xfantazy.com/video/5e834df5fb59747046875c89
172.67.137.4302 Found 0 B URL HTTP/1.1 xfantazy.com/video/5e834df5fb59747046875c89
IP 172.67.137.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/5e834df5fb59747046875c89 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 16 Oct 2022 21:00:19 GMT
Content-Length: 0
Connection: keep-alive
location: https://xfantazy.com/video/5e834df5fb59747046875c89
cache-control: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klnRwtI5FByNO1x80exkz1tPu2KE1%2FpOQ%2FWv1yWoatyroT8LuUhrRhZKYOXBLsaoUYLA4%2B2SuxY97sj9374vmTtR6nL8Cn%2FBImAznLvn3O1uxZsX0Rl8GJV%2FNQdxEs8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75b3b92f7ab40b45-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 16 Oct 2022 20:50:37 GMT
Expires: Sun, 16 Oct 2022 21:28:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HQplanTFmWEqLNMgSmKRSgs9O0AHLG0VtP-54EF9DUfs5nCLYCS7UQ==
Age: 582
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 07b3389fc24c0f8eb82a9d05b546d17e
02716741b8952e548b9a223adbb3f16204eef2b2
25e13458988115ae1f8176cb2328dbfebd612eabebf256b4af64594d5e23d6ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25E13458988115AE1F8176CB2328DBFEBD612EABEBF256B4AF64594D5E23D6CA"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13000
Expires: Mon, 17 Oct 2022 00:36:59 GMT
Date: Sun, 16 Oct 2022 21:00:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4952
Expires: Sun, 16 Oct 2022 22:22:52 GMT
Date: Sun, 16 Oct 2022 21:00:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GPYh/X5jcIIqp1W8aw8jDAOnfsclBgFA1oHcP0Ro8JvNX7jj5IFVyqely7ddtCRjOY03EjxHUUE=
x-amz-request-id: ENYBVJ2Z1N8AC5QM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 16 Oct 2022 20:03:08 GMT
age: 3432
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/PrU7zFTubJs
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/PrU7zFTubJs
IP 142.250.74.3:0
Hash 8e5115bc812150896e9c37bfb9506ea6
5734f525be00bb723f7e58fcf87c40fac85ad7cd
b905073e1a8c518146d1aa80973be0aaf8383ceef0f54d7dc167d56f416ff73b
POST /s/gts1p5/PrU7zFTubJs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/PrU7zFTubJs
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/PrU7zFTubJs
IP 142.250.74.3:0
Hash 8e5115bc812150896e9c37bfb9506ea6
5734f525be00bb723f7e58fcf87c40fac85ad7cd
b905073e1a8c518146d1aa80973be0aaf8383ceef0f54d7dc167d56f416ff73b
POST /s/gts1p5/PrU7zFTubJs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 2.0 kB IP 142.250.74.3:0
Hash 73c150f705e856699d7f90e862365a6f
fd298c81f85cc9b751614cd45371c7ac64a994c5
0fa8a6f771282193e95e34855e7e9dafd8c9c26b96a25590b32ddee29ca27ed2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 6.6 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
Hash 3d4de41c0fe2c525e7306137a74510ed
8c315fbee610bb4462570c9759d67ba738d19acc
1fed1cd769f1660ab4793d70cd8a2116a6c3e3aa102c81f04dddc715bacbfdee
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 16 Oct 2022 20:07:43 GMT
Expires: Sun, 16 Oct 2022 20:43:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4rfY-JOhvICLCWVf1MTwkZKsKV5A8RCsbGhQ5Rwtb1BpSICGtbwy0A==
Age: 3157
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash cfaf00fa0e2f1e63f7eaec666635f70c
13da3fa9d0b567be0a446a8b4dfa034e42bbe8f6
1fc65b86fba3ba7c9a7c7b66fa744a88fdc13c25fe187538ccd6ca27a136ff2d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 03:14:18 GMT
Expires: Sat, 22 Oct 2022 03:14:17 GMT
Etag: "13da3fa9d0b567be0a446a8b4dfa034e42bbe8f6"
Cache-Control: max-age=453836,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75b3b9350adeb512-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfc92c8f6ee7599505d969732542ac42
7f4804d49c8ccd76ccffa6b72d41b1df611eb090
406c057a8392b9fa0ab09efa8b3222a58ec5fc17fa73f55a1f093e3d1092b0e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1147
Cache-Control: max-age=127534
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:20 GMT
Etag: "634bbb97-1d7"
Expires: Tue, 18 Oct 2022 08:25:54 GMT
Last-Modified: Sun, 16 Oct 2022 08:06:47 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f309b801fdcff49c832652cf9f67fed
f0b6a27d0995fd7fd40f23ee385f8fe1fd752c13
53663428a1b73aeee2fc68815b072ad9ced52bfd3726416aaab332c29eb3aab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static-cache.k2s.cc/thumbnail/J--X6Hf3m63kq2qU_Q/w320h240/0.jpeg
188.72.235.186200 OK 17 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/J--X6Hf3m63kq2qU_Q/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 01b5900e71dcdda74fa7c3a667ca9c4e
dabd23ddd37f860ff3bd44418bdacb9b325167d9
51b685110f561b1e0a8062aa4803e3fa2a6c043387aef81524d176813e0eddcf
GET /thumbnail/J--X6Hf3m63kq2qU_Q/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 16 Oct 2022 21:00:20 GMT
content-type: image/jpeg
content-length: 17209
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/dbuQuHauyK_kqz_E-Q/w320h240/0.jpeg
188.72.235.186200 OK 15 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/dbuQuHauyK_kqz_E-Q/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 2fa4fea8e17b3c98c9c4d0346ade719d
4f6727f81a810e55a0a48604ba14bb0c602cca46
af5fe2a55e755577d20e66229f3079033e354a44052769d7ea047247f567c17c
GET /thumbnail/dbuQuHauyK_kqz_E-Q/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 16 Oct 2022 21:00:20 GMT
content-type: image/jpeg
content-length: 15106
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/LOrCv3Tzw_vvrDWU-w/w320h240/0.jpeg
188.72.235.186200 OK 22 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/LOrCv3Tzw_vvrDWU-w/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash f58a003d7dc2c7b6296b833cb3b64f6d
b3e7939b30c6fc0a2eff1a3be27c19b41c1e83c3
b4765deda765c0285c821355aad81c6ca7ccadd614ce24fb9923477c374f0e50
GET /thumbnail/LOrCv3Tzw_vvrDWU-w/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 16 Oct 2022 21:00:20 GMT
content-type: image/jpeg
content-length: 21761
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/I-yRvnGkz_jr_TzFqQ/w320h240/0.jpeg
188.72.235.186200 OK 14 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/I-yRvnGkz_jr_TzFqQ/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 43e3341ed1a81c1da56555f986b15d42
5d904c78468ecb36879374b906eabb0420956b23
24b7d5ab5901b1c161d2b054886af5e6a4f14c9c224dc67aa7f546a79fd9cde5
GET /thumbnail/I-yRvnGkz_jr_TzFqQ/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 16 Oct 2022 21:00:20 GMT
content-type: image/jpeg
content-length: 14085
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX
IP 142.250.74.168:0
File type ASCII text, with very long lines (15971)
Hash 4e7aa98533c14adc16008410e9907484
bd4b4e33be788c03e8c54754153080a843f7db99
f119ae181ec4ca81d711b088ebdf79bb18d0622eff8449281ea0f1aeda290d54
GET /gtm.js?id=GTM-PLKQLTX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 16 Oct 2022 21:00:20 GMT
expires: Sun, 16 Oct 2022 21:00:20 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53167
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78b7645f1c755a897caba5a6e41f40be
3aae69c7b4828bbcf4ab3149e2c95445e582c616
ae99de957282172b4585bba3f8d09a3f6e774a1bbf270031b99f31a1b07c219a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78b7645f1c755a897caba5a6e41f40be
3aae69c7b4828bbcf4ab3149e2c95445e582c616
ae99de957282172b4585bba3f8d09a3f6e774a1bbf270031b99f31a1b07c219a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78b7645f1c755a897caba5a6e41f40be
3aae69c7b4828bbcf4ab3149e2c95445e582c616
ae99de957282172b4585bba3f8d09a3f6e774a1bbf270031b99f31a1b07c219a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 19:34:08 GMT
expires: Thu, 12 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 350772
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash cfaf00fa0e2f1e63f7eaec666635f70c
13da3fa9d0b567be0a446a8b4dfa034e42bbe8f6
1fc65b86fba3ba7c9a7c7b66fa744a88fdc13c25fe187538ccd6ca27a136ff2d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 03:14:18 GMT
Expires: Sat, 22 Oct 2022 03:14:17 GMT
Etag: "13da3fa9d0b567be0a446a8b4dfa034e42bbe8f6"
Cache-Control: max-age=453836,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75b3b9350812b523-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash cfaf00fa0e2f1e63f7eaec666635f70c
13da3fa9d0b567be0a446a8b4dfa034e42bbe8f6
1fc65b86fba3ba7c9a7c7b66fa744a88fdc13c25fe187538ccd6ca27a136ff2d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 03:14:18 GMT
Expires: Sat, 22 Oct 2022 03:14:17 GMT
Etag: "13da3fa9d0b567be0a446a8b4dfa034e42bbe8f6"
