Overview

URL www.faproulette.co/32113/on-the-phone/
IP104.21.93.213
ASNCLOUDFLARENET
Location
Report completed2022-10-01 05:27:48 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (44)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS promos.camsoda.com (1) 100954 2015-07-14 17:55:11 UTC 2022-09-30 14:52:34 UTC 64.210.135.117
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-30 16:35:12 UTC 142.250.74.164
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-10-01 01:41:12 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS netdna.bootstrapcdn.com (1) 3413 2012-09-07 15:11:00 UTC 2022-09-30 09:12:17 UTC 104.18.10.207
mnemonic passive DNS adserver.juicyads.com (1) 36249 2012-05-21 13:14:28 UTC 2022-09-29 19:56:45 UTC 185.94.237.64
mnemonic passive DNS as.sexad.net (2) 86240 2012-05-22 03:40:32 UTC 2022-09-30 14:52:34 UTC 216.127.52.241
mnemonic passive DNS m.sancdn.net (2) 89507 2012-09-29 23:09:57 UTC 2022-09-30 14:52:35 UTC 69.16.175.10
mnemonic passive DNS pt-static2.ptlwmstc.com (1) 188311 2021-08-02 14:02:38 UTC 2022-10-01 05:15:12 UTC 93.93.51.200
mnemonic passive DNS firefox.settings.services.mozilla.com (1) 867 2020-05-27 20:08:30 UTC 2022-09-30 21:46:18 UTC 18.164.68.8
mnemonic passive DNS camschat.net (2) 64292 2014-07-22 23:32:18 UTC 2022-10-01 05:15:08 UTC 66.230.180.98
mnemonic passive DNS bam.nr-data.net (2) 630 2015-02-10 00:06:27 UTC 2022-09-30 21:38:45 UTC 162.247.241.14
mnemonic passive DNS creative.xxxiijmp.com (1) 127961 2021-07-02 10:22:52 UTC 2022-09-24 13:22:20 UTC 172.64.145.216
mnemonic passive DNS awmbed.com (1) 460738 2022-01-26 09:22:20 UTC 2022-09-29 11:36:12 UTC 93.93.51.191
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-30 04:56:26 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (12) 86 2012-05-21 07:02:23 UTC 2022-10-01 04:10:38 UTC 93.184.220.29
mnemonic passive DNS code.jquery.com (2) 634 2012-05-21 17:28:02 UTC 2022-09-30 05:18:50 UTC 69.16.175.42
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-10-01 04:08:14 UTC 104.18.32.68
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-30 05:12:28 UTC 35.162.217.251
mnemonic passive DNS static-assets.highwebmedia.com (2) 16059 2021-01-19 21:46:26 UTC 2022-10-01 05:12:53 UTC 104.16.94.42
mnemonic passive DNS www.faproulette.co (1) 0 2017-02-16 07:48:38 UTC 2022-09-24 08:11:25 UTC 172.67.215.76 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (12) 344 2020-12-02 08:52:13 UTC 2022-09-30 04:55:29 UTC 23.36.76.226
mnemonic passive DNS a.adtng.com (1) 15165 2018-07-26 19:17:41 UTC 2022-09-30 21:01:30 UTC 66.254.114.171
mnemonic passive DNS roomimg.stream.highwebmedia.com (1) 23037 2016-09-05 17:03:58 UTC 2022-10-01 05:12:53 UTC 104.19.241.83
mnemonic passive DNS img.strpst.com (9) 12993 2021-06-03 08:45:56 UTC 2022-09-30 21:16:40 UTC 104.16.61.52
mnemonic passive DNS galleryn11.awemdia.com (4) 0 2022-05-12 11:08:22 UTC 2022-09-29 11:27:39 UTC 93.93.51.190 Domain (awemdia.com) ranked at: 26880
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-30 05:34:07 UTC 18.164.68.3
mnemonic passive DNS fonts.googleapis.com (4) 8877 2013-06-10 20:14:26 UTC 2022-10-01 02:25:13 UTC 142.250.74.10
mnemonic passive DNS hw-cdn2.ang-content.com (5) 165651 2019-03-25 22:41:04 UTC 2022-09-29 07:49:01 UTC 205.185.208.20
mnemonic passive DNS video.ktkjmp.com (1) 23778 2020-10-02 08:52:19 UTC 2022-09-30 21:01:01 UTC 104.18.42.40
mnemonic passive DNS pt-static4.ptlwmstc.com (1) 280409 2021-08-02 14:02:38 UTC 2022-10-01 05:15:12 UTC 93.93.51.200
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-30 04:55:45 UTC 142.250.74.72
mnemonic passive DNS pt-static1.ptlwmstc.com (2) 154690 2021-08-02 14:02:38 UTC 2022-10-01 05:15:13 UTC 93.93.51.200
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-10-01 04:02:08 UTC 34.120.237.76
mnemonic passive DNS pt-static5.ptlwmstc.com (1) 182291 2021-08-02 14:02:38 UTC 2022-09-29 23:01:47 UTC 93.93.51.200
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-30 14:37:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-09-30 23:06:25 UTC 142.250.74.174
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-10-01 04:09:18 UTC 151.101.86.137
mnemonic passive DNS galleryn0.awemdia.com (1) 34207 2020-05-20 07:14:46 UTC 2022-10-01 01:10:25 UTC 93.93.51.190
mnemonic passive DNS ocsp.pki.goog (13) 175 2017-06-14 07:23:31 UTC 2022-09-30 04:55:27 UTC 142.250.74.3
mnemonic passive DNS hw-cdn2.adtng.com (1) 11917 2020-02-20 16:50:17 UTC 2022-10-01 04:26:47 UTC 209.197.3.25
mnemonic passive DNS go.xxxiijmp.com (2) 59605 2021-07-02 10:40:48 UTC 2022-09-30 12:02:23 UTC 104.18.42.40
mnemonic passive DNS cachew.camsoda.com (1) 163921 2015-08-13 03:16:23 UTC 2022-09-30 14:52:34 UTC 64.210.135.117
mnemonic passive DNS pt.wmptctl.com (3) 0 2022-03-02 17:02:35 UTC 2022-10-01 05:15:11 UTC 93.93.51.191 Unknown ranking
mnemonic passive DNS chaturbate.com (2) 6807 2012-05-22 23:11:36 UTC 2022-10-01 05:12:51 UTC 104.18.101.40


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.93.213

Date UQ / IDS / BL URL IP
2022-11-28 02:15:54 +0000
0 - 0 - 1 ultmobiletools.com/sportsquiz/1000randgift.html 104.21.93.213
2022-11-23 07:49:46 +0000
0 - 0 - 1 ultmobiletools.com/sportsquiz/10000randgift.html 104.21.93.213
2022-11-08 10:26:00 +0000
0 - 0 - 1 ultmobiletools.com/sportsquiz/offer2.html 104.21.93.213
2022-11-05 18:51:11 +0000
0 - 0 - 1 ultmobiletools.com/sportsquiz/offer8b.html 104.21.93.213
2022-10-01 05:39:51 +0000
0 - 0 - 0 www.faproulette.co/7167/slut-training/ 104.21.93.213

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-02 09:39:49 +0000
0 - 0 - 1 timbe.farally.top/ 188.114.96.1
2022-12-02 09:39:37 +0000
0 - 0 - 41 www.ercaws.com/ 188.114.97.1
2022-12-02 09:37:45 +0000
0 - 0 - 39 track.storeera.shop/ 172.67.154.234
2022-12-02 09:36:18 +0000
1 - 0 - 2 sehatifly.com/usps/package/ 172.67.204.39
2022-12-02 09:36:02 +0000
0 - 0 - 2 cpcalendars.responsibility.rest/ 104.21.71.162

Last 5 reports on domain: faproulette.co

Date UQ / IDS / BL URL IP
2022-10-01 05:39:51 +0000
0 - 0 - 0 www.faproulette.co/7167/slut-training/ 104.21.93.213
2022-10-01 05:38:59 +0000
0 - 0 - 0 www.faproulette.co/c/79/slut-training/ 172.67.215.76
2022-10-01 05:36:18 +0000
0 - 0 - 0 www.faproulette.co/124/ultra-slut-fap-roulette/ 172.67.215.76
2022-10-01 05:31:33 +0000
0 - 0 - 0 www.faproulette.co/36023/short-beta-denial/ 104.21.93.213
2022-10-01 05:27:48 +0000
0 - 0 - 0 www.faproulette.co/32113/on-the-phone/ 104.21.93.213

