cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
200 OK 591 B URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (1266)
Hash 4412bf8023109ee9eb1f1f226d391329
c273960aa874a87dd022b5e597887142f1b8e34f
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 556297
expires: Fri, 22 Nov 2024 17:32:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lK0OKZTCsqf%2B6ZZ%2B1%2FhzsqI7OFhzIBaUJ7i0Q%2FTyuVI0wBAiM6MMJ7CIG4cbi8bobXUNZmF4dCpgz0YLqT7OSMqGoUvQ8qTFYkwcvA230HORoKOhgQoknnU57ZXzyzbkH%2BhJR2Bv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82fd8c478b39b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.hotzxgirl.com/themes/images/ajax-loader.gif
200 OK 2.7 kB URL GET HTTP/3 www.hotzxgirl.com/themes/images/ajax-loader.gif
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjecthotzxgirl.com
Fingerprint0E:BF:16:FE:F8:09:93:3E:36:4E:72:74:04:76:85:9B:6C:2D:15:28
ValiditySat, 02 Dec 2023 14:56:08 GMT - Fri, 01 Mar 2024 14:56:07 GMT
File type GIF image data, version 89a, 35 x 35\012- data
Hash 395c0d77abb4d15f7a505c32d3fd40b9
5bb21e86a07c07e7b63b3b372359d6de38549739
a01ebe9b22e5cb9dd317e47b353988588b0245980ab8f56de2791fbb29908db7
GET /themes/images/ajax-loader.gif HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/themes/style.css
Cookie: PHPSESSID=qcmk16en928bhm1urp8tfaj7h8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:16 GMT
content-type: image/gif
content-length: 2711
cache-control: public, max-age=31536000
expires: Fri, 29 Nov 2024 06:47:07 GMT
last-modified: Wed, 26 Apr 2023 00:10:02 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 297909
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAudan8mx%2F%2BxoTA9iL6tmBaNIwyLgOJV0UTr09iJyBz4T0XgwXX6kwwBCjzpnrh8Izdy9a%2Bz%2F6xLcdr32kNCHFOUohIUFLGG78ImrwTJ3UgNPn0Iw5AURgnLheBhM2Wc5MjIAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c4a8b3056c6-OSL
alt-svc: h3=":443"; ma=86400
tse2.mm.bing.net/th?id=OIP.wAQiIEW3So7NOhqbZ2iZxgHaLH&pid=15.1
200 OK 39 kB URL GET HTTP/2 tse2.mm.bing.net/th?id=OIP.wAQiIEW3So7NOhqbZ2iZxgHaLH&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x711, components 3\012- data
Hash a74bae0db6fd882e05e4780d96428ae4
f1d4a35d19ff93b97705df3a98d09ae190e61acc
ec005be10d7c408f71a175e6f78f3954013c14a9d9fffc153aaf54ffd4446096
GET /th?id=OIP.wAQiIEW3So7NOhqbZ2iZxgHaLH&pid=15.1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 39148
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 823469DE7ED8470C88DDAF8765915D73 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.OAr2ixctvTnjHb7mu5LYSQHaLH&pid=15.1
200 OK 35 kB URL GET HTTP/2 tse1.mm.bing.net/th?id=OIP.OAr2ixctvTnjHb7mu5LYSQHaLH&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x711, components 3\012- data
Hash 7f1346e8acce4d25860ebaa3d306a488
2a97070c938e4e01403255f0a7624838e72d3d40
54c94ef9d6cfbef7b3b347c5e4c022e2e1d80c824a9ef61d0742f64e52205bbd
GET /th?id=OIP.OAr2ixctvTnjHb7mu5LYSQHaLH&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 35319
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AF69E8C4C90F40BFA9D8AD9950F1CBCD Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP.2Ji0d_tkKelfcAB0DqHFQAAAAA&pid=15.1
200 OK 64 kB URL GET HTTP/2 tse2.mm.bing.net/th?id=OIP.2Ji0d_tkKelfcAB0DqHFQAAAAA&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 426x640, components 3\012- data
Hash c00a3c1254105ce68bb85c61704cf339
e533140c05c65ed395f190abdf902c01984a72fb
37acfad478d93366ff448e2ae4e16ae58667db6805540cc7b421a9df4ec158f5
GET /th?id=OIP.2Ji0d_tkKelfcAB0DqHFQAAAAA&pid=15.1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 63604
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F4AEC734A6A04B50B482A3EFE8050C05 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.Zt8xlf-x0UBeO2xj5e4uHwHaLI&pid=15.1
200 OK 41 kB URL GET HTTP/2 tse1.mm.bing.net/th?id=OIP.Zt8xlf-x0UBeO2xj5e4uHwHaLI&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x712, components 3\012- data
Hash 1e35066f5199302b1b2c783a9ae6b5e7
1b3f41416a3799bc5ba588b3dec32606819a362c
40ecd5be9f7232085f26b015bff9fe26857b691d763185f667d0babe24c2fa37
GET /th?id=OIP.Zt8xlf-x0UBeO2xj5e4uHwHaLI&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 41071
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C2964D447CA749ACBDC7AC68BB37ADBD Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP.VMFVL_arFyQn2-VK_H_tNgHaJ3&pid=15.1
200 OK 41 kB URL GET HTTP/2 tse3.mm.bing.net/th?id=OIP.VMFVL_arFyQn2-VK_H_tNgHaJ3&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x631, components 3\012- data
Hash d7d2bebea1e45b5f36e7188e39331a6c
1ce0a01c487f92ddf1476bfd3b3143d8620ae583
328f1566a0247ec79c406d3adbe363dd7174843bf712e65398bf170174171a82
GET /th?id=OIP.VMFVL_arFyQn2-VK_H_tNgHaJ3&pid=15.1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 41150
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DB6E14A4CDC146CA87A0464C1558B649 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.8asqXnfp9PYyDZqI9izSQwHaL2&pid=15.1
200 OK 64 kB URL GET HTTP/2 tse4.mm.bing.net/th?id=OIP.8asqXnfp9PYyDZqI9izSQwHaL2&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x758, components 3\012- data
Hash 6dd228034b9ea6afccb2fd866fd57c27
c2a07b8cba6f433c90e9f56f5d8f9a51f25fd4ad
e9171c7f19d4f6e057e4c92956e007e7e2855ea1430a214870df3240552cf78c
GET /th?id=OIP.8asqXnfp9PYyDZqI9izSQwHaL2&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 63834
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AD12E881C8EE4F5190A030DB787E55E8 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP.JwFbTlXMJ6IVeTLJGlE3kQHaK4&pid=15.1
200 OK 30 kB URL GET HTTP/2 tse2.mm.bing.net/th?id=OIP.JwFbTlXMJ6IVeTLJGlE3kQHaK4&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x696, components 3\012- data
Hash c4d6a64c23ecb59ce72d91fa11b126ac
2b1bb59359dc10164c36826aea35594ebc762f39
d4c954dc39c72f2782d704bea6fcf5101734ca152953bca731f617a1c9b78d85
GET /th?id=OIP.JwFbTlXMJ6IVeTLJGlE3kQHaK4&pid=15.1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 30514
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AC86A64578874DB6BC2644909E651C5A Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.C01ZiLKETlnh6HoROMUBGwHaFG&pid=15.1
200 OK 22 kB URL GET HTTP/2 tse1.mm.bing.net/th?id=OIP.C01ZiLKETlnh6HoROMUBGwHaFG&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x326, components 3\012- data
Hash 0a65d7acf8777325128ffc6332ceb83d
c396be11bf91f93ebf0bbf822d5ff052dcee66f3
e4c8bd681a56c38591c0b57b523c12f126e3d152bad1e72f26aea482098739ad
GET /th?id=OIP.C01ZiLKETlnh6HoROMUBGwHaFG&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 21549
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 764025C796744C5E8FBBCF392D681192 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.5Wu81ly-UrzuG12P5z01WwHaHa&pid=15.1
200 OK 65 kB URL GET HTTP/2 tse1.mm.bing.net/th?id=OIP.5Wu81ly-UrzuG12P5z01WwHaHa&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x474, components 3\012- data
Hash 352cee7b3aa7c873af18db3a35a3da29
51f5ab1330fa306db26a0aab8fede77730fb3c78
959196cec0b56d911a47279f4a6b86b8d1739a48e65caee8c3214f43a48cff31
GET /th?id=OIP.5Wu81ly-UrzuG12P5z01WwHaHa&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 65429
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A04803CEA6E4F2E87379ECDA342267A Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP.qTQBK5SZBqLQODuP9CNvaQHaJQ&pid=15.1
200 OK 26 kB URL GET HTTP/2 tse2.mm.bing.net/th?id=OIP.qTQBK5SZBqLQODuP9CNvaQHaJQ&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x592, components 3\012- data
Hash 07bb485ed48c5d318bd890a996ef2398
f688171bf5eeed5f201d6b1909b406871add34ca
48c731976d935c19ad81dcf45302d82ec5a9cb622124891233cb7de80b467ec2
GET /th?id=OIP.qTQBK5SZBqLQODuP9CNvaQHaJQ&pid=15.1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 25576
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D674D285793D4298AA7CC8DB02EE137D Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP.R0SB-xAKoJENKEdWWTrnXgHaLG&pid=15.1
200 OK 49 kB URL GET HTTP/2 tse2.mm.bing.net/th?id=OIP.R0SB-xAKoJENKEdWWTrnXgHaLG&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x710, components 3\012- data
Hash d304240c5b6df720f45b393a5849d87b
267d2526ce0657c7ad842fb285c99fabcf57bd31
3c548bb3db94c828aa7c721f8fc67bc65c7c70588f4e28e8ebad448526460df1
GET /th?id=OIP.R0SB-xAKoJENKEdWWTrnXgHaLG&pid=15.1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 48618
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4CF6F64D77F14CC680E4B1D51F7E9997 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP.6TEmUk4s_-fOjhRR5BvsGgHaE8&pid=15.1
200 OK 20 kB URL GET HTTP/2 tse2.mm.bing.net/th?id=OIP.6TEmUk4s_-fOjhRR5BvsGgHaE8&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x316, components 3\012- data
Hash 1c7bedc53d15a7d5a16b45020ce275b6
43113868e0c5500931c3fb4bc4d20d6cb19e1dbe
0dbebb3df5b7d2cd25770926946e2ec5c19732eba159ed890432e53a4be391c9
GET /th?id=OIP.6TEmUk4s_-fOjhRR5BvsGgHaE8&pid=15.1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 20432
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5D13C7DC363B4BF2929068C991D4BC49 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.GtbBp_OBsiMxDG1lMIgTygHaHa&pid=15.1
404 Not Found 1.2 kB URL GET HTTP/2 tse1.mm.bing.net/th?id=OIP.GtbBp_OBsiMxDG1lMIgTygHaHa&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash f0f7d2c575a576fcbe5904900906e27a
2ae9765a166420936e89da8e3a0f4ca51919d1ce
36cbc8edf63260b8b3d9a827aee5ac721de768306c5231e22498de2c1232d358
GET /th?id=OIP.GtbBp_OBsiMxDG1lMIgTygHaHa&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache
pragma: no-cache
content-length: 1192
expires: -1
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 718D1182DD8446D7B5ED0C620E2A8264 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP.EdYhD3n1h5-De6yBpXcSrgHaLH&pid=15.1
200 OK 32 kB URL GET HTTP/2 tse2.mm.bing.net/th?id=OIP.EdYhD3n1h5-De6yBpXcSrgHaLH&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x711, components 3\012- data
Hash 0255eef78f258bda8ece28392faeec4b
7427ece64a8b78b2e1fc2d6e035888bc04fce0be
ed5d68f6657c330cf68687c98f9941e666b45d20d238033a6e443ecbd921d270
GET /th?id=OIP.EdYhD3n1h5-De6yBpXcSrgHaLH&pid=15.1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 31655
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 088ED9BDB57A4E54A9344CC111929A90 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP.PAf_ijoYzi4Zg0RaSM10VwHaHf&pid=15.1
200 OK 21 kB URL GET HTTP/2 tse3.mm.bing.net/th?id=OIP.PAf_ijoYzi4Zg0RaSM10VwHaHf&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x479, components 3\012- data
Hash 2499bab7c9acb8862a6a5823f3fbd5ba
26c8d56ccbbaa1d0b58c9e0956ce69580de301ed
815c98ae12444a7ce2025e7d204101ef1c75631f3f7f53168eb020dcd31e14c1
GET /th?id=OIP.PAf_ijoYzi4Zg0RaSM10VwHaHf&pid=15.1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 21022
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 34CE73BCDECD41D282DADB1748AAC62B Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP.lj3Pj6lerTaz7nEv-WHKEgHaLD&pid=15.1
200 OK 40 kB URL GET HTTP/2 tse3.mm.bing.net/th?id=OIP.lj3Pj6lerTaz7nEv-WHKEgHaLD&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x707, components 3\012- data
Hash 3aa9a2e58c0fe14a3464ed1ecacf8e62
d9346366aa86fa6420dab4a6daf5ac5069ad96ff
72c0efcf6816f525984998f80a86f7505638b37b5e17fca8c8f63abf14a906e7
GET /th?id=OIP.lj3Pj6lerTaz7nEv-WHKEgHaLD&pid=15.1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 40145
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E0D80BBF58F946EB9C7FE378443BA63E Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP.c2l9gNA_A9l-vSpz8ttl7gHaHa&pid=15.1
200 OK 42 kB URL GET HTTP/2 tse2.mm.bing.net/th?id=OIP.c2l9gNA_A9l-vSpz8ttl7gHaHa&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x474, components 3\012- data
Hash 8eaf37c719f503dfa620f3bc476873f3
ad1afa5e94307697014eb0909cfa2c44774ac546
361324abab4ffb5120788612ded3d64edc4c2cc1d7273cf1e0f087742c3eefbc
GET /th?id=OIP.c2l9gNA_A9l-vSpz8ttl7gHaHa&pid=15.1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 42296
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D103D916E4CD44EEBBA65660388458C3 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP.-jvvsJS3JG4I08fKOfVAZAHaG4&pid=15.1
200 OK 38 kB URL GET HTTP/2 tse3.mm.bing.net/th?id=OIP.-jvvsJS3JG4I08fKOfVAZAHaG4&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x440, components 3\012- data
Hash 71877d867bc1b018489209901c1c1eb4
49c773e4427b9505465c4bdaa5b99517a5be2d55
67d2858f9695c99d42aad0d6c33865159819f4ff407986470b968920a47e52a4
GET /th?id=OIP.-jvvsJS3JG4I08fKOfVAZAHaG4&pid=15.1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 37880
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE43AFF1121942CF81FF243E9BCA45B2 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP.DgIlRcsBMdwi7fRxB1r6ZgHaHa&pid=15.1
200 OK 24 kB URL GET HTTP/2 tse3.mm.bing.net/th?id=OIP.DgIlRcsBMdwi7fRxB1r6ZgHaHa&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x474, components 3\012- data
Hash cce3609168177b1a5d105fe9f2641b3f
f482ac33f3e5a9654b2a706de2eb0b4d74132c28
89ff4192943ccf0f0e3c6cde5d8864381aa027f96c9a99ff15d2dbedc500e935
GET /th?id=OIP.DgIlRcsBMdwi7fRxB1r6ZgHaHa&pid=15.1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 23773
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CCE9A8E9D9F34A5EA103C2B0A9BCA4AC Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP.JpRQJY8WhrHsIIhJOcLtcgHaKx&pid=15.1
200 OK 71 kB URL GET HTTP/2 tse3.mm.bing.net/th?id=OIP.JpRQJY8WhrHsIIhJOcLtcgHaKx&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x689, components 3\012- data
Hash 11b156900a1d3908eb5641189fbc572b
ccf87067370c526f6453c92fe800d0d8942b8d73
df5e9ad7231de60b051482fef04802675c4173c9b9fe88c841015458ce33f239
GET /th?id=OIP.JpRQJY8WhrHsIIhJOcLtcgHaKx&pid=15.1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 70630
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5CDC84B70D254672952604971D82F0AD Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP.i1qyfUTJCsbvDBgyqMb1gAHaLI&pid=15.1
200 OK 35 kB URL GET HTTP/2 tse3.mm.bing.net/th?id=OIP.i1qyfUTJCsbvDBgyqMb1gAHaLI&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x712, components 3\012- data
Hash 9ba105e2c48835617292ea5cfc104c18
2bb9d3556304d7e068afb876ea19179723357958
0e5a007f73b5f93852d3457553d734738b766c93b9f824d899aafa4603192201
GET /th?id=OIP.i1qyfUTJCsbvDBgyqMb1gAHaLI&pid=15.1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 35277
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 428CFB2DBD7E41A8AA4CE9CB02B85B98 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.neKD1UxDUsme6ygoKbLhdwAAAA&pid=15.1
200 OK 16 kB URL GET HTTP/2 tse1.mm.bing.net/th?id=OIP.neKD1UxDUsme6ygoKbLhdwAAAA&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 226x598, components 3\012- data
Hash 5340aea470ade34573f4922207a85c4f
ec9c27c608d0dcd98d0cd94f754a1eafcb2a643d
2f74f8a62e650b9af332a220ecf0525df5c0a023eec24e0bfe594c22fd6f424e
GET /th?id=OIP.neKD1UxDUsme6ygoKbLhdwAAAA&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 16478
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3E6F27070AC945929BCFF621CDB45D8E Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.XUvDcPUmu_EBmm7Le_ndggHaLH&pid=15.1
200 OK 72 kB URL GET HTTP/2 tse4.mm.bing.net/th?id=OIP.XUvDcPUmu_EBmm7Le_ndggHaLH&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x711, components 3\012- data
Hash 9ea23362999f867aace65e7898439926
d6b82a43e54bac2c88b21501b42638f96c8d35a0
a2739346d74c8aaa78ad0e08e0ad2b0adb6e84dd203c05624923d70276bd2dba
GET /th?id=OIP.XUvDcPUmu_EBmm7Le_ndggHaLH&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 71979
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 83497B8143B9483FB0567DB29C7C8510 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.opNZyprT8AIIis5OVLj2rgHaE5&pid=15.1
200 OK 28 kB URL GET HTTP/2 tse1.mm.bing.net/th?id=OIP.opNZyprT8AIIis5OVLj2rgHaE5&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x313, components 3\012- data
Hash f18c65f1b87c49c9fc193667d9c1b627
4c3cdfc8263a12351d45bca86ffb8de574e65325
3b4ea9063eafbe8763fc6ac17a13ff7db0d1e73af45e0c15b3d68c51999e61a5
GET /th?id=OIP.opNZyprT8AIIis5OVLj2rgHaE5&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 27838
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D79E8A5615BF4E0BB84764207B323D9F Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.v_hphJi9LG_NjKwLIe_7LAHaLH&pid=15.1
200 OK 37 kB URL GET HTTP/2 tse1.mm.bing.net/th?id=OIP.v_hphJi9LG_NjKwLIe_7LAHaLH&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x711, components 3\012- data
Hash 32eba2958722422870d2bc16c863ec86
a7cdb4c7a47922135e719243d05ee27dec813de2
e2ab3609590cb79e0ee13998dc066de83ce381ffb94c7b8ef062b8b8da583851
GET /th?id=OIP.v_hphJi9LG_NjKwLIe_7LAHaLH&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 36908
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9F688EB05A6144F9A9F264E8C1E429A2 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.bRtsUqKzZ04NsBR-fVY9xQHaFj&pid=15.1