Cache-Control: max-age=453836,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75b3b9350bdbb505-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f309b801fdcff49c832652cf9f67fed
f0b6a27d0995fd7fd40f23ee385f8fe1fd752c13
53663428a1b73aeee2fc68815b072ad9ced52bfd3726416aaab332c29eb3aab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 14:07:32 GMT
expires: Thu, 12 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 370368
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 19:34:08 GMT
expires: Thu, 12 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 350772
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/1a49d850ffff5/main/0.jpeg
188.72.235.186200 OK 83 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/1a49d850ffff5/main/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.107.100", baseline, precision 8, 1920x1080, components 3\012- data
Hash 3fe2396d7991882444d57f2e8e464fef
b7f8b1978165c769c578c804f790be05425e4185
a7e2c909a64b05c60d244ae2a0d1c11cf1711eb4dcc5e676b9a8361dbdb6beb3
GET /thumbnail/1a49d850ffff5/main/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 16 Oct 2022 21:00:20 GMT
content-type: image/jpeg
content-length: 83150
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78b7645f1c755a897caba5a6e41f40be
3aae69c7b4828bbcf4ab3149e2c95445e582c616
ae99de957282172b4585bba3f8d09a3f6e774a1bbf270031b99f31a1b07c219a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CDcPmQzEgY5NiDyOc4btGA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iv3sQkVS8NC7XMZk9kz0cH9qMdw=
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 16 Oct 2022 20:41:09 GMT
expires: Sun, 16 Oct 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 1152
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
151.101.85.229200 OK 85 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP 151.101.85.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (731)
Hash 4c23565eca8f5016d92386250ecc3939
5832904de9262ebe2d7cd431ec2b88b345c03391
a1af34b10dc5a41bc43f5109dda00fe8cb9cc875a33e254dbb96bae597776a91
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.246.0
x-jsd-version-type: version
etag: W/"3438d-NU6U82kltBYTZEa/75oeqICdyvM"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 16 Oct 2022 21:00:21 GMT
age: 42553
x-served-by: cache-fra19157-FRA, cache-bma1679-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 84789
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 60739b7c0b251e6e43b593c48bb680ec
20a0fc1e14ec021b94fc545c4b7092a6e6d7982e
9381cc13d7dbf8ba2cfb8ac1ee1b53c8894fd1bb64ad87690b97f4a8587a6879
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:21 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "FF3C587E68843302987EA28808EF259CC76600D8"
Expires: Mon, 17 Oct 2022 08:00:00 GMT
Last-Modified: Sun, 16 Oct 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2371
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b3b938fa771bfa-OSL
a.focusde.info/zRdVuw7.js
135.181.208.216200 OK 34 kB URL HTTP/2 a.focusde.info/zRdVuw7.js
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (37787), with NEL line terminators
Hash 533ffb7fba59b45305113f06ed0ab784
ce6737f5b0d06d1e18efa3457639f7f6075ba261
777683f953f67859a9745a6dbb45cfe5f14235e9374e99e6ef6b05b64bdf40ac
GET /zRdVuw7.js HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:21 GMT
content-type: application/javascript
content-length: 34473
expires: Fri, 13 Oct 2023 08:59:25 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 08:51:14 GMT
etag: "6347d182-86a9"
cache-control: max-age=315360000, public
x-hw: 1665651565.dop143.am5.t,1665651565.cds267.am5.c
access-control-allow-origin: *
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 1.6 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, from Unix\012- data
Hash 4f72b28b660c83b5972fe23b2da303d5
c067a1050cd8360ea0e3f42e929dd7e1e422bf68
9a78ed0e93357eda23b6bfa199dbd32809d1913f6c20a29c12123d8229ebe4dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB2C52B607F6A381CFF4001356AA72EEE845E59FE9B0E62F1C7ADE89FD52C329"
Last-Modified: Sat, 15 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10541
Expires: Sun, 16 Oct 2022 23:56:02 GMT
Date: Sun, 16 Oct 2022 21:00:21 GMT
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 2.1 kB URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 9386802dc909f8f9a15df828cc5d780c
cdd842b648f583fd3f65f3d6c395718ffe6ebd6e
889b020b1a04f3689fd723d1e69cfe779e42851f35b42b3be7a57cec214e6876
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:21 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Thu, 20 Oct 2022 17:25:11 GMT
ETag: "2b36cbfaac57bfa59ce967a685990bafad8ebd8d"
Last-Modified: Sun, 16 Oct 2022 17:25:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2253
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b3b93d0f041bfa-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 37ac3593b8d199cd38fd273dbddda4a7
338bf434e8e0902aa48e776f66c2a4ccdc5683b4
e71b9103b281f1bcdeae4a239d9e92f0a68dc0418c2c3450fc12a00d3003f6e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E71B9103B281F1BCDEAE4A239D9E92F0A68DC0418C2C3450FC12A00D3003F6E4"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2985
Expires: Sun, 16 Oct 2022 21:50:06 GMT
Date: Sun, 16 Oct 2022 21:00:21 GMT
Connection: keep-alive
mc.yandex.ru/watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afp%3A1142%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210025%3Aet%3A1665954026%3Ac%3A1%3Arn%3A506166278%3Arqn%3A1%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C65%2C304%2C0%2C363%2C0%2C%2C277%2C7%2C%2C%2C%2C1139%3Ans%3A1665954023475%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665954026%3At%3ACryBby%20-%20Camp%20Counselor%20Wakes%20u%20up%20With%20Her%20Pussy%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.251.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afp%3A1142%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210025%3Aet%3A1665954026%3Ac%3A1%3Arn%3A506166278%3Arqn%3A1%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C65%2C304%2C0%2C363%2C0%2C%2C277%2C7%2C%2C%2C%2C1139%3Ans%3A1665954023475%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665954026%3At%3ACryBby%20-%20Camp%20Counselor%20Wakes%20u%20up%20With%20Her%20Pussy%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 9448835e556af9228b3f46f494a74280
c0d490b3f8cd56c651b7ba05b4828c11ff9c7112
f1404a113d6662c3e50e38eb61b6e4c74a99324f7fa95b1302d3fe0f0d267b19
GET /watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afp%3A1142%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210025%3Aet%3A1665954026%3Ac%3A1%3Arn%3A506166278%3Arqn%3A1%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C65%2C304%2C0%2C363%2C0%2C%2C277%2C7%2C%2C%2C%2C1139%3Ans%3A1665954023475%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665954026%3At%3ACryBby%20-%20Camp%20Counselor%20Wakes%20u%20up%20With%20Her%20Pussy%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afp%3A1142%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210025%3Aet%3A1665954026%3Ac%3A1%3Arn%3A506166278%3Arqn%3A1%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C65%2C304%2C0%2C363%2C0%2C%2C277%2C7%2C%2C%2C%2C1139%3Ans%3A1665954023475%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665954026%3At%3ACryBby%20-%20Camp%20Counselor%20Wakes%20u%20up%20With%20Her%20Pussy%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Sun, 16 Oct 2022 21:00:21 GMT
access-control-allow-origin: https://xfantazy.com
set-cookie: yandexuid=3371532051665954021; Expires=Mon, 16-Oct-2023 21:00:21 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3371532051665954021; Expires=Mon, 16-Oct-2023 21:00:21 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=745055931665954021; Path=/; SameSite=None; Secure
i=03tEMkye56oxxkTf7QjX2Tr1LToumJ+wdtOkR9NI5RkWPfnhqo6aQ/bQT1ymxQ9LUu4YbJgTlqMJCt/ol0OIR9EhaoY=; Expires=Wed, 13-Oct-2032 21:00:20 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1697490021.yrts.1665954021#1697490021.yrtsi.1665954021; Expires=Mon, 16-Oct-2023 21:00:21 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 16-Oct-2022 21:00:21 GMT
last-modified: Sun, 16-Oct-2022 21:00:21 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
assurednesssalesmanmaud.com/21/fe/39/21fe3950f412e026c33f1b6cee613eba.js
192.243.59.13200 OK 14 kB URL HTTP/1.1 assurednesssalesmanmaud.com/21/fe/39/21fe3950f412e026c33f1b6cee613eba.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash 448c9489fcf80aeede2e3bf3e5b10dad
5da4a3788f20d746fc4c664c430089282051f966