No other reports with similar screenshot



JavaScript

Executed Scripts (53)


Executed Evals (4)

#1 JavaScript::Eval (size: 135, repeated: 1) - SHA256: 8b11862ea48988f8dc93832c51346c288be84b7bc2d776d74f50cb7d912ebc2a

                                        (function() {
    var a = google_tag_manager["GTM-WXTGF28"].macro(3);
    return srB = a.substr(a.indexOf(".com") + 4, a.length - a.indexOf(".com") - 4)
})();
                                    

#2 JavaScript::Eval (size: 145, repeated: 1) - SHA256: a2bb9e7040697095a3076ee3136c7cff7dc38b1c78649fb5f6c6fb4145100030

                                        (function() {
    find = /G-(.*)/;
    gacode = "UA-86899934-6";
    return void 0 === gacode || "undefined" == gacode || "" == gacode ? "" : !0 === find.test(gacode) ? gacode : ""
})();
                                    

#3 JavaScript::Eval (size: 84, repeated: 1) - SHA256: 44379bf89e3d499c6e5084c2762e92070d823eb0c3b4f20d8fa9adbafe954ba9

                                        (function() {
    var b = 23;
    return function(a) {
        a.set("dimension" + b, a.get("clientId"))
    }
})();
                                    

#4 JavaScript::Eval (size: 146, repeated: 1) - SHA256: 04fdd53a79e755c063893c43cba7f311f8db7c412a07b372255addb55a7651bf

                                        (function() {
    find = /UA-(.*)/;
    gacode = "UA-86899934-6";
    return void 0 === gacode || "undefined" == gacode || "" == gacode ? "" : !0 === find.test(gacode) ? gacode : ""
})();
                                    

Executed Writes (0)



HTTP Transactions (117)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.8
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 01 Oct 2022 05:02:25 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 af877631d7eceee4a5878c04d25f5986.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: 57qlaWPXMfLDMwZ5eVb2P0qbMzoWauIqem0lrT4iK0eBQf0hkeXTbg==
Age: 1511


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10391
Expires: Sat, 01 Oct 2022 08:20:47 GMT
Date: Sat, 01 Oct 2022 05:27:36 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.3
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 01 Oct 2022 03:33:18 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 49e8093d0b1ec293275e8b264631ad18.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P4
x-amz-cf-id: SY9ctmUwoksPRjDNyGCdrSeaJOok9lZXbbLHfhk1s64LU6aNfJx7kA==
age: 6860
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 01 Oct 2022 05:27:36 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2984
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:27:36 GMT
Last-Modified: Sat, 01 Oct 2022 04:37:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4351
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:27:36 GMT
Last-Modified: Sat, 01 Oct 2022 04:15:05 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 314


--- Additional Info ---
Magic:  data
Size:   13409
Md5:    364d1a8a4e4429903ee830a3045ed13d
Sha1:   e9f6af652d52407457990bd87383ede8ad3036fd
Sha256: 13f63497b4b2e51fa1d7d28e331849ced34faaf1227c93a641cfcba68392eefa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4351
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:27:36 GMT
Last-Modified: Sat, 01 Oct 2022 04:15:05 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 314

                                        
                                            GET /jquery-3.3.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sat, 01 Oct 2022 05:27:36 GMT
content-encoding: gzip
content-length: 30288
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664602056.dop023.sk1.t,1664602056.cds072.sk1.hn,1664602056.cds072.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30288
Md5:    d549b312f7a7d228b4ec229a6547dfdc
Sha1:   0766794582ad530ec0f8c2595f741086afffa312
Sha256: f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2984
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:27:36 GMT
Last-Modified: Sat, 01 Oct 2022 04:37:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Sat, 01 Oct 2022 05:27:36 GMT
date: Sat, 01 Oct 2022 05:27:36 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (850), with no line terminators
Size:   555
Md5:    e75e7b4c9bf71c4a14d5e1d1946b161a
Sha1:   36148f31ea702a23a3f0dafd907a9069234021e7
Sha256: e43b40968f165ec7b121020103aa40529d891aa2d03ead26ed47adefc4d6ab6d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Roboto:300,400,500,700,900 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 01 Oct 2022 05:27:36 GMT
date: Sat, 01 Oct 2022 05:27:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   77890
Md5:    264a6c05a430360277d2b7f075ac425d
Sha1:   61ed5a051914454f4800608f166f668fd9254590
Sha256: 701d3aed6bc5db8b28d52b972a2c3d248e05ce94bcc21d7229b48abdfb8ecc2f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   8042
Md5:    264a599c7a8e0d750a22eaf703f4ab55
Sha1:   f3f3730690681d2264244bf02de527133f27f800
Sha256: 271588dceed873a6c948c4235e583e17f00a9f8eff40be2128d07379235d2a77
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 19:08:28 GMT
Expires: Fri, 07 Oct 2022 19:08:27 GMT
Etag: "b353bf1223c7a3f1bf97c2426dfaca2175a4e728"
Cache-Control: max-age=567049,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7532ca475949b4fa-OSL

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.faproulette.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 208409
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/kaushanscript/v14/vm8vdRfvXFLG3OLnsO15WYS5DG74wNI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.faproulette.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 17:28:49 GMT
expires: Fri, 29 Sep 2023 17:28:49 GMT
cache-control: public, max-age=31536000
age: 129528
last-modified: Tue, 26 Apr 2022 15:00:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 34728, version 1.0\012- data
Size:   34728
Md5:    9d8c616f488d1cbb3c235ae2a1679fb1
Sha1:   c56b4e0a9b2fc7973eb939bcb244f200f9508cfc
Sha256: cce6e5a4ccc41fd81d52d0802348827f4828bf7fc6b78e24002ed02a690d21b5
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.faproulette.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 04:15:02 GMT
expires: Sun, 01 Oct 2023 04:15:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
age: 4355
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.faproulette.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 208409
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 
Host: netdna.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Sat, 01 Oct 2022 05:27:36 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 723, 617, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-04-23 06:14:04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 84b303cdf31a4af7425c3922307f8d93
cdn-cache: HIT
cf-cache-status: HIT
age: 12712364
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7532ca478ea0b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   7306
Md5:    762524b6225a89ad08c5688e497cff55
Sha1:   1017f63dec9931cec380bc0f07eb26390d482115
Sha256: 78a2260537066a84bc0f1ff8324f1138fe46f3d5f03fb04aee3ba81e0df28850
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /get/10007038?time=1562609948255 HTTP/1.1 
Host: a.adtng.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         66.254.114.171
HTTP/2 200 OK
content-type: text/html
                                        
server: openresty
date: Sat, 01 Oct 2022 05:27:36 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KJmM3z8g/kVtmukPiAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None; RNLBSERVERID=ded6742; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 6337CFC8-42FE72AB01BB4051-3C587DD
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9560
Md5:    1e50684f03b5dc5aa1f27b54f7e197f7
Sha1:   95edfcc2faa51672fd76979e60a367d8ddf5a87f
Sha256: 8299dfe5c3753e4dbe55220c2baff7a8cd1006b41ec25fa794f3dce52a21df64
                                        
                                            GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1 
Host: hw-cdn2.ang-content.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10577017
X-HW: 1664602057.dop218.sk1.t,1664602057.cds208.sk1.shn,1664602057.cds208.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (5027), with no line terminators
Size:   5027
Md5:    5e5817bcf4c82c7c85d1d88636d221ce
Sha1:   b5c32cc6c931c33c1297884016e13d3b9a5bf261
Sha256: 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
                                        
                                            GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.faproulette.co
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:05:31 GMT
expires: Sun, 01 Oct 2023 01:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
age: 15726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (711)
Size:   158844
Md5:    b4ed95d4318e3b78b936c9c0f1ffa96e
Sha1:   b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
Sha256: 3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f
                                        
                                            GET /a7/creatives/1/1322/813791/1020784/1020784_logo.png HTTP/1.1 
Host: hw-cdn2.ang-content.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.20
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Connection: Keep-Alive
ETag: "1642454058"
Content-Length: 84438
Last-Modified: Mon, 17 Jan 2022 21:14:18 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10746596
X-HW: 1664602057.dop226.sk1.t,1664602057.cds018.sk1.shn,1664602057.dop226.sk1.t,1664602057.cds260.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  PNG image data, 160 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size:   84438
Md5:    7b68006f11dc59cb99c0b5c353708c3d
Sha1:   30e900a231e215abe97b5b6ebf9745463bdfa8d1
Sha256: b46d1664ec38c52cb3d00db55e4c09e0ef710269fc5f2467d4d4c3574586b12f
                                        