200 OK 61 kB URL GET HTTP/2 tse4.mm.bing.net/th?id=OIP.bRtsUqKzZ04NsBR-fVY9xQHaFj&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x355, components 3\012- data
Hash b357e37c2e50343b0bbb6a105ded0e52
ab2ca9926076b5baec348cd4e3680a02f4ffc7af
11c4c777dd5d94d05c271c0600826007740d143590237f6d25a0eb7ce4a8c96f
GET /th?id=OIP.bRtsUqKzZ04NsBR-fVY9xQHaFj&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 60719
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A39A393DD31E4EF98EBE4D0E2940249F Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.E71xgWPHKgcVDWCvGeF2sQHaHa&pid=15.1
200 OK 41 kB URL GET HTTP/2 tse4.mm.bing.net/th?id=OIP.E71xgWPHKgcVDWCvGeF2sQHaHa&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x474, components 3\012- data
Hash a80ba42fa31740bf09654ab6505f6068
9f75c0990d941c9431d508abd1944c5f00142e0d
6e098c3e85c572e097a587c21a875c7ea3764ca49d1068cb9e30fef0d891a014
GET /th?id=OIP.E71xgWPHKgcVDWCvGeF2sQHaHa&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 41278
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5ED3DCE7285A41768653FDFD96CAE9DF Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.SrFR9M53kbWwEFgkctmScQHaLJ&pid=15.1
200 OK 32 kB URL GET HTTP/2 tse4.mm.bing.net/th?id=OIP.SrFR9M53kbWwEFgkctmScQHaLJ&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x713, components 3\012- data
Hash 18708f9a7bc8da4f76fbe87c7dfabdb6
5c17064c162689ba4978f15f0d3e541a28d10e70
fdb191bad147c349c1465e11b3cdb8bc08e1bb9fe498d7fef46b5761cfe05197
GET /th?id=OIP.SrFR9M53kbWwEFgkctmScQHaLJ&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 31828
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4906AC08FF374248AA3DC999A5A18CD7 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.-C1LUZWoIYb_K1Y7TDqG2wAAAA&pid=15.1
200 OK 42 kB URL GET HTTP/2 tse4.mm.bing.net/th?id=OIP.-C1LUZWoIYb_K1Y7TDqG2wAAAA&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 410x567, components 3\012- data
Hash f8efe206f9678a2b66fdf0806412c9ff
7c680d3e18288988bd4e19ad20146638a0ae5f27
b5a8e7d7a94f5ee2d8dd9b4e06c1ccfa64737e8123efe27b18b2f428324c4177
GET /th?id=OIP.-C1LUZWoIYb_K1Y7TDqG2wAAAA&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 42062
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5360B933DD13408A9510B26936066B20 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.8eAgk4zgE3G5CtY_OLJWgQHaHB&pid=15.1
200 OK 32 kB URL GET HTTP/2 tse4.mm.bing.net/th?id=OIP.8eAgk4zgE3G5CtY_OLJWgQHaHB&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x449, components 3\012- data
Hash 96c01f1b9ca9365c19df01fd0a6fe50a
09b0b8cfdb4766eb83b0e3d74e9e460d38af20ff
85f6cdc2e9c1466b28f48d35b0dc086dc510d373a8cb43879aa5cb9f8706e3b1
GET /th?id=OIP.8eAgk4zgE3G5CtY_OLJWgQHaHB&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 32534
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6835E83B354E4FF88A157B632BBECF9B Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.gDZ3hMe_iHeLOxBaZ4LzaQHaHX&pid=15.1
200 OK 26 kB URL GET HTTP/2 tse1.mm.bing.net/th?id=OIP.gDZ3hMe_iHeLOxBaZ4LzaQHaHX&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x471, components 3\012- data
Hash bfc89a87b06785f98693d11fca4974df
65b9808876ff965791aee9355761e1017b9050d9
12f0a2a19304663e1f017c7a19dcd1c6d2c5996f0b49199ae002e0b8ab3d9944
GET /th?id=OIP.gDZ3hMe_iHeLOxBaZ4LzaQHaHX&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 26195
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A5BF0F6F07854FD4AC4D458010235172 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.8FIxshayvPlgqR3n4_tpzAHaLH&pid=15.1
200 OK 27 kB URL GET HTTP/2 tse1.mm.bing.net/th?id=OIP.8FIxshayvPlgqR3n4_tpzAHaLH&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x711, components 3\012- data
Hash 8b4808775d881c946a41af641ea564ab
1b887d536a1d0aa6949300a2a136cc604a0534a1
f73c59b9654be4349197b9042da0742e94420db1589a2441749229e16b2a6142
GET /th?id=OIP.8FIxshayvPlgqR3n4_tpzAHaLH&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 26938
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 78771291F7064BF682A26787FDC4E388 Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.9h-S25JJ3hpma0l6-gNRjgHaLG&pid=15.1
200 OK 41 kB URL GET HTTP/2 tse1.mm.bing.net/th?id=OIP.9h-S25JJ3hpma0l6-gNRjgHaLG&pid=15.1
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x710, components 3\012- data
Hash 1329d574e44259894f9030be398a3d3b
b2bf6a6b2d1b3b73a1d6024e3ed057a5df020f7e
d68ec83169e90ffb9f0914c091d06d2eb4a9e88958c6ad45985031c631bd0426
GET /th?id=OIP.9h-S25JJ3hpma0l6-gNRjgHaLG&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 41213
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A8E421A144DC4DC1AA958A3471794DDF Ref B: OSL30EDGE0312 Ref C: 2023-12-03T17:32:16Z
date: Sun, 03 Dec 2023 17:32:16 GMT
X-Firefox-Spdy: h2
poweredby.jads.co/js/jads.js
301 Moved Permanently 178 B URL GET HTTP/1.1 poweredby.jads.co/js/jads.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 03 Dec 2023 17:32:17 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
poweredby.jads.co/js/jads.js
301 Moved Permanently 178 B URL GET HTTP/1.1 poweredby.jads.co/js/jads.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 03 Dec 2023 17:32:18 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
poweredby.jads.co/js/jads2.js
200 OK 1.7 kB URL GET HTTP/1.1 poweredby.jads.co/js/jads2.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (3758), with no line terminators
Hash bc8141c4650030c41f6a98026b12ce80
af5618f7e467a207d4c64627be580283ab5640cd
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hotzxgirl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Dec 2023 17:32:18 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 20 Sep 2023 21:26:09 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"650b6371-eae"
Content-Encoding: gzip
poweredby.jads.co/js/jads2.js
200 OK 1.7 kB URL GET HTTP/1.1 poweredby.jads.co/js/jads2.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (3758), with no line terminators
Hash bc8141c4650030c41f6a98026b12ce80
af5618f7e467a207d4c64627be580283ab5640cd
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hotzxgirl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Dec 2023 17:32:18 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 20 Sep 2023 21:26:09 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"650b6371-eae"
Content-Encoding: gzip
marchshotgun.com/94/d8/4a/94d84a91dc0925ebed6d851bcb980c2d.js
200 OK 15 kB URL GET HTTP/1.1 marchshotgun.com/94/d8/4a/94d84a91dc0925ebed6d851bcb980c2d.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectmarchshotgun.com
Fingerprint9E:AB:90:65:A7:76:5C:57:84:6E:6D:0F:EB:8C:44:9D:02:61:B8:DA
ValiditySat, 14 Oct 2023 06:37:57 GMT - Fri, 12 Jan 2024 06:37:56 GMT
File type ASCII text, with very long lines (42797), with no line terminators
Hash 40c1b58f2e472aba942eddd4f97a93fb
ce3dfc13fa6980f2206a1f07a5f2a2bd3980f240
38d5deffd818d67f50a4e702bc2b2b7f17917d1f1dbf0df8ee0c3b761959b648
GET /94/d8/4a/94d84a91dc0925ebed6d851bcb980c2d.js HTTP/1.1
Host: marchshotgun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 17:32:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0eb8532144391345a953e226c9634fcd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
marchshotgun.com/8c/27/97/8c27976295e8310807e01fcadbb1740b.js
200 OK 23 kB URL GET HTTP/1.1 marchshotgun.com/8c/27/97/8c27976295e8310807e01fcadbb1740b.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectmarchshotgun.com
Fingerprint9E:AB:90:65:A7:76:5C:57:84:6E:6D:0F:EB:8C:44:9D:02:61:B8:DA
ValiditySat, 14 Oct 2023 06:37:57 GMT - Fri, 12 Jan 2024 06:37:56 GMT
File type ASCII text, with very long lines (59772), with no line terminators
Hash 2dc75de4378bc71191a52d4fd2348058
1acbb5254d5b7e80fa57213d819114b658aaa107
25e37414534c01b36712d4f661aff44a90582c65aa0cc2bb5ef446dbb82cbc15
GET /8c/27/97/8c27976295e8310807e01fcadbb1740b.js HTTP/1.1
Host: marchshotgun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 17:32:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 49f11cd986c900c017de843441e48fd2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash ebc0f19a7067085e95ff0e35ee441f4d
23c3d68afd4c1c6cdecce9007aa3bddc793bc52d
6a07099ef655ed036e4a865236f8a6e5549e9a468e207691923634fc51c3186d
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 03 Dec 2023 17:32:19 GMT
Last-Modified: Sun, 03 Dec 2023 16:39:18 GMT
Server: ECAcc (ska/F791)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Bx8ZjGE2DAcjQ_S8mqCXh3ZNOuaiLKTDYAwsDQZ2RRxwCsftDt_WwA==
Age: 3181
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash ebc0f19a7067085e95ff0e35ee441f4d
23c3d68afd4c1c6cdecce9007aa3bddc793bc52d
6a07099ef655ed036e4a865236f8a6e5549e9a468e207691923634fc51c3186d
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 03 Dec 2023 17:32:19 GMT
Last-Modified: Sun, 03 Dec 2023 16:39:32 GMT
Server: ECAcc (ska/F6AF)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _jwAr_71Q0XLibu_ip6SsY9-bhxm7WR645PWA606gPDDxJCHEuopUw==
Age: 3167
proftrafficcounter.com/stats
200 OK 40 B URL GET HTTP/2 proftrafficcounter.com/stats
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash fdfedca1b4f55be4faa7b784734e0bb1
371694d9054fb0203d0a76814bb93ea07582946c
cfba94f357c17fa8ae5941cd1d78ed83efc299a9b42bb9fa2ed41e33405b065a
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:19 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.hotzxgirl.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=7eaa4b5f-72f5-4328-9b79-53acd2c8ae85:3:1; expires=Wed, 30 Nov 2033 17:32:19 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
proftrafficcounter.com/stats
200 OK 40 B URL GET HTTP/2 proftrafficcounter.com/stats
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 3c7c42b7416770f8e9232b9703491ef4
e2a482d6937cb3d12662e7a849c3b8322b16039e
6c448523978f24af7dacc5deea161970e67decbbba66348aaf360b346f05aaf3
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:19 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.hotzxgirl.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=d3b6363e-adde-4e44-b550-868772c0b580:3:1; expires=Wed, 30 Nov 2033 17:32:19 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
traumatizedenied.com/pixel/purst?dl=0&th=0&sc=0&rs=3793&rd=3793&fd=3281&bv=23.11.v.9&tmpl=70
200 OK 0 B URL GET HTTP/1.1 traumatizedenied.com/pixel/purst?dl=0&th=0&sc=0&rs=3793&rd=3793&fd=3281&bv=23.11.v.9&tmpl=70
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjecttraumatizedenied.com
Fingerprint4C:8A:B7:86:62:BE:3C:2D:B0:E7:F6:06:FB:6B:A9:1B:7B:CF:FA:7C
ValidityTue, 28 Nov 2023 08:04:06 GMT - Mon, 26 Feb 2024 08:04:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3793&rd=3793&fd=3281&bv=23.11.v.9&tmpl=70 HTTP/1.1
Host: traumatizedenied.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 17:32:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
traumatizedenied.com/b9/f9/86/b9f98659ea5c745f9b9b2995db1db8f1.js
200 OK 15 kB URL GET HTTP/1.1 traumatizedenied.com/b9/f9/86/b9f98659ea5c745f9b9b2995db1db8f1.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjecttraumatizedenied.com
Fingerprint4C:8A:B7:86:62:BE:3C:2D:B0:E7:F6:06:FB:6B:A9:1B:7B:CF:FA:7C
ValidityTue, 28 Nov 2023 08:04:06 GMT - Mon, 26 Feb 2024 08:04:05 GMT
File type ASCII text, with very long lines (42775), with no line terminators
Hash e3f089a9641a6f1f930dc41423cbb9d1
6faf83d56d8f7dfd2b9ccf94170dfe18ae55bbf7
dac8164087cff1b3d7c730f56849d8d0a7adcc026fb6a1bafe1858f52b7d5926
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /b9/f9/86/b9f98659ea5c745f9b9b2995db1db8f1.js HTTP/1.1
Host: traumatizedenied.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 17:32:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 92518c6ff5fcec6ea73549229ca8e4fb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL GET HTTP/2 banquetunarmedgrater.com/advertisers.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint92:8E:AD:72:AC:AD:3B:21:99:CD:21:A0:9F:BD:F2:AF:0D:98:D8:57
ValidityThu, 09 Nov 2023 11:40:15 GMT - Wed, 07 Feb 2024 11:40:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:19 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: 90bbc9b2c2e48cd681129914206fca1f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 03 Dec 2023 17:32:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xrBtsy6%2FJLqu8YV8%2Bx5wGxa%2BFNRciWLvI0jFtrm3ZJwjHmfxU0blNWJon%2F85XGxsVfb39nHlfBfA%2F%2BsD6ACUsC25K1WEbbrOAVkOs6eMSrXfb3cXJEDU8cJ3gVhIXhwgmupPQjFgYHRhM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c5ef87e5690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.intelligenceadx.com/calendar-heatmap.min.js
200 OK 11 kB URL GET HTTP/2 www.intelligenceadx.com/calendar-heatmap.min.js
IP
ASN #60068 Datacamp Limited
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subject1868349309.rsc.cdn77.org
Fingerprint23:64:8B:6C:BA:BE:F8:99:68:14:90:14:DD:AC:EF:A1:8E:BA:71:82
ValidityMon, 02 Oct 2023 20:59:10 GMT - Sun, 31 Dec 2023 20:59:09 GMT
File type gzip compressed data, from Unix\012- data
Hash 75fae36a4156e3c9767a6e2e5cdea364
63b276c8fe5414adaa141945047b3704a74c2e6c
b66345190722f79e2fc6f49ad3b115d621c2f2b39cb66174363300a3b1f3f61a
GET /calendar-heatmap.min.js HTTP/1.1
Host: www.intelligenceadx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:19 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
expires: Fri, 08 Dec 2023 19:32:04 GMT
access-control-allow-origin: https://www.hotzxgirl.com
link: <https://intelligenceadx.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBuUwJFAH314UCAAwBuUwKAQH3FwEAAAwBJRPCKAH3AQAAAA
x-77-nzt-ray: af585630768d4f59a3bb6c65db3a8510
x-accel-expires: @1702063924
x-accel-date: 1701459404
x-77-cache: HIT
x-77-age: 165615
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 279, 165335
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
vintageperk.com/sbar.json?key=94d84a91dc0925ebed6d851bcb980c2d
200 OK 4.3 kB URL GET HTTP/1.1 vintageperk.com/sbar.json?key=94d84a91dc0925ebed6d851bcb980c2d
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectvintageperk.com
FingerprintB5:A1:A6:63:12:26:F5:61:29:1F:59:C4:11:C1:FE:AC:D3:A9:0F:75
ValidityTue, 28 Nov 2023 10:47:12 GMT - Mon, 26 Feb 2024 10:47:11 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6086), with no line terminators
Hash 082713db0f0229368c688ea3ebca5698
484517922fcd2f21b57f4e75e8cf86001d458b03
02e22111c2d544017da17aad2de4945a40bf3852823dc45013a3825fddea21ff
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=94d84a91dc0925ebed6d851bcb980c2d HTTP/1.1
Host: vintageperk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 17:32:20 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.hotzxgirl.com
Access-Control-Allow-Origin: https://www.hotzxgirl.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17655633; expires=Mon, 04 Dec 2023 17:32:20 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 17:32:20 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 17:32:20 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 04 Dec 2023 17:32:20 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 04 Dec 2023 17:32:20 GMT; secure; SameSite=None
slec94d84a91dc0925ebed6d851bcb980c2d=[4243974]; expires=Sun, 03 Dec 2023 17:32:25 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: edaa743971dc33ea6ab54fff78ee705e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
6.adsco.re/
200 OK 0 B IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:20 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.hotzxgirl.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c62dd245696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
200 OK 62 B IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 17:32:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.hotzxgirl.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
6p1rpejek6wz.l4.adsco.re/
200 OK 0 B URL POST HTTP/2 6p1rpejek6wz.l4.adsco.re/
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subject*.l4.adsco.re
Fingerprint30:24:2D:06:44:32:CD:4B:46:E0:81:9A:CF:B1:F6:9B:D2:4F:F3:6F
ValidityMon, 25 Sep 2023 16:35:45 GMT - Sun, 24 Dec 2023 16:35:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 6p1rpejek6wz.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:20 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
6.adsco.re/
200 OK 0 B IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:20 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c63bce05695-OSL
alt-svc: h3=":443"; ma=86400
c.adsco.re/
28 kB IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (881)
Hash 41b38d766e8df9f16d99ee5656550613
4b040e742fafccbf1f9afa059258568e320fd9d8
65802711d89571b28699f3399d58f642a270d1e2bc5e155a8a0c73c94c66ec3a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:20 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 03 Jan 2024 17:32:20 GMT
etag: W/"QbONdm6N+fFtme5WVlUGEw=="
cf-cache-status: HIT
age: 265818
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c639ca25695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
4.adsco.re/
200 OK 62 B IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 17:32:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