22380598cc3725733c5752cd8d3205f6c2f4510a9966392df50ad70eda63e98f
Analyzer Verdict Alert quad9 Sinkholed
GET /21/fe/39/21fe3950f412e026c33f1b6cee613eba.js HTTP/1.1
Host: assurednesssalesmanmaud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 16 Oct 2022 21:00:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aab51b178673315e298a1c7a7ebe9e70
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: *
etag: "633fab48-2b"
expires: Sun, 16 Oct 2022 22:00:22 GMT
accept-ranges: bytes
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
exploredefinitely.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 exploredefinitely.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37178), with no line terminators
Hash e46ff24f903a52a34df16ae9563604c6
81ad2b0bda50e6c40a340eaadd908e61952afe37
d078aa7947e538aba37dba15d7d62ae2f17b01194c43a634a45373aa40aca0e5
GET /a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js HTTP/1.1
Host: exploredefinitely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 21:00:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6ce27e7ecac65c57e4ecfa3bb7b01568
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f05f7d85c5d7c2aa09651804f80a019
cd118fbc41657bfdf0fcfb9e3a4a2813f3b08e5b
76a6c1ae0a435403ac10b6478f029bb8b871dbdcc2a2c7e3e97b56982a9767e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-121614197-2&cid=1584211226.1665954025&jid=142479722&gjid=1711303441&_gid=925937333.1665954025&_u=YGBAiEABBAAAAEAAI~&z=144770826
173.194.73.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-121614197-2&cid=1584211226.1665954025&jid=142479722&gjid=1711303441&_gid=925937333.1665954025&_u=YGBAiEABBAAAAEAAI~&z=144770826
IP 173.194.73.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-121614197-2&cid=1584211226.1665954025&jid=142479722&gjid=1711303441&_gid=925937333.1665954025&_u=YGBAiEABBAAAAEAAI~&z=144770826 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://xfantazy.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 16 Oct 2022 21:00:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5980
Expires: Sun, 16 Oct 2022 22:40:02 GMT
Date: Sun, 16 Oct 2022 21:00:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5980
Expires: Sun, 16 Oct 2022 22:40:02 GMT
Date: Sun, 16 Oct 2022 21:00:22 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4315c641ce7703e0fbe0b067fd8073bc
0975528468dcf0f1919d63140e0c1369ba834abc
4cf6d790c0f08adb4f036c3cd243c596c555ac4426304d9d6605c695d69b4188
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3544
Cache-Control: max-age=169161
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:22 GMT
Etag: "634c54d7-116"
Expires: Tue, 18 Oct 2022 19:59:43 GMT
Last-Modified: Sun, 16 Oct 2022 19:00:39 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 440811a19987ddee099df289d9b61e79
ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1
1309e9dcb36858de70ef82900ec1ad429fbb795ddb9823fd1c290b18f4e2c1a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9623
x-amzn-requestid: b3d5bd8d-111b-4d50-9720-71f72c62f860
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7Q8oFLRIAMFrEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347951d-613e5e810f420e4c0ba3e6f6;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 04:33:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OA9iHADyiam26eo88jYDECifkqeBaTjsuoeHD2YOy0aZJZEGhG-xow==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:36:56 GMT
age: 84206
etag: "ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72044c0-fdd0-4da5-aa61-159d966f040f.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72044c0-fdd0-4da5-aa61-159d966f040f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e86d948bf8ed2f5918f8323b043ad5f
41548e231e2358d3453e7630f0d07a645cc25ddc
6602f2a020618234d34a9b6cd107398f0405de6dd14227e265aca84b38eaa5cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72044c0-fdd0-4da5-aa61-159d966f040f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7075
x-amzn-requestid: 254a8860-b3bf-4e8d-a08d-31effa209a6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5iGQqIAMFmkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a3-1a2820f550f35bf830444c22;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: psWLknan4sVucDaNcLURe-XRPs5FKeJ0Il7ZGWvBxV2rgpTrQvbyVw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:41:19 GMT
etag: "41548e231e2358d3453e7630f0d07a645cc25ddc"
content-type: image/jpeg
age: 83943
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df5f38c3dc43ccc382d0274bffb6b350
9a305072cce8bb61ca3753bb98b999695fb4706e
20ff21892e65787fecbadca0f59c05e54dee3a1359271839dab0ee5c9e796ab0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6367
x-amzn-requestid: 485c3cf9-d305-4540-8eef-8304d1103ccc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5EHbOoAMFWsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a0-2ac206d826bf23193740e74c;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j4GFPRLOwyEGJVrC4uk01vi858DLWzDtUNZkfmbJ1ybrMV4xEdOIVg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:50:24 GMT
age: 83398
etag: "9a305072cce8bb61ca3753bb98b999695fb4706e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd94762992136ed2f4d24dd34a745154
2050cee63f8005c5d9ac1a817730ada51b323f34
4548836d8846da958f477e1df952f6da9b9640e204804a7c76194d3e061b90a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7082
x-amzn-requestid: 5e98988f-faad-4e52-a49f-28d5a77b15d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL46HFloAMFSag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b269f-6759e36c79241479181c1d05;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p2Ytir5IhFSnRKz3OJ3J6_SieMyoFAAysH8-jBf_Bh_xfKEDRGy18g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:36:56 GMT
age: 84206
etag: "2050cee63f8005c5d9ac1a817730ada51b323f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6432c2bf0bab32f918d931dd98a6e1e4
bba4f37b146e5aea2b6490f8f7da63fa61ffc849
bde0d98cb1dcd70f22cd2aee5860eb0cd824d1bb12ab18245ab8eed06a79cf1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7337
x-amzn-requestid: 43a16c4d-c5b9-4d01-8ba4-e811b09e96b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WYqEwVoAMFe5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d104-121eda8b7a73518849342e7a;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HUtvwwtoxo38w1ZiKkBZJL0dL3G7aCdUNzvcUhJ7CZ_Taj_tMyfjAQ==
via: 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 05:03:21 GMT
age: 57421
etag: "bba4f37b146e5aea2b6490f8f7da63fa61ffc849"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eb39673-9b77-4a82-8d34-c0e1405dca47.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eb39673-9b77-4a82-8d34-c0e1405dca47.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0cabcd5467191890163abd8c081c0cb
37c76a9fe6833ee0fc50d92b2f8e32fc44d43e54
b3b17175a7899e8876d93a83271f9319b0cd76af7e091837b87aaba2ac2d3920
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eb39673-9b77-4a82-8d34-c0e1405dca47.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8757
x-amzn-requestid: c384db56-c2e0-4a61-ab03-0688422929c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL3_ESBIAMFUIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b2699-1a0f51aa005d4a5e4f4ec4df;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:05 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 99u5SW_yKsRfnCMwl1syMlGCm5OZ7kd6ewz8vIYxFrRvwLZEmjNs1g==
via: 1.1 58f9a50682bb94842197f3e957919c60.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 22:26:41 GMT
age: 81221
etag: "37c76a9fe6833ee0fc50d92b2f8e32fc44d43e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f05f7d85c5d7c2aa09651804f80a019
cd118fbc41657bfdf0fcfb9e3a4a2813f3b08e5b
76a6c1ae0a435403ac10b6478f029bb8b871dbdcc2a2c7e3e97b56982a9767e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d192r5l88wrng7.cloudfront.net/?rwlrd=961956
54.230.245.16200 OK 112 kB URL HTTP/2 d192r5l88wrng7.cloudfront.net/?rwlrd=961956
IP 54.230.245.16:0
File type Unicode text, UTF-8 text, with very long lines (15952)
Size 112 kB (111899 bytes)
Hash d2fb3b7e97cd7c310422a409f42dbe5b
8deafa76b4d521f215ed51bbf72b5a00acde154b
d2d12d1630d09afc7acd5ce7d3c8acc8073fe2ae6a630c941f35efbf69cf8fbb
GET /?rwlrd=961956 HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 111899
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vH_bLzGptwhSzmCN97aNbSAVJ0mTgDOvA1t61dyHgntrevBdVgF6IQ==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash f0413efff3fc4435819eea0892565002