                                            GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1 
Host: hw-cdn2.adtng.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         209.197.3.25
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10721591
X-HW: 1664602057.dop069.sk1.t,1664602057.cds205.sk1.shn,1664602057.dop069.sk1.t,1664602057.cds228.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (16885), with no line terminators
Size:   16885
Md5:    48c80c7c28b5b00a8b4ff94a22b72fe3
Sha1:   d57303c2ad2fd5cedc5cb20f264a6965a7819cee
Sha256: 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3678
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:27:37 GMT
Last-Modified: Sat, 01 Oct 2022 04:26:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sat, 01 Oct 2022 04:41:09 GMT
expires: Sat, 01 Oct 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 2788
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            GET /a7/creatives/1/1322/813791/1020784/1020784_video.mp4 HTTP/1.1 
Host: hw-cdn2.ang-content.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.20
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Connection: Keep-Alive
ETag: "1642454186"
Content-Length: 450295
Content-Range: bytes 0-450294/450295
Last-Modified: Mon, 17 Jan 2022 21:16:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10504006
X-HW: 1664602057.dop229.sk1.t,1664602057.cds203.sk1.shn,1664602057.dop229.sk1.t,1664602057.cds247.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   450295
Md5:    8893c4a18f2e80b1bc4f57a6d1a2b1be
Sha1:   0b7c2af3628c0c203ae97b79cea24e28a016efb8
Sha256: 4dac1ffa9d7bc719d60815f3786ee751da73d890791970b180668992707ccfd0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?v=1&_v=j97&a=1852901349&t=pageview&_s=1&dl=https%3A%2F%2Fwww.faproulette.co%2F32113%2Fon-the-phone%2F&ul=en-us&de=UTF-8&dt=On%20the%20Phone%20-%20Fap%20Roulette&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=866839101&gjid=681742805&cid=2112813328.1664602054&tid=UA-48334271-1&_gid=865689670.1664602054&_r=1&_slc=1&z=1253211391 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.faproulette.co
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.faproulette.co
date: Sat, 01 Oct 2022 05:27:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    9e92e190700c1af4539b40c2171320a9
Sha1:   209bcdb79e6067b51091ce8586d4b977f25b67d8
Sha256: aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
                                        
                                            GET /adshow.php?adzone=461528 HTTP/1.1 
Host: adserver.juicyads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.94.237.64
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sat, 01 Oct 2022 05:27:37 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=2a03c4d7b61fc37b792521ce4fee3bdd; expires=Sun, 01-Oct-2023 05:27:37 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com juicy_data_1=YTowOnt9; expires=Tue, 04-Oct-2022 05:27:37 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 04-Oct-2022 05:27:37 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1374
Md5:    d4e04002eff385687e8ce546e5037fb7
Sha1:   44177239cc351faf78f3335f08059400f0259f6f
Sha256: af4faffdf8501d978a799bd79adafb7b783d1f0f54d5ebdadbe33a9971dca865
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BN+R5SpuxkyQmrfSidtI/g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.162.217.251
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +5exY/K2f2D6zfdR1RDTl32+Lq4=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /a7/creatives/1/49/813953/1023633/1023633_logo.png HTTP/1.1 
Host: hw-cdn2.ang-content.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.20
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Connection: Keep-Alive
ETag: "1644516505"
Content-Length: 101893
Last-Modified: Thu, 10 Feb 2022 18:08:25 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10662446
X-HW: 1664602057.dop229.sk1.t,1664602057.cds203.sk1.shn,1664602057.cds203.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4271046983D92B71F87C4FDC7B5F2D788268FB57E1EAC19495B2946F802DF0B3"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8795
Expires: Sat, 01 Oct 2022 07:54:12 GMT
Date: Sat, 01 Oct 2022 05:27:37 GMT
Connection: keep-alive

                                        
                                            GET /i?campaignId=juicy-faproulette&creativeId=&modelsCountry=&modelsLanguage=&sourceId=&tag=females&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=0&showModelName=0&showTitle=1&showLiveBadge=1&isXhDesign=0&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&landing=WidgetV4MobileSlider HTTP/1.1 
Host: go.xxxiijmp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.18.42.40
HTTP/2 302 Found
                                        
date: Sat, 01 Oct 2022 05:27:37 GMT
content-length: 0
location: https://creative.xxxiijmp.com/widgets/v4/MobileSlider/?buttonColor=&campaignId=juicy-faproulette&creativeId=&domain=stripchat&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=0&showTitle=1&sound=off&sourceId=&tag=females&targetDomain=&trackOff=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDfsBaY2bRYJiCdcdyuoKGiEHEbzXfzPGMPYvwzZa; SameSite=None; Secure; path=/; expires=Sun, 02-Oct-22 04:27:37 GMT; HttpOnly
server: cloudflare
cf-ray: 7532ca4e0c71b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /adxad160x600/faproulette.php HTTP/1.1 
Host: camschat.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         66.230.180.98
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sat, 01 Oct 2022 05:27:37 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.3
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1192
Md5:    42eb6d5dd2c57124c43b0524b88a0411
Sha1:   c201f8cb74fa7d9be339d101c41bc17083fd2623
Sha256: a59f7b8b68918cdaef35ea7a33adfc29703b5c39cb1d988bef145195448a5744
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:38 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 02:40:06 GMT
Expires: Thu, 06 Oct 2022 02:40:05 GMT
Etag: "3b94a1b6ad9a419e14e7884e579f80e5f6c30177"
Cache-Control: max-age=421346,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7532ca4e3ed8b4fa-OSL

                                        
                                            GET /assets/img/camsoda-logo-160x50.png HTTP/1.1 
Host: cachew.camsoda.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promos.camsoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         64.210.135.117
HTTP/2 200 OK
content-type: image/png
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
content-length: 4520
last-modified: Mon, 02 May 2022 15:02:15 GMT
etag: "626ff277-11a8"
expires: Sun, 22 May 2022 14:47:25 GMT
access-control-allow-origin: *
cache-control: max-age=1296000, public, no-transform
accept-ranges: bytes
x-cdn-diag: ams5-7619-3-51814-h-0-0---;6140-22-22842----0-0-0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 160 x 50, 8-bit colormap, non-interlaced\012- data
Size:   4520
Md5:    a26f6cb889250cca822d07ed1fa17020
Sha1:   20b51a9dbe0928016d917e71b809c4f01a13d16f
Sha256: fb6f54664e2adec6f304d47e544629a3ae46b0fdeb9ac1daab247f817ef2be13
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3B953E092A71570CA63C4B4B6029DEF2BEC50A0F0C499020F792CC0B8993A27A"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11075
Expires: Sat, 01 Oct 2022 08:32:13 GMT
Date: Sat, 01 Oct 2022 05:27:38 GMT
Connection: keep-alive

                                        
                                            GET /adsbygoogle.js HTTP/1.1 
Host: video.ktkjmp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxiijmp.com/
Origin: https://creative.xxxiijmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.42.40
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
content-length: 16
x-amz-id-2: HP9ZYIbQwp4gqSlBnos4x9SH8CtB9jj1XtwzlGXjrvQ5qcgq3l3zJLxwVGcbaxcssRK1GTLH7Hg=
x-amz-request-id: S0C9EQ9D4R8CES4E
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xxxiijmp.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 3622
expires: Sat, 01 Oct 2022 09:27:38 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532ca4f7e150b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   16
Md5:    3d7f7a60216d40dea48e495fef6903c9
Sha1:   fecdb5184f55cf012563d78940eb97b10b9cc99b
Sha256: 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "70ED38D5E87CF71642E3A7F614463392A86B918EC87FAAA2C54F3431DDF2042A"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10106
Expires: Sat, 01 Oct 2022 08:16:04 GMT
Date: Sat, 01 Oct 2022 05:27:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EE61B3C36BF3526865612DDAAC4107FE3E36B810CFC5986E985AB51B1D64D4A"
Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11361
Expires: Sat, 01 Oct 2022 08:36:59 GMT
Date: Sat, 01 Oct 2022 05:27:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EE61B3C36BF3526865612DDAAC4107FE3E36B810CFC5986E985AB51B1D64D4A"
Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11361
Expires: Sat, 01 Oct 2022 08:36:59 GMT
Date: Sat, 01 Oct 2022 05:27:38 GMT
Connection: keep-alive

