1812408
expires: Sat, 08 Oct 2022 20:54:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YH5k2loC4YQStsFeWprZBd0sAEfqWkpq1m7g%2BFCE580sU4oSuoBPjWxDJMGRLMZWN8H2w1rpw0oj15vlLjvjG%2BNLH9lvdHPDeuApk6pbmz95ctgtwJAjv3UYB%2BEKJGdWDb%2FTJ%2Fio42ZYwOSeP7TlHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=VSVYtOSPFxw0DNWXWLpx7yMSXqEChP9jbU2AqmfdyM0-1662670448522-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747a93df3f45b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1solM/lt.css
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1solM/lt.css
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1solM/lt.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 08:14:14 GMT
etag: W/"631852d6-19dcc"
expires: Fri, 07 Oct 2022 08:14:52 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 131956
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f06971b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1sKcK/eb9b1.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1sKcK/eb9b1.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1sKcK/eb9b1.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:54:11 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:34:18 GMT
etag: W/"63199afa-54a9"
expires: Sat, 08 Oct 2022 07:35:14 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47922
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747a93f3dee1b518-OSL
content-encoding: br
X-Firefox-Spdy: h2