68f2cbf9d99cbc2f3500c911fe2906ea03a6d72f
f5ebdb13ab4ad27844b4ad00d4bb79c9238bd02937bdab5dc83d0802d956895f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=145382
Date: Sun, 16 Oct 2022 21:00:22 GMT
Etag: "634bf982-1d7"
Expires: Tue, 18 Oct 2022 13:23:24 GMT
Last-Modified: Sun, 16 Oct 2022 12:30:58 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6z7e5fK7Zzor0WmBmnq45S7P0K_EHsy0pMRUNGOq-dijq0VWlnca3A==
Age: 3146
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash f0413efff3fc4435819eea0892565002
68f2cbf9d99cbc2f3500c911fe2906ea03a6d72f
f5ebdb13ab4ad27844b4ad00d4bb79c9238bd02937bdab5dc83d0802d956895f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148377
Date: Sun, 16 Oct 2022 21:00:22 GMT
Etag: "634bf982-1d7"
Expires: Tue, 18 Oct 2022 14:13:19 GMT
Last-Modified: Sun, 16 Oct 2022 12:30:58 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: W8YDFnQ4JAKzugnZNN29G9qqs5ZmEiqDR3gXIEc7NxlY_GKBDVxkAw==
Age: 6141
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A88245031%3Arqn%3A2%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A88245031%3Arqn%3A2%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A88245031%3Arqn%3A2%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 45
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 16-Oct-2022 21:00:22 GMT
last-modified: Sun, 16-Oct-2022 21:00:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A772931475%3Arqn%3A6%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(6)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A772931475%3Arqn%3A6%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(6)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A772931475%3Arqn%3A6%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(6)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 99
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 16-Oct-2022 21:00:22 GMT
last-modified: Sun, 16-Oct-2022 21:00:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A1016840422%3Arqn%3A5%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(5)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A1016840422%3Arqn%3A5%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(5)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A1016840422%3Arqn%3A5%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(5)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 16-Oct-2022 21:00:22 GMT
last-modified: Sun, 16-Oct-2022 21:00:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A878962912%3Arqn%3A3%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(3)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A878962912%3Arqn%3A3%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(3)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A878962912%3Arqn%3A3%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(3)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 16-Oct-2022 21:00:22 GMT
last-modified: Sun, 16-Oct-2022 21:00:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A362817620%3Arqn%3A4%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(4)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A362817620%3Arqn%3A4%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(4)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A362817620%3Arqn%3A4%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(4)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 108
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 16-Oct-2022 21:00:22 GMT
last-modified: Sun, 16-Oct-2022 21:00:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A672720061%3Arqn%3A7%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(7)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A672720061%3Arqn%3A7%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(7)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A672720061%3Arqn%3A7%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(7)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 16-Oct-2022 21:00:22 GMT
last-modified: Sun, 16-Oct-2022 21:00:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash 947165e0089f5acfb4180af2d5ca57e4
542998f07c172f81eb2a9f64b4ff4d4b57ea949f
4d900250a1133442e564f9465fe15db602240c7e82a880fc07fcceac58271913
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
set-cookie: uid_id2=219e314f-e8ff-430a-b08d-a77097cd0670:1:1; expires=Wed, 13 Oct 2032 21:00:22 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash f5b76b4838a3cada4bb4182d23c7222a
4dcc899c5853ed8f930c32c0cb58445b1ba8dcd5
bd9b46b7f9a505568767627c8a77291401e6a57ae7a644732a3db44590052213
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
set-cookie: uid_id2=7b9a8694-4a1b-412a-b645-d0a4611d9cae:2:1; expires=Wed, 13 Oct 2032 21:00:22 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f611de559333fa15533c52ffc7aeda37
ac9f4fe8673c1511766befe0fa35803e34419582
f5e652821af51974a59045c138336c3b667af78d107e1784d6182f0274f0dc20
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F5E652821AF51974A59045C138336C3B667AF78D107E1784D6182F0274F0DC20"
Last-Modified: Sat, 15 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13084
Expires: Mon, 17 Oct 2022 00:38:26 GMT
Date: Sun, 16 Oct 2022 21:00:22 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f611de559333fa15533c52ffc7aeda37
ac9f4fe8673c1511766befe0fa35803e34419582
f5e652821af51974a59045c138336c3b667af78d107e1784d6182f0274f0dc20
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F5E652821AF51974A59045C138336C3B667AF78D107E1784D6182F0274F0DC20"
Last-Modified: Sat, 15 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13084
Expires: Mon, 17 Oct 2022 00:38:26 GMT
Date: Sun, 16 Oct 2022 21:00:22 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f611de559333fa15533c52ffc7aeda37
ac9f4fe8673c1511766befe0fa35803e34419582
f5e652821af51974a59045c138336c3b667af78d107e1784d6182f0274f0dc20
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F5E652821AF51974A59045C138336C3B667AF78D107E1784D6182F0274F0DC20"
Last-Modified: Sat, 15 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13084
Expires: Mon, 17 Oct 2022 00:38:26 GMT
Date: Sun, 16 Oct 2022 21:00:22 GMT
Connection: keep-alive
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A699255956%3Arqn%3A9%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6-h-1)clc(0-0-0)aw(1)rqnt(9)ecs(1)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A699255956%3Arqn%3A9%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6-h-1)clc(0-0-0)aw(1)rqnt(9)ecs(1)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A699255956%3Arqn%3A9%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1665954023475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665954026&t=gdpr(14)mc(p-6-h-1)clc(0-0-0)aw(1)rqnt(9)ecs(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 39
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 16-Oct-2022 21:00:22 GMT
last-modified: Sun, 16-Oct-2022 21:00:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A1048873110%3Arqn%3A8%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1665954023475%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665954026%3At%3ACryBby%20-%20Camp%20Counselor%20Wakes%20u%20up%20With%20Her%20Pussy%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-6%29clc%280-0-0%29aw%281%29rqnt%288%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A1048873110%3Arqn%3A8%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1665954023475%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665954026%3At%3ACryBby%20-%20Camp%20Counselor%20Wakes%20u%20up%20With%20Her%20Pussy%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-6%29clc%280-0-0%29aw%281%29rqnt%288%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A1048873110%3Arqn%3A8%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1665954023475%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665954026%3At%3ACryBby%20-%20Camp%20Counselor%20Wakes%20u%20up%20With%20Her%20Pussy%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-6%29clc%280-0-0%29aw%281%29rqnt%288%29ecs%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 16-Oct-2022 21:00:22 GMT
last-modified: Sun, 16-Oct-2022 21:00:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ab65590dc6c286b5aa4a2d5058be821c
efc5247e55abb2335dc9e8a50121aed57d6cd8d2
4f5b7c04a4fb741edf1cc4f4ecb977fb11004c205f0e6195979d7d4f18e8a7a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F5B7C04A4FB741EDF1CC4F4ECB977FB11004C205F0E6195979D7D4F18E8A7A1"