                                        
                                            GET /npe/_common/script/adblock/advertisement-v932169.js HTTP/1.1 
Host: pt-static4.ptlwmstc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.200
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
content-length: 21
last-modified: Fri, 30 Sep 2022 11:19:11 GMT
etag: "6336d0af-15"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   21
Md5:    01c6e7ecb819ef28b0c9b962513a1596
Sha1:   1a49f493db7b91ed34a7040d36732352b9a5dc39
Sha256: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
                                        
                                            GET /riw/kittycaitlin.jpg?1664602050 HTTP/1.1 
Host: roomimg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.241.83
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
content-length: 9687
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=9757
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 23
last-modified: Sat, 01 Oct 2022 05:27:15 GMT
expires: Sat, 01 Oct 2022 05:28:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0OZ8guYIjjGcgvdzEWcc3A41fOzkueUbR%2Bxem0BJRrS1ZSxFzjSOQGg8CBXimHdbQMs2YOXKmJv9GYOGZVKOFuFWXH7SxFj41qtcsAbHOAwmQrvUll%2Bw2czCd35ITpB7kETZu6gt05ss6GIhbJPvqg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=CUPkYZRuDf6n7Uq4usCuC9QZjKh4_RR8T4iGU5pl62I-1664602058499-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7532ca518936b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Size:   9687
Md5:    783d260acee9f9923731e5e2f79fe778
Sha1:   783166b237045de3378debff37132c7c0fbbe3de
Sha256: 5e30ba938022bedf0b900cae4d4777b2f746141f1e5976769ba52f608980a31e
                                        
                                            GET /as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=160&adHeight=120&niche=female&fontSize=12&font_color=%23fff&background_color=%23000000&hn=fap247.com&AFNO=1-406 HTTP/1.1 
Host: as.sexad.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         216.127.52.241
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx/1.18.0
Date: Sat, 01 Oct 2022 05:27:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Access-Control-Allow-Origin: *
Set-Cookie: at11664602058937_0_5106_4398=0001000; expires=Mon, 31-Oct-2022 05:27:38 GMT; Max-Age=2592000; path=/as; secure; SameSite=None iid=3826-1664602058; expires=Tue, 28-Sep-2032 05:27:38 GMT; Max-Age=315360000; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   2872
Md5:    4985cebab666c8f6c34cfe5fee442e16
Sha1:   ea9c0d765fb26d82dd89453a74ef79073caaa053
Sha256: ce02dc9a2a24fdc9c3a46ab1be9e55006ec245283dbed5a366df3ed4c6e642a6
                                        
                                            GET /gtm.js?id=GTM-WXTGF28 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 01 Oct 2022 05:27:38 GMT
expires: Sat, 01 Oct 2022 05:27:38 GMT
cache-control: private, max-age=900
last-modified: Sat, 01 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65833
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16704)
Size:   65833
Md5:    dfaebabce4063f0320712e5a8350e3f2
Sha1:   4073581e206bc2fdb1636998c55b63f6b5b1356f
Sha256: 544f60f965060e18a1f9d9c5c0213d1dab4ede5325a3e8649a37ab0963b483a2
                                        
                                            GET /jquery-2.1.3.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
content-encoding: gzip
content-length: 29507
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-14960"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664602058.dop023.sk1.t,1664602058.cds072.sk1.hn,1664602058.cds215.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32180)
Size:   29507
Md5:    de4fdb8e2e5d9b9624bad7ed2b726525
Sha1:   053a31e8e83b261e3863c4f9e652caba910a2b89
Sha256: f44c9556d0ecebc0716a7fce2899c0b40ed96394bebafb2937f4305bf3b118f3
                                        
                                            GET /common/fontawesome-430/font-awesome.min.css HTTP/1.1 
Host: m.sancdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 01 Oct 2022 05:27:38 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 23685
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1664602058.dop023.sk1.t,1664602058.cds208.sk1.shn,1664602058.cds208.sk1.c


--- Additional Info ---
Magic:  ASCII text, with very long lines (23523)
Size:   23685
Md5:    3738ef90dad175977dc8a695809bb71a
Sha1:   98aa676ba7987caa86d49ab1b71f73896d08ad13
Sha256: c86f7b62a894d5799f1aa0a535efb34ed6f914447f901f1da50c837dee13fa72
                                        
                                            GET /npe/image/smilies_ex.png HTTP/1.1 
Host: pt-static1.ptlwmstc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.93.51.200
HTTP/2 200 OK
content-type: image/png
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
content-length: 8533
last-modified: Tue, 27 Sep 2022 12:38:37 GMT
etag: "6332eecd-2155"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 536 x 138, 8-bit colormap, non-interlaced\012- data
Size:   8533
Md5:    53fc00ebf44066190d5faea2a7931e7c
Sha1:   21178ac1ffb10f958d26d17a0fe49d5d31a00720
Sha256: 63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c
                                        
                                            GET /nr-spa-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 01 Oct 2022 05:27:38 GMT
via: 1.1 varnish
x-served-by: cache-bma1670-BMA
x-cache: HIT
x-cache-hits: 1154
x-timer: S1664602059.791938,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32010)
Size:   18216
Md5:    6561a2403142205f966207d61576f1a6
Sha1:   1310e72f494e12ab63a4280fc1600a2c89dc9bb8
Sha256: 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
                                        
                                            GET /px.gif?stno=3-937-fap247.com-0-5106-0-0-3003-4398-5&p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=160&adHeight=120&niche=female&fontSize=12&font_color=%23fff&background_color=%23000000&hn=fap247.com&AFNO=1-406&cam=0&adv=0&ctry=NO&lang=en&dev=Other HTTP/1.1 
Host: as.sexad.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=160&adHeight=120&niche=female&fontSize=12&font_color=%23fff&background_color=%23000000&hn=fap247.com&AFNO=1-406
Cookie: iid=3826-1664602058
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.127.52.241
HTTP/1.1 200
Content-Type: image/gif
                                        
Server: nginx/1.18.0
Date: Sat, 01 Oct 2022 05:27:38 GMT
Content-Length: 35
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Access-Control-Allow-Origin: *
Set-Cookie: ust=1664602058; expires=Tue, 28-Sep-2032 05:27:38 GMT; Max-Age=315360000; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1\012- data
Size:   35
Md5:    729c3007a8ed0597531b0c76d54a94bb
Sha1:   90fe9b8a8142548fdfab29f59cb0a164a0eaef81
Sha256: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
                                        
                                            GET /ff268cab8d9fbae1ed7506f97496274f11/1097545c6e42b0ae9c2c7f42debf9f40_glamour_896x504.jpg HTTP/1.1 
Host: galleryn11.awemdia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.190
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
content-length: 38211
last-modified: Sat, 24 Sep 2022 06:08:20 GMT
etag: "ec2b807f77d165e3df82aa0ad4f57986"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 15 Oct 2022 05:27:38 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Size:   38211
Md5:    ec2b807f77d165e3df82aa0ad4f57986
Sha1:   8a2aab7e67bf3e58b12641b0ac0233b7b584f98a
Sha256: 144e5a573bd3893b1f7fe670c7578d4a6d02520b4e260a35294c5e62d7252025
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4810
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:27:38 GMT
Last-Modified: Sat, 01 Oct 2022 04:07:28 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1 
Host: m.sancdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://as.sexad.net
Connection: keep-alive
Referer: https://m.sancdn.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Date: Sat, 01 Oct 2022 05:27:38 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 56780
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1664602058.dop226.sk1.t,1664602058.cds201.sk1.shn,1664602058.cds201.sk1.c


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Size:   56780
Md5:    97493d3f11c0a3bd5cbd959f5d19b699
Sha1:   1075231650f579955905bb2f6527148a8e2b4b16
Sha256: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
                                        