6p1rpejek6wz.n4.adsco.re/
200 OK 0 B URL POST HTTP/2 6p1rpejek6wz.n4.adsco.re/
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subject*.n4.adsco.re
FingerprintAF:10:8A:4D:72:FD:FC:08:77:84:8F:BE:F7:48:3B:D0:52:53:23:0A
ValidityFri, 29 Sep 2023 17:35:50 GMT - Thu, 28 Dec 2023 17:35:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 6p1rpejek6wz.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:20 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=936444
200 OK 2.2 kB URL GET HTTP/1.1 poweredby.jads.co/adshow.php?adzone=936444
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1613), with CRLF, LF line terminators
Hash 52086e011e6e951c2a68c2846865b5e6
f55dfcd5da340c74a1f1f190c59e1ffe44be7440
43f5b416d18739fbafc1a49770ff43e0a4ed80570439a6aaa0c0255a655710d9
GET /adshow.php?adzone=936444 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Dec 2023 17:32:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=b886d982be928b13b3ef4f96a2274c62; expires=Mon, 02-Dec-2024 17:32:19 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Wed, 06-Dec-2023 17:32:19 GMT; Max-Age=259198; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 06-Dec-2023 17:32:19 GMT; Max-Age=259198; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/1x1.gif
200 OK 28 kB IP
Requested by https://poweredby.jads.co/adshow.php?adzone=936444
Certificate IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 250x250, components 3\012- data
Hash 2acfb73fd2df022a7dad5595adef5bda
939b803ea641bd427b7599f92a816262e7a5bf48
3d4610a2ab69d08e54685d0d3cfcf03ec663bacff8cc89a1e0a2904a7769e641
GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=b886d982be928b13b3ef4f96a2274c62; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 17:32:21 GMT
Connection: Keep-Alive
ETag: "1478208967"
Cache-Control: max-age=18652955
Content-Length: 27460
Content-Type: image/jpeg
Last-Modified: Thu, 03 Nov 2016 21:36:07 GMT
Accept-Ranges: bytes
X-HW: 1701624741.dop221.sk1.t,1701624741.cds242.sk1.shn,1701624741.dop221.sk1.t,1701624741.cds217.sk1.c
cams.gratis/banner/300x250.php?site=hotxgirl
200 OK 1.1 kB URL GET HTTP/2 cams.gratis/banner/300x250.php?site=hotxgirl
IP
Requested by https://poweredby.jads.co/adshow.php?adzone=936444
Certificate IssuerGoogle Trust Services LLC
Subjectcams.gratis
FingerprintEA:20:D2:F5:D6:D8:7E:F0:2C:E4:C7:60:05:6C:E6:7B:CE:0F:39:CD
ValidityWed, 25 Oct 2023 17:31:53 GMT - Tue, 23 Jan 2024 17:31:52 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (743)
Hash 03be4886c6b2c2fa715c1e98b447915a
1179709fb756fb3485dc9a61b7dec1b627b44677
8588bc995578b9cc0251754daba8781bd328eb2f6e8df28bbf0910f46671513e
GET /banner/300x250.php?site=hotxgirl HTTP/1.1
Host: cams.gratis
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDLjscYSgSEojTJJjB1IwkfxZr0rKRVMcCoLkU5bHA%2FJQs0S95ju7rTfOQQ3big6HCVWB2qQ6eV2N8ABmqCJKdkyxHdtnYkHvHQ7C4s0nP%2FIveDlKz39Rwm9PhPtTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd8c6d1ea73695-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
go.xlirdr.com/i?campaignId=banner2609start&creativeId=300x250&modelsCountry=&modelsLanguage=&sourceId=hotxgirl&tag=females&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&liveBadgeColor=%2324d7d7&showButton=0&showModelName=1&showTitle=0&showLiveBadge=0&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4&landing=WidgetV4Universal
302 Found 0 B URL GET HTTP/2 go.xlirdr.com/i?campaignId=banner2609start&creativeId=300x250&modelsCountry=&modelsLanguage=&sourceId=hotxgirl&tag=females&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&liveBadgeColor=%2324d7d7&showButton=0&showModelName=1&showTitle=0&showLiveBadge=0&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4&landing=WidgetV4Universal
IP
Requested by https://cams.gratis/banner/300x250.php?site=hotxgirl
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i?campaignId=banner2609start&creativeId=300x250&modelsCountry=&modelsLanguage=&sourceId=hotxgirl&tag=females&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&liveBadgeColor=%2324d7d7&showButton=0&showModelName=1&showTitle=0&showLiveBadge=0&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4&landing=WidgetV4Universal HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cams.gratis/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 03 Dec 2023 17:32:22 GMT
content-length: 0
location: https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtrsnD7QZBLqqpmg3BLYC3emhZcXE; SameSite=None; Secure; path=/; expires=Mon, 04-Dec-23 17:32:22 GMT; HttpOnly
server: cloudflare
cf-ray: 82fd8c6e8b4e7130-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cams.gratis/banner/bg6.jpg
200 OK 37 kB URL GET HTTP/3 cams.gratis/banner/bg6.jpg
IP
Requested by https://cams.gratis/banner/300x250.php?site=hotxgirl
Certificate IssuerGoogle Trust Services LLC
Subjectcams.gratis
FingerprintEA:20:D2:F5:D6:D8:7E:F0:2C:E4:C7:60:05:6C:E6:7B:CE:0F:39:CD
ValidityWed, 25 Oct 2023 17:31:53 GMT - Tue, 23 Jan 2024 17:31:52 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 405x252, components 3\012- data
Hash 7ee983f81d742869a176e874651c7231
3072b7ce2833a2611d679374493a5533bd1bd32e
ab168995f8ac84c48b20c8850d35aa43723211710953253ce75c1811bbb0ecbc
GET /banner/bg6.jpg HTTP/1.1
Host: cams.gratis
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cams.gratis/banner/300x250.php?site=hotxgirl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:22 GMT
content-type: image/jpeg
content-length: 37209
last-modified: Tue, 18 Oct 2022 10:44:50 GMT
cache-control: max-age=2592000
expires: Sat, 30 Dec 2023 04:21:01 GMT
cf-cache-status: HIT
age: 306681
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwQznpTtgGdcnvCfl4RJg0zP1%2FeZuGwJSZSQJc8YVvZmVXTR6kkGL35qxDJ09%2BNGR5ZWvxAPtb3bLY3D%2BrqN0cWKAuufbaPijX8ocnQ3R26c3AXPMsL7%2B%2FMYxR%2B90w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c6e59f58926-LHR
alt-svc: h3=":443"; ma=86400
adsco.re/p
200 OK 846 B IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (1063), with no line terminators
Hash bbe26db6290d29b5c011189868ef1aff
df43b1029b8883cdf434525265ed10864ceec339
0172762012bb9d36ed8df3dcd9b4674a0bbf9a280d56094bccb26797f7a41ad8
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2199
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 17:32:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Critical-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Access-Control-Allow-Origin: https://www.hotzxgirl.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
vintageperk.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSeTQJNhAQRDQXSSTQgofPu%2FYhvSZEQgpGFsZ0fyPX82vPg2Z1lZvf2fJVFJEh56SjX39mxgIBIQYWQ0JoGWYrIUSAXuOI%2FQEqHhPZ80sGTZt775nvF9703n%2B%2FnZyRATk83PzIjpTVd6jb9xptbKhGmcI31e43Ab%2FrXGlsqudq51hjWlx28E%2Fjdpv9W4wPJd8xSyw98P%2FCDxoqyMjLDpRkLlT4Og2boNzutZtDtYGj%2Fj13uwVEPYnBGrkCJ6Qvbvz6B4hWS%2BPtb0u1kJn37%2FTjXNDMWA3H0cbKTmCJBvCgj6yFKjubdMG5KyJcXYJKjuQOYwUHtAExNifdHAJYczWWCDQ7PlTINmYCJyygGFaSuoGgFbu5DiWcE4ALrG0jiR%2BvGFnT3nKU1OyWXnv8NVUzJpT9fRRJ%2Fd1OrYeOu0XmmTOIwjEqoYQXVr5Dmx8hGHlRxDJ59BiWekqXna0jigw2nDZQoZ%2B6VqqCiClqOQZ2HvD7KQx55yFMPsTht0G4Y%2Bf5yxKJ2u9fhnLfbnHd7V0VXtDu9yEfOa3ljZOkYXI%2FB7R5Su4cd9fBZ9wps%2FjPcdgknPLhsSrzbexiIEoUkKBxBQQkKRVBkBMWgPBTatVz5SGiXs2CeW%2FPcLicm6%2B%2FTQ5P1ZUJA7Xg%2FPSOv1OPxXurfxo48bYQd0evQMBDcD1tdyaS4KnrdgHEW9nzeEnCqhHIXZo5HakrID38hrfMXN8DoMZw%2BBlcvg%2BavgxaT5ZYPuj3p9HyMkm%2Fj3W2TjVLFm9zEEKZEml1Ctuvt6zPy2mxPN6oXIfnJ9d%2FILMBtidSW%2BET9QtDXDyZ3TEEO7pjCkScbaaZiNaL1Du9mNJMXv%2F5Q7hbGitVbbvzVu7wm6vLxPemyNZoIlfQd%2BeamEkLaFWO5JD%2Btui3JNnO3fTO3SZ6ubb63shqnVjqnTFKB1t6qT8HVlFz%2B5%2Bnsf75hNZStYPMScX5C5gFljsHTPbh0od8ZAqsXPSz1UOTlxLbY4lErAi0XmLIS7j%2BYLep99wB964Fm95HEJQa2xECXoHoMl1%2BcZKk9uf57exZg2pswbb0Dpq1%2BeD5cp04bshv5kfRbkkUhi5apL8KoEzIaBnKZdWmAzE2l%2FvHgXwAAAP%2F%2FAQAA%2F%2F%2BIXXP6dwQAAA%3D%3D
200 OK 7 B URL GET HTTP/1.1 vintageperk.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSeTQJNhAQRDQXSSTQgofPu%2FYhvSZEQgpGFsZ0fyPX82vPg2Z1lZvf2fJVFJEh56SjX39mxgIBIQYWQ0JoGWYrIUSAXuOI%2FQEqHhPZ80sGTZt775nvF9703n%2B%2FnZyRATk83PzIjpTVd6jb9xptbKhGmcI31e43Ab%2FrXGlsqudq51hjWlx28E%2Fjdpv9W4wPJd8xSyw98P%2FCDxoqyMjLDpRkLlT4Og2boNzutZtDtYGj%2Fj13uwVEPYnBGrkCJ6Qvbvz6B4hWS%2BPtb0u1kJn37%2FTjXNDMWA3H0cbKTmCJBvCgj6yFKjubdMG5KyJcXYJKjuQOYwUHtAExNifdHAJYczWWCDQ7PlTINmYCJyygGFaSuoGgFbu5DiWcE4ALrG0jiR%2BvGFnT3nKU1OyWXnv8NVUzJpT9fRRJ%2Fd1OrYeOu0XmmTOIwjEqoYQXVr5Dmx8hGHlRxDJ59BiWekqXna0jigw2nDZQoZ%2B6VqqCiClqOQZ2HvD7KQx55yFMPsTht0G4Y%2Bf5yxKJ2u9fhnLfbnHd7V0VXtDu9yEfOa3ljZOkYXI%2FB7R5Su4cd9fBZ9wps%2FjPcdgknPLhsSrzbexiIEoUkKBxBQQkKRVBkBMWgPBTatVz5SGiXs2CeW%2FPcLicm6%2B%2FTQ5P1ZUJA7Xg%2FPSOv1OPxXurfxo48bYQd0evQMBDcD1tdyaS4KnrdgHEW9nzeEnCqhHIXZo5HakrID38hrfMXN8DoMZw%2BBlcvg%2BavgxaT5ZYPuj3p9HyMkm%2Fj3W2TjVLFm9zEEKZEml1Ctuvt6zPy2mxPN6oXIfnJ9d%2FILMBtidSW%2BET9QtDXDyZ3TEEO7pjCkScbaaZiNaL1Du9mNJMXv%2F5Q7hbGitVbbvzVu7wm6vLxPemyNZoIlfQd%2BeamEkLaFWO5JD%2Btui3JNnO3fTO3SZ6ubb63shqnVjqnTFKB1t6qT8HVlFz%2B5%2Bnsf75hNZStYPMScX5C5gFljsHTPbh0od8ZAqsXPSz1UOTlxLbY4lErAi0XmLIS7j%2BYLep99wB964Fm95HEJQa2xECXoHoMl1%2BcZKk9uf57exZg2pswbb0Dpq1%2BeD5cp04bshv5kfRbkkUhi5apL8KoEzIaBnKZdWmAzE2l%2FvHgXwAAAP%2F%2FAQAA%2F%2F%2BIXXP6dwQAAA%3D%3D
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectvintageperk.com
FingerprintB5:A1:A6:63:12:26:F5:61:29:1F:59:C4:11:C1:FE:AC:D3:A9:0F:75
ValidityTue, 28 Nov 2023 10:47:12 GMT - Mon, 26 Feb 2024 10:47:11 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSeTQJNhAQRDQXSSTQgofPu%2FYhvSZEQgpGFsZ0fyPX82vPg2Z1lZvf2fJVFJEh56SjX39mxgIBIQYWQ0JoGWYrIUSAXuOI%2FQEqHhPZ80sGTZt775nvF9703n%2B%2FnZyRATk83PzIjpTVd6jb9xptbKhGmcI31e43Ab%2FrXGlsqudq51hjWlx28E%2Fjdpv9W4wPJd8xSyw98P%2FCDxoqyMjLDpRkLlT4Og2boNzutZtDtYGj%2Fj13uwVEPYnBGrkCJ6Qvbvz6B4hWS%2BPtb0u1kJn37%2FTjXNDMWA3H0cbKTmCJBvCgj6yFKjubdMG5KyJcXYJKjuQOYwUHtAExNifdHAJYczWWCDQ7PlTINmYCJyygGFaSuoGgFbu5DiWcE4ALrG0jiR%2BvGFnT3nKU1OyWXnv8NVUzJpT9fRRJ%2Fd1OrYeOu0XmmTOIwjEqoYQXVr5Dmx8hGHlRxDJ59BiWekqXna0jigw2nDZQoZ%2B6VqqCiClqOQZ2HvD7KQx55yFMPsTht0G4Y%2Bf5yxKJ2u9fhnLfbnHd7V0VXtDu9yEfOa3ljZOkYXI%2FB7R5Su4cd9fBZ9wps%2FjPcdgknPLhsSrzbexiIEoUkKBxBQQkKRVBkBMWgPBTatVz5SGiXs2CeW%2FPcLicm6%2B%2FTQ5P1ZUJA7Xg%2FPSOv1OPxXurfxo48bYQd0evQMBDcD1tdyaS4KnrdgHEW9nzeEnCqhHIXZo5HakrID38hrfMXN8DoMZw%2BBlcvg%2BavgxaT5ZYPuj3p9HyMkm%2Fj3W2TjVLFm9zEEKZEml1Ctuvt6zPy2mxPN6oXIfnJ9d%2FILMBtidSW%2BET9QtDXDyZ3TEEO7pjCkScbaaZiNaL1Du9mNJMXv%2F5Q7hbGitVbbvzVu7wm6vLxPemyNZoIlfQd%2BeamEkLaFWO5JD%2Btui3JNnO3fTO3SZ6ubb63shqnVjqnTFKB1t6qT8HVlFz%2B5%2Bnsf75hNZStYPMScX5C5gFljsHTPbh0od8ZAqsXPSz1UOTlxLbY4lErAi0XmLIS7j%2BYLep99wB964Fm95HEJQa2xECXoHoMl1%2BcZKk9uf57exZg2pswbb0Dpq1%2BeD5cp04bshv5kfRbkkUhi5apL8KoEzIaBnKZdWmAzE2l%2FvHgXwAAAP%2F%2FAQAA%2F%2F%2BIXXP6dwQAAA%3D%3D HTTP/1.1
Host: vintageperk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Cookie: u_pl=17655633; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 17:32:22 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 704e493aa04b81f94deedbd121277d48
Strict-Transport-Security: max-age=0; includeSubdomains
creative.xlirdr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.css
200 OK 4.7 kB URL GET HTTP/3 creative.xlirdr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.css
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (13396), with no line terminators
Hash d55b785d72863fbb8425a36b7d675ec2
546cda15b6fb2a67ce1f102dc82eefb6f749f9c3
a4d09f6a50b6d96e7f22ab12f406dcf44be0d815105018cc5c7f1105fbf597f7
GET /widgets/v4/Universal/main.672e6e87c69b0c60653e.css HTTP/1.1
Host: creative.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:22 GMT
content-type: text/css
last-modified: Thu, 30 Nov 2023 11:58:38 GMT
etag: W/"656878ee-3454"
expires: Sun, 03 Dec 2023 17:32:15 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 10
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c6fedb85688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
poweredby.jads.co/adshow.php?adzone=936444
200 OK 2.0 kB URL GET HTTP/1.1 poweredby.jads.co/adshow.php?adzone=936444
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (960), with CRLF, LF line terminators
Hash 871608cad6ba5134a7c5da72f459a62b
7b0689a90d205e136797b00a41e62b1be584df49
2956a0328693bdae71b33fff2257548e3fbd61ec5807cd49ba95f9e44fad0af1
GET /adshow.php?adzone=936444 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Dec 2023 17:32:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=b886d982be928b13b3ef4f96a2274c62; expires=Mon, 02-Dec-2024 17:32:19 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Wed, 06-Dec-2023 17:32:19 GMT; Max-Age=259197; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 06-Dec-2023 17:32:19 GMT; Max-Age=259197; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
creative.xlirdr.com/widgets/v4/Universal/lang/en.json
200 OK 110 B URL GET HTTP/3 creative.xlirdr.com/widgets/v4/Universal/lang/en.json
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type JSON data\012- , ASCII text
Hash 69a54638b649d7ce4748bd42c4b6dade
a2dfe9f8791952fbc5cc44d4757b031a6cee1731
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750
GET /widgets/v4/Universal/lang/en.json HTTP/1.1
Host: creative.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:22 GMT
content-type: application/json
last-modified: Thu, 30 Nov 2023 11:57:19 GMT
etag: W/"6568789f-ac"
expires: Sun, 03 Dec 2023 17:32:27 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 3
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c71d91f5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.hotzxgirl.com/themes/age-verification.css
200 OK 38 kB URL GET HTTP/3 www.hotzxgirl.com/themes/age-verification.css
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjecthotzxgirl.com
Fingerprint0E:BF:16:FE:F8:09:93:3E:36:4E:72:74:04:76:85:9B:6C:2D:15:28
ValiditySat, 02 Dec 2023 14:56:08 GMT - Fri, 01 Mar 2024 14:56:07 GMT
File type ASCII text, with very long lines (2602), with no line terminators
Hash defbe2a7623195922f97ca60edccb4f3
b1c8cfe08457ae9bd4075111e6b19be60b94989b
3ae620b5fc693736beeaf6e6cce82e8614003d1c2f05a8ac9164cbf999882496
GET /themes/age-verification.css HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Cookie: PHPSESSID=qcmk16en928bhm1urp8tfaj7h8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:15 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=4596
cache-control: public, max-age=2592000
expires: Wed, 27 Dec 2023 02:38:17 GMT
last-modified: Sat, 11 Jun 2022 14:14:43 GMT
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 572038
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qFDWBgzeOi3BaR7L2%2B37e2BmIB7Un3mmtFkA0Don5BvaxyxGHel2KwJdHMvK68z4xhRhrBRof%2FByxUuJoznHH%2BRBJtG0X2Rz3RvewB8zrYxv%2Ft7HoSPWAkoYxwQJmCiEhnMwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd8c475e2b56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.hotzxgirl.com/themes/javascript/jquery.min.js
200 OK 115 kB URL GET HTTP/3 www.hotzxgirl.com/themes/javascript/jquery.min.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjecthotzxgirl.com
Fingerprint0E:BF:16:FE:F8:09:93:3E:36:4E:72:74:04:76:85:9B:6C:2D:15:28
ValiditySat, 02 Dec 2023 14:56:08 GMT - Fri, 01 Mar 2024 14:56:07 GMT
File type ASCII text, with very long lines (65451)
Size 115 kB (114709 bytes)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /themes/javascript/jquery.min.js HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Cookie: PHPSESSID=qcmk16en928bhm1urp8tfaj7h8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 07:01:05 GMT
last-modified: Tue, 23 Mar 2021 09:05:31 GMT
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 556270
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaD5lPDcLuTqHAva4aWhfUWtDQdH8fh9FC3A4XZnx%2Bs757ycHbH9RXdxygXz%2FWqgqtft8H7itFeOEaKzsovf4ud0VRM%2Fsw4h4d13%2FnCeVOAYPMbBFZgvLhp%2BiIXd3cLaeRhnEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd8c474e1a56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cams.gratis/banner/leer.gif
200 OK 290 B URL GET HTTP/3 cams.gratis/banner/leer.gif
IP
Requested by https://cams.gratis/banner/300x250.php?site=hotxgirl
Certificate IssuerGoogle Trust Services LLC
Subjectcams.gratis
FingerprintEA:20:D2:F5:D6:D8:7E:F0:2C:E4:C7:60:05:6C:E6:7B:CE:0F:39:CD
ValidityWed, 25 Oct 2023 17:31:53 GMT - Tue, 23 Jan 2024 17:31:52 GMT
File type GIF image data, version 89a, 192 x 192\012- data
Hash 72e33229faa7e5ba8930deac92a1aae0
496e880a0024b268b4e3987c0863cdbf8a64d696
a556ed9ee99be72f01ac6bf6232e3357ad104cf28d05afd91efbaf5953df1a6a
GET /banner/leer.gif HTTP/1.1
Host: cams.gratis
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cams.gratis/banner/300x250.php?site=hotxgirl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: image/gif
content-length: 290
last-modified: Sun, 13 Jan 2019 11:23:18 GMT
cache-control: max-age=2592000
expires: Thu, 28 Dec 2023 07:29:05 GMT
cf-cache-status: HIT
age: 468198
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsKfWo%2FpQcsDq6POPY9l4kl5lRrjVR69hDWlldl5mdH8b2JSisMaP4Ch%2Bv6LVdweK4W6E6V9FXULLK9Ve3VvCyEgcn0ffAUx21nY51B5ynsNyrM0ACo1k2CpHKbfuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c744bbf8926-LHR