Last-Modified: Fri, 14 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12428
Expires: Mon, 17 Oct 2022 00:27:30 GMT
Date: Sun, 16 Oct 2022 21:00:22 GMT
Connection: keep-alive
eautifuleed.xyz/M0QwZ0NSJlMKfFJ5UkE2QSgNQnF1YQIhJwJ9AhV2X3wIEDFdIwdJIF8rRQMlQSteE21dIURCcXULUQoJWyFcKgl3FQgEIXFwfCUWVzVoIQ1qEAIxDnAGeTETYTRWLBFQPWgdAkEKSQR2dgBxXg1YM2cgOwYxZwwSfQNKVw1rdFMBE2IoVjIFRD10AAFQEF4yJnYjBDUhW3x9JRELdXEQNHYMXjIlcnVHPxNxBXwjEWo9ZFYCXRADViJhdX4sJksOZDIFCiN7IidnF1pfB3cGYSQnXyxjIBZ5KH4xEWUcAiYsYXV+LAphPHgyKUc1aCI7YREDPRpmIx0+JX4FdSkRdiNmMAV5FWMKDVERXCUlahJfIgByIwIjAgMeaFUGQBMBAxZqdEc/G3Y3Fg0wXCpAWgteJQU1CX4wYxUSdCE
143.204.55.19200 OK 1.2 kB URL HTTP/2 eautifuleed.xyz/M0QwZ0NSJlMKfFJ5UkE2QSgNQnF1YQIhJwJ9AhV2X3wIEDFdIwdJIF8rRQMlQSteE21dIURCcXULUQoJWyFcKgl3FQgEIXFwfCUWVzVoIQ1qEAIxDnAGeTETYTRWLBFQPWgdAkEKSQR2dgBxXg1YM2cgOwYxZwwSfQNKVw1rdFMBE2IoVjIFRD10AAFQEF4yJnYjBDUhW3x9JRELdXEQNHYMXjIlcnVHPxNxBXwjEWo9ZFYCXRADViJhdX4sJksOZDIFCiN7IidnF1pfB3cGYSQnXyxjIBZ5KH4xEWUcAiYsYXV+LAphPHgyKUc1aCI7YREDPRpmIx0+JX4FdSkRdiNmMAV5FWMKDVERXCUlahJfIgByIwIjAgMeaFUGQBMBAxZqdEc/G3Y3Fg0wXCpAWgteJQU1CX4wYxUSdCE
IP 143.204.55.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3019), with no line terminators
Hash 40a6de0e9a0e268b3acef464ebee606d
d2a237c686d028fd3d311f1f7a22daca98fc4ac9
04bb58843aac17604930d7fd6c635a1bfd963a6d6cccf3b336cc58e291b56b30
GET /M0QwZ0NSJlMKfFJ5UkE2QSgNQnF1YQIhJwJ9AhV2X3wIEDFdIwdJIF8rRQMlQSteE21dIURCcXULUQoJWyFcKgl3FQgEIXFwfCUWVzVoIQ1qEAIxDnAGeTETYTRWLBFQPWgdAkEKSQR2dgBxXg1YM2cgOwYxZwwSfQNKVw1rdFMBE2IoVjIFRD10AAFQEF4yJnYjBDUhW3x9JRELdXEQNHYMXjIlcnVHPxNxBXwjEWo9ZFYCXRADViJhdX4sJksOZDIFCiN7IidnF1pfB3cGYSQnXyxjIBZ5KH4xEWUcAiYsYXV+LAphPHgyKUc1aCI7YREDPRpmIx0+JX4FdSkRdiNmMAV5FWMKDVERXCUlahJfIgByIwIjAgMeaFUGQBMBAxZqdEc/G3Y3Fg0wXCpAWgteJQU1CX4wYxUSdCE HTTP/1.1
Host: eautifuleed.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1175
date: Sun, 16 Oct 2022 21:00:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kW2JbMctxpFH4G2GlQe1w2-WTElFD5EHgifLCeVMMXA0ZHrTcx8NaQ==
X-Firefox-Spdy: h2
eautifuleed.xyz/M05yb0hSLBECd1JzEEk9QSJPSnp1a0ApLAJ3QB19X3ZKGDpdKUVBK18hBwsuQSEcG2ZdKwZKenUmKCkeZhoIDAB8JB0fC3EPSiIAegEnAixYKBUhC2M3EQgfYRwdKiYKCjMseBZ8MCB4Cxg1OAV3Fws2f1AkBiEJdCYZDh5ACD0VBkoLIyp/fX07KBlZHwUjGUMfERYJFnw0OAkKIT4sGmkGMQx8eBg7CwJ7B0Q5JFh6PRUeVg02BHlSKScGEXs+V10OdiIoAy53LTU5EHEgNj0CZBQmCCVkHDcbK2t+OicPAic3Lg5iLTUMBnYiKAMCWSUhOTBhOhc9JGYoOkIOCgwFIj99NyA2GWQtIQkZVxgoOBoWfDAteWU5KAFxYQohDDB4GBUMK3QXOCskeXkoKCRwGSU+blk9HQE4DghCGyxLJAYXOX95PjsKXQ
143.204.55.19200 OK 1.2 kB URL HTTP/2 eautifuleed.xyz/M05yb0hSLBECd1JzEEk9QSJPSnp1a0ApLAJ3QB19X3ZKGDpdKUVBK18hBwsuQSEcG2ZdKwZKenUmKCkeZhoIDAB8JB0fC3EPSiIAegEnAixYKBUhC2M3EQgfYRwdKiYKCjMseBZ8MCB4Cxg1OAV3Fws2f1AkBiEJdCYZDh5ACD0VBkoLIyp/fX07KBlZHwUjGUMfERYJFnw0OAkKIT4sGmkGMQx8eBg7CwJ7B0Q5JFh6PRUeVg02BHlSKScGEXs+V10OdiIoAy53LTU5EHEgNj0CZBQmCCVkHDcbK2t+OicPAic3Lg5iLTUMBnYiKAMCWSUhOTBhOhc9JGYoOkIOCgwFIj99NyA2GWQtIQkZVxgoOBoWfDAteWU5KAFxYQohDDB4GBUMK3QXOCskeXkoKCRwGSU+blk9HQE4DghCGyxLJAYXOX95PjsKXQ
IP 143.204.55.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3025), with no line terminators
Hash 9655c45690647a348e6659e4b2b2f934
a2adc6d0639a07972157c7b7bd750316e0e74ef6
b0f5b5f81bfe81c520aea99f055bd6a9ce988f6222aad6dd9b6915e6a1938ae1
GET /M05yb0hSLBECd1JzEEk9QSJPSnp1a0ApLAJ3QB19X3ZKGDpdKUVBK18hBwsuQSEcG2ZdKwZKenUmKCkeZhoIDAB8JB0fC3EPSiIAegEnAixYKBUhC2M3EQgfYRwdKiYKCjMseBZ8MCB4Cxg1OAV3Fws2f1AkBiEJdCYZDh5ACD0VBkoLIyp/fX07KBlZHwUjGUMfERYJFnw0OAkKIT4sGmkGMQx8eBg7CwJ7B0Q5JFh6PRUeVg02BHlSKScGEXs+V10OdiIoAy53LTU5EHEgNj0CZBQmCCVkHDcbK2t+OicPAic3Lg5iLTUMBnYiKAMCWSUhOTBhOhc9JGYoOkIOCgwFIj99NyA2GWQtIQkZVxgoOBoWfDAteWU5KAFxYQohDDB4GBUMK3QXOCskeXkoKCRwGSU+blk9HQE4DghCGyxLJAYXOX95PjsKXQ HTTP/1.1
Host: eautifuleed.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1181
date: Sun, 16 Oct 2022 21:00:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vOLkk04fqfII848Pkix3MPp7E7xQ0t2uTaXu7uz88FIVICdDIi2vDQ==
X-Firefox-Spdy: h2
eautifuleed.xyz/dE1la2QVLwYGWxVwB00RBiFYTlYyaFctAEV0VxlRGHVdHBYaKlJFBxgiEA8CBiILH0oaKBFOVjIbKy02GSkPBzw7OgI6Jh8MXCoPBwwkBj4jHxIYNyQlMDEyRB8VOw86CSc6JSYcMlspMSckXjdHKgc6JT4JMCwIIxgjPTI7KiMnLEUIUykxBwQgATE3CyQ6JRclKDMmMiZSIyZNGzIvMjAfLVMmESE/PycDH10jDxcEIDwHHxgSGCE7DF0yMDE1HT0hLg8hLC1BHCRbNi40Nz8nAxwILiI5BgE8VSUaJAAAFxs3LDwYCFYvNh8uJwMuIR8CDCEuC0gPIzcPIwYyHA80OQ4xDCI+ISYXDCk0MDUVADU1ACApNVInFgQKBHA9Xh5FGRJcMEwLMyQWOAI
143.204.55.19200 OK 1.2 kB URL HTTP/2 eautifuleed.xyz/dE1la2QVLwYGWxVwB00RBiFYTlYyaFctAEV0VxlRGHVdHBYaKlJFBxgiEA8CBiILH0oaKBFOVjIbKy02GSkPBzw7OgI6Jh8MXCoPBwwkBj4jHxIYNyQlMDEyRB8VOw86CSc6JSYcMlspMSckXjdHKgc6JT4JMCwIIxgjPTI7KiMnLEUIUykxBwQgATE3CyQ6JRclKDMmMiZSIyZNGzIvMjAfLVMmESE/PycDH10jDxcEIDwHHxgSGCE7DF0yMDE1HT0hLg8hLC1BHCRbNi40Nz8nAxwILiI5BgE8VSUaJAAAFxs3LDwYCFYvNh8uJwMuIR8CDCEuC0gPIzcPIwYyHA80OQ4xDCI+ISYXDCk0MDUVADU1ACApNVInFgQKBHA9Xh5FGRJcMEwLMyQWOAI
IP 143.204.55.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3004), with no line terminators
Hash 227ecc6f9470d48a64af0d3e993dcc69
a21f606a24a4e4276fcac7efe97dfec062c4a520
d22aa00d01c1176ca2f911efbae56203b9228474daab95dcd9c653113884da39
GET /dE1la2QVLwYGWxVwB00RBiFYTlYyaFctAEV0VxlRGHVdHBYaKlJFBxgiEA8CBiILH0oaKBFOVjIbKy02GSkPBzw7OgI6Jh8MXCoPBwwkBj4jHxIYNyQlMDEyRB8VOw86CSc6JSYcMlspMSckXjdHKgc6JT4JMCwIIxgjPTI7KiMnLEUIUykxBwQgATE3CyQ6JRclKDMmMiZSIyZNGzIvMjAfLVMmESE/PycDH10jDxcEIDwHHxgSGCE7DF0yMDE1HT0hLg8hLC1BHCRbNi40Nz8nAxwILiI5BgE8VSUaJAAAFxs3LDwYCFYvNh8uJwMuIR8CDCEuC0gPIzcPIwYyHA80OQ4xDCI+ISYXDCk0MDUVADU1ACApNVInFgQKBHA9Xh5FGRJcMEwLMyQWOAI HTTP/1.1
Host: eautifuleed.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1162
date: Sun, 16 Oct 2022 21:00:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: U9NsDti06Wzsa65OudQdRtNYhnH2XOQ-lw3nPoCUVPOF07nQK_GtEQ==
X-Firefox-Spdy: h2
dsoodbye.xyz/akxPRjBFcyw1DQshGS1lPQIqEHYgPBkAATwZCC5SP30BEmksL2kyWQ5xdnABU3l5YEADKHJ1Akw/OydEHz9ydABae2kvXgwjcncWHHF/aAhEfX9oAEw5cncWHjwuIQ1baj8yRAZxfnAGX3V6cgBYenx/CA
104.21.16.22204 No Content 0 B URL HTTP/2 dsoodbye.xyz/akxPRjBFcyw1DQshGS1lPQIqEHYgPBkAATwZCC5SP30BEmksL2kyWQ5xdnABU3l5YEADKHJ1Akw/OydEHz9ydABae2kvXgwjcncWHHF/aAhEfX9oAEw5cncWHjwuIQ1baj8yRAZxfnAGX3V6cgBYenx/CA
IP 104.21.16.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /akxPRjBFcyw1DQshGS1lPQIqEHYgPBkAATwZCC5SP30BEmksL2kyWQ5xdnABU3l5YEADKHJ1Akw/OydEHz9ydABae2kvXgwjcncWHHF/aAhEfX9oAEw5cncWHjwuIQ1baj8yRAZxfnAGX3V6cgBYenx/CA HTTP/1.1
Host: dsoodbye.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfjUv%2FA0IW84ZpklKbogEavywl6It6urCjlxUQFZf0iEoTBgoLRWPaQE1XDd2ZvnK7qXl7s4ESRwCuRqKqGh%2BZlc697bx7dcdVJgZqEYPy7MzVLlMGzdXSr3JHVimos%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b3b941fa30b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dsoodbye.xyz/NkFVOVkZfjZKZHgsYHMLBwwWYWoPZGd/A3cHMF8BAzMRCDETcxddNFVnIVA9C3hjCGADd3NJMFJ8Zgt/RTU0TSxFfGQfMFgnOgR/QHxlF2EYcGUXaRA0aAh/QjE0XmQHZyVNLVp8ZA9vA3hgDWkEd2YAbw
104.21.16.22204 No Content 0 B URL HTTP/2 dsoodbye.xyz/NkFVOVkZfjZKZHgsYHMLBwwWYWoPZGd/A3cHMF8BAzMRCDETcxddNFVnIVA9C3hjCGADd3NJMFJ8Zgt/RTU0TSxFfGQfMFgnOgR/QHxlF2EYcGUXaRA0aAh/QjE0XmQHZyVNLVp8ZA9vA3hgDWkEd2YAbw
IP 104.21.16.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NkFVOVkZfjZKZHgsYHMLBwwWYWoPZGd/A3cHMF8BAzMRCDETcxddNFVnIVA9C3hjCGADd3NJMFJ8Zgt/RTU0TSxFfGQfMFgnOgR/QHxlF2EYcGUXaRA0aAh/QjE0XmQHZyVNLVp8ZA9vA3hgDWkEd2YAbw HTTP/1.1
Host: dsoodbye.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owVDvsxM4w7Qhtzfc73ZzmTdMkI%2FBnnnud50WJhVnWkT69hRRqfew%2F05rxc5A%2Bv8jzgTgv4%2FYodAjJw1mxuDt7y9BQP5946AISHoAbW1BJgyOUa84ooeZHswszCMr5c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b3b941fa38b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dsoodbye.xyz/aFcyRktHaFE1diUCVh8FLRJ0InkfEFcXARA1c3cxKTloNAkgDhQyIgxqC3B5WGYAYDsBMw93c04kRic/HSQPd20BOVQpdk4hD3dlWHkAaHtOIg93bRwnUyF2WXFCMj8EagNwfV1uB3J7WmEGd3g
104.21.16.22204 No Content 0 B URL HTTP/2 dsoodbye.xyz/aFcyRktHaFE1diUCVh8FLRJ0InkfEFcXARA1c3cxKTloNAkgDhQyIgxqC3B5WGYAYDsBMw93c04kRic/HSQPd20BOVQpdk4hD3dlWHkAaHtOIg93bRwnUyF2WXFCMj8EagNwfV1uB3J7WmEGd3g
IP 104.21.16.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aFcyRktHaFE1diUCVh8FLRJ0InkfEFcXARA1c3cxKTloNAkgDhQyIgxqC3B5WGYAYDsBMw93c04kRic/HSQPd20BOVQpdk4hD3dlWHkAaHtOIg93bRwnUyF2WXFCMj8EagNwfV1uB3J7WmEGd3g HTTP/1.1
Host: dsoodbye.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k04fApQBTc7uSR1KuBSWdl1%2BQiN3ycyH8Su01VDCRiMOLY7x3vfbR2A5JPuF10HgWlCDJ%2BXK%2FalO7veRC88NBGuDaKCSx9nRowmoF9wB6mKSYv9XWLgcZEI6xBqWPcs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b3b9420a3eb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dsoodbye.xyz/Vlpnb3R5ZQQcSQAcMTsWOwAANTMiODIoOjE7VgMSDA0lByNnC0EbHTJnXllGZmtTSQQ/PlpeUiUuBhsBJWdWSR04PAhSUiBnVkFHYnRVVlpmfBJSRXAuFw4Ta2tBHwAiNlpeQmBvXlpAZmhRW0Ju