                                            GET /i9iFa/cVF.gif?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=319_1&psprogram=cbrnd&campaign_id=121218&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net HTTP/1.1 
Host: pt.wmptctl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=319_1&psprogram=cbrnd&campaign_id=121218&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         93.93.51.191
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 31-Oct-22 05:27:38 GMT; SameSite=None; Secure
expires: Sat, 01 Oct 2022 05:27:37 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=841&ck=1&ref=https://chaturbate.com/tours/3/&ap=40&be=440&fe=730&dc=575&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664602054573,%22n%22:0,%22r%22:4,%22re%22:209,%22f%22:209,%22dn%22:209,%22dne%22:209,%22c%22:209,%22s%22:209,%22ce%22:209,%22rq%22:217,%22rp%22:415,%22rpe%22:416,%22dl%22:426,%22di%22:559,%22ds%22:574,%22de%22:577,%22dc%22:730,%22l%22:730,%22le%22:731%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFMKB1pQVVddWFNTBlcADhh4Yy8TFUMhJTshCU0XAwdWHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwpTAVsCAVRaGAEEAgkUVVAHU04EC1MKHAMFWABUAFRUB1gMXBNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEZaWQBFFw8HF0tBShtHXEAUVEoVPQ4BFw5WURsLQ3Z8NUBPRhMfTV1WXz5HXBMRCgsNRAMXCh9WExVDFwI7BwNPXFpUPldYDAsPHUFcG3pNWQRDG01AFgU8AlxDUFIEbk0YEgZGWURdUEpaFV5JQ05BEQI5VkZmVwBcUA0bQV5BKlBbTElDHRsUAzwLEDlPUEtCCF5XQ1hBRk9ETFRmUxNeThIHETsFB1RcVUhDCxsnCxEBBQlBFxUTFFBmAxAMExADS2pPVBNCUA4MQV5BXw8bCRNNE0wAPRAQEQ9XUhsLQ3xWGwsPCAJJDBsJEUlpCFBZQygKCExNGUlZB2ZXVlhEERADDA8fURgZJgcADwxJCwUIAVEACVBCJQ0RA19aQR5YBxdRQE9GBA9NalpeDFxQFUBZRgJQWAUMAwNQDVZVB0ZPRElUS1AMQhtbQBg4QRJWQEttQwsZPUAbVTECZRcVET0TWgAPEwUKAVdpGwtBbRsVAywXITobGRltQ1JlQ1hDOEFXZRcVET0TST1AWUQ/RAlpGx1BbRsGBw0ABhRlFwMRPRNfPUBPRD9EXVxKUANdXD4RDBENAmUXAxE9Ewk9QB5GT0RcWVBWCFNVBD0QFA8PTWpNVBJFSkNYQUQnFVpDS3NQEX0SARUWIVQZcUpSF0N7UkInFwAQS3cNEUMdGwQOCgMKBFVQZkIRXVAVPRcBEBJKaldCQwsbQQYKFwAJT1BLSD5BWAYHQ0ZPRFhWTVgXVGYSEg8NFzlNUEpFEhMDQ0InFwAQS3cNEUMdGwABFw0VA2ZGSV0IRWYVBxAQEDlXRhsLQxFdCBEACxUDS0xmQQBWXEFAHhk%3D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Sat, 01 Oct 2022 05:27:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7532ca53ff5cb50b-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=c08e88cceda468d5; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            GET /ff268cab8d9fbae1ed7506f97496274f14/4c33576a914bfdeededaf3c1bc399ec1_glamour_896x504.jpg HTTP/1.1 
Host: galleryn11.awemdia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.93.51.190
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
content-length: 79685
last-modified: Mon, 21 Feb 2022 13:10:20 GMT
etag: "7ec52005d6b4f09f560f978769c24082"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 15 Oct 2022 05:27:39 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Size:   79685
Md5:    7ec52005d6b4f09f560f978769c24082
Sha1:   8f16fef1fdaade74408f42fd60202ce4881f5024
Sha256: 1fa9754b699144fa21c2dca9d2dc987d1a330eee161056ef58ebe76513759f21
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12751
Expires: Sat, 01 Oct 2022 09:00:10 GMT
Date: Sat, 01 Oct 2022 05:27:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12751
Expires: Sat, 01 Oct 2022 09:00:10 GMT
Date: Sat, 01 Oct 2022 05:27:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12751
Expires: Sat, 01 Oct 2022 09:00:10 GMT
Date: Sat, 01 Oct 2022 05:27:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12751
Expires: Sat, 01 Oct 2022 09:00:10 GMT
Date: Sat, 01 Oct 2022 05:27:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12751
Expires: Sat, 01 Oct 2022 09:00:10 GMT
Date: Sat, 01 Oct 2022 05:27:39 GMT
Connection: keep-alive

                                        
                                            GET /ff268cab8d9fbae1ed7506f97496274f15/5500b022eee07a8229dbc5186f36dbcf_glamour_896x504.jpg HTTP/1.1 
Host: galleryn11.awemdia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.93.51.190
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
content-length: 38175
last-modified: Thu, 08 Sep 2022 06:52:05 GMT
etag: "8c7affd9dcdc519d94fa16a245765cf4"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 15 Oct 2022 05:27:39 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Size:   38175
Md5:    8c7affd9dcdc519d94fa16a245765cf4
Sha1:   e05d8a7e6fbc779a5d122dd303620a7f052b941f
Sha256: eb52fe540ac9b3a74496dfcb9ce72cafec939ab378e3554e018afcbbc946b52b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0222b19-e28d-42f0-b085-23b2b665419f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5845
x-amzn-requestid: 5f7a3d43-3c65-4cde-9b7f-fcb6223200c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLEEchIAMFTjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-027b8cc4272f027521eea8c7;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gsT8eVPGsaXk-982_8xS2qNOhEG6lWsrXtJf3AD9VsgZVtyOQHjPvg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:00:47 GMT
age: 26812
etag: "aad835c1f25a742cc8f3b8f695ddc2a8a83220b9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5845
Md5:    bf40d5ad9837589adb9464463083ed29
Sha1:   aad835c1f25a742cc8f3b8f695ddc2a8a83220b9
Sha256: 9883621d6a4802c1d12e6c8c4dd5a194a81ee84bbede42da853a9e23027aaa09
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: f0791b53-3c5f-4d94-954d-992a529ebb60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPnunF35oAMFYbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63361ff6-2adb303349153ced73ccecf6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 22:45:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RGS_T9Cwl5Vjs_bxngHRomiYppE5fLe0SnH19VEfc5-PCT5tb5ku1A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 04:40:52 GMT
age: 2807
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7a423b5-e320-4013-8cd9-2455b244e410.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3069
x-amzn-requestid: 957bbcc7-0ce0-42b6-bec6-588f9e1c6369
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCH6DoAMFaHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-5a514967208e92343e0f3778;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tnGcmRZcp0_ckYfYvD37C_1Vswk5FoLIhno4dWw39OJ3fqmhIMss2Q==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:15:59 GMT
age: 25900
etag: "069a451b50182aed754301cbc2eb776abe469a52"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3069
Md5:    e22123802c6c1a89ff2b12b8ebb4478a
Sha1:   069a451b50182aed754301cbc2eb776abe469a52
Sha256: 4edccb57b366cf6460219d86ea13dd54cb0bcf3581604a5139859bf809df2b13
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff75296c6-86fa-46e7-b1f9-5afb645a7a08.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11252
x-amzn-requestid: 53406cae-6d5f-4700-ac5a-c26bb7762252
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPtTgEsHoAMF53w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633628e3-5a23515e02caea594e05e6a9;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 23:23:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sZ9hZoWRNQHI7VbLr5ygsJeXKr0OsnbSSas1v0O_vXKSEUK6canMKA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 16:23:58 GMT
age: 47021
etag: "feafba2465f9b352eef2a2dc57e7c52446ff2cc0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11252
Md5:    6d5dcd5bfb41659d9b347d19af17853b
Sha1:   feafba2465f9b352eef2a2dc57e7c52446ff2cc0
Sha256: 10904009b4b7b80c6931ea54981bc5ee51b5b71b5407da20e2d22962d9fab32e
                                        
                                            GET /CACHE/css/output.5c1e955e3832.css HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.94.42
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=63849
etag: W/"03c072147fa475d9bd57bcc9b73d3260"
last-modified: Thu, 22 Sep 2022 16:22:00 GMT
x-amz-id-2: src6WemkBrmxeGDZVP+4ipre01PPVsPb7jxfzfVQ0ssDy7l2IzQ439zT3Wf7YWS5u4ixFo+mPb4=
x-amz-meta-s3cmd-attrs: md5:03c072147fa475d9bd57bcc9b73d3260
x-amz-request-id: 12Q62S61BDK4RBY8
cf-cache-status: HIT
age: 738158
expires: Mon, 31 Oct 2022 05:27:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDWC6fO6aX%2BHD7UkXj3P4hnQ2ASMvkskc2xQPiQa2pAMZ3fL%2FzYUint0kDCiASy%2BClbZgUwafHd5dgiTGgCs8SD9i3Blh6Njen13FQrPTpkUCj2tJ6T6nsY4C7MIlUzI16QEib6N1jQFkYigzX%2BBeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=2ITC336FBlfS5t.LPoiNKeg3nRkeBxCoAvGI66Gg.IU-1664602058480-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7532ca517cc21c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (52985), with no line terminators
Size:   87353
Md5:    f05b6fb31e2b2007ec364310f3ab2656
Sha1:   4c3092576f2fd74010e7c67b1d80d2b4757aa790
Sha256: 870b08e81c41222889b3ef654de25d88ec4851e77b591e9986e13b8bc83d29ad
                                        