alt-svc: h3=":443"; ma=86400
creative.xlirdr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js
200 OK 82 kB URL GET HTTP/3 creative.xlirdr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (32011), with LF, NEL line terminators
Hash 149fd3a87101adfb731800f02f11e73b
9a9a0f6f14028d913e63fc012a80378a5c4d5896
420332e58487b55b58db2c2edbe69162c5d23170061d16addce87762ef224f4b
GET /widgets/v4/Universal/main.672e6e87c69b0c60653e.js HTTP/1.1
Host: creative.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:22 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 30 Nov 2023 11:58:38 GMT
etag: W/"656878ee-44bd4"
expires: Sun, 03 Dec 2023 17:32:15 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 10
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c6fedbb5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
go.xlirdr.com/i?campaignId=banner2609start&creativeId=300x250&modelsCountry=&modelsLanguage=&sourceId=hotxgirl&tag=females&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&liveBadgeColor=%2324d7d7&showButton=0&showModelName=1&showTitle=0&showLiveBadge=0&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4&landing=WidgetV4Universal
302 Found 0 B URL GET HTTP/2 go.xlirdr.com/i?campaignId=banner2609start&creativeId=300x250&modelsCountry=&modelsLanguage=&sourceId=hotxgirl&tag=females&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&liveBadgeColor=%2324d7d7&showButton=0&showModelName=1&showTitle=0&showLiveBadge=0&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4&landing=WidgetV4Universal
IP
Requested by https://cams.gratis/banner/300x250.php?site=hotxgirl
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i?campaignId=banner2609start&creativeId=300x250&modelsCountry=&modelsLanguage=&sourceId=hotxgirl&tag=females&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&liveBadgeColor=%2324d7d7&showButton=0&showModelName=1&showTitle=0&showLiveBadge=0&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4&landing=WidgetV4Universal HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cams.gratis/
Cookie: __cflb=02DiuDFRFiBZBvMSLtrsnD7QZBLqqpmg3BLYC3emhZcXE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 03 Dec 2023 17:32:23 GMT
content-length: 0
location: https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82fd8c742caa5688-OSL
alt-svc: h3=":443"; ma=86400
go.xlirdr.com/api/models?tag=females&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1
200 OK 1.1 kB URL GET HTTP/3 go.xlirdr.com/api/models?tag=females&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (1701), with no line terminators
Hash bd793af5995a47f12be158c3388bafdb
a593342d6425cee7e2cd4a1e8d47ffb44af43737
498e0501557748aeda57b68c46fe76b0045f90b158917f3d7d28197760b77046
GET /api/models?tag=females&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1 HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
DNT: 1
Connection: keep-alive
Cookie: __cflb=02DiuDFRFiBZBvMSLtrsnD7QZBLqqpmg3BLYC3emhZcXE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:22 GMT
content-type: application/json
access-control-allow-origin: https://creative.xlirdr.com
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Sun, 03 Dec 2023 17:32:20 GMT
cf-cache-status: HIT
age: 2
server: cloudflare
cf-ray: 82fd8c738bb25688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
img.strpst.com/thumbs/1701624690/60952913_webp
200 OK 9.4 kB URL GET HTTP/3 img.strpst.com/thumbs/1701624690/60952913_webp
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 59199f3392ddd6f97b8e162b3f6648a0
af55f2af20a0cb8e1f6457be07b51498a6cbaeb4
7d94ed6abea7064c6eb0049055172c82aeaf97c6c904941942095586a3e4db6e
GET /thumbs/1701624690/60952913_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.xlirdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: image/webp
content-length: 9430
etag: "59199f3392ddd6f97b8e162b3f6648a0"
last-modified: Sun, 03 Dec 2023 17:30:57 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c74cb3356c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/img/close.png
200 OK 4.0 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/img/close.png
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type PNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced\012- data
Hash 23e9690b0e7ac26868363a6248f44467
d7ad0eae64e0c1e65b12eda0aa9d2b91996dd64f
f362c67320d739ccf3bea21f857b9620075bd20ceacda8c51261b9612fe28395
GET /sb/notifications/dating/default/us/desk-all/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: image/png
content-length: 4022
last-modified: Tue, 14 Apr 2020 14:09:22 GMT
etag: "5e95c412-fb6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 472600
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5OT9ZsXuX6TLzIPQrthVDziDg4tFG8M6P7zcOPws5Zw6Nel4c9P1FB4D%2BYQM%2BDwZvjUftXPFE%2F5iGf2r1%2BZTRvj%2BfRtmv9O4Kbl2BcLqNYgTtFvBWLEIvTsEtMdiV92CVijq%2BRkiPhd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c74cde123f5-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/css/output.fe3e9fec3a8e.css
200 OK 6.0 kB URL GET HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.fe3e9fec3a8e.css
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (22272), with no line terminators
Hash 777d0d0ed7ac6e68203aafae7ada65d6
baca6a795da7921d8b3e309a98d2513379bcc4cd
d4dac3accf8ef08f2b8de9cb80a86dfc4fcbc718545dcb8bd3d0e4e8362c3079
GET /CACHE/css/output.fe3e9fec3a8e.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=26903
etag: W/"45ecf3091aa86ce3d3732164aafcc3d8"
last-modified: Mon, 16 Oct 2023 16:59:17 GMT
x-amz-id-2: BHqWEoDWO/RlNChk9Py6YRTm6qCeF/y49mY09iY6YbHwspxHd1XKAbwwmqRk6jN8nsHlJR4CYvw=
x-amz-meta-s3cmd-attrs: md5:45ecf3091aa86ce3d3732164aafcc3d8
x-amz-request-id: 1MBX1WWVJVKWCPRY
x-amz-server-side-encryption: AES256
cf-cache-status: HIT
age: 991200
expires: Tue, 02 Jan 2024 17:32:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BiNwDKaFkF%2Btjl9EqHBzcc94qXYBhswkbZQUjJZnLSHtNswdiQZu6s3Ba6ifasSJDmCEupRp%2Fzy%2FGwgIRFhnktxXGEKX3fcoCHEwIdHVvQ9obsjKh2W%2BYF1ZYhlGKuucFi%2BwvpLDsn0Xo9MgOAScA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=.NzBNv4L2jPQROOwtKnYl1Zat9pnthol370wi94F6ho-1701624743017-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 82fd8c73ce6f1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
go.xlirdr.com/app/domain-checker/get-check
200 OK 611 B URL GET HTTP/3 go.xlirdr.com/app/domain-checker/get-check
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type JSON data\012- , ASCII text
Hash 2230875bd7d0ea339c9f9bd12b10b46d
b37fc4167f7e9c8361b8088e3fd7192cf3685bc2
8564b96b04a4796b50418d7d60c5d3e7aecf3134cebc6e03c30e5c7813960237
GET /app/domain-checker/get-check HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: application/json
access-control-allow-origin: https://creative.xlirdr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28upDCGznfDm9XVDQoiPUVymMcUWiZZqEPbq1V11e; SameSite=None; Secure; path=/; expires=Mon, 04-Dec-23 17:32:23 GMT; HttpOnly
server: cloudflare
cf-ray: 82fd8c73ec435688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
static-assets.highwebmedia.com/images/ico-cams.png?829027f88094
200 OK 549 B URL GET HTTP/3 static-assets.highwebmedia.com/images/ico-cams.png?829027f88094
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT
File type PNG image data, 13 x 15, 8-bit colormap, non-interlaced\012- data
Hash 4437b02e2efeaa0eb69858a7eb957af6
2dfa9c3fa2fc56c7504c043876eaad9526abed62
52dc5730b7afd3f35531dcca2bd7b9984f0271d15c8b449c4b1d425dddf12a33
GET /images/ico-cams.png?829027f88094 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.fe3e9fec3a8e.css
Cookie: _cfuvid=.NzBNv4L2jPQROOwtKnYl1Zat9pnthol370wi94F6ho-1701624743017-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: image/png
content-length: 549
cache-control: public, max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=1457
etag: "58ecd9d7af4908cce84eccd4cbd6f0d0"
last-modified: Tue, 19 Jan 2021 22:03:22 GMT
x-amz-id-2: bW7mVenfVqVY1W3bZFCYAChOT9hNoB8LpOrLvjOe+qf3aoikalmcpw2DVnoMzIe2QCpTxYdCy7I=
x-amz-meta-s3cmd-attrs: md5:58ecd9d7af4908cce84eccd4cbd6f0d0
x-amz-request-id: C1ANAJQ2T54PMNBD
cf-cache-status: HIT
age: 230177
expires: Tue, 02 Jan 2024 17:32:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3mJtA6D7jtlU5B1x0O4jdhVMDTAB3s4c2vZUZXReFkv7Adr%2BO1OYFxK18JtrFcRo0dwPMTOC3Vf71lCAS4TPd3J3U%2BqZyCBZEGRfmsAqnRURLSPjbSlsx3bykRscbF6%2FGELwPdACGyv1WrMPhk0ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c757b16b4f9-OSL
alt-svc: h3=":443"; ma=86400
intelligenceadx.com/jszocpjdfyrndusxws?NIAJKMri=BQMSAAAAAAAACZUAAnvJ0GYgFVKErL7yxf5t3uSS8O_8RDR08oWTHtmRyrIolnMqp0z6Okn3iby5ICnb1LD-5RP1xPQN3CHiE8RhvmXoxskUkhlGkuc1cIseR3VLvAZMFp46Q-WXC1YAGvks6bHy8WCP-blrMhPrurl3rPyOGdwXTXAJNhZs2KHm24Pz4OLkdAPmmdBBmY__ULB4PDFOKA90gLVC9F050EXmf7hMtLQUsrfLAUNslftf_2Sc9RWmJYleKu6O6OllhwFyXtS_whCc-n7nN8FmG87qBJXsbXzKKQQ5Yjv1l9iNne3ww49E4nwwJHxVpfhvbfjV5qnhuSEXYb8MqSYxUTwcv3WLS5Ldl_iR7-iJ-aQvPZc0VdZhloh3KF3BylsM_bg_giYYY1C8PaEShjrsYGiFy2ZXgkamsbdShNIlAWR9RnPPw4BZ7aXUaQmaR7Udooa7KgpCBohuYkPYpfJCCtCk54d2TKTazkEGzYLKZaGAYbid2y1kOlVdD57ixi6WDZ-avkAspNm6th1Ttwo_4wLXkfpDylsoYB2VkrRt1HNImq7SaCEj9gVAomdsTPD2WiB7dogwZO_o03lZtMZ_d6Aj23So6b89_6wOwCWoVLZlJbgwWqkIuPRDVukk81NrjW07tg2U4m-VlzaoAhnhkFOFWW7fK0bo0CtkqVh9sYYReCCov6ut_OlzD8DCQEhpEpJgh7jP9nLCJ8rbNATJVGJP-lv-hSPNPVKTbRZ8rDUaQ7DpKSTpaHM6bBAaYYC2woSoKPnvyIz-zv8tN9l_pIe3xXAHZfNSp6RzUjCKbHqFMYZEq-tKPRxVNPHo2qj4Ni3siwh8cv7rLoCkZrCTVucwVxQ8_t-mfFeOr5Bnzy5g0kHr1aF4PTe_PcwZIjr1S7Pii1EjmlAN50clivVzEhIHhQlmoLzdKrpTQmH6AuHn9ZoOLlNWadP4j6Y99ElQP3Wi-H5wzICz-tekkCjP3ZM2MerQd1b8modUZkYyl73yve99xF3Lfe-Bll51kjIlgh8KFlfaOuEAenRun7BI-UKoEw4&mraoztek=4&JIcjQEUn=4791666&luqtJypF=&hqVJMnlX=0,0&mRwVTBuI=&OqUJQKRD=&aHdBIRUL=1280,1024,1,1280,1024,0
200 OK 44 B URL GET HTTP/2 intelligenceadx.com/jszocpjdfyrndusxws?NIAJKMri=BQMSAAAAAAAACZUAAnvJ0GYgFVKErL7yxf5t3uSS8O_8RDR08oWTHtmRyrIolnMqp0z6Okn3iby5ICnb1LD-5RP1xPQN3CHiE8RhvmXoxskUkhlGkuc1cIseR3VLvAZMFp46Q-WXC1YAGvks6bHy8WCP-blrMhPrurl3rPyOGdwXTXAJNhZs2KHm24Pz4OLkdAPmmdBBmY__ULB4PDFOKA90gLVC9F050EXmf7hMtLQUsrfLAUNslftf_2Sc9RWmJYleKu6O6OllhwFyXtS_whCc-n7nN8FmG87qBJXsbXzKKQQ5Yjv1l9iNne3ww49E4nwwJHxVpfhvbfjV5qnhuSEXYb8MqSYxUTwcv3WLS5Ldl_iR7-iJ-aQvPZc0VdZhloh3KF3BylsM_bg_giYYY1C8PaEShjrsYGiFy2ZXgkamsbdShNIlAWR9RnPPw4BZ7aXUaQmaR7Udooa7KgpCBohuYkPYpfJCCtCk54d2TKTazkEGzYLKZaGAYbid2y1kOlVdD57ixi6WDZ-avkAspNm6th1Ttwo_4wLXkfpDylsoYB2VkrRt1HNImq7SaCEj9gVAomdsTPD2WiB7dogwZO_o03lZtMZ_d6Aj23So6b89_6wOwCWoVLZlJbgwWqkIuPRDVukk81NrjW07tg2U4m-VlzaoAhnhkFOFWW7fK0bo0CtkqVh9sYYReCCov6ut_OlzD8DCQEhpEpJgh7jP9nLCJ8rbNATJVGJP-lv-hSPNPVKTbRZ8rDUaQ7DpKSTpaHM6bBAaYYC2woSoKPnvyIz-zv8tN9l_pIe3xXAHZfNSp6RzUjCKbHqFMYZEq-tKPRxVNPHo2qj4Ni3siwh8cv7rLoCkZrCTVucwVxQ8_t-mfFeOr5Bnzy5g0kHr1aF4PTe_PcwZIjr1S7Pii1EjmlAN50clivVzEhIHhQlmoLzdKrpTQmH6AuHn9ZoOLlNWadP4j6Y99ElQP3Wi-H5wzICz-tekkCjP3ZM2MerQd1b8modUZkYyl73yve99xF3Lfe-Bll51kjIlgh8KFlfaOuEAenRun7BI-UKoEw4&mraoztek=4&JIcjQEUn=4791666&luqtJypF=&hqVJMnlX=0,0&mRwVTBuI=&OqUJQKRD=&aHdBIRUL=1280,1024,1,1280,1024,0
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerSectigo Limited
Subjectintelligenceadx.com
Fingerprint94:6C:BA:9F:0A:95:B3:DF:60:7C:81:24:EA:52:60:94:BE:C9:27:A4
ValidityMon, 14 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /jszocpjdfyrndusxws?NIAJKMri=BQMSAAAAAAAACZUAAnvJ0GYgFVKErL7yxf5t3uSS8O_8RDR08oWTHtmRyrIolnMqp0z6Okn3iby5ICnb1LD-5RP1xPQN3CHiE8RhvmXoxskUkhlGkuc1cIseR3VLvAZMFp46Q-WXC1YAGvks6bHy8WCP-blrMhPrurl3rPyOGdwXTXAJNhZs2KHm24Pz4OLkdAPmmdBBmY__ULB4PDFOKA90gLVC9F050EXmf7hMtLQUsrfLAUNslftf_2Sc9RWmJYleKu6O6OllhwFyXtS_whCc-n7nN8FmG87qBJXsbXzKKQQ5Yjv1l9iNne3ww49E4nwwJHxVpfhvbfjV5qnhuSEXYb8MqSYxUTwcv3WLS5Ldl_iR7-iJ-aQvPZc0VdZhloh3KF3BylsM_bg_giYYY1C8PaEShjrsYGiFy2ZXgkamsbdShNIlAWR9RnPPw4BZ7aXUaQmaR7Udooa7KgpCBohuYkPYpfJCCtCk54d2TKTazkEGzYLKZaGAYbid2y1kOlVdD57ixi6WDZ-avkAspNm6th1Ttwo_4wLXkfpDylsoYB2VkrRt1HNImq7SaCEj9gVAomdsTPD2WiB7dogwZO_o03lZtMZ_d6Aj23So6b89_6wOwCWoVLZlJbgwWqkIuPRDVukk81NrjW07tg2U4m-VlzaoAhnhkFOFWW7fK0bo0CtkqVh9sYYReCCov6ut_OlzD8DCQEhpEpJgh7jP9nLCJ8rbNATJVGJP-lv-hSPNPVKTbRZ8rDUaQ7DpKSTpaHM6bBAaYYC2woSoKPnvyIz-zv8tN9l_pIe3xXAHZfNSp6RzUjCKbHqFMYZEq-tKPRxVNPHo2qj4Ni3siwh8cv7rLoCkZrCTVucwVxQ8_t-mfFeOr5Bnzy5g0kHr1aF4PTe_PcwZIjr1S7Pii1EjmlAN50clivVzEhIHhQlmoLzdKrpTQmH6AuHn9ZoOLlNWadP4j6Y99ElQP3Wi-H5wzICz-tekkCjP3ZM2MerQd1b8modUZkYyl73yve99xF3Lfe-Bll51kjIlgh8KFlfaOuEAenRun7BI-UKoEw4&mraoztek=4&JIcjQEUn=4791666&luqtJypF=&hqVJMnlX=0,0&mRwVTBuI=&OqUJQKRD=&aHdBIRUL=1280,1024,1,1280,1024,0 HTTP/1.1
Host: intelligenceadx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sun, 03 Dec 2023 17:32:23 GMT
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/05/c8/20/05c820d9ce67af6dea2e5441dbe3e8f9/1683231080.png
200 OK 39 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/05/c8/20/05c820d9ce67af6dea2e5441dbe3e8f9/1683231080.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 6451b63b68b5068db02571051f6f6a30
32badef5d69090b4d2ea7b300bb5264938e198ef
b1b0a314a2d4924b2849fec48b7863ccc68413e58330d99f6ad901bfa6282819
GET /si/05/c8/20/05c820d9ce67af6dea2e5441dbe3e8f9/1683231080.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: image/png
content-length: 39220
server: nginx/1.21.6
last-modified: Thu, 04 May 2023 20:11:29 GMT
etag: "64541171-9934"
expires: Tue, 05 Dec 2023 17:32:23 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/style.css
200 OK 34 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/style.css
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
Hash ff9ebedb55b053ebd14efcce6b3917e0
9b306adb30092f39235392926189c4a1e3816bfa
ffcde61128702ad9b659eaf18c732dafc248344c80260cee28f49f300521a2ed
GET /sb/notifications/dating/default/us/desk-all/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 11:38:00 GMT
etag: W/"6128ce98-169c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 268763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fw%2BshwGB3xmzNIZZG%2FmrfIHif1F38RmKLcwHsMpQkgapGIAb8mmwkdNTUxqweJ%2Buf19dycbn3YJjcccagKl1jVoy0SETn5kjFs3xTUwejioYtBgxx16JC4m1lHhOvQWUsLAJxM%2BrJ7uN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c742a9760fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/fonts/ubuntum-webfont.woff?a7fc63c36394
200 OK 32 kB URL GET HTTP/3 static-assets.highwebmedia.com/fonts/ubuntum-webfont.woff?a7fc63c36394
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31680, version 1.0\012- data
Hash 9968f3d2a16c9ae20a54d0e44ee83d3a
dfd651a49017147b8e8078d530f0930020bfb846
a7fc63c363948d7add8e1dade66045376e2bad22da6697f84d175e5f9a76166e
GET /fonts/ubuntum-webfont.woff?a7fc63c36394 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chaturbate.com
DNT: 1
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: application/font-woff
content-length: 31680
x-amz-id-2: owrbYwL2kgzn2iePZrAZaEdU0BW0cGkujRphvBWn/VM4e0xZSOIf/oPxecZVMDd0EX9C43iY3dMGGvScMSsKw+AIgn5N80/c
x-amz-request-id: B8DRP1NFKYEBMBX4
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Jan 2021 22:07:54 GMT
etag: "9968f3d2a16c9ae20a54d0e44ee83d3a"
x-amz-meta-s3cmd-attrs: md5:9968f3d2a16c9ae20a54d0e44ee83d3a
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 551758
expires: Tue, 02 Jan 2024 17:32:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtQXJ0%2FPEUy2qm%2FlqeADKkkuFgmxXu32WXmgd4BtJLBud%2FBgKZz7SY7e0CWH%2B%2F5xl3ZbaELyX3%2F%2F%2Bd%2BFjFAfF4nqSzlhO4tc33KVD8xMrt6MrK6CVtW2Ie8y%2F7UEL3M6dkL1rp5gx%2FJH%2FnMh7YbGDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=zE_zzVduaLsqToMrscv82JAb2F5dMAFj0_WwSfuzAxQ-1701624743353-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 82fd8c75eb91b4f9-OSL
alt-svc: h3=":443"; ma=86400
static-assets.highwebmedia.com/images/ico-female.svg?818c9c4c368f
200 OK 2.8 kB URL GET HTTP/3 static-assets.highwebmedia.com/images/ico-female.svg?818c9c4c368f
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (547)
Hash 304b64c8f4b6c7e0c36c86b419151c45
8c2e14f4e318365ed4c3beefd7eeb4e8d0a4b725
818c9c4c368ff40bbc414f8bb3a80990c7208bcf0b45f9d9aa947f1ea2e1eb93
GET /images/ico-female.svg?818c9c4c368f HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.fe3e9fec3a8e.css
Cookie: _cfuvid=.NzBNv4L2jPQROOwtKnYl1Zat9pnthol370wi94F6ho-1701624743017-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: image/svg+xml
x-amz-id-2: dmFowCHE53I0r5gdVNgZ4u8zarsxJCe00VU727swliUbpE02w96UPHVcbYHYw+YR6lNPBj+VrNdJWGPMzGa4Fg==
x-amz-request-id: 5G8RSRJTDTDKY2PA
last-modified: Tue, 09 Mar 2021 22:37:01 GMT
etag: W/"304b64c8f4b6c7e0c36c86b419151c45"
x-amz-meta-s3cmd-attrs: md5:304b64c8f4b6c7e0c36c86b419151c45
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 999703
expires: Tue, 02 Jan 2024 17:32:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2m3Eh5YtzRO4xdB%2FPUekQ1nsX0NDtf652EnEon1LcgEFVjEimgxnEd3ByE0lqDSsDpudx7QnB3DatEYlWztn7BVE5nYIgCfUdLsgGBZwJLAxY3zy%2F2VEvWLQRq1RTWd4aQFMFOPQ5KRmPp0NRwXBEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c757b12b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.cloudimagesb.com/si/b3/dd/fd/b3ddfd7cf6f212b3bce3129fb7a007fc/1683231156.png