104.21.16.22204 No Content 0 B URL HTTP/2 dsoodbye.xyz/Vlpnb3R5ZQQcSQAcMTsWOwAANTMiODIoOjE7VgMSDA0lByNnC0EbHTJnXllGZmtTSQQ/PlpeUiUuBhsBJWdWSR04PAhSUiBnVkFHYnRVVlpmfBJSRXAuFw4Ta2tBHwAiNlpeQmBvXlpAZmhRW0Ju
IP 104.21.16.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Vlpnb3R5ZQQcSQAcMTsWOwAANTMiODIoOjE7VgMSDA0lByNnC0EbHTJnXllGZmtTSQQ/PlpeUiUuBhsBJWdWSR04PAhSUiBnVkFHYnRVVlpmfBJSRXAuFw4Ta2tBHwAiNlpeQmBvXlpAZmhRW0Ju HTTP/1.1
Host: dsoodbye.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eQe5iz4bM2bmHvq2CQEfBSNB1f0QzXME2nLl2rj7WwZH4tWIM2uWkgf%2B2agK4XrggUr%2B1z%2F7WISOkk33xXbseuuw69V%2BhUx6d4rQjH93neYRRvY7hRS2uNkpZucF4M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b3b9420a41b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 360c586eb314120c1280daae1f80ccdc
a8e87aee675b865095d2b44c2d6eaeb99580606a
0707167996eed03a23f5fe73cffc117df6fbe12c29f87783a8534e29b1700800
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0707167996EED03A23F5FE73CFFC117DF6FBE12C29F87783A8534E29B1700800"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11930
Expires: Mon, 17 Oct 2022 00:19:12 GMT
Date: Sun, 16 Oct 2022 21:00:22 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f611de559333fa15533c52ffc7aeda37
ac9f4fe8673c1511766befe0fa35803e34419582
f5e652821af51974a59045c138336c3b667af78d107e1784d6182f0274f0dc20
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F5E652821AF51974A59045C138336C3B667AF78D107E1784D6182F0274F0DC20"
Last-Modified: Sat, 15 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13084
Expires: Mon, 17 Oct 2022 00:38:26 GMT
Date: Sun, 16 Oct 2022 21:00:22 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4315c641ce7703e0fbe0b067fd8073bc
0975528468dcf0f1919d63140e0c1369ba834abc
4cf6d790c0f08adb4f036c3cd243c596c555ac4426304d9d6605c695d69b4188
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3544
Cache-Control: max-age=169161
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:22 GMT
Etag: "634c54d7-116"
Expires: Tue, 18 Oct 2022 19:59:43 GMT
Last-Modified: Sun, 16 Oct 2022 19:00:39 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
d192r5l88wrng7.cloudfront.net/OamJhelMJDQ8cbB4LBUdqXFNYT2VMCBIVPRpfKRcyXzArNyc5EDA9NkwWGx5uWkQNGz0NX0cfPQlfUFwyDgBcTnUeEg4Rbh8MBR81AwwEHnUfA1wXPBALDRYyT1AnT31aR1NKexJTUF9gKEdTSj8DDBQCdlhSGUJlNVRVX2AoR1NKIRxHUjtqXExRU3ZYUg-YfMAENREgVWFJQSmNbUlBfYVoECAg2DA0ZX2EsW1dUY0wXXEs
54.230.245.16200 OK 317 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/OamJhelMJDQ8cbB4LBUdqXFNYT2VMCBIVPRpfKRcyXzArNyc5EDA9NkwWGx5uWkQNGz0NX0cfPQlfUFwyDgBcTnUeEg4Rbh8MBR81AwwEHnUfA1wXPBALDRYyT1AnT31aR1NKexJTUF9gKEdTSj8DDBQCdlhSGUJlNVRVX2AoR1NKIRxHUjtqXExRU3ZYUg-YfMAENREgVWFJQSmNbUlBfYVoECAg2DA0ZX2EsW1dUY0wXXEs
IP 54.230.245.16:0
File type ASCII text, with very long lines (401), with no line terminators
Hash f0b43bdf43af4549b1f85eeca3d7874e
9a82591c77679d4fee6f159ae22b19a9611e1bee
41d0faec4975d86b48f9d03ec157655dd7e82c2b902ccc02457aa2121a7406ef
GET /OamJhelMJDQ8cbB4LBUdqXFNYT2VMCBIVPRpfKRcyXzArNyc5EDA9NkwWGx5uWkQNGz0NX0cfPQlfUFwyDgBcTnUeEg4Rbh8MBR81AwwEHnUfA1wXPBALDRYyT1AnT31aR1NKexJTUF9gKEdTSj8DDBQCdlhSGUJlNVRVX2AoR1NKIRxHUjtqXExRU3ZYUg-YfMAENREgVWFJQSmNbUlBfYVoECAg2DA0ZX2EsW1dUY0wXXEs HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eautifuleed.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 317
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ejKmaoG7utuHT1fLSwXRujF0nvPp1XqMMvS1sH5wGU8_AmJrMv6sJg==
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/VNFRmdjlXOwgQBkA9AksAAmZWRwsSPhUZV0RpPkNDBQARQW0MEjA5S3gbQAJDUGlWUFVVOgFLH1E6BUsIEjUCFAQAchMXBFk7HB9VWDVDRH8BelZTCwR8HkcIEWckUwsEOA8YTExxVEZBDGI5QA0RZyRTCwQmEFMKdW1QWAkdcVRGXlE3DRkcBhJURggEZF-dGCBFmVhBQRjEAGUERZiBPDxpkQAMEBQ
54.230.245.16200 OK 182 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/VNFRmdjlXOwgQBkA9AksAAmZWRwsSPhUZV0RpPkNDBQARQW0MEjA5S3gbQAJDUGlWUFVVOgFLH1E6BUsIEjUCFAQAchMXBFk7HB9VWDVDRH8BelZTCwR8HkcIEWckUwsEOA8YTExxVEZBDGI5QA0RZyRTCwQmEFMKdW1QWAkdcVRGXlE3DRkcBhJURggEZF-dGCBFmVhBQRjEAGUERZiBPDxpkQAMEBQ
IP 54.230.245.16:0
File type ASCII text, with no line terminators
Hash 6b10b7d974923c4d6ffb4db65a857867
508c5d290db9aa23120d754739c59d808de9a0b1
1b4d70c0849ab65d63fc9524e716b6c62c3d4d6d0692857d8a68315f637e082f
GET /VNFRmdjlXOwgQBkA9AksAAmZWRwsSPhUZV0RpPkNDBQARQW0MEjA5S3gbQAJDUGlWUFVVOgFLH1E6BUsIEjUCFAQAchMXBFk7HB9VWDVDRH8BelZTCwR8HkcIEWckUwsEOA8YTExxVEZBDGI5QA0RZyRTCwQmEFMKdW1QWAkdcVRGXlE3DRkcBhJURggEZF-dGCBFmVhBQRjEAGUERZiBPDxpkQAMEBQ HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eautifuleed.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 182
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QB6iMVQsm6tFnaMEUeuPZS84CnAhwtAVqHs-nlTiemi0SJWtWyVIEg==
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/hZFVUTzcHOjopCBA8MHIOUmdkfgNCPycgWRRoEn9DAC0+O08VGWMDYyY7cjtNAGhkaVsFOzNyEQE7N3IGQjQwLQpQcyA/WA9oLCRZHCc4KVIdJHI6Vlk4OzVeCDk1agUiYHp/ElZlfDcGVXBnDRJWZTgmWREtcX0HHG1iEAFQcGcNElZlJjkSVxRteRlUfH-F9BwMwNyRYQWcSfQdVZWR+B1VwZn9RDScxKVgccGYJDlJ7ZGlCWWQ
54.230.245.16200 OK 565 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/hZFVUTzcHOjopCBA8MHIOUmdkfgNCPycgWRRoEn9DAC0+O08VGWMDYyY7cjtNAGhkaVsFOzNyEQE7N3IGQjQwLQpQcyA/WA9oLCRZHCc4KVIdJHI6Vlk4OzVeCDk1agUiYHp/ElZlfDcGVXBnDRJWZTgmWREtcX0HHG1iEAFQcGcNElZlJjkSVxRteRlUfH-F9BwMwNyRYQWcSfQdVZWR+B1VwZn9RDScxKVgccGYJDlJ7ZGlCWWQ
IP 54.230.245.16:0
File type ASCII text, with very long lines (811), with no line terminators
Hash aa96695c2078ab05c3fb0691699e9ea6
59028a4bec3eeb353e4d3a7c3c4710a1e7d6e517
3d0f41dc4c2d73f4585790e38abca5fe06348694419283ebe5462ff39c906aa5
GET /hZFVUTzcHOjopCBA8MHIOUmdkfgNCPycgWRRoEn9DAC0+O08VGWMDYyY7cjtNAGhkaVsFOzNyEQE7N3IGQjQwLQpQcyA/WA9oLCRZHCc4KVIdJHI6Vlk4OzVeCDk1agUiYHp/ElZlfDcGVXBnDRJWZTgmWREtcX0HHG1iEAFQcGcNElZlJjkSVxRteRlUfH-F9BwMwNyRYQWcSfQdVZWR+B1VwZn9RDScxKVgccGYJDlJ7ZGlCWWQ HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eautifuleed.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 565
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qoIrhFG3ayld7iiCDBTUJvhDGYl7U6gdym6hGe3IsgjNm-GbTWcOzA==
X-Firefox-Spdy: h2
dwightadjoining.com/01/f7/5a/01f75a95a38a8db0a8e82d995253a076.js
192.243.61.227200 OK 29 kB URL HTTP/1.1 dwightadjoining.com/01/f7/5a/01f75a95a38a8db0a8e82d995253a076.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 56328212f1468e08cd1142ee0d7bf628
b7e8563e2e71c851285bdaf00ab174eff0f33ff4
c0533763457839c8e68877d79c159698fd2d5daf0a45bde3549a8a526e37f975
Analyzer Verdict Alert quad9 Sinkholed
GET /01/f7/5a/01f75a95a38a8db0a8e82d995253a076.js HTTP/1.1
Host: dwightadjoining.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 21:00:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a46e42ecd205d64fa3e3b11dc5924c6c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
invaderannihilationperky.com/4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js
192.243.61.227200 OK 29 kB URL HTTP/1.1 invaderannihilationperky.com/4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 1ea5eed4f79ad12f5b812bfa74c414e9
93ca0bed2ccee3fd93dfde6d55d8248d57c29600
205a534f49d1409e65266e6a566b3e14401143ac24c43b85edc0329f5eb5239a
Analyzer Verdict Alert quad9 Sinkholed
GET /4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 21:00:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 918eaeb01113b8c15f0ad139b92c5077
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5b04d6d3c126a01d5aa922574230332
fd3383c24dac377a75ca3160503bb31b8019df4a
621df3b5055828325b8cc517cf359ea5ca002fd5fad771cca767e15bde7fa330
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "621DF3B5055828325B8CC517CF359EA5CA002FD5FAD771CCA767E15BDE7FA330"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8585
Expires: Sun, 16 Oct 2022 23:23:28 GMT
Date: Sun, 16 Oct 2022 21:00:23 GMT
Connection: keep-alive
dwightadjoining.com/sbar.json?key=21fe3950f412e026c33f1b6cee613eba&uuid=219e314f-e8ff-430a-b08d-a77097cd0670%3A1%3A1
192.243.61.227200 OK 4.3 kB URL HTTP/1.1 dwightadjoining.com/sbar.json?key=21fe3950f412e026c33f1b6cee613eba&uuid=219e314f-e8ff-430a-b08d-a77097cd0670%3A1%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6044), with no line terminators
Hash e83fbe6688837a2aaa9bea2f02e3ce85
2632ac1d66fd865d7d6711e4ef39e291767fba6a