                                            GET /adxad160x600/awe.php HTTP/1.1 
Host: camschat.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/adxad160x600/faproulette.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         66.230.180.98
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sat, 01 Oct 2022 05:27:37 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.3
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   13671
Md5:    13fdb10d5d91d800064f45488e9aacba
Sha1:   3b1c8c2aa6ba38332f61a583b72c5cc8bb053fb0
Sha256: bf5c42b72a4a7bf903a481ddb1f0c69bbaef31e7d60f6559b79f81cd2cb221ae
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8299
x-amzn-requestid: 91eed6b6-632f-472b-93d7-4192425fcdfd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLDF0SoAMFWgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-17bb04894cc786555d693ec3;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8JvNUZRyYeZjd4ZxOrGMCbJxVf46NRhiHXsFvCAZn2QeUkdCzKoYbw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:15:58 GMT
age: 25901
etag: "2df7db53629c7adda2c0a4dfe9c17791b73a75e1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8299
Md5:    0d31a422078d02bda318c693c05a58dc
Sha1:   2df7db53629c7adda2c0a4dfe9c17791b73a75e1
Sha256: a07fe4e135b52da6dfa9d8a55684f0a3bf5f5ce52c4064c8ab37836a939902a9
                                        
                                            GET /ff268cab8d9fbae1ed7506f97496274f13/39ad66d263cc3374e3b39e72d6a90cbe_glamour_896x504.jpg HTTP/1.1 
Host: galleryn11.awemdia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.93.51.190
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
content-length: 95853
last-modified: Thu, 30 Jun 2022 17:56:47 GMT
etag: "a656a54a81995f19cb3379fc6df32a2a"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 15 Oct 2022 05:27:39 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Size:   95853
Md5:    a656a54a81995f19cb3379fc6df32a2a
Sha1:   299cbc64730deecfe24bfea0b955ff81801b613b
Sha256: 16f6f1cd5196cc7150250a12f5acc9ed8d21e8e529160fedf2d85609572d9b21
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4501
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:27:39 GMT
Last-Modified: Sat, 01 Oct 2022 04:12:38 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6596
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:27:39 GMT
Last-Modified: Sat, 01 Oct 2022 03:37:43 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4501
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:27:39 GMT
Last-Modified: Sat, 01 Oct 2022 04:12:38 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6596
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:27:39 GMT
Last-Modified: Sat, 01 Oct 2022 03:37:43 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /thumbs/1664601654/4826075 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
content-length: 40390
cf-bgj: imgq:100,h2pri
cf-polished: origSize=41349, status=webp_bigger
etag: "3d9235175b37e5e76fe0969e2c2dd5f3"
last-modified: Sat, 01 Oct 2022 05:21:01 GMT
cf-cache-status: HIT
age: 256
expires: Sat, 01 Oct 2022 05:32:39 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532ca5659ec1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Size:   40390
Md5:    6efbabc816436a7469cb23b6fe2c315d
Sha1:   7346185b9b58bc4e0795b6e4342068e1e61af6a5
Sha256: 460dccff271dcbb7a88b0dd496212df2d110209a3325e6688fe7f7c337e9ae7d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3521
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:27:39 GMT
Last-Modified: Sat, 01 Oct 2022 04:28:58 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /thumbs/1664601685/34946535 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
content-length: 17834
cf-bgj: imgq:100,h2pri
cf-polished: origSize=18577, status=webp_bigger
etag: "6d74b128d37d1796450dd8f6ed6036e1"
last-modified: Sat, 01 Oct 2022 05:21:41 GMT
cf-cache-status: HIT
age: 285
expires: Sat, 01 Oct 2022 05:32:39 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532ca5659f01c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Size:   17834
Md5:    6fc63de965f0415b371cbb9682fe3465
Sha1:   86d5c25ec8d7e218fdf13af3655f733a61fad509
Sha256: d13d119b02e40c3f14718a799935da63b5724c4751c6d2d8862e689cee4f02e0
                                        
                                            GET /thumbs/1664601662/88788993 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
content-length: 18595
cf-bgj: imgq:100,h2pri
cf-polished: origSize=19438, status=webp_bigger
etag: "63114b11f813d76d92219918cedf3c93"
last-modified: Sat, 01 Oct 2022 05:21:10 GMT
cf-cache-status: HIT
age: 326
expires: Sat, 01 Oct 2022 05:32:39 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532ca5659f11c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Size:   18595
Md5:    767d78d8ae7bd7857f5ee6cf220bbb09
Sha1:   783a9292f1b8d2f595721f514a5057d89f6e118a
Sha256: 332e344ff61f67a2f839a1f80afeb780bf13ef183df17b5e7b14c8b517790303
                                        
                                            GET /thumbs/1664601681/44547329 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
content-length: 17562
cf-bgj: imgq:100,h2pri
cf-polished: origSize=18358, status=webp_bigger
etag: "a063cf42734bb34df99a0ff62f6bc90e"
last-modified: Sat, 01 Oct 2022 05:21:42 GMT
cf-cache-status: HIT
age: 285
expires: Sat, 01 Oct 2022 05:32:39 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532ca5669fc1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Size:   17562
Md5:    4b68f950e25e1656fef78f16a2589ef0
Sha1:   e93e4ce2ebe88231b6081182d59cbe29ede6bfbc
Sha256: cff00ff6e952734de48e2e584dfed9c342ace417d9e40e40c93214b49c586a20
                                        
                                            GET /thumbs/1664601664/7598957 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
content-length: 18445
cf-bgj: imgq:100,h2pri
cf-polished: origSize=19353, status=webp_bigger
etag: "acfc86878859754a404d064d3a75d66a"
last-modified: Sat, 01 Oct 2022 05:21:07 GMT
cf-cache-status: HIT
age: 326
expires: Sat, 01 Oct 2022 05:32:39 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532ca5669fe1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Size:   18445
Md5:    189e89a5bfdb5f2ccef5edda90cf8b20
Sha1:   1e3bf25b71d09f86ecae41c7cf25ced54db76ed6
Sha256: 94e7a0db8f1921724a61dc7f654c7725dbdc772e126156072d2e3ca9a9fb8400
                                        
                                            GET /thumbs/1664601662/23338175 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
content-length: 60824
cf-bgj: imgq:100,h2pri
cf-polished: origSize=63303, status=webp_bigger
etag: "b45990fdd709dd86b96cd18c9e43e56d"
last-modified: Sat, 01 Oct 2022 05:21:33 GMT
cf-cache-status: HIT
age: 326
expires: Sat, 01 Oct 2022 05:32:39 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532ca567a031c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Size:   60824
Md5:    8c1b2a685e05a248af00c091f13dd775
Sha1:   45f3ab31fd131d04ff2288bf5742f0935a761a71
Sha256: 8848e16667f889efc9d53d9ca5a2b0c7cdaf3cc4ed3aebc291a4e0d927ca6c6e
                                        
                                            GET /thumbs/1664601662/68029226 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
content-length: 25420
cf-bgj: imgq:100,h2pri
cf-polished: origSize=26519, status=webp_bigger
etag: "8e03bb566af820f6c68d07cf73050884"
last-modified: Sat, 01 Oct 2022 05:21:06 GMT
cf-cache-status: HIT
age: 297
expires: Sat, 01 Oct 2022 05:32:39 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532ca568a0e1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Size:   25420
Md5:    b47ae9dbb1d7ece9be9c3a625a0d8ea2
Sha1:   c6eb22002ed2813be79bd9b6796461aa6e9a2873
Sha256: f0dbc99e8295a0d030e20ab03cc66808c6d33325b2e1cb8051c81c9c31ee314c
                                        
                                            GET /thumbs/1664601654/17085196 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
content-length: 45628
cf-bgj: imgq:100,h2pri
cf-polished: origSize=47330, status=webp_bigger
etag: "b513bca946a1026b49bb4edee8d89af9"
last-modified: Sat, 01 Oct 2022 05:21:02 GMT
cf-cache-status: HIT
age: 297
expires: Sat, 01 Oct 2022 05:32:39 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532ca568a131c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Size:   45628
Md5:    29e2d7967e0b146baf1c4b3da37843df
Sha1:   ed1f817c034610e630b71d20e27c916dd22f3909
Sha256: fc13a6b6b81436ecb94029adf62d844e4282186649340a9049b8923476386d2a
                                        