200 OK 65 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/b3/dd/fd/b3ddfd7cf6f212b3bce3129fb7a007fc/1683231156.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 887812a53b8ea2dbad33f6ae105b8c2d
f83d97ef46827200fa62093ed09b4b6fa25b26d8
9443edf293511b0732211234002c799508a2bfc63a3e28a57d7b12ee30f277e9
GET /si/b3/dd/fd/b3ddfd7cf6f212b3bce3129fb7a007fc/1683231156.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: image/png
content-length: 64601
server: nginx/1.21.6
last-modified: Thu, 04 May 2023 20:12:45 GMT
etag: "645411bd-fc59"
expires: Tue, 05 Dec 2023 17:32:23 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
stripchat.global/checkUrl
200 OK 15 B URL GET HTTP/2 stripchat.global/checkUrl
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectstripchat.global
Fingerprint3C:56:7E:55:79:BA:4E:B6:1C:F5:04:06:89:2E:71:68:36:C6:90:9A
ValidityMon, 23 Oct 2023 00:00:00 GMT - Tue, 22 Oct 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 7fb97eb7c8636552ad068f6d56b5ea34
b69679936779fb02503bc0fe1374a737cc762ecb
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5
GET /checkUrl HTTP/1.1
Host: stripchat.global
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: application/json
content-length: 15
access-control-allow-origin: https://creative.xlirdr.com
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuGyDLPvii6XBe55W4fmxo2EJByXpbbPNXTbCcwkNx; SameSite=None; Secure; path=/; expires=Mon, 04-Dec-23 17:32:23 GMT; HttpOnly
server: cloudflare
cf-ray: 82fd8c763b585684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 8.1 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash 7d9ad460a8ea7cc106d132e7ff08a565
12ed78d892c461e080d94be64be99da784374ee8
603cbc03790f06102cd9c8ac727013d48e9889c41197c934332efbaaea745ddf
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 03 Dec 2023 17:32:23 GMT
date: Sun, 03 Dec 2023 17:32:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vintageperk.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3l29LIIuXjwIDV4UZNI9P5IZ97BrXCPBmGR%2FSM7VVTWTMtVVbVX39GROwQXd4%2BzNY%2BebZIO6invwJIL0eJHA4o4HycGc%2FA%2BEvQnSk4HRB1XvffW9w%2Fe9V58fZuckREbPtj8yQ6kUXWrVAv%2FNHam5yZ2%2Fec8Pg1pw3d%2BRerl53R9Ul%2B2%2FEwatWvCW%2F4Fge2apHoRBEAahvyat6JrB0oyFTB53wlonqDXrtbDVxMD%2BH7vMg6MeeP%2BcXIPk0xd2f30CyUro%2BPtbwu2lJnn7%2FThTNDUWfX7ysd7TJteIF2XXeujqk3k3jJsS8uUlGH0ydwDTP6ocIJJT4v0RItInc5mI%2BscXSiMFoRHxq8j7JYQqIWkJZu5D8mcEYBybW9Dxo01jc7p%2FwdKKnZIrz%2F%2BGzKfkyp%2BvQsffrSo58O8alaXSaIdBt4AclJC9Ekk2QTr0IPMJWPoZJH9Klp5vQMdHW04ZSF7M3EtZQnZLKDECdR6y6kgPWddDlniI%2BZlPW51uEKx0o26j0W4yxhoNxlrtZd7ijWa7GyBjlbwR0mQEpkZg9gCJPcCefPisdQ02%2Bxlut4DjHlw6Jd7tA%2FR5gVwQ5I4gpwS5JMhTgrxfHHPl6q54xJXLonCe6%2FPcKMYm7R3SY5P2hCagdnSYnJNXqvF4L%2FVuY0%2Bc%2BZ0mbzdpJ%2BQs6NRbIhJ8mbdbYcSiTjtgdQ4nC0h3aeZ4KKeE%2FPAXkip%2FcRMRncCpCZh8GTR7HTQfr9QD0N1xsx1gqL%2BN93dNOkwkqzETg5sCSXoF6b53qM7Ja7M93SxfhGCnN34jswCzBRJb4BP5C0FPPRjfMTk5umNyR55sJamM5ZBWO7yb0lRc%2FvpDsZ8by9dvudFX77KKqMrH94RLN6jmUvcc%2BWZVci7smrFMkJ%2FW3Y6ItjO3u5pZnSUb2%2B%2BtrceJFc5Jo0vQylv5KZickqv%2FPJ39zzesgrQlbFYgzk7JPCDNBCw5gEsW%2Bp0hsGrREyUe8qwY23q0eFSSQIkFplEB9x8cLepD9wA964Gm96HjAn1boK8KUDWCyy6P08Se3vi9MQtEyhtHynpHkbLq4cVwnTzzW2FTtKP2CuM8EoyHK%2FVGuxEEdc6bKx0RdpC6qVA%2FHv0LAAD%2F%2FwEAAP%2F%2FnFX9HHcEAAA%3D
200 OK 7 B URL GET HTTP/1.1 vintageperk.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3l29LIIuXjwIDV4UZNI9P5IZ97BrXCPBmGR%2FSM7VVTWTMtVVbVX39GROwQXd4%2BzNY%2BebZIO6invwJIL0eJHA4o4HycGc%2FA%2BEvQnSk4HRB1XvffW9w%2Fe9V58fZuckREbPtj8yQ6kUXWrVAv%2FNHam5yZ2%2Fec8Pg1pw3d%2BRerl53R9Ul%2B2%2FEwatWvCW%2F4Fge2apHoRBEAahvyat6JrB0oyFTB53wlonqDXrtbDVxMD%2BH7vMg6MeeP%2BcXIPk0xd2f30CyUro%2BPtbwu2lJnn7%2FThTNDUWfX7ysd7TJteIF2XXeujqk3k3jJsS8uUlGH0ydwDTP6ocIJJT4v0RItInc5mI%2BscXSiMFoRHxq8j7JYQqIWkJZu5D8mcEYBybW9Dxo01jc7p%2FwdKKnZIrz%2F%2BGzKfkyp%2BvQsffrSo58O8alaXSaIdBt4AclJC9Ekk2QTr0IPMJWPoZJH9Klp5vQMdHW04ZSF7M3EtZQnZLKDECdR6y6kgPWddDlniI%2BZlPW51uEKx0o26j0W4yxhoNxlrtZd7ijWa7GyBjlbwR0mQEpkZg9gCJPcCefPisdQ02%2Bxlut4DjHlw6Jd7tA%2FR5gVwQ5I4gpwS5JMhTgrxfHHPl6q54xJXLonCe6%2FPcKMYm7R3SY5P2hCagdnSYnJNXqvF4L%2FVuY0%2Bc%2BZ0mbzdpJ%2BQs6NRbIhJ8mbdbYcSiTjtgdQ4nC0h3aeZ4KKeE%2FPAXkip%2FcRMRncCpCZh8GTR7HTQfr9QD0N1xsx1gqL%2BN93dNOkwkqzETg5sCSXoF6b53qM7Ja7M93SxfhGCnN34jswCzBRJb4BP5C0FPPRjfMTk5umNyR55sJamM5ZBWO7yb0lRc%2FvpDsZ8by9dvudFX77KKqMrH94RLN6jmUvcc%2BWZVci7smrFMkJ%2FW3Y6ItjO3u5pZnSUb2%2B%2BtrceJFc5Jo0vQylv5KZickqv%2FPJ39zzesgrQlbFYgzk7JPCDNBCw5gEsW%2Bp0hsGrREyUe8qwY23q0eFSSQIkFplEB9x8cLepD9wA964Gm96HjAn1boK8KUDWCyy6P08Se3vi9MQtEyhtHynpHkbLq4cVwnTzzW2FTtKP2CuM8EoyHK%2FVGuxEEdc6bKx0RdpC6qVA%2FHv0LAAD%2F%2FwEAAP%2F%2FnFX9HHcEAAA%3D
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectvintageperk.com
FingerprintB5:A1:A6:63:12:26:F5:61:29:1F:59:C4:11:C1:FE:AC:D3:A9:0F:75
ValidityTue, 28 Nov 2023 10:47:12 GMT - Mon, 26 Feb 2024 10:47:11 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3l29LIIuXjwIDV4UZNI9P5IZ97BrXCPBmGR%2FSM7VVTWTMtVVbVX39GROwQXd4%2BzNY%2BebZIO6invwJIL0eJHA4o4HycGc%2FA%2BEvQnSk4HRB1XvffW9w%2Fe9V58fZuckREbPtj8yQ6kUXWrVAv%2FNHam5yZ2%2Fec8Pg1pw3d%2BRerl53R9Ul%2B2%2FEwatWvCW%2F4Fge2apHoRBEAahvyat6JrB0oyFTB53wlonqDXrtbDVxMD%2BH7vMg6MeeP%2BcXIPk0xd2f30CyUro%2BPtbwu2lJnn7%2FThTNDUWfX7ysd7TJteIF2XXeujqk3k3jJsS8uUlGH0ydwDTP6ocIJJT4v0RItInc5mI%2BscXSiMFoRHxq8j7JYQqIWkJZu5D8mcEYBybW9Dxo01jc7p%2FwdKKnZIrz%2F%2BGzKfkyp%2BvQsffrSo58O8alaXSaIdBt4AclJC9Ekk2QTr0IPMJWPoZJH9Klp5vQMdHW04ZSF7M3EtZQnZLKDECdR6y6kgPWddDlniI%2BZlPW51uEKx0o26j0W4yxhoNxlrtZd7ijWa7GyBjlbwR0mQEpkZg9gCJPcCefPisdQ02%2Bxlut4DjHlw6Jd7tA%2FR5gVwQ5I4gpwS5JMhTgrxfHHPl6q54xJXLonCe6%2FPcKMYm7R3SY5P2hCagdnSYnJNXqvF4L%2FVuY0%2Bc%2BZ0mbzdpJ%2BQs6NRbIhJ8mbdbYcSiTjtgdQ4nC0h3aeZ4KKeE%2FPAXkip%2FcRMRncCpCZh8GTR7HTQfr9QD0N1xsx1gqL%2BN93dNOkwkqzETg5sCSXoF6b53qM7Ja7M93SxfhGCnN34jswCzBRJb4BP5C0FPPRjfMTk5umNyR55sJamM5ZBWO7yb0lRc%2FvpDsZ8by9dvudFX77KKqMrH94RLN6jmUvcc%2BWZVci7smrFMkJ%2FW3Y6ItjO3u5pZnSUb2%2B%2BtrceJFc5Jo0vQylv5KZickqv%2FPJ39zzesgrQlbFYgzk7JPCDNBCw5gEsW%2Bp0hsGrREyUe8qwY23q0eFSSQIkFplEB9x8cLepD9wA964Gm96HjAn1boK8KUDWCyy6P08Se3vi9MQtEyhtHynpHkbLq4cVwnTzzW2FTtKP2CuM8EoyHK%2FVGuxEEdc6bKx0RdpC6qVA%2FHv0LAAD%2F%2FwEAAP%2F%2FnFX9HHcEAAA%3D HTTP/1.1
Host: vintageperk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Cookie: u_pl=17655633; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 17:32:23 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e255ea3c81852f3192523b1b56e95a57
Strict-Transport-Security: max-age=0; includeSubdomains
chaturbate.com/in/?track=hotxgirl&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f
302 Found 16 kB URL GET HTTP/3 chaturbate.com/in/?track=hotxgirl&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f
IP
Requested by https://cams.gratis/banner/300x250.php?site=hotxgirl
Certificate IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /in/?track=hotxgirl&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cams.gratis/
Cookie: __cf_bm=18AcEjAJUr.Oj.3eBmiFjDqsr9ZFq42nhhYieTPBL2o-1701624742-0-AWEz3lDwX51DprjvRaDTRDv8sAdxM84L04tDq8xySUaZd+wn3MWZfFbCfz/tQqi17RZjiuLuVmuhs0N+6nEnX20=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: text/html; charset=utf-8
location: /tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.static.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://*.googletagmanager.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://*.googletagmanager.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://analytics.google.com https://*.analytics.google.com https://*.googletagmanager.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://storage.googleapis.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com https://directory-live.cb.dev https://*.web.cb.dev ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://saas-onboarding.incodesmile.com https://smartpay.coinsmart.com https://crypto-payments.net https://secure.paygarden.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
set-cookie: u_x1Rd=1; expires=Fri, 08 Dec 2023 17:32:23 GMT; Max-Age=432000; Path=/
us_x1Rd=1; Path=/
affkey="eJwdjDsKgDAQBa8iW4sxVmLnBSwED7AkfoIGJdliRby7PLs3M/AeEuoKUjt6Kgty8QIOrr8nsKQdvJ2ia0gHVPqFyJU7YxzHXK2JJWSDyMuCHFlV4+wDN7VtEf7bxmLm4AH0fpSHIo0="; Domain=.chaturbate.com; expires=Tue, 02 Jan 2024 17:32:23 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Sun, 03 Dec 2023 23:32:23 GMT; Max-Age=21600; Path=/
sbr=sec:sbr8545fab7-e4bc-4eaf-b4e7-b0a49e9d6140:1r9qKN:e38gM5tT87DW05gSJ6zVWYJpTCE; Domain=.chaturbate.com; expires=Fri, 28 Aug 2026 17:32:23 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82fd8c742da8b523-OSL
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 304489
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
go.xlirdr.com/app/domain-checker/check-result
204 No Content 0 B URL POST HTTP/3 go.xlirdr.com/app/domain-checker/check-result
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /app/domain-checker/check-result HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 174
Origin: https://creative.xlirdr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sun, 03 Dec 2023 17:32:23 GMT
access-control-allow-origin: https://creative.xlirdr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtqFVfs5Aboo4dwjq6q7B94uxsqfi; SameSite=None; Secure; path=/; expires=Mon, 04-Dec-23 17:32:23 GMT; HttpOnly
server: cloudflare
cf-ray: 82fd8c775adf5688-OSL
alt-svc: h3=":443"; ma=86400
chaturbate.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
302 Found 3.9 kB URL GET HTTP/3 chaturbate.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT
Hash 7732d0376a9f049c9b509ebdfa1f3564
cb1b0609beba587bf18084ec57cccc1d147374d8
ad4d90e3b92b3918be23de7f006b4c4bfdfe64d25dec9006665c739cb69cb7ab
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=18AcEjAJUr.Oj.3eBmiFjDqsr9ZFq42nhhYieTPBL2o-1701624742-0-AWEz3lDwX51DprjvRaDTRDv8sAdxM84L04tDq8xySUaZd+wn3MWZfFbCfz/tQqi17RZjiuLuVmuhs0N+6nEnX20=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 03 Dec 2023 17:32:23 GMT
access-control-allow-origin: *
cache-control: max-age=300, public
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdFARD0Gj%2B9AbAAs4Q548icHP36xPoxvo0THxBxP3kvy67fMEVupNja6kc7GGS31Ww0cyGh7t%2FvTWRUCuNUQJaI9HsQpOp0sYo6%2BunQq1rQc8EzwcBIaNq2KKwVCUeG%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82fd8c75e811b523-OSL
alt-svc: h3=":443"; ma=86400
vintageperk.com/pixel/sbs?c=1
200 OK 0 B URL GET HTTP/1.1 vintageperk.com/pixel/sbs?c=1
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectvintageperk.com
FingerprintB5:A1:A6:63:12:26:F5:61:29:1F:59:C4:11:C1:FE:AC:D3:A9:0F:75
ValidityTue, 28 Nov 2023 10:47:12 GMT - Mon, 26 Feb 2024 10:47:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: vintageperk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Cookie: u_pl=17655633; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 17:32:23 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
video.ktkjmp.com/adsbygoogle.js
200 OK 16 B URL GET HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectvideo.ktkjmp.com
Fingerprint02:C1:75:9D:DD:6A:66:20:9E:A3:46:1B:5E:A4:87:83:5A:09:92:93
ValiditySun, 02 Jul 2023 00:00:00 GMT - Mon, 01 Jul 2024 23:59:59 GMT
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: jbYm0PiEFdSbVGjEC7ggC0XoDDZyaVSUrlEaCEMnwZ/XIEQCJzh0JXFijRtXE2FxvpNMKbcht4M=
x-amz-request-id: WWWQGQDQRVFNSPEV
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xlirdr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 4992
expires: Sun, 03 Dec 2023 21:32:23 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c78abf3b523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-GX0FLQH21P
200 OK 83 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-GX0FLQH21P
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (7711)
Hash 38e17e3c37874aa824ce4d64ee920582
3b1c1ea83e2744b7c119892f2e89d2b4708ad2a9
d2eca360f5a8a6149fda210705849816d554dd1681c21dbdc968014e06fe8f9c
GET /gtag/js?id=G-GX0FLQH21P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Dec 2023 17:32:23 GMT
expires: Sun, 03 Dec 2023 17:32:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83431
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
img.strpst.com/thumbs/1701624690/60952913_webp
200 OK 9.4 kB URL GET HTTP/3 img.strpst.com/thumbs/1701624690/60952913_webp
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 59199f3392ddd6f97b8e162b3f6648a0
af55f2af20a0cb8e1f6457be07b51498a6cbaeb4
7d94ed6abea7064c6eb0049055172c82aeaf97c6c904941942095586a3e4db6e
GET /thumbs/1701624690/60952913_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.xlirdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:24 GMT
content-type: image/webp
content-length: 9430
etag: "59199f3392ddd6f97b8e162b3f6648a0"
last-modified: Sun, 03 Dec 2023 17:30:57 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 61
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c7aec8eb503-OSL
alt-svc: h3=":443"; ma=86400
chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
200 OK 23 kB URL GET HTTP/3 chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
IP
Requested by https://cams.gratis/banner/300x250.php?site=hotxgirl
Certificate IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (54753)
Hash 7b9a01f99c50ce48d9361fa6d863acc8
5a9a788ee71166e78061e40f4673cd49f29c8b77
2d4db17f68531191a23b4fc63df698222068e87899d8c5bc1046e60d96ec68dc
GET /tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cams.gratis/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=18AcEjAJUr.Oj.3eBmiFjDqsr9ZFq42nhhYieTPBL2o-1701624742-0-AWEz3lDwX51DprjvRaDTRDv8sAdxM84L04tDq8xySUaZd+wn3MWZfFbCfz/tQqi17RZjiuLuVmuhs0N+6nEnX20=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Language, Cookie
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.static.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://*.googletagmanager.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://*.googletagmanager.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://analytics.google.com https://*.analytics.google.com https://*.googletagmanager.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://storage.googleapis.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com https://directory-live.cb.dev https://*.web.cb.dev ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://saas-onboarding.incodesmile.com https://smartpay.coinsmart.com https://crypto-payments.net https://secure.paygarden.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
cache-control: no-cache
set-cookie: affkey="eJyrVipSslJQyigpKSi20tdPTswt1ksvSizJLNZXqgUAilAJow=="; Domain=.chaturbate.com; expires=Tue, 02 Jan 2024 17:32:23 GMT; Max-Age=2592000; Path=/
sbr=sec:sbr299c98b2-8304-4883-9c7b-919046ee3949:1r9qKN:BsXym0r5oBBp2_OSg4bwCfMeGNA; Domain=.chaturbate.com; expires=Fri, 28 Aug 2026 17:32:23 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82fd8c76d95cb523-OSL
content-encoding: br
static-assets.highwebmedia.com/fonts/ubuntum-webfont.woff?a7fc63c36394
200 OK 32 kB URL GET HTTP/3 static-assets.highwebmedia.com/fonts/ubuntum-webfont.woff?a7fc63c36394
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31680, version 1.0\012- data
Hash 9968f3d2a16c9ae20a54d0e44ee83d3a
dfd651a49017147b8e8078d530f0930020bfb846
a7fc63c363948d7add8e1dade66045376e2bad22da6697f84d175e5f9a76166e
GET /fonts/ubuntum-webfont.woff?a7fc63c36394 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chaturbate.com
DNT: 1
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:24 GMT
content-type: application/font-woff
content-length: 31680
x-amz-id-2: owrbYwL2kgzn2iePZrAZaEdU0BW0cGkujRphvBWn/VM4e0xZSOIf/oPxecZVMDd0EX9C43iY3dMGGvScMSsKw+AIgn5N80/c
x-amz-request-id: B8DRP1NFKYEBMBX4
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Jan 2021 22:07:54 GMT
etag: "9968f3d2a16c9ae20a54d0e44ee83d3a"
x-amz-meta-s3cmd-attrs: md5:9968f3d2a16c9ae20a54d0e44ee83d3a
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 551759
expires: Tue, 02 Jan 2024 17:32:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1vl%2BisBeRXg1xULA49wEB1SlEIH%2FmzI%2Ffd%2Bphro%2FqGg7iv0rpDtUhNYP2Wwq4vDzAmFh7icjRQmUx0PqBpbWt1AnLgfyz0WFL3eOCqVX9Dt55cPK1W0Z0lYGWSM7cWVH0PvEmVt%2FnmcEfVPwyyaoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=nV3aJsvapkIqftT0ciemHOsDQrT5KbJoOB0GQHgViDQ-1701624744196-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 82fd8c7b2c99b4f9-OSL
alt-svc: h3=":443"; ma=86400
static-assets.highwebmedia.com/fonts/ubuntur-webfont.woff?896a82003cd1
200 OK 33 kB URL GET HTTP/3 static-assets.highwebmedia.com/fonts/ubuntur-webfont.woff?896a82003cd1
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 32960, version 1.0\012- data
Hash 30556905d926944a6ada140546bcf5ce
b9346ce355c8259d71707ab65c13e0629d01a48e
896a82003cd1a9134b0404c129bb7b8292e1d8a91298e275141b21086baa8a9d
GET /fonts/ubuntur-webfont.woff?896a82003cd1 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chaturbate.com
DNT: 1
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:24 GMT
content-type: application/font-woff
content-length: 32960