8bcce42d8c75a6b5a98f8936ff036155b309378ef1340a34395affd8b1299f6d
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=21fe3950f412e026c33f1b6cee613eba&uuid=219e314f-e8ff-430a-b08d-a77097cd0670%3A1%3A1 HTTP/1.1
Host: dwightadjoining.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 21:00:23 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://xfantazy.com
Access-Control-Allow-Origin: https://xfantazy.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17661735; expires=Mon, 17 Oct 2022 21:00:23 GMT; secure; SameSite=None
uid_id2=219e314f-e8ff-430a-b08d-a77097cd0670:1:1; expires=Sun, 23 Oct 2022 21:00:23 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 17 Oct 2022 21:00:23 GMT; secure; SameSite=None
uncs=1; expires=Mon, 17 Oct 2022 21:00:23 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 17 Oct 2022 21:00:23 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 17 Oct 2022 21:00:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 929ba4cfd00d402d70a590226932dbe7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
invaderannihilationperky.com/sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2&uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae%3A2%3A1
192.243.61.227200 OK 4.4 kB URL HTTP/1.1 invaderannihilationperky.com/sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2&uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae%3A2%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (6151), with no line terminators
Hash 876a8063e3e784143f967160d30d96b3
f65e37a685f63a2fe63d04c96a9926dc9f6e0a6e
16b517f36dbacdb9a46f8a1eb3e2e17da66d26f03a5da0ec33edd0d23ffe53e5
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2&uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae%3A2%3A1 HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 21:00:23 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://xfantazy.com
Access-Control-Allow-Origin: https://xfantazy.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15600826; expires=Mon, 17 Oct 2022 21:00:23 GMT; secure; SameSite=None
uid_id2=7b9a8694-4a1b-412a-b645-d0a4611d9cae:2:1; expires=Sun, 23 Oct 2022 21:00:23 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 17 Oct 2022 21:00:23 GMT; secure; SameSite=None
uncs=1; expires=Mon, 17 Oct 2022 21:00:23 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 17 Oct 2022 21:00:23 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 17 Oct 2022 21:00:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5d0c104ef0ffaf43bdfd3117eb22146d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5b04d6d3c126a01d5aa922574230332
fd3383c24dac377a75ca3160503bb31b8019df4a
621df3b5055828325b8cc517cf359ea5ca002fd5fad771cca767e15bde7fa330
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "621DF3B5055828325B8CC517CF359EA5CA002FD5FAD771CCA767E15BDE7FA330"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8585
Expires: Sun, 16 Oct 2022 23:23:28 GMT
Date: Sun, 16 Oct 2022 21:00:23 GMT
Connection: keep-alive
addresseepaper.com/sfp.js
104.21.234.254200 OK 28 kB URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.234.254:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash f2e24cb9a36dce7e41d169094d62c6ad
78c75d83fb68ebcf48f1467b31d482c138806fc2
a8b341f3b11b6a365fea8c4545094c4bff8238b62ea8b7c38baa3e58c57acade
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:23 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 28bd32cd2fe936009e48f18e58df67a4
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 16 Oct 2022 21:00:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rq0993WDmRyXVvYjnbzoXlYs2jDfThOUAxQX%2FRifdFk5rBWQwt4PWQekXA8efp2hkN%2ByQXzNrXqbVb4X5gTemeUsOXTxDh38l1B1efCe0w5bgjgCCn5q1Xc41xMaplKBqKrjSZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3b9455d227714-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dwightadjoining.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTvagBEElF0HDHAQjuJP%2BMds9Yw7BGFeCaxISRQ%2BCVFdVz1a2pqup6pqe7MWQgOQgOPkPet%2FsZlGD6EkvhtAb8bCnHU97cK%2F%2BAaJeZSaLox803%2Ff6vcOr932fb7kj4sPRw0vv602pFD230vZbZz8OgvOtNZm7UWvUjT%2BNO%2BdbZvhmL277r7feFWxDnwv9wPcDP2itSiMyPTo3IyGLh72g3fPbnbAdrHQwMv%2FH1nmw1AMfHpEXIfl06Yl3GpI1yAffXRJ2o9TFG%2B8MnKKlNhjy3Q%2FzjVxXOQaLMTMesnz3WA1tD1YfQec7c7vQw3%2BFqZwS75dHSPPdY5NIh9tzn6mCyJHyU6iGDYRqIGkDpu9C8gMCMI4rV5EPHlzRpqK3nrJ0xk7J0l9%2FQFZTsvTbaeSDby8qOWrd0MqVUucWo6yGHDWQ%2FQaF20O5eQKy2gMr70BygnxQQ%2FLDV8OgJ6Kgky2LbpYtdyKfLqd%2Bly%2FTJPF7CeN%2BnPjzYKRsILMGSoxBrQc3%2B6QHl3lwhYcBP2yxIAgSnzPqd3uMRTwRacz9gCZZQAM%2F7sKxmfcxymIMpsZg5jYKcxsb8v6UkDvbMO4x7HoNyz3YkmDIa1SCoLIEFSWoJEFVElTDeocrG9r6AVfWpcFxD497VE902d%2BiO7rsi5xsFUfkhVlq3nOfvYYNcdgKg0xEvRU%2F6wSh8MOYRVEWpDETIg4ikVJYWUPaE%2FO3bsopObNyCoWckmcuPEZK92DVHph8HtS9AlpNktAHXZ90uj428x9zWjpD1bqgqly32hkm2ky5FFzXKMollLe8LXVEXppvMg7%2FhmD7F35uvvzk7J97YKZGYWrclE8I%2Bure5LquyPZ1XVny%2FdWilAO5SWdbvlHSUpz8%2Bj1xq9KGX75kx1%2B9xWbEbHz4gbDlGs25zPuWfHNRci7MqjZMkJ8u249Ees3Z9YvO5K5Yu%2Fb26uVBYYS1UucNqDywX4DJKXmW6vn5vnzzB0jTwLgaA7dPjgtSN2DFbdhi4d7qkzBqoUkLD5WrJyZMFz%2BVJFBigWlaw%2F4Hp4t5y95D35wBLe%2FOr3ZoagxVDarGsO7kpCzM%2FoVfo3khVd4kVcbbTpVR959Ga%2BVhK4kin8a9lSBJqEjSTtjN4oBTGnbiMI5phNJO2Vrx%2Bz8AAAD%2F%2FwEAAP%2F%2FO448MIkEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 dwightadjoining.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTvagBEElF0HDHAQjuJP%2BMds9Yw7BGFeCaxISRQ%2BCVFdVz1a2pqup6pqe7MWQgOQgOPkPet%2FsZlGD6EkvhtAb8bCnHU97cK%2F%2BAaJeZSaLox803%2Ff6vcOr932fb7kj4sPRw0vv602pFD230vZbZz8OgvOtNZm7UWvUjT%2BNO%2BdbZvhmL277r7feFWxDnwv9wPcDP2itSiMyPTo3IyGLh72g3fPbnbAdrHQwMv%2FH1nmw1AMfHpEXIfl06Yl3GpI1yAffXRJ2o9TFG%2B8MnKKlNhjy3Q%2FzjVxXOQaLMTMesnz3WA1tD1YfQec7c7vQw3%2BFqZwS75dHSPPdY5NIh9tzn6mCyJHyU6iGDYRqIGkDpu9C8gMCMI4rV5EPHlzRpqK3nrJ0xk7J0l9%2FQFZTsvTbaeSDby8qOWrd0MqVUucWo6yGHDWQ%2FQaF20O5eQKy2gMr70BygnxQQ%2FLDV8OgJ6Kgky2LbpYtdyKfLqd%2Bly%2FTJPF7CeN%2BnPjzYKRsILMGSoxBrQc3%2B6QHl3lwhYcBP2yxIAgSnzPqd3uMRTwRacz9gCZZQAM%2F7sKxmfcxymIMpsZg5jYKcxsb8v6UkDvbMO4x7HoNyz3YkmDIa1SCoLIEFSWoJEFVElTDeocrG9r6AVfWpcFxD497VE902d%2BiO7rsi5xsFUfkhVlq3nOfvYYNcdgKg0xEvRU%2F6wSh8MOYRVEWpDETIg4ikVJYWUPaE%2FO3bsopObNyCoWckmcuPEZK92DVHph8HtS9AlpNktAHXZ90uj428x9zWjpD1bqgqly32hkm2ky5FFzXKMollLe8LXVEXppvMg7%2FhmD7F35uvvzk7J97YKZGYWrclE8I%2Bure5LquyPZ1XVny%2FdWilAO5SWdbvlHSUpz8%2Bj1xq9KGX75kx1%2B9xWbEbHz4gbDlGs25zPuWfHNRci7MqjZMkJ8u249Ees3Z9YvO5K5Yu%2Fb26uVBYYS1UucNqDywX4DJKXmW6vn5vnzzB0jTwLgaA7dPjgtSN2DFbdhi4d7qkzBqoUkLD5WrJyZMFz%2BVJFBigWlaw%2F4Hp4t5y95D35wBLe%2FOr3ZoagxVDarGsO7kpCzM%2FoVfo3khVd4kVcbbTpVR959Ga%2BVhK4kin8a9lSBJqEjSTtjN4oBTGnbiMI5phNJO2Vrx%2Bz8AAAD%2F%2FwEAAP%2F%2FO448MIkEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTvagBEElF0HDHAQjuJP%2BMds9Yw7BGFeCaxISRQ%2BCVFdVz1a2pqup6pqe7MWQgOQgOPkPet%2FsZlGD6EkvhtAb8bCnHU97cK%2F%2BAaJeZSaLox803%2Ff6vcOr932fb7kj4sPRw0vv602pFD230vZbZz8OgvOtNZm7UWvUjT%2BNO%2BdbZvhmL277r7feFWxDnwv9wPcDP2itSiMyPTo3IyGLh72g3fPbnbAdrHQwMv%2FH1nmw1AMfHpEXIfl06Yl3GpI1yAffXRJ2o9TFG%2B8MnKKlNhjy3Q%2FzjVxXOQaLMTMesnz3WA1tD1YfQec7c7vQw3%2BFqZwS75dHSPPdY5NIh9tzn6mCyJHyU6iGDYRqIGkDpu9C8gMCMI4rV5EPHlzRpqK3nrJ0xk7J0l9%2FQFZTsvTbaeSDby8qOWrd0MqVUucWo6yGHDWQ%2FQaF20O5eQKy2gMr70BygnxQQ%2FLDV8OgJ6Kgky2LbpYtdyKfLqd%2Bly%2FTJPF7CeN%2BnPjzYKRsILMGSoxBrQc3%2B6QHl3lwhYcBP2yxIAgSnzPqd3uMRTwRacz9gCZZQAM%2F7sKxmfcxymIMpsZg5jYKcxsb8v6UkDvbMO4x7HoNyz3YkmDIa1SCoLIEFSWoJEFVElTDeocrG9r6AVfWpcFxD497VE902d%2BiO7rsi5xsFUfkhVlq3nOfvYYNcdgKg0xEvRU%2F6wSh8MOYRVEWpDETIg4ikVJYWUPaE%2FO3bsopObNyCoWckmcuPEZK92DVHph8HtS9AlpNktAHXZ90uj428x9zWjpD1bqgqly32hkm2ky5FFzXKMollLe8LXVEXppvMg7%2FhmD7F35uvvzk7J97YKZGYWrclE8I%2Bure5LquyPZ1XVny%2FdWilAO5SWdbvlHSUpz8%2Bj1xq9KGX75kx1%2B9xWbEbHz4gbDlGs25zPuWfHNRci7MqjZMkJ8u249Ees3Z9YvO5K5Yu%2Fb26uVBYYS1UucNqDywX4DJKXmW6vn5vnzzB0jTwLgaA7dPjgtSN2DFbdhi4d7qkzBqoUkLD5WrJyZMFz%2BVJFBigWlaw%2F4Hp4t5y95D35wBLe%2FOr3ZoagxVDarGsO7kpCzM%2FoVfo3khVd4kVcbbTpVR959Ga%2BVhK4kin8a9lSBJqEjSTtjN4oBTGnbiMI5phNJO2Vrx%2Bz8AAAD%2F%2FwEAAP%2F%2FO448MIkEAAA%3D HTTP/1.1
Host: dwightadjoining.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=17661735; uid_id2=219e314f-e8ff-430a-b08d-a77097cd0670:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 21:00:23 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 60a2c2bba743501a2557c98645ce0a80
Strict-Transport-Security: max-age=0; includeSubdomains