                                            GET /thumbs/1664601685/90182656 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
content-length: 23662
cf-bgj: imgq:100,h2pri
cf-polished: origSize=24833, status=webp_bigger
etag: "a62fc0472b9ad5dba2b7a2373411c8a3"
last-modified: Sat, 01 Oct 2022 05:21:48 GMT
cf-cache-status: HIT
age: 285
expires: Sat, 01 Oct 2022 05:32:39 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532ca568a151c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Size:   23662
Md5:    58cfa2828f2a55ba4f7983f3e1a8c225
Sha1:   0ba5cfacca3c83d885e165632c2f5d3a8a9979dc
Sha256: 1c5a94c122a1779c021c13b0753ce373f4926de4db0ff310687f013949ce48c9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6596
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:27:39 GMT
Last-Modified: Sat, 01 Oct 2022 03:37:43 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1221&ck=1&ref=https://chaturbate.com/tours/3/ HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1901
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sat, 01 Oct 2022 05:27:39 GMT
Content-Length: 24
Connection: keep-alive
CF-Ray: 7532ca5649c3b50b-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   24
Md5:    bc32ed98d624acb4008f986349a20d26
Sha1:   2d3df8c11d2168ce2c27e0937421d11d85016361
Sha256: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
                                        
                                            GET /g2nDr/oMR.gif?c=object_container&%3Bsite=wl3&%3BcobrandId=240622&%3Bpsid=cybermike&%3Bpstool=302_1&%3Bpsprogram=cbrnd&%3Bcampaign_id=121218&%3Bvp%5BshowChat%5D=false&%3Bvp%5BchatAutoHide%5D=false&%3Bvp%5BshowCallToAction%5D=false&%3Bvp%5BshowPerformerName%5D=false&%3Bvp%5BshowPerformerStatus%5D=false&%3BsubAffId=%7BSUBAFFID%7D&%3BcategoryName=girl&%3BembedTool=1&%3Borigin=camschat.net&%3Brrc=3 HTTP/1.1 
Host: pt.wmptctl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/live-feed?c=object_container&amp;site=wl3&amp;cobrandId=240622&amp;psid=cybermike&amp;pstool=302_1&amp;psprogram=cbrnd&amp;campaign_id=121218&amp;vp%5BshowChat%5D=false&amp;vp%5BchatAutoHide%5D=false&amp;vp%5BshowCallToAction%5D=false&amp;vp%5BshowPerformerName%5D=false&amp;vp%5BshowPerformerStatus%5D=false&amp;subAffId=%7BSUBAFFID%7D&amp;categoryName=girl&amp;embedTool=1&amp;origin=camschat.net&amp;rrc=3
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         93.93.51.191
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 31-Oct-22 05:27:39 GMT; SameSite=None; Secure
expires: Sat, 01 Oct 2022 05:27:38 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B71777E4EC4588DE203A1AE82D3A5634E324D7E97ED4A16E3C6A8A4EC06CF4B6"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15161
Expires: Sat, 01 Oct 2022 09:40:20 GMT
Date: Sat, 01 Oct 2022 05:27:39 GMT
Connection: keep-alive

                                        
                                            GET /ff268cab8d9fbae1ed7506f97496274f1a/af7529f085609b80d284c9fd59dc3e8e_glamour_896x504.jpg HTTP/1.1 
Host: galleryn0.awemdia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.93.51.190
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
content-length: 42027
last-modified: Wed, 28 Sep 2022 03:32:19 GMT
etag: "04bb01c2d613fab4b10f3866ee630c63"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 15 Oct 2022 05:27:39 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Size:   42027
Md5:    04bb01c2d613fab4b10f3866ee630c63
Sha1:   fa897d0178b0d0ee34f32c43b6cfc3333d3abdfb
Sha256: 7be5ed5b59d0ff97bb2b2abf97dc4318552128caab719c325abc343cd18546ba
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:27:40 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 19:51:04 GMT
Expires: Fri, 07 Oct 2022 19:51:03 GMT
Etag: "cbbe1668607d908eb9d6313959c491dc291e5d84"
Cache-Control: max-age=569602,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7532ca5aafeeb4fa-OSL

                                        
                                            GET /npe/ba/elf/css/elf-v932169.css HTTP/1.1 
Host: pt-static1.ptlwmstc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.93.51.200
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
last-modified: Fri, 30 Sep 2022 11:19:12 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6336d0b0-2e86"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12362), with no line terminators
Size:   3069
Md5:    53be67e68d134088dcca7ed99434c7b6
Sha1:   df9d730ac5bc44f8b399bbfd74c0656c1e038d86
Sha256: a14038042484487c472a9857b195c222552aa69faddbafd5c39f580997d087c7
                                        
                                            GET /widgets/v4/MobileSlider/?buttonColor=&campaignId=juicy-faproulette&creativeId=&domain=stripchat&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=0&showTitle=1&sound=off&sourceId=&tag=females&targetDomain=&trackOff=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd HTTP/1.1 
Host: creative.xxxiijmp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://camschat.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.64.145.216
HTTP/2 200 OK
content-type: text/html
                                        
date: Sat, 01 Oct 2022 05:27:37 GMT
last-modified: Mon, 26 Sep 2022 07:31:44 GMT
expires: Sat, 01 Oct 2022 05:27:42 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status: HIT
age: 4
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532ca4e6f6b0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /in/?track=juicyads-faproulette&tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f HTTP/1.1 
Host: chaturbate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.18.101.40
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
location: /tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_x1Rd=1; expires=Thu, 06-Oct-2022 05:27:38 GMT; Max-Age=432000; Path=/ us_x1Rd=1; Path=/ affkey="eJwdzDsKgDAQhOGryNZq0NLSCwjeYF0TfEVDMoIi3l3W8udj5iFQk9FV9SPlGYkPmuAutdqIq/ZyznLzmArHIR7nZgGrHBUnIKTGGGGfZGKUu4VRZefU5R5s9PP6L/77uqL3A5fXJBI="; Domain=.chaturbate.com; expires=Mon, 31-Oct-2022 05:27:38 GMT; Max-Age=2592000; Path=/ fromaffiliate=1; Domain=.chaturbate.com; Path=/ noads=1; expires=Sat, 01-Oct-2022 11:27:38 GMT; Max-Age=21600; Path=/ stcki="pOtSwZ=0\054FqPd9a=0\0546pduSG=0\054aDBbcK=1"; expires=Mon, 31-Oct-2022 05:27:38 GMT; Max-Age=2592000; Path=/ sbr=sec:sbr1e081740-eb4f-4a40-b280-bd3844b8f1ef:1oeV2I:xr9AbSXqn-GPJ_vCpipy5-2vJac; Domain=.chaturbate.com; expires=Thu, 26-Jun-2025 05:27:38 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure __cf_bm=LQJ0mviUmXr8OPSFQK.oMVXQddW4SzdwYwIKpqmgZtU-1664602058-0-AUZVQG5BefwQ6Zx6k05c3NipOOpBXFTn9WwPadv74gE+4tfzTSkUaNwrvZ95m/rpcHaXyAf9KUJuvDTv3Woobmo=; path=/; expires=Sat, 01-Oct-22 05:57:38 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7532ca4ea83eb4f7-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /npe/ba/elf/script/elf-v932169.js HTTP/1.1 
Host: pt-static5.ptlwmstc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.93.51.200
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 01 Oct 2022 05:27:39 GMT
last-modified: Fri, 30 Sep 2022 11:19:12 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6336d0b0-8a372"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /32113/on-the-phone/ HTTP/1.1 
Host: www.faproulette.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.215.76
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sat, 01 Oct 2022 05:27:36 GMT
vary: Accept-Encoding
set-cookie: PHPSESSID=i2g1dnj9g264r6823qqrgms2r0; path=/ filterData=eyJ2aWV3ZWRIZWxwIjowLCJwcmVzZXQiOiJteS1hY2NvdW50IiwiZW5hYmxlTmV3RmlsdGVycyI6MCwic2hvd0JhY2tncm91bmQiOjEsInNob3dBbW91bnRzIjowLCJqdW1wVG9Sb3VsZXR0ZXMiOjEsInNob3dFeGNsdWRlZCI6MSwiZGlzYWJsZUZpbHRlcnNBdXRvbWF0aWNhbGx5IjoxLCJoZWFkZXJzIjp7ImNhdGVnb3JpZXMiOjAsInRhc2tzIjowLCJtb3JlIjowfSwiZmlsdGVyIjp7ImNhdGVnb3JpZXMiOnsiaW5jbHVkZWQiOltdLCJleGNsdWRlZCI6WyJzaG9wcGluZyIsImN1Y2tvbGQiLCJjYXJkcyIsImZlbWFsZSIsImRpYXBlciIsImNvdXBsZXMiLCJydXNzaWFuIiwiZ2VybWFuIiwiZnJlbmNoIiwib3RoZXItbGFuZ3VhZ2VzIiwidmlkZW9nYW1lIiwiZmFudGFzeSIsInBvcm5zdGFyIl19LCJ0YXNrcyI6eyJpbmNsdWRlZCI6W10sImV4Y2x1ZGVkIjpbXX0sImNvbXBsZXhpdHkiOnsiaW5jbHVkZWQiOltdLCJleGNsdWRlZCI6W119LCJtb3JlIjp7Im1pbmltdW0iOjAsIm1heGltdW0iOjAsInJhdGluZyI6MCwic3BlY2lhbCI6MCwiZHVyYXRpb24iOjB9fX0%3D; expires=Sat, 15-Oct-2022 05:27:36 GMT; Max-Age=1209600; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WIHhyOXui0tmcv%2BCzU0gcLC3WhyIPufcQ6hp%2BAb2uyC3HwDQsm64ZvvnRYYtYoYo7b9UEGII7OCXZuMocQ3yuuN1KUUY6NAWPhFJvRoTFlmJhwfQUpeLyX0D7A5Izzd61PYHmk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7532ca433b1f0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /a7/creatives/1/49/813953/1023633/1023633_video.mp4 HTTP/1.1 
Host: hw-cdn2.ang-content.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.20
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
Date: Sat, 01 Oct 2022 05:27:37 GMT
Connection: Keep-Alive
ETag: "1644516615"
Content-Length: 435633
Content-Range: bytes 0-435632/435633
Last-Modified: Thu, 10 Feb 2022 18:10:15 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10762013
X-HW: 1664602057.dop226.sk1.t,1664602057.cds018.sk1.shn,1664602057.dop226.sk1.t,1664602057.cds260.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
                                        