x-amz-id-2: N2Tc9KlR4exGQ/wbfS3DdRMdxKvz2DmjiYERmVN/2wWJed7bqXclBM+LjExk3CzXoOd3QwCV8pM=
x-amz-request-id: A7XFZJYC9BFHRCSF
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Jan 2021 22:07:55 GMT
etag: "30556905d926944a6ada140546bcf5ce"
x-amz-meta-s3cmd-attrs: md5:30556905d926944a6ada140546bcf5ce
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1005484
expires: Tue, 02 Jan 2024 17:32:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLwiKgp33YsG8MHU3XHEjFIKZvJoMXMFPTaO27AWDFPKpWannXCWrDCFWJ9esW%2B8jBmDHkVfMyOQrfoYc1Hv3V1qLAOgRltpSDh7nglCHUDKluqwxZh0dlNAkejmp9zOX64%2B5RMaXnyPY8UV6f6MKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=lhJbpayyjE6z2EHERTrCCtxqosjC2RqiyBE5mIp_aSM-1701624744198-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 82fd8c7b2c95b4f9-OSL
alt-svc: h3=":443"; ma=86400
roomimg.stream.highwebmedia.com/riw/floret_joy.jpg?1701624720
200 OK 7.4 kB URL GET HTTP/2 roomimg.stream.highwebmedia.com/riw/floret_joy.jpg?1701624720
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerDigiCert Inc
Subject*.live.mmcdn.com
Fingerprint34:DF:74:AE:F3:BE:BA:96:2E:BE:92:8E:90:D4:92:67:9F:6B:98:AD
ValiditySat, 04 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Hash eaa3d8dfdb4325eda52bd4d251e2e973
7cf02f89569b7cfacc0456cfd9326993efce3805
12fb1794e0e7ff10f27e69cd65bab9e275e856175678c494af071aba181bb221
GET /riw/floret_joy.jpg?1701624720 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
DNT: 1
Connection: keep-alive
Cookie: _cfuvid=.NzBNv4L2jPQROOwtKnYl1Zat9pnthol370wi94F6ho-1701624743017-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:24 GMT
content-type: image/jpeg
content-length: 7383
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=7394
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-server-name: CB Jpeg Server
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 15
last-modified: Sun, 03 Dec 2023 17:32:09 GMT
expires: Sun, 03 Dec 2023 17:32:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaFheXSVeMoD6XljUfxJq9McC4S%2FVeIoAy1VpDZuko88uNDi2LnpIEuCGdYVo%2FI108LMKco9s%2BEuTU9W0Y15%2BfCQglmnWL9OyECreent0FOxfWGj4Cmj6PlDATXH7%2BaDltomq%2Fte2gpr0sV69BFPb%2Fo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c7b6a7b0b65-OSL
alt-svc: h3=":443"; ma=86400
go.xlirdr.com/app/domain-checker/get-check
200 OK 121 B URL GET HTTP/3 go.xlirdr.com/app/domain-checker/get-check
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type JSON data\012- , ASCII text
Hash 60f37a0f0ee309f7c143f78de0152892
9a54c5f1fe1ed132a045c026105aca4ddedc4921
087b78d6dcab0b749fb95c3a1dfc5735358b8f6be7ed2be3bdbbd9a8cf03f54c
GET /app/domain-checker/get-check HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:24 GMT
content-type: application/json
access-control-allow-origin: https://creative.xlirdr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtqFVfs5Aboo4dwjq7ZvhLdZb9WA8; SameSite=None; Secure; path=/; expires=Mon, 04-Dec-23 17:32:24 GMT; HttpOnly
server: cloudflare
cf-ray: 82fd8c7b18495688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
go.xlirdr.com/app/domain-checker/check-result
204 No Content 0 B URL POST HTTP/3 go.xlirdr.com/app/domain-checker/check-result
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /app/domain-checker/check-result HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 173
Origin: https://creative.xlirdr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sun, 03 Dec 2023 17:32:24 GMT
access-control-allow-origin: https://creative.xlirdr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtrs3cR5HVWEzYfypcwQoiJ4t3xKN; SameSite=None; Secure; path=/; expires=Mon, 04-Dec-23 17:32:24 GMT; HttpOnly
server: cloudflare
cf-ray: 82fd8c7cdaff5688-OSL
alt-svc: h3=":443"; ma=86400
unseenreport.com/pxf.gif?uuid=d3b6363e-adde-4e44-b550-868772c0b580&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=b9f98659ea5c745f9b9b2995db1db8f1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17
200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=d3b6363e-adde-4e44-b550-868772c0b580&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=b9f98659ea5c745f9b9b2995db1db8f1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=d3b6363e-adde-4e44-b550-868772c0b580&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=b9f98659ea5c745f9b9b2995db1db8f1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 17:32:25 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 86a4b28b5983dd58d9c3e90399d5d625
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=d3b6363e-adde-4e44-b550-868772c0b580&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=94d84a91dc0925ebed6d851bcb980c2d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17
200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=d3b6363e-adde-4e44-b550-868772c0b580&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=94d84a91dc0925ebed6d851bcb980c2d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=d3b6363e-adde-4e44-b550-868772c0b580&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=94d84a91dc0925ebed6d851bcb980c2d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 17:32:25 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 883e8268358842216482f39fe0718132
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=d3b6363e-adde-4e44-b550-868772c0b580&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=8c27976295e8310807e01fcadbb1740b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17
200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=d3b6363e-adde-4e44-b550-868772c0b580&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=8c27976295e8310807e01fcadbb1740b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=d3b6363e-adde-4e44-b550-868772c0b580&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=8c27976295e8310807e01fcadbb1740b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 17:32:25 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b2b3a54cbe542b1e33ffddc23dee84a4
Strict-Transport-Security: max-age=0; includeSubdomains
assistantasks.com/sbar.json?key=b9f98659ea5c745f9b9b2995db1db8f1&uuid=d3b6363e-adde-4e44-b550-868772c0b580%3A3%3A1
200 OK 4.3 kB URL GET HTTP/1.1 assistantasks.com/sbar.json?key=b9f98659ea5c745f9b9b2995db1db8f1&uuid=d3b6363e-adde-4e44-b550-868772c0b580%3A3%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectassistantasks.com
Fingerprint89:09:6E:08:6E:3C:29:55:98:DE:AF:77:15:0F:3E:EF:C7:30:A5:7A
ValidityTue, 28 Nov 2023 08:05:53 GMT - Mon, 26 Feb 2024 08:05:52 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6091), with no line terminators
Hash fd764b5051acd1f4d79b4bee6c392ca0
456b35d9df8b85c8baea6cc4a43fe67f568bf8d9
b55ffb2d51347f365c01d53cc1086ea0961fceabd8d109a4316934a23b288f2f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=b9f98659ea5c745f9b9b2995db1db8f1&uuid=d3b6363e-adde-4e44-b550-868772c0b580%3A3%3A1 HTTP/1.1
Host: assistantasks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 17:32:28 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.hotzxgirl.com
Access-Control-Allow-Origin: https://www.hotzxgirl.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15252473; expires=Mon, 04 Dec 2023 17:32:27 GMT; secure; SameSite=None
uid_id2=d3b6363e-adde-4e44-b550-868772c0b580:3:1; expires=Sun, 10 Dec 2023 17:32:27 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 17:32:28 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 17:32:28 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 04 Dec 2023 17:32:28 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 04 Dec 2023 17:32:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb39d71bb624d62394b356a69ad77db0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/animate.css
200 OK 4.8 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/animate.css
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
Hash 80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET /sb/notifications/dating/default/us/desk-all/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: text/css
last-modified: Tue, 14 Apr 2020 14:09:21 GMT
etag: W/"5e95c411-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 361688
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcotwD6os76Wh%2BxKSAJ4N8lVIiCM1PmrbFEnCeB1LyFaAqpDVT%2BoMru9qlwS2jBs70CV4%2BusgZCn6S9c%2BlRo0wRe8XWkuj5mEnDNWIkKs%2Bc8xIhtqCbSdrqFgwKxjBE5C34sGm7I6gb5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c73fa4f60fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/3c/66/7d/3c667d813a42fa758fc4bf7a0efaf494/1686219226.png
200 OK 79 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/3c/66/7d/3c667d813a42fa758fc4bf7a0efaf494/1686219226.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 17406123bee2dbadacb3ec1cc1cf9416
110f5eb9fbc4178b3a5eb21863d2f4215bf637b3
18defce371b91ade824ab08dc96b1e7b95c8b804f898a694dffb4047bdd2df8b
GET /si/3c/66/7d/3c667d813a42fa758fc4bf7a0efaf494/1686219226.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:28 GMT
content-type: image/png
content-length: 79040
server: nginx/1.21.6
last-modified: Thu, 08 Jun 2023 10:13:54 GMT
etag: "6481a9e2-134c0"
expires: Tue, 05 Dec 2023 17:32:28 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 332312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 304494
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assistantasks.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSP4zcxBsdJ%2FlVPwqIaCiQtkgBErdnr%2B1bmxSBIwRFhCTKH6Wef74bbuyxZuz13lYRkSAFxaaj9L295AQERAqqCAnt0UAkpCwFuoJroKBHikSHdrPSwlf4%2B57fJ817b%2BbjvfqYBKjp0dUPzEhpTdfjrt957ZYqhGlc5%2FKNTuB3%2FbOdW6rYiM52hvOPHbwZ%2BHHXf73znuQ7Zr3nB74f%2BEHngrIyM8P1BQtVPkyDbup3o143iCMM7X%2Bxqz046kEMjslpKDH73%2FaPj6D4FEX%2BzXnpdipTvvFuXmtaGYuBOLhZ7BSmKZCvxsx6yIqD5TaMmxHy2QmY4mDpAGawP3cApmbE%2BzUAKw6WMsEG958rZRqyABP%2FRzOYQuopFJ2CmztQ4ikBuMDlKyjyB5eNbejuc5bO2Rk59ewvqGZGTv32Mor8602thp3rRteVMoXDMGuhhlOorSnK%2BhDVyINqDsGrj6DEz2T92SUU%2Bf4Vpw2UODojQrYRboRyjQoh1yIZRWssjv21ZCPp93vcZ3HiLyJSagqVTaHlGNSdRO081MpDnXmoSw%2B5OOrQOM18v5%2BxLAyTiHMehpzHyYaIRRglmY%2Bazz2MUZVjcD0Gt7dR2tvYUfeexqdh6%2B%2Fhtls44cFVBAPRopEEjSNoKEGjCJqKoBm094V2Pdc%2BENrVLFj23rKH7cRUW3v0vqm2ZEFA7XivPCYvLfL78%2FHf2JFHHZZmabIRp5LGvB%2FFWcpS1kvTWLBAsCQL4FQL5U6AOg8jNSPk2z9Qzvsnb4HRQzh9CK5eBK1fBW0m%2FZ4Puj2JEh%2Bj4qt8d9tUo1LxLjc5hGlRVqdQ7Xp7%2Bpi8shCyuZ5D8ifnfg8XBW5blLbFh%2BoHgi19d3LNNGT%2FmmkceXSlrFSuRnR%2BydcrWsmTX7wvdxtjxcXzbvz523xOzMeHN6SrLtFCqGLLkS83lRDSXjCWS%2FLdRXdLsqu1296sbVGXl66%2Bc%2BFiXlrpnDLFFFQ9dZ%2BCqxl54eZPi%2Bd7Jn8AZaewdYu8fkKWBWWm4OVtuHKl3hkCq1c7rPTQ1O3E9tjqp1YEWq4wZS3cvzBbzXvuLrasB1rdQZG3GNgWA92C6jFcfXJSlfbJuV%2BWhzPtTZi23j7TVt97Hq1TR504iGTCkj4Xgkkugn4vTELf7wkR9VMZpKjcTOrHD%2F8BAAD%2F%2FwEAAP%2F%2F3CPK15YEAAA%3D
200 OK 7 B URL GET HTTP/1.1 assistantasks.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSP4zcxBsdJ%2FlVPwqIaCiQtkgBErdnr%2B1bmxSBIwRFhCTKH6Wef74bbuyxZuz13lYRkSAFxaaj9L295AQERAqqCAnt0UAkpCwFuoJroKBHikSHdrPSwlf4%2B57fJ817b%2BbjvfqYBKjp0dUPzEhpTdfjrt957ZYqhGlc5%2FKNTuB3%2FbOdW6rYiM52hvOPHbwZ%2BHHXf73znuQ7Zr3nB74f%2BEHngrIyM8P1BQtVPkyDbup3o143iCMM7X%2Bxqz046kEMjslpKDH73%2FaPj6D4FEX%2BzXnpdipTvvFuXmtaGYuBOLhZ7BSmKZCvxsx6yIqD5TaMmxHy2QmY4mDpAGawP3cApmbE%2BzUAKw6WMsEG958rZRqyABP%2FRzOYQuopFJ2CmztQ4ikBuMDlKyjyB5eNbejuc5bO2Rk59ewvqGZGTv32Mor8602thp3rRteVMoXDMGuhhlOorSnK%2BhDVyINqDsGrj6DEz2T92SUU%2Bf4Vpw2UODojQrYRboRyjQoh1yIZRWssjv21ZCPp93vcZ3HiLyJSagqVTaHlGNSdRO081MpDnXmoSw%2B5OOrQOM18v5%2BxLAyTiHMehpzHyYaIRRglmY%2Bazz2MUZVjcD0Gt7dR2tvYUfeexqdh6%2B%2Fhtls44cFVBAPRopEEjSNoKEGjCJqKoBm094V2Pdc%2BENrVLFj23rKH7cRUW3v0vqm2ZEFA7XivPCYvLfL78%2FHf2JFHHZZmabIRp5LGvB%2FFWcpS1kvTWLBAsCQL4FQL5U6AOg8jNSPk2z9Qzvsnb4HRQzh9CK5eBK1fBW0m%2FZ4Puj2JEh%2Bj4qt8d9tUo1LxLjc5hGlRVqdQ7Xp7%2Bpi8shCyuZ5D8ifnfg8XBW5blLbFh%2BoHgi19d3LNNGT%2FmmkceXSlrFSuRnR%2BydcrWsmTX7wvdxtjxcXzbvz523xOzMeHN6SrLtFCqGLLkS83lRDSXjCWS%2FLdRXdLsqu1296sbVGXl66%2Bc%2BFiXlrpnDLFFFQ9dZ%2BCqxl54eZPi%2Bd7Jn8AZaewdYu8fkKWBWWm4OVtuHKl3hkCq1c7rPTQ1O3E9tjqp1YEWq4wZS3cvzBbzXvuLrasB1rdQZG3GNgWA92C6jFcfXJSlfbJuV%2BWhzPtTZi23j7TVt97Hq1TR504iGTCkj4Xgkkugn4vTELf7wkR9VMZpKjcTOrHD%2F8BAAD%2F%2FwEAAP%2F%2F3CPK15YEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectassistantasks.com
Fingerprint89:09:6E:08:6E:3C:29:55:98:DE:AF:77:15:0F:3E:EF:C7:30:A5:7A
ValidityTue, 28 Nov 2023 08:05:53 GMT - Mon, 26 Feb 2024 08:05:52 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSP4zcxBsdJ%2FlVPwqIaCiQtkgBErdnr%2B1bmxSBIwRFhCTKH6Wef74bbuyxZuz13lYRkSAFxaaj9L295AQERAqqCAnt0UAkpCwFuoJroKBHikSHdrPSwlf4%2B57fJ817b%2BbjvfqYBKjp0dUPzEhpTdfjrt957ZYqhGlc5%2FKNTuB3%2FbOdW6rYiM52hvOPHbwZ%2BHHXf73znuQ7Zr3nB74f%2BEHngrIyM8P1BQtVPkyDbup3o143iCMM7X%2Bxqz046kEMjslpKDH73%2FaPj6D4FEX%2BzXnpdipTvvFuXmtaGYuBOLhZ7BSmKZCvxsx6yIqD5TaMmxHy2QmY4mDpAGawP3cApmbE%2BzUAKw6WMsEG958rZRqyABP%2FRzOYQuopFJ2CmztQ4ikBuMDlKyjyB5eNbejuc5bO2Rk59ewvqGZGTv32Mor8602thp3rRteVMoXDMGuhhlOorSnK%2BhDVyINqDsGrj6DEz2T92SUU%2Bf4Vpw2UODojQrYRboRyjQoh1yIZRWssjv21ZCPp93vcZ3HiLyJSagqVTaHlGNSdRO081MpDnXmoSw%2B5OOrQOM18v5%2BxLAyTiHMehpzHyYaIRRglmY%2Bazz2MUZVjcD0Gt7dR2tvYUfeexqdh6%2B%2Fhtls44cFVBAPRopEEjSNoKEGjCJqKoBm094V2Pdc%2BENrVLFj23rKH7cRUW3v0vqm2ZEFA7XivPCYvLfL78%2FHf2JFHHZZmabIRp5LGvB%2FFWcpS1kvTWLBAsCQL4FQL5U6AOg8jNSPk2z9Qzvsnb4HRQzh9CK5eBK1fBW0m%2FZ4Puj2JEh%2Bj4qt8d9tUo1LxLjc5hGlRVqdQ7Xp7%2Bpi8shCyuZ5D8ifnfg8XBW5blLbFh%2BoHgi19d3LNNGT%2FmmkceXSlrFSuRnR%2BydcrWsmTX7wvdxtjxcXzbvz523xOzMeHN6SrLtFCqGLLkS83lRDSXjCWS%2FLdRXdLsqu1296sbVGXl66%2Bc%2BFiXlrpnDLFFFQ9dZ%2BCqxl54eZPi%2Bd7Jn8AZaewdYu8fkKWBWWm4OVtuHKl3hkCq1c7rPTQ1O3E9tjqp1YEWq4wZS3cvzBbzXvuLrasB1rdQZG3GNgWA92C6jFcfXJSlfbJuV%2BWhzPtTZi23j7TVt97Hq1TR504iGTCkj4Xgkkugn4vTELf7wkR9VMZpKjcTOrHD%2F8BAAD%2F%2FwEAAP%2F%2F3CPK15YEAAA%3D HTTP/1.1
Host: assistantasks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Cookie: u_pl=15252473; uid_id2=d3b6363e-adde-4e44-b550-868772c0b580:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 17:32:28 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b59d9d7e0750e5d4d51cb3a719f4973f
Strict-Transport-Security: max-age=0; includeSubdomains
assistantasks.com/pixel/sbs?c=1
200 OK 0 B URL GET HTTP/1.1 assistantasks.com/pixel/sbs?c=1
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectassistantasks.com
Fingerprint89:09:6E:08:6E:3C:29:55:98:DE:AF:77:15:0F:3E:EF:C7:30:A5:7A
ValidityTue, 28 Nov 2023 08:05:53 GMT - Mon, 26 Feb 2024 08:05:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: assistantasks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Cookie: u_pl=15252473; uid_id2=d3b6363e-adde-4e44-b550-868772c0b580:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 17:32:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
nr.static.mmcdn.com/nr-spa-1.248.0.min.js
200 OK 89 kB URL GET HTTP/2 nr.static.mmcdn.com/nr-spa-1.248.0.min.js
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerDigiCert Inc
Subject*.mmcdn.com
Fingerprint56:66:86:E9:41:03:24:7E:1E:95:3F:2C:72:1D:B4:AF:6C:E1:4E:DC
ValidityThu, 09 Nov 2023 00:00:00 GMT - Wed, 04 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (65460)
Hash 9aea0ff91a800a354637269e96e31dac
ceb0cc8b702e80d4569b15c7c1d65b45a698b38f
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
GET /nr-spa-1.248.0.min.js HTTP/1.1
Host: nr.static.mmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: application/javascript
cf-ray: 82fd8c79aef756cb-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 648640
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
etag: W/"9aea0ff91a800a354637269e96e31dac"
last-modified: Thu, 16 Nov 2023 17:54:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 varnish
cross-origin-resource-policy: cross-origin
x-amz-id-2: VB2MtRC/mw1/DdKZFe2SaAEbdF0y9hHbj3EECqH/m/Z0BSDX6WijbZYdUoYy4fea13jDClTG1nI=
x-amz-request-id: GKSEA1BWXW3X5PCH
x-amz-server-side-encryption: AES256
x-amz-version-id: WdicPIzDGJD8og5dR8sXZo1iUf3RkEzi
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-bma1671-BMA
x-timer: S1700159363.671653,VS0,VE473
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
6p1rpejek6wz.s4.adsco.re/
0 B URL POST 6p1rpejek6wz.s4.adsco.re/
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 6p1rpejek6wz.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
www.hotzxgirl.com/themes/images/favicon.ico
200 OK 9.7 kB URL GET HTTP/3 www.hotzxgirl.com/themes/images/favicon.ico
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjecthotzxgirl.com
Fingerprint0E:BF:16:FE:F8:09:93:3E:36:4E:72:74:04:76:85:9B:6C:2D:15:28
ValiditySat, 02 Dec 2023 14:56:08 GMT - Fri, 01 Mar 2024 14:56:07 GMT
File type MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel\012- data
Hash 6c96682042a9a09665f551617c81535a
4ce9e162cac0b9b45395f2446f96eb9a86774871
9c0603a26bb6c36d56fa914948afa5dff8993e9c764df5424b29bc094487e2bf
GET /themes/images/favicon.ico HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Cookie: PHPSESSID=qcmk16en928bhm1urp8tfaj7h8; pp_main_8c27976295e8310807e01fcadbb1740b=1; sb_main_94d84a91dc0925ebed6d851bcb980c2d=1; sb_count_94d84a91dc0925ebed6d851bcb980c2d=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d3b6363e-adde-4e44-b550-868772c0b580%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:20 GMT
content-type: image/x-icon
cache-control: public, max-age=31536000
expires: Wed, 27 Nov 2024 03:02:16 GMT
last-modified: Wed, 11 Nov 2020 01:37:59 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 484204
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKqPWwAlHLbSSgd5tpMfHHOf%2FNBaJilk3ezc5O95c8STxTO74J2gQooS%2BFgNAAzkicx%2FM%2F5ShNAcwnWCtlBQ6SYi7F55UqkDg%2BU4%2BEA6BKkDyt4%2BW6%2BXur7NHbDTxXw7tHMQ9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd8c616f7956c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
200 OK 811 B URL GET HTTP/3 creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
IP
Requested by https://cams.gratis/banner/300x250.php?site=hotxgirl
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (872), with no line terminators
Hash c72e056cd01671e0e53e1be37e5b29ec
44d2211f84a922401458d095aa595a3320040c96
5609d268dd4d7959a25a6a7f3c8ec2c1c4f93f54819a1623dfc4bc46bb0084e0
GET /widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4 HTTP/1.1
Host: creative.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cams.gratis/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: text/html
last-modified: Thu, 30 Nov 2023 11:57:19 GMT
expires: Sun, 03 Dec 2023 17:32:22 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
age: 2
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c76a9215688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
assistantasks.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP4wbxRudTfKrfhQQ0VAguUgBEufbtb22lxSBIwRFhCTKH109%2F9Y33OzOambX63N1IhKkoHA6yr3n%2ByPgQKSgipCQjwZOQjpToCu4Bgp6pEh0yD5Lhq%2FY73v7PmneezMf7xRnJEBBT%2B9%2BYIZKa7oa1v3aa%2BsqFaZ0tdsPaoFf96%2FW1lXabl2tDWYf238z8MO6%2F3rtPck3zWrDD3w%2F8IPaDWVlbAarcxYqO4yCeuTXW416ELYwsP%2FFrvDgqAfRPyOXocT0fxs%2FPoXiE6TJN9el28xN9sa7SaFpbiz64uBhupmaMkWyHGPrIU4PFtswbkrIZxdg0oOFA5j%2B7swBmJoS79cALD1YyATr750rZRoyBRP%2FR9mfQOoJFJ2Am0dQ4oQAXOD2HaTJ%2Fm1jS7p1ztIZOyWXnv8FVU7Jpd9eRpp8vabVoHbf6CJXJnUYxBXUYALVmyArjpAPPajyCDz%2FCEr8TFaf30Ka7N5x2kCJ0yuiydrNdlOuUCHkSku2WissDP2Vbrvb6TS4z8KuP49IqQlUPIGWI1B3EYXzUCgPReyhyDwk4rRGwyj2%2FU7M4maz2%2BKcN5uch922CEWz1Y19FHzmYYQ8G4HrEbjdRma3samenISXYYvv4TYqOOHB5QR9UaGUBKUjKClBqQjKnKDsV3tCu4ar9oV2BQsWvbHozWps8t4O3TN5T6YE1I52sjPy0jy%2FP5%2F9jU15WmNRHHXbYSRpyDutMI5YxBpRFAoWCNaNAzhVQbkLoM7DUE0J%2BfYPZLP%2ByVtg9AhOH4GrF0GLV0HLcafhg26MW10fw%2FSrZGvD5MNM8To3CYSpkOWXkG95O%2FqMvDIXsraaQPLja7835wVuK2S2wofqB4Kefjy%2BZ0qye8%2BUjjy9k%2BUqUUM6u%2BT7Oc3lxS%2Fel1ulseLmdTf6%2FG0%2BI2bj4QPp8ls0FSrtOfLlmhJC2hvGckm%2Bu%2BnWJbtbuI21wqZFduvuOzduJpmVzimTTkDVifsUXE3JCw9%2Fmj%2FfK8k%2BlJ3AFhWS4pgsCspMwLNtuGyp3hkCq5c7LPNQFtXYNtjyp1YEWi4xZRXcvzBbzjvuMXrWA80fIU0q9G2Fvq5A9QiuuDjOM3t87ZfF4Ux7Y6att8u01U%2FOo3XqtCbD2I%2Bl35Asjljcob6I4lbEaBTIDgtpgNxNpX52%2BA8AAAD%2F%2FwEAAP%2F%2FyCtEMZYEAAA%3D
200 OK 0 B URL GET HTTP/1.1 assistantasks.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP4wbxRudTfKrfhQQ0VAguUgBEufbtb22lxSBIwRFhCTKH109%2F9Y33OzOambX63N1IhKkoHA6yr3n%2ByPgQKSgipCQjwZOQjpToCu4Bgp6pEh0yD5Lhq%2FY73v7PmneezMf7xRnJEBBT%2B9%2BYIZKa7oa1v3aa%2BsqFaZ0tdsPaoFf96%2FW1lXabl2tDWYf238z8MO6%2F3rtPck3zWrDD3w%2F8IPaDWVlbAarcxYqO4yCeuTXW416ELYwsP%2FFrvDgqAfRPyOXocT0fxs%2FPoXiE6TJN9el28xN9sa7SaFpbiz64uBhupmaMkWyHGPrIU4PFtswbkrIZxdg0oOFA5j%2B7swBmJoS79cALD1YyATr750rZRoyBRP%2FR9mfQOoJFJ2Am0dQ4oQAXOD2HaTJ%2Fm1jS7p1ztIZOyWXnv8FVU7Jpd9eRpp8vabVoHbf6CJXJnUYxBXUYALVmyArjpAPPajyCDz%2FCEr8TFaf30Ka7N5x2kCJ0yuiydrNdlOuUCHkSku2WissDP2Vbrvb6TS4z8KuP49IqQlUPIGWI1B3EYXzUCgPReyhyDwk4rRGwyj2%2FU7M4maz2%2BKcN5uch922CEWz1Y19FHzmYYQ8G4HrEbjdRma3samenISXYYvv4TYqOOHB5QR9UaGUBKUjKClBqQjKnKDsV3tCu4ar9oV2BQsWvbHozWps8t4O3TN5T6YE1I52sjPy0jy%2FP5%2F9jU15WmNRHHXbYSRpyDutMI5YxBpRFAoWCNaNAzhVQbkLoM7DUE0J%2BfYPZLP%2ByVtg9AhOH4GrF0GLV0HLcafhg26MW10fw%2FSrZGvD5MNM8To3CYSpkOWXkG95O%2FqMvDIXsraaQPLja7835wVuK2S2wofqB4Kefjy%2BZ0qye8%2BUjjy9k%2BUqUUM6u%2BT7Oc3lxS%2Fel1ulseLmdTf6%2FG0%2BI2bj4QPp8ls0FSrtOfLlmhJC2hvGckm%2Bu%2BnWJbtbuI21wqZFduvuOzduJpmVzimTTkDVifsUXE3JCw9%2Fmj%2FfK8k%2BlJ3AFhWS4pgsCspMwLNtuGyp3hkCq5c7LPNQFtXYNtjyp1YEWi4xZRXcvzBbzjvuMXrWA80fIU0q9G2Fvq5A9QiuuDjOM3t87ZfF4Ux7Y6att8u01U%2FOo3XqtCbD2I%2Bl35Asjljcob6I4lbEaBTIDgtpgNxNpX52%2BA8AAAD%2F%2FwEAAP%2F%2FyCtEMZYEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectassistantasks.com
Fingerprint89:09:6E:08:6E:3C:29:55:98:DE:AF:77:15:0F:3E:EF:C7:30:A5:7A
ValidityTue, 28 Nov 2023 08:05:53 GMT - Mon, 26 Feb 2024 08:05:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSP4wbxRudTfKrfhQQ0VAguUgBEufbtb22lxSBIwRFhCTKH109%2F9Y33OzOambX63N1IhKkoHA6yr3n%2ByPgQKSgipCQjwZOQjpToCu4Bgp6pEh0yD5Lhq%2FY73v7PmneezMf7xRnJEBBT%2B9%2BYIZKa7oa1v3aa%2BsqFaZ0tdsPaoFf96%2FW1lXabl2tDWYf238z8MO6%2F3rtPck3zWrDD3w%2F8IPaDWVlbAarcxYqO4yCeuTXW416ELYwsP%2FFrvDgqAfRPyOXocT0fxs%2FPoXiE6TJN9el28xN9sa7SaFpbiz64uBhupmaMkWyHGPrIU4PFtswbkrIZxdg0oOFA5j%2B7swBmJoS79cALD1YyATr750rZRoyBRP%2FR9mfQOoJFJ2Am0dQ4oQAXOD2HaTJ%2Fm1jS7p1ztIZOyWXnv8FVU7Jpd9eRpp8vabVoHbf6CJXJnUYxBXUYALVmyArjpAPPajyCDz%2FCEr8TFaf30Ka7N5x2kCJ0yuiydrNdlOuUCHkSku2WissDP2Vbrvb6TS4z8KuP49IqQlUPIGWI1B3EYXzUCgPReyhyDwk4rRGwyj2%2FU7M4maz2%2BKcN5uch922CEWz1Y19FHzmYYQ8G4HrEbjdRma3samenISXYYvv4TYqOOHB5QR9UaGUBKUjKClBqQjKnKDsV3tCu4ar9oV2BQsWvbHozWps8t4O3TN5T6YE1I52sjPy0jy%2FP5%2F9jU15WmNRHHXbYSRpyDutMI5YxBpRFAoWCNaNAzhVQbkLoM7DUE0J%2BfYPZLP%2ByVtg9AhOH4GrF0GLV0HLcafhg26MW10fw%2FSrZGvD5MNM8To3CYSpkOWXkG95O%2FqMvDIXsraaQPLja7835wVuK2S2wofqB4Kefjy%2BZ0qye8%2BUjjy9k%2BUqUUM6u%2BT7Oc3lxS%2Fel1ulseLmdTf6%2FG0%2BI2bj4QPp8ls0FSrtOfLlmhJC2hvGckm%2Bu%2BnWJbtbuI21wqZFduvuOzduJpmVzimTTkDVifsUXE3JCw9%2Fmj%2FfK8k%2BlJ3AFhWS4pgsCspMwLNtuGyp3hkCq5c7LPNQFtXYNtjyp1YEWi4xZRXcvzBbzjvuMXrWA80fIU0q9G2Fvq5A9QiuuDjOM3t87ZfF4Ux7Y6att8u01U%2FOo3XqtCbD2I%2Bl35Asjljcob6I4lbEaBTIDgtpgNxNpX52%2BA8AAAD%2F%2FwEAAP%2F%2FyCtEMZYEAAA%3D HTTP/1.1
Host: assistantasks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Cookie: u_pl=15252473; uid_id2=d3b6363e-adde-4e44-b550-868772c0b580:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 17:32:28 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28ff8a434d744f18d1592c50f53c2259
Strict-Transport-Security: max-age=0; includeSubdomains
www.hotzxgirl.com/themes/javascript/jquery.imagesloaded.min.js
200 OK 7.0 kB URL GET HTTP/3 www.hotzxgirl.com/themes/javascript/jquery.imagesloaded.min.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjecthotzxgirl.com
Fingerprint0E:BF:16:FE:F8:09:93:3E:36:4E:72:74:04:76:85:9B:6C:2D:15:28
ValiditySat, 02 Dec 2023 14:56:08 GMT - Fri, 01 Mar 2024 14:56:07 GMT
File type ASCII text, with very long lines (7073), with no line terminators
Hash ac9bde4a717632f4ec3614e854e168e8
cefb4f85e0844bf1aeca1806a920e199bbbf313f
01d1d0895657a329e278fb307d2ef210b20ca3b5c7ec849aa823fc13bb550b24
GET /themes/javascript/jquery.imagesloaded.min.js HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Cookie: PHPSESSID=qcmk16en928bhm1urp8tfaj7h8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 02:38:47 GMT
last-modified: Fri, 16 Oct 2020 05:13:16 GMT
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 485608
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RnUGKJApaRmdFYf6u3sgvHnlWCMS42regbX1PLHnFssPUGaBaI8FHIGClz2vyBkS6SwFy%2FRH5wbH26JbKW1rZYH1PEDqObZ2xY%2F881VFJJOBYrOLcmpvLSpZIwwJUN62C5DGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd8c474e2256c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
chaturbate.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
200 OK 7.4 kB URL GET HTTP/3 chaturbate.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (7372), with no line terminators
Hash 076388f91325ac6e4771d6585ba4543c
aff2561b87deaaf8d3f1d93a95f8e76428f3ef4b
f14dc8fb26afcb5efb320fc644bd29f084d0541def999d4d45462ef53acac7f7
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=18AcEjAJUr.Oj.3eBmiFjDqsr9ZFq42nhhYieTPBL2o-1701624742-0-AWEz3lDwX51DprjvRaDTRDv8sAdxM84L04tDq8xySUaZd+wn3MWZfFbCfz/tQqi17RZjiuLuVmuhs0N+6nEnX20=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKvlNrS7WG2kyKjp100w0rOzYIP39iXvYNZKRV76xGLFMSC1YZBv%2BpACshfULMuJBZzrlaE7FJEV0aVERLf8q7Vt0T4DXx6JY%2FRqKRHBTUgY1EskUkdehuaYqjZBlYaR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82fd8c775a12b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
200 OK 1.3 kB URL GET HTTP/3 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- exported SGML document, ASCII text, with very long lines (1463), with no line terminators
Hash b3d72b126431ae65b52f638e0463b990
4d7f28fa1f4f3648e2b984e48ccbb867443f4e8b
3db9410e0e7ac21f5148fd7133ea30d18ea78eba02669f593ebab19d7e40a2da
GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:28 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 403322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bm7Mde2DZMQ9JuqqIPPdnCbaXl8xTyPuIUmVrfwOygSpEeeD%2FDj9CzAj4dlMZ3EbGgQTbQnQJc%2FOmg7zl2utAYRFv%2FqBkpvqzQAJ%2Fw47XhtbSeCocglg90WLi4W1zSEzTrBE0scAkykX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c962a8a23f4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.hotzxgirl.com/themes/javascript/main.js
200 OK 2.0 kB URL GET HTTP/3 www.hotzxgirl.com/themes/javascript/main.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjecthotzxgirl.com
Fingerprint0E:BF:16:FE:F8:09:93:3E:36:4E:72:74:04:76:85:9B:6C:2D:15:28
ValiditySat, 02 Dec 2023 14:56:08 GMT - Fri, 01 Mar 2024 14:56:07 GMT
File type ASCII text, with very long lines (2240), with no line terminators
Hash 679e8b58b1a9befc5ef70ace93ef50ed
e7f2a1d660537b437515a1350228ed231290aa9d
9a4e1b7ab5c15eb94fe10c421f35243065b7d778c9e62e77a31988c92fb37a65
GET /themes/javascript/main.js HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Cookie: PHPSESSID=qcmk16en928bhm1urp8tfaj7h8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:15 GMT
content-type: application/javascript
x-powered-by: PHP/7.2.34
cache-control: public, max-age=604800
expires: Fri, 08 Dec 2023 08:04:11 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 206884
last-modified: Fri, 01 Dec 2023 08:04:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WflXemRAdcPjgEJYUsstSblkxHheOVxyGKQL8K2QbJckuukzp1D%2BdyhbnX4mUTMOPWj1i53yc%2BXNROAbXJq7Rp8ZnMrjIwWBxXNMTLHsA9gLa%2BJM6Fr9v0HE%2FtoiNkMWa0xbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd8c475e3856c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26buttonColor%3D%26campaignId%3Dbanner2609start%26creativeId%3D300x250%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D0%26hideTitleOnSmallSpots%3D1%26isXhDesign%3D0%26liveBadgeColor%3D%252324d7d7%26modelsCountry%3D%26modelsLanguage%3D%26showButton%3D0%26showLiveBadge%3D0%26showModelName%3D1%26showTitle%3D0%26sound%3Doff%26sourceId%3Dhotxgirl%26tag%3Dfemales%26targetDomain%3D%26thumbSizeKey%3Dsmall%26trackOff%3D1%26userId%3Db47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
200 OK 6.8 kB URL GET HTTP/3 go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26buttonColor%3D%26campaignId%3Dbanner2609start%26creativeId%3D300x250%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D0%26hideTitleOnSmallSpots%3D1%26isXhDesign%3D0%26liveBadgeColor%3D%252324d7d7%26modelsCountry%3D%26modelsLanguage%3D%26showButton%3D0%26showLiveBadge%3D0%26showModelName%3D1%26showTitle%3D0%26sound%3Doff%26sourceId%3Dhotxgirl%26tag%3Dfemales%26targetDomain%3D%26thumbSizeKey%3Dsmall%26trackOff%3D1%26userId%3Db47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (8886), with no line terminators
Hash 38332ebeab2d6ecda5a17a5bd36d1234
f20a04828d759049d8b744a5537d4b15491b9190
5e3db4f72aad84fbcafbdb05994dee977066bcbb342957f7ef0657fd40e9376a
GET /config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26buttonColor%3D%26campaignId%3Dbanner2609start%26creativeId%3D300x250%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D0%26hideTitleOnSmallSpots%3D1%26isXhDesign%3D0%26liveBadgeColor%3D%252324d7d7%26modelsCountry%3D%26modelsLanguage%3D%26showButton%3D0%26showLiveBadge%3D0%26showModelName%3D1%26showTitle%3D0%26sound%3Doff%26sourceId%3Dhotxgirl%26tag%3Dfemales%26targetDomain%3D%26thumbSizeKey%3Dsmall%26trackOff%3D1%26userId%3Db47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4 HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: application/json
access-control-allow-origin: https://creative.xlirdr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Sun, 03 Dec 2023 16:59:37 GMT
cf-cache-status: HIT
age: 63
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c789cf35688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
c.adsco.re/
200 OK 80 kB IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (881)
Hash 41b38d766e8df9f16d99ee5656550613
4b040e742fafccbf1f9afa059258568e320fd9d8
65802711d89571b28699f3399d58f642a270d1e2bc5e155a8a0c73c94c66ec3a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:20 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 03 Jan 2024 17:32:20 GMT
etag: W/"QbONdm6N+fFtme5WVlUGEw=="
cf-cache-status: HIT
age: 265818
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c626ae55695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nr.static.mmcdn.com/nr-spa-1.248.0.min.js
200 OK 89 kB URL GET HTTP/2 nr.static.mmcdn.com/nr-spa-1.248.0.min.js
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerDigiCert Inc
Subject*.mmcdn.com
Fingerprint56:66:86:E9:41:03:24:7E:1E:95:3F:2C:72:1D:B4:AF:6C:E1:4E:DC
ValidityThu, 09 Nov 2023 00:00:00 GMT - Wed, 04 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (65460)
Hash 9aea0ff91a800a354637269e96e31dac
ceb0cc8b702e80d4569b15c7c1d65b45a698b38f
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
GET /nr-spa-1.248.0.min.js HTTP/1.1
Host: nr.static.mmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:24 GMT
content-type: application/javascript
cf-ray: 82fd8c7d6c4956cb-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 648641
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
etag: W/"9aea0ff91a800a354637269e96e31dac"
last-modified: Thu, 16 Nov 2023 17:54:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 varnish
cross-origin-resource-policy: cross-origin
x-amz-id-2: VB2MtRC/mw1/DdKZFe2SaAEbdF0y9hHbj3EECqH/m/Z0BSDX6WijbZYdUoYy4fea13jDClTG1nI=
x-amz-request-id: GKSEA1BWXW3X5PCH
x-amz-server-side-encryption: AES256
x-amz-version-id: WdicPIzDGJD8og5dR8sXZo1iUf3RkEzi
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-bma1671-BMA
x-timer: S1700159363.671653,VS0,VE473
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:19 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 9664535a63914969f7c68ee740949120
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 03 Dec 2023 17:32:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5N6D6Ltm6OaIYx8W4Joz4wQDwJxBJlrR07Tu5gTPlmqxgXiWUCKBmu8ek70ZunkUujCFu3tccqTtmY0Mfls%2FKLFik8ZM5Tpl83vGk6v%2B6GoBaNKqCnbkSRfYjkgzL2lExAqVr0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c5c7e64770d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:19 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: d92eac35d516910c24ea496a88009010
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 03 Dec 2023 17:32:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bQeKhaSLGAOQumf4wiomB1Ain%2B7PQhA2mFsm%2BvHayclm7Sn7T8uDygGgDInEggRv%2FZ0bHG3mtsZwUTkAC5mRX6fSIUbABsauGQC2muy%2Bmz8yVyErHQNBQVYDjL1kV6csf%2BB9uI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c5c5e20770d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26buttonColor%3D%26campaignId%3Dbanner2609start%26creativeId%3D300x250%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D0%26hideTitleOnSmallSpots%3D1%26isXhDesign%3D0%26liveBadgeColor%3D%252324d7d7%26modelsCountry%3D%26modelsLanguage%3D%26showButton%3D0%26showLiveBadge%3D0%26showModelName%3D1%26showTitle%3D0%26sound%3Doff%26sourceId%3Dhotxgirl%26tag%3Dfemales%26targetDomain%3D%26thumbSizeKey%3Dsmall%26trackOff%3D1%26userId%3Db47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
200 OK 6.8 kB URL GET HTTP/3 go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26buttonColor%3D%26campaignId%3Dbanner2609start%26creativeId%3D300x250%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D0%26hideTitleOnSmallSpots%3D1%26isXhDesign%3D0%26liveBadgeColor%3D%252324d7d7%26modelsCountry%3D%26modelsLanguage%3D%26showButton%3D0%26showLiveBadge%3D0%26showModelName%3D1%26showTitle%3D0%26sound%3Doff%26sourceId%3Dhotxgirl%26tag%3Dfemales%26targetDomain%3D%26thumbSizeKey%3Dsmall%26trackOff%3D1%26userId%3Db47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (8886), with no line terminators
Hash 38332ebeab2d6ecda5a17a5bd36d1234
f20a04828d759049d8b744a5537d4b15491b9190
5e3db4f72aad84fbcafbdb05994dee977066bcbb342957f7ef0657fd40e9376a
GET /config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26buttonColor%3D%26campaignId%3Dbanner2609start%26creativeId%3D300x250%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D0%26hideTitleOnSmallSpots%3D1%26isXhDesign%3D0%26liveBadgeColor%3D%252324d7d7%26modelsCountry%3D%26modelsLanguage%3D%26showButton%3D0%26showLiveBadge%3D0%26showModelName%3D1%26showTitle%3D0%26sound%3Doff%26sourceId%3Dhotxgirl%26tag%3Dfemales%26targetDomain%3D%26thumbSizeKey%3Dsmall%26trackOff%3D1%26userId%3Db47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4 HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:22 GMT