                                            GET /icon?family=Material+Icons HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 01 Oct 2022 05:27:36 GMT
date: Sat, 01 Oct 2022 05:27:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Kaushan+Script HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 01 Oct 2022 05:27:36 GMT
date: Sat, 01 Oct 2022 05:27:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Cookie&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 01 Oct 2022 05:27:36 GMT
date: Sat, 01 Oct 2022 05:27:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /npe/ba/fklf/script/fk.lf-v932169.js HTTP/1.1 
Host: pt-static2.ptlwmstc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.200
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
last-modified: Fri, 30 Sep 2022 11:19:12 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6336d0b0-4ff3b"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /CACHE/js/output.6f6724a00cb8.js HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.94.42
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"a708027bfbbde438a72a93082d4bc4b5"
last-modified: Thu, 24 Jun 2021 21:24:05 GMT
x-amz-id-2: JSy2VAlm3gAahvlCm5/iqNOQuasckcIrq13CGup8iDmNjJ/I2mSXsAw6q4OzSeK3RH88h3oFZ3U=
x-amz-meta-s3cmd-attrs: md5:a708027bfbbde438a72a93082d4bc4b5
x-amz-request-id: 2D5V5B3Y2TWH6PZC
cf-cache-status: HIT
age: 1152017
expires: Mon, 31 Oct 2022 05:27:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9vkNXYB4HoDbwkbcn%2FhTTKra6Xy34w7gBbG8nJpcbpcujMY8RW0erbRD8y4YhhPkb8gqVlm354zRYiJwMm9lulXfWr5Oor4AIQmLrQEI8UK8BxsOznPJZg0bACrzyHkF7bJzEpTP3HJ31gmCDmRZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=JcWIYxuWOyNb3r5xDzcBKWIQKWmKn3iwwzA1MmL7aWU-1664602058497-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7532ca518cc91c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /live-feed?c=object_container&amp;site=wl3&amp;cobrandId=240622&amp;psid=cybermike&amp;pstool=302_1&amp;psprogram=cbrnd&amp;campaign_id=121218&amp;vp%5BshowChat%5D=false&amp;vp%5BchatAutoHide%5D=false&amp;vp%5BshowCallToAction%5D=false&amp;vp%5BshowPerformerName%5D=false&amp;vp%5BshowPerformerStatus%5D=false&amp;subAffId=%7BSUBAFFID%7D&amp;categoryName=girl&amp;embedTool=1&amp;origin=camschat.net&amp;rrc=3 HTTP/1.1 
Host: pt.wmptctl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=319_1&psprogram=cbrnd&campaign_id=121218&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         93.93.51.191
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
vary: Accept-Encoding
cache-control: no-cache
date: Sat, 01 Oct 2022 05:27:39 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 31-Oct-22 05:27:39 GMT; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0 HTTP/1.1 
Host: chaturbate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://camschat.net/
Connection: keep-alive
Cookie: __cf_bm=LQJ0mviUmXr8OPSFQK.oMVXQddW4SzdwYwIKpqmgZtU-1664602058-0-AUZVQG5BefwQ6Zx6k05c3NipOOpBXFTn9WwPadv74gE+4tfzTSkUaNwrvZ95m/rpcHaXyAf9KUJuvDTv3Woobmo=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.101.40
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
vary: Accept-Encoding, Accept-Language, Cookie
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
set-cookie: stcki="pOtSwZ=0\054FqPd9a=0\0546pduSG=0\054aDBbcK=1"; expires=Mon, 31-Oct-2022 05:27:38 GMT; Max-Age=2592000; Path=/ affkey="eJyrVipSslJQyigpKSi20tdPTswtTs5ILNHLSy3RV6oFAJUzCgA="; Domain=.chaturbate.com; expires=Mon, 31-Oct-2022 05:27:38 GMT; Max-Age=2592000; Path=/ sbr=sec:sbr32c8fb2c-85c8-42d7-b2f3-b4aa6c07aa9e:1oeV2I:5WFUCkGocmkc99OwnW3YwkUNByw; Domain=.chaturbate.com; expires=Thu, 26-Jun-2025 05:27:38 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7532ca4fd910b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /embed/?id=cybermike2&page=new&cmp=faproulette HTTP/1.1 
Host: promos.camsoda.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         64.210.135.117
HTTP/2 200 OK
content-type: text/html
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
x-powered-by: PHP/5.4.45-0reflected3+deb8u1
cache-control: public, max-age=20
expires: Sat, 01 Oct 2022 05:27:49 GMT
vary: Accept-Encoding
x-cdn-diag: ams5-7846-3-59350-h-0-0---;6140-22-22842----0-0-0
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /config?url=https%3A%2F%2Fcreative.xxxiijmp.com%2Fwidgets%2Fv4%2FMobileSlider%2F%3FbuttonColor%3D%26campaignId%3Djuicy-faproulette%26creativeId%3D%26domain%3Dstripchat%26hideModelNameOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26isXhDesign%3D0%26liveBadgeColor%3D%26modelsCountry%3D%26modelsLanguage%3D%26showButton%3D0%26showLiveBadge%3D1%26showModelName%3D0%26showTitle%3D1%26sound%3Doff%26sourceId%3D%26tag%3Dfemales%26targetDomain%3D%26trackOff%3D1%26userId%3D17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd HTTP/1.1 
Host: go.xxxiijmp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxiijmp.com/
Origin: https://creative.xxxiijmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         104.18.42.40
HTTP/2 200 OK
content-type: application/json
                                        
date: Sat, 01 Oct 2022 05:27:38 GMT
access-control-allow-origin: *
last-modified: Sat, 01 Oct 2022 04:07:23 GMT
cf-cache-status: HIT
age: 165
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532ca4f6873b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /embed/fk?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=319_1&psprogram=cbrnd&campaign_id=121218&category=girl&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=false&vp[showPerformerStatus]=false&ms_notrack=1&subAffId={SUBAFFID} HTTP/1.1 
Host: awmbed.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.191
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
date: Sat, 01 Oct 2022 05:27:38 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 31-Oct-22 05:27:38 GMT; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---