content-type: application/json
access-control-allow-origin: https://creative.xlirdr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Sun, 03 Dec 2023 16:59:37 GMT
cf-cache-status: HIT
age: 62
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c71d9245688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
stripchat.com/checkUrl
200 OK 15 B IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectstripchat.com
FingerprintC0:02:7B:8A:1C:D4:CF:03:00:4A:76:E5:EE:AD:2C:13:CC:2D:4E:6A
ValidityTue, 31 Jan 2023 00:00:00 GMT - Wed, 31 Jan 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 1d644ae7e24f3430d634f21c1d94a975
5752bf80588493a9914d4fddf9ed3b31857d90ac
c9df5a7f763aff50375511af681843ba40d4d6ce044521c440515f7e04a2bff7
GET /checkUrl HTTP/1.1
Host: stripchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:24 GMT
content-type: application/json
content-length: 15
access-control-allow-origin: https://creative.xlirdr.com
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuFntVtrkFMde1diFtgA5LmKoucyRFLr5eHr9vjNDz; SameSite=None; Secure; path=/; expires=Mon, 04-Dec-23 16:32:24 GMT; HttpOnly
server: cloudflare
cf-ray: 82fd8c7c396156bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.hotzxgirl.com/themes/javascript/jquery.masonry.min.js
200 OK 25 kB URL GET HTTP/3 www.hotzxgirl.com/themes/javascript/jquery.masonry.min.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjecthotzxgirl.com
Fingerprint0E:BF:16:FE:F8:09:93:3E:36:4E:72:74:04:76:85:9B:6C:2D:15:28
ValiditySat, 02 Dec 2023 14:56:08 GMT - Fri, 01 Mar 2024 14:56:07 GMT
File type ASCII text, with very long lines (25114), with CRLF line terminators
Hash 99d6be6f56fe8d681d7a629173a98663
7a2e2e50640dfd92a352143c84ab1df2b4c374b2
8732adc8bd0c629fef78a6e39a2afa14bd4de3d0b7768699388e55a4e6500f20
GET /themes/javascript/jquery.masonry.min.js HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Cookie: PHPSESSID=qcmk16en928bhm1urp8tfaj7h8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Fri, 08 Dec 2023 02:44:22 GMT
last-modified: Fri, 16 Oct 2020 05:12:53 GMT
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 226073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFwsRfQZWQzjdWQeZ3PuRsyIyGcGiNhhc%2B5Y6RSUVvQDgF63nqCEaOzZkjA%2F1q57m4dEsCD0cZs8lJtH80x8KtP6xVyfVV2fcare08w0SNuSs%2BVfIg1iIty76slDkS6hIUBLUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd8c474e1f56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
200 OK 6.3 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type ASCII text, with very long lines (6723), with no line terminators
Hash f5356b1b5522e37c141a7752df61a33c
e01f3181c55ead4d17eb984d033468262f42b378
d95e30fd6e1228d4b91f34784b2a4120e9ad647ce0e841068949fc353f01b3f2
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:28 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2722677
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqUVV0%2BcsyENF33Ms5HRszftMZuF6Nse9LHENlgTYl2%2B6v8%2FAUPPBvS5s0kQ2bZLRPqfEs%2FFPxiSVWzEJl1RD2uVPZNXeBnFf%2BI%2FwCDQ4Oz2Yeh5OceJdtd8uKbMPPQKl1p8fK1L5qKL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c956c1760fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
200 OK 811 B URL GET HTTP/3 creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
IP
Requested by https://cams.gratis/banner/300x250.php?site=hotxgirl
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (872), with no line terminators
Hash c72e056cd01671e0e53e1be37e5b29ec
44d2211f84a922401458d095aa595a3320040c96
5609d268dd4d7959a25a6a7f3c8ec2c1c4f93f54819a1623dfc4bc46bb0084e0
GET /widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4 HTTP/1.1
Host: creative.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cams.gratis/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:22 GMT
content-type: text/html
last-modified: Thu, 30 Nov 2023 11:57:19 GMT
expires: Sun, 03 Dec 2023 17:32:22 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
age: 1
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c6f1c065688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
200 OK 35 kB URL User Request GET HTTP/2 www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
IP
Certificate IssuerGoogle Trust Services LLC
Subjecthotzxgirl.com
Fingerprint0E:BF:16:FE:F8:09:93:3E:36:4E:72:74:04:76:85:9B:6C:2D:15:28
ValiditySat, 02 Dec 2023 14:56:08 GMT - Fri, 01 Mar 2024 14:56:07 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2788), with CRLF, LF line terminators
Hash f29e658e85301016b904f276a26f6861
26e916e1b0b2a51e9aa6bd39565752e795bf1caa
14559901e73513d3509f94bd5941d37821c53236a1b2ea6c451932162facb12a
GET /her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:15 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
set-cookie: PHPSESSID=qcmk16en928bhm1urp8tfaj7h8; path=/; secure
cache-control: public, max-age=2592000
expires: Tue, 02 Jan 2024 17:32:15 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBZCk9xVkBXwea%2FvhzBp8QMO2KUCGSpjL0CS7w3uWl9tv4p7RD9Qy7NFVHLslIjaj7pLyPoobj3bsddtQfqHX524hXfsxtuXxYXXsJDks8kvgywOtOaf9A%2BgQL80lf7gFSLAFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd8c443e7bb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
chaturbate.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
200 OK 7.4 kB URL GET HTTP/3 chaturbate.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (7357), with no line terminators
Hash 09a244c9cce38dd04858236a44a369bb
1e050b24b355098a6ebf1a0acae7d4d457d4133f
050d2cc2f95563a1478ff918f9128788773d7297f698afdd57f11c36ef13ab96
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=18AcEjAJUr.Oj.3eBmiFjDqsr9ZFq42nhhYieTPBL2o-1701624742-0-AWEz3lDwX51DprjvRaDTRDv8sAdxM84L04tDq8xySUaZd+wn3MWZfFbCfz/tQqi17RZjiuLuVmuhs0N+6nEnX20=; cf_clearance=yLw3syLCKdysfpAO0EXNvNW9vm.mMuz1H9B7XPh_vG0-1701624743-0-1-730ca2d2.73a07051.5b213570-0.2.1701624743
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:24 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YY9KOogZhnLJWHCsQZKxsWtCHINCAcnKEwT0Dm2uuEfecQElbi19mnC8stkOdK9qUP%2BeVtAcGYB74i50UwRc1rjgHFm%2F6XQki60NImXGUCTKsEKp1De4fjUZQRNvIk8w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82fd8c7c0973b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
chaturbate.com/cdn-cgi/challenge-platform/h/b/jsd/r/82fd8c6fb93556ba
200 OK 0 B URL POST HTTP/3 chaturbate.com/cdn-cgi/challenge-platform/h/b/jsd/r/82fd8c6fb93556ba
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/82fd8c6fb93556ba HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12264
Origin: https://chaturbate.com
DNT: 1
Connection: keep-alive
Referer: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Cookie: __cf_bm=18AcEjAJUr.Oj.3eBmiFjDqsr9ZFq42nhhYieTPBL2o-1701624742-0-AWEz3lDwX51DprjvRaDTRDv8sAdxM84L04tDq8xySUaZd+wn3MWZfFbCfz/tQqi17RZjiuLuVmuhs0N+6nEnX20=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=yLw3syLCKdysfpAO0EXNvNW9vm.mMuz1H9B7XPh_vG0-1701624743-0-1-730ca2d2.73a07051.5b213570-0.2.1701624743; path=/; expires=Mon, 02-Dec-24 17:32:23 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiOiin2J0Y5qbSwa15gAAabDEhqkRO8pn%2BT8Z%2BFSSDKKUJxSxHAHo2tRrV6PFgs%2FQGeIUSBP3Ug1Mk0jkyPj3k3BF0eXeNMstQ3j86qmDlKpGIG6O8rCig4Lx03bqtNe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82fd8c78fc6db523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.barscreative1.com/sb/au/24/54/4e/24544ed07f7394384bbb75023b9b0b3a/1591713925.html
200 OK 1.3 kB URL GET HTTP/2 cdn.barscreative1.com/sb/au/24/54/4e/24544ed07f7394384bbb75023b9b0b3a/1591713925.html
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint55:06:B7:F1:EF:E9:55:FB:7C:8C:4F:5D:DB:05:C9:15:19:90:9B:2F
ValiditySat, 11 Nov 2023 03:00:51 GMT - Fri, 09 Feb 2024 03:00:50 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (1388), with no line terminators
Hash 1e11fba825d4244ebfc11b9784c9744f
86f24edfd397e9f4d65e589ceb97196b71d2d828
7737a119c12f495c4f32f75686c087c59387d5f851ec8c5443a385dda8c5df76
GET /sb/au/24/54/4e/24544ed07f7394384bbb75023b9b0b3a/1591713925.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:22 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 03 Dec 2023 18:32:22 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/3 friendshipmale.com/sfp.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:19 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 171e0a3fe2130f870ab015d2dfe4e408
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 03 Dec 2023 17:32:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLgyxu6LH59CRgscwfGqVjemH%2F%2Byk5ZgwddolOsY9XyvLgIAhkego4z4uDVNSx6bXy5ChpdJmb0ktXqPvLaDztKWXER%2F%2FBUD27nEw3KKiU439GmCJQblNwNEzhb%2FEIKlCFPHMow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c5f687b06ed-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
200 OK 79 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
Hash 80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:28 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1691892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orEAgTrKw%2BwcnEiozIDmqG0rI4nXIlWN8AQwl%2FHLXOL%2FY%2Byb6lAGXsTAJEcOWmEIVNUHHd7mGmoVuvNz14TXFdyhhmVDjZXrSc8FnxBMzoPI7zL02hVRkvsV0H4TXs%2B7YohkNnAAR83B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c956c1460fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
chaturbate.com/cdn-cgi/challenge-platform/h/b/jsd/r/82fd8c76d95cb523
200 OK 0 B URL POST HTTP/3 chaturbate.com/cdn-cgi/challenge-platform/h/b/jsd/r/82fd8c76d95cb523
IP
Requested by https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Certificate IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/82fd8c76d95cb523 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12266
Origin: https://chaturbate.com
DNT: 1
Connection: keep-alive
Referer: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
Cookie: __cf_bm=18AcEjAJUr.Oj.3eBmiFjDqsr9ZFq42nhhYieTPBL2o-1701624742-0-AWEz3lDwX51DprjvRaDTRDv8sAdxM84L04tDq8xySUaZd+wn3MWZfFbCfz/tQqi17RZjiuLuVmuhs0N+6nEnX20=; cf_clearance=yLw3syLCKdysfpAO0EXNvNW9vm.mMuz1H9B7XPh_vG0-1701624743-0-1-730ca2d2.73a07051.5b213570-0.2.1701624743
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:24 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=RfKP2S5XNk5jsadoz6ZWvV0BX0up2FGujPC7zfnd2Vo-1701624744-0-1-730ca2d2.73a07051.5b213570-0.2.1701624744; path=/; expires=Mon, 02-Dec-24 17:32:24 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0u%2B7XSfQxhjJ8wgMMFmtJKhJ1j%2BALaTf4aPf3BiKd66jjPXjfoCrQBgn6VSGdTgtqJ9jlL33RTAscPuEvXDnf1c1VUP1UB%2FuC09zg4qzMPy7opouTrCIkAnmGn9hEaC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82fd8c7d6b80b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
200 OK 1.3 kB URL GET HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint55:06:B7:F1:EF:E9:55:FB:7C:8C:4F:5D:DB:05:C9:15:19:90:9B:2F
ValiditySat, 11 Nov 2023 03:00:51 GMT - Fri, 09 Feb 2024 03:00:50 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1365), with no line terminators
Hash 36778a7f37ab18ce089392f8f865e8b5
55dc41a6c7fd267229941f56181545927c901be0
6b3ec93e836db8922282cfa30e0ae89d45fd866d9e2bf538c9723e3ce0044e6f
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:28 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 03 Dec 2023 18:32:28 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
www.hotzxgirl.com/themes/style.css
200 OK 7.4 kB URL GET HTTP/3 www.hotzxgirl.com/themes/style.css
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjecthotzxgirl.com
Fingerprint0E:BF:16:FE:F8:09:93:3E:36:4E:72:74:04:76:85:9B:6C:2D:15:28
ValiditySat, 02 Dec 2023 14:56:08 GMT - Fri, 01 Mar 2024 14:56:07 GMT
File type ASCII text, with very long lines (7357), with no line terminators
Hash 8a0392cda70eedfe06b7f06900bb8810
c75b54a9d69cdb39205ae92c97b9308b4d5c700d
860e22c35d4310d278a711e23f059c074e31c02894d8183e5d60b25607e9faa9
GET /themes/style.css HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Cookie: PHPSESSID=qcmk16en928bhm1urp8tfaj7h8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:15 GMT
content-type: text/css;charset=UTF-8
cf-bgj: minify
cf-polished: origSize=8332
cache-control: public, max-age=2592000
expires: Sat, 23 Dec 2023 02:45:47 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 917188
last-modified: Thu, 23 Nov 2023 02:45:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BF%2FG5wQzSY1mUExqLcGX4s3pEMJZ1gDS9L2V9Y6chIeXfoQX0z0m5BO71hjWo73BgdAbOE3wk8wx%2F2RyziyY7SL3rlTRUhUMZJMjBWDDogX%2FORw2Q6bRaOf6dZHsgyriunHDUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd8c475e3056c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
200 OK 444 B URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type ASCII text, with very long lines (458), with no line terminators
Hash 982ab6e275f01f07609f7a83b9ded288
00cae17857fd26867610c5287a75c107ab8a150f
2f60a6c44dff7939447126884982a613420b55459abf4ddc27144c2d09fe992c
GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:28 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2885917
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Caou0w1wKFHZ%2FW921IY3kArpS0Vslu4SUZSlp9kefEaHU4lMqMMTyLfaZ5E9SNM6nBaQkKCGlipmYQELM3hYY19eNQAZrrf%2FsurXu%2BJ1kNEU9WIUafIMpXS2TFo3rVvrGSKqRK2VvqJg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c958c3e60fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.hotzxgirl.com/themes/javascript/age-verification.js
200 OK 3.0 kB URL GET HTTP/3 www.hotzxgirl.com/themes/javascript/age-verification.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjecthotzxgirl.com
Fingerprint0E:BF:16:FE:F8:09:93:3E:36:4E:72:74:04:76:85:9B:6C:2D:15:28
ValiditySat, 02 Dec 2023 14:56:08 GMT - Fri, 01 Mar 2024 14:56:07 GMT
File type HTML document, ASCII text, with very long lines (3250), with no line terminators
Hash 5329de171be5b327aef7469b0c2fe79a
7e72f3c81e29731204b4910d7fe5b6d3105506d7
f97916de5a9162455a8f2e01175aaaab2412e7010dc729a24611bb881f28b465
GET /themes/javascript/age-verification.js HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Cookie: PHPSESSID=qcmk16en928bhm1urp8tfaj7h8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Wed, 06 Dec 2023 01:35:48 GMT
last-modified: Sat, 11 Jun 2022 14:15:28 GMT
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 402987
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHY40x3W%2Fsm4usP%2FM00oWmgfVtahBI9PlEvo%2FpbenipZDBkb8XGr4XMHWzaBRGXPux978%2BzzBoHjk8hghfVYguyuGLJUyX%2BqTqce9nvOTF9%2FovyDIYxrCrs5VSZrnSInxnSSBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd8c475e2e56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/js/script.js
200 OK 386 B URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/js/script.js
IP
Requested by https://www.hotzxgirl.com/her/her-calves-muscle-legs-nadiya-mol-sexy-calves-set.htm
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type ASCII text, with very long lines (399), with no line terminators
Hash 022602a468da44628060800173771da2
9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c
6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc
GET /sb/notifications/dating/default/us/desk-all/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hotzxgirl.com
DNT: 1
Connection: keep-alive
Referer: https://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:32:23 GMT
content-type: application/javascript
last-modified: Tue, 14 Apr 2020 14:09:27 GMT
etag: W/"5e95c417-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 268763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2B%2BCyptwAB%2F7dEBs6Q10%2BSvkD91yjJ8JcG27KHwM4GK%2FRkkKLFIwKtbbbAhsgL%2FLUrcrmRYmNjsLskUTJfcJinepsjuNVnhgm32Qa0uUTm7Ey6M2WwxVk9kw7wsczMla1Fh5v%2BaAznBL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd8c73ea3e60fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
go.xlirdr.com/thumbs/view
200 OK 90 B URL POST HTTP/3 go.xlirdr.com/thumbs/view
IP
Requested by https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=0&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
Certificate IssuerCloudflare, Inc.
Subjectxlirdr.com
FingerprintDD:63:14:34:9F:51:18:A3:E8:9B:86:1B:C5:FB:C6:F6:75:C9:F6:F5
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 3c084384040153813a04819e96911dd2
88de0ecb1b75a9f8fbe09d984ab126ce728c2f31
f5277853fdd0757063643282ee357db637b51fdb9a1dd50145ca9f0c93bdc6bb
POST /thumbs/view HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 86
Origin: https://creative.xlirdr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:32:24 GMT
content-type: application/json
access-control-allow-origin: https://creative.xlirdr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtqFKBH2KiRQdzrXv7K5oQ4ahxMYx; SameSite=None; Secure; path=/; expires=Mon, 04-Dec-23 17:32:24 GMT; HttpOnly
server: cloudflare
cf-ray: 82fd8c7b38825688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
172.67.135.64
0.0.0.0
18.157.203.0
185.76.9.21
185.94.236.247
185.200.118.51
185.200.116.90