invaderannihilationperky.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSv28cxRvGZ2NX33wLQG5QRHQFRSLh887eeu%2BOFBHGGFmYJEr4VURCszN758GzO6uZ3dvzCSQrkVA6Lv%2FB%2Bjn%2FEGAhaJGI0DoShSsfEpILXNDQ0SBoQXexOJjmfd95nuKj530%2F3c3PiYucna2%2BrQdSKba0XHdr1z6g9EZtQyZ5v9ZvBR8G%2Fo2a6b3aDuru9dqbEd%2FSS55LXZe6tLYmTdTR%2FaWJCJketWm97dZ9r06XffTNf2ebO7DMgeidkxcgxXj%2BqbMAySsk8derkd3KdPrKG3GuWKYNeuLw3WQr0UWCeNZ2jINOcnjhhrana0%2Bgk%2F0pLnTvH2Mox8T54QnC5PACEmFvb8oZKkQJQnEZRa9CpCpIVoHrh5DilABc4NZtJPHBLW0Ktv1MZRN1TOb%2F%2FB2yGJP5nxeQxF%2BtKNmv3dMqz6ROLPqdErJfQXYrpPkxssElyOIYPHsAKQiSuIQUZy83wzZrBW1%2F0Wc0XPSpxxbDwF9eFC7zA0pFm7NoGoyUFWSngoqGYPYScusglw7yjoM8dRCLsxqnlDZdwZnbanPeEM0oDIRLWbNDGXWDFnI%2BYR8iS4fgaghudpCaHWzJx2NCHuzB5N%2FDbpawwoHNCHqiRBERFJagYASFJCgygqJX7gtlPVseCGXzkF5U76I2ypHOurtsX2fdKCG76Tl5fprab%2F%2F%2FFlvRWY15nXbb7VDXbwZuQHmTtgXllLEG8yIuPFhZQtpLYNbBQI7JwpVfkE42%2BclfCNkxrDoGl8%2BB5S%2BBFaOm54JtjvyWi0Fy1O%2BwJGOD7TrXMYQukWbzyLadXXVOXpxytA7uI%2BInN4%2Bu%2FVF9dv86uCmRmhIfyacEXfVodFcXZO%2BuLiz55naayVgO2GSz9zKWRXNfvBVtF9qI9VU7%2FPw1PhEm7dE7kc02WCJk0rXkyxUpRGTWtOER%2BW7dvh%2BFd3K7uZKbJE837ry%2Bth6nJrJW6qQCk6fvfQwux%2BR%2FV%2BrTk716%2BSdIU8HkJeL8hFw8SF2Bpzuw6Yze6jkYNfOEqYMiL0fGC2efShKoaDazsIT91xzO%2Bl37CF1zFSx7OL3UninRUyWYGsLmc6MsNSc3f2xMH0LljEJlnL1QGfX4WbRWntWajYbLgvYybTZZ1Ax9r9UJqGDM8wMvCFgDmR3zjfTXvwEAAP%2F%2FAQAA%2F%2F9Dju%2FYfQQAAA%3D%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 invaderannihilationperky.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSv28cxRvGZ2NX33wLQG5QRHQFRSLh887eeu%2BOFBHGGFmYJEr4VURCszN758GzO6uZ3dvzCSQrkVA6Lv%2FB%2Bjn%2FEGAhaJGI0DoShSsfEpILXNDQ0SBoQXexOJjmfd95nuKj530%2F3c3PiYucna2%2BrQdSKba0XHdr1z6g9EZtQyZ5v9ZvBR8G%2Fo2a6b3aDuru9dqbEd%2FSS55LXZe6tLYmTdTR%2FaWJCJketWm97dZ9r06XffTNf2ebO7DMgeidkxcgxXj%2BqbMAySsk8derkd3KdPrKG3GuWKYNeuLw3WQr0UWCeNZ2jINOcnjhhrana0%2Bgk%2F0pLnTvH2Mox8T54QnC5PACEmFvb8oZKkQJQnEZRa9CpCpIVoHrh5DilABc4NZtJPHBLW0Ktv1MZRN1TOb%2F%2FB2yGJP5nxeQxF%2BtKNmv3dMqz6ROLPqdErJfQXYrpPkxssElyOIYPHsAKQiSuIQUZy83wzZrBW1%2F0Wc0XPSpxxbDwF9eFC7zA0pFm7NoGoyUFWSngoqGYPYScusglw7yjoM8dRCLsxqnlDZdwZnbanPeEM0oDIRLWbNDGXWDFnI%2BYR8iS4fgaghudpCaHWzJx2NCHuzB5N%2FDbpawwoHNCHqiRBERFJagYASFJCgygqJX7gtlPVseCGXzkF5U76I2ypHOurtsX2fdKCG76Tl5fprab%2F%2F%2FFlvRWY15nXbb7VDXbwZuQHmTtgXllLEG8yIuPFhZQtpLYNbBQI7JwpVfkE42%2BclfCNkxrDoGl8%2BB5S%2BBFaOm54JtjvyWi0Fy1O%2BwJGOD7TrXMYQukWbzyLadXXVOXpxytA7uI%2BInN4%2Bu%2FVF9dv86uCmRmhIfyacEXfVodFcXZO%2BuLiz55naayVgO2GSz9zKWRXNfvBVtF9qI9VU7%2FPw1PhEm7dE7kc02WCJk0rXkyxUpRGTWtOER%2BW7dvh%2BFd3K7uZKbJE837ry%2Bth6nJrJW6qQCk6fvfQwux%2BR%2FV%2BrTk716%2BSdIU8HkJeL8hFw8SF2Bpzuw6Yze6jkYNfOEqYMiL0fGC2efShKoaDazsIT91xzO%2Bl37CF1zFSx7OL3UninRUyWYGsLmc6MsNSc3f2xMH0LljEJlnL1QGfX4WbRWntWajYbLgvYybTZZ1Ax9r9UJqGDM8wMvCFgDmR3zjfTXvwEAAP%2F%2FAQAA%2F%2F9Dju%2FYfQQAAA%3D%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSv28cxRvGZ2NX33wLQG5QRHQFRSLh887eeu%2BOFBHGGFmYJEr4VURCszN758GzO6uZ3dvzCSQrkVA6Lv%2FB%2Bjn%2FEGAhaJGI0DoShSsfEpILXNDQ0SBoQXexOJjmfd95nuKj530%2F3c3PiYucna2%2BrQdSKba0XHdr1z6g9EZtQyZ5v9ZvBR8G%2Fo2a6b3aDuru9dqbEd%2FSS55LXZe6tLYmTdTR%2FaWJCJketWm97dZ9r06XffTNf2ebO7DMgeidkxcgxXj%2BqbMAySsk8derkd3KdPrKG3GuWKYNeuLw3WQr0UWCeNZ2jINOcnjhhrana0%2Bgk%2F0pLnTvH2Mox8T54QnC5PACEmFvb8oZKkQJQnEZRa9CpCpIVoHrh5DilABc4NZtJPHBLW0Ktv1MZRN1TOb%2F%2FB2yGJP5nxeQxF%2BtKNmv3dMqz6ROLPqdErJfQXYrpPkxssElyOIYPHsAKQiSuIQUZy83wzZrBW1%2F0Wc0XPSpxxbDwF9eFC7zA0pFm7NoGoyUFWSngoqGYPYScusglw7yjoM8dRCLsxqnlDZdwZnbanPeEM0oDIRLWbNDGXWDFnI%2BYR8iS4fgaghudpCaHWzJx2NCHuzB5N%2FDbpawwoHNCHqiRBERFJagYASFJCgygqJX7gtlPVseCGXzkF5U76I2ypHOurtsX2fdKCG76Tl5fprab%2F%2F%2FFlvRWY15nXbb7VDXbwZuQHmTtgXllLEG8yIuPFhZQtpLYNbBQI7JwpVfkE42%2BclfCNkxrDoGl8%2BB5S%2BBFaOm54JtjvyWi0Fy1O%2BwJGOD7TrXMYQukWbzyLadXXVOXpxytA7uI%2BInN4%2Bu%2FVF9dv86uCmRmhIfyacEXfVodFcXZO%2BuLiz55naayVgO2GSz9zKWRXNfvBVtF9qI9VU7%2FPw1PhEm7dE7kc02WCJk0rXkyxUpRGTWtOER%2BW7dvh%2BFd3K7uZKbJE837ry%2Bth6nJrJW6qQCk6fvfQwux%2BR%2FV%2BrTk716%2BSdIU8HkJeL8hFw8SF2Bpzuw6Yze6jkYNfOEqYMiL0fGC2efShKoaDazsIT91xzO%2Bl37CF1zFSx7OL3UninRUyWYGsLmc6MsNSc3f2xMH0LljEJlnL1QGfX4WbRWntWajYbLgvYybTZZ1Ax9r9UJqGDM8wMvCFgDmR3zjfTXvwEAAP%2F%2FAQAA%2F%2F9Dju%2FYfQQAAA%3D%3D HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=7b9a8694-4a1b-412a-b645-d0a4611d9cae:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 21:00:23 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 714a3aea099fe490a4b57a64b7574561
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2cc4a259f7870a8b43febafbbef2de19
77d835fb0cda69a5e9b17b64bcf32a18020faee3
e164f533b63c630bbd64da384d46d29f8cb64ea122e70cc86246efa67e88229e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E164F533B63C630BBD64DA384D46D29F8CB64EA122E70CC86246EFA67E88229E"
Last-Modified: Sun, 16 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12345
Expires: Mon, 17 Oct 2022 00:26:08 GMT
Date: Sun, 16 Oct 2022 21:00:23 GMT
Connection: keep-alive
prawnsimply.com/pixel/purst?dl=0&th=0&sc=0&rs=3490&rd=3490&fd=873&bv=22.8.v.2&tmpl=136
192.243.59.13200 OK 0 B URL HTTP/1.1 prawnsimply.com/pixel/purst?dl=0&th=0&sc=0&rs=3490&rd=3490&fd=873&bv=22.8.v.2&tmpl=136
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3490&rd=3490&fd=873&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: prawnsimply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 16 Oct 2022 21:00:23 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ripevibratevilla.com/pixel/purst?dl=0&th=0&sc=0&rs=3540&rd=3540&fd=880&bv=22.8.v.2&tmpl=136
173.233.137.44200 OK 0 B URL HTTP/1.1 ripevibratevilla.com/pixel/purst?dl=0&th=0&sc=0&rs=3540&rd=3540&fd=880&bv=22.8.v.2&tmpl=136
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3540&rd=3540&fd=880&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: ripevibratevilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 21:00:23 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
a.focusde.info/api/spots/391865?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid=
135.181.208.216200 OK 1.0 kB URL HTTP/2 a.focusde.info/api/spots/391865?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 4bee2f592cfca2ff86618df533f2bcf6
94c770659cda43c7444a9ec590bcfed7253a586f
37c52853d301cc919c6d5c6b5ddf3a930488de491059bdea3c1d976ff666a67f
GET /api/spots/391865?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:23 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=90WRVwCgw7CVlbYckxVz; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
a.focusde.info/api/spots/382499?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid=
135.181.208.216200 OK 1.0 kB URL HTTP/2 a.focusde.info/api/spots/382499?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 443732710a611683052605ffded60446
216e3fc311e79d25cd9c5176427355bb09a08b16
32733109b5870fb696dfe5f7f8681cde38a2cc253870f34ed00864ed773b070c
GET /api/spots/382499?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:23 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=Y5kUasQEYiCne2ycaCmj; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7ab0f662cefdaae0bfd0c01d91a87fd
5f1ba6b8c2147ec53770d3ce6a83337134e95ff8
80237fdb32c2b0c6e674bb7ae60da8f115cb0af64b3958618a89bd28dbf8282b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bec8662253487535e988ec1ffb1f53c6
b752af012181b7f6e14413f0482cdf9d6e18af35
2fee7612e3563cd018022c186c8d97b619888a54096a35f0d736a84b00baa18f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5681
Cache-Control: max-age=133870
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:24 GMT
Etag: "634bc2a5-1d7"
Expires: Tue, 18 Oct 2022 10:11:34 GMT
Last-Modified: Sun, 16 Oct 2022 08:36:53 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7ab0f662cefdaae0bfd0c01d91a87fd
5f1ba6b8c2147ec53770d3ce6a83337134e95ff8
80237fdb32c2b0c6e674bb7ae60da8f115cb0af64b3958618a89bd28dbf8282b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
eautifuleed.xyz/utx?cb=vm2NzuvRKoYU&top=xfantazy.com&tid=961956
143.204.55.19204 No Content 0 B URL HTTP/2 eautifuleed.xyz/utx?cb=vm2NzuvRKoYU&top=xfantazy.com&tid=961956
IP 143.204.55.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=vm2NzuvRKoYU&top=xfantazy.com&tid=961956 HTTP/1.1
Host: eautifuleed.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 16 Oct 2022 21:00:24 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://xfantazy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 16 Oct 2022 21:01:24 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: q4H_kakZ0svnEcOxxli4QUuCwqqt9MdSfpZEbi8BaWncJn6WuN-CsQ==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2e85ca944ca4959c3a7fefed9e62409
adb02a689b93e29bc250ccd89a798b4c905f8677
7ebde8e537b6cb68b9a900ffc7beb1d2dd9be7c3fb8efec00e4f66c852399562
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7EBDE8E537B6CB68B9A900FFC7BEB1D2DD9BE7C3FB8EFEC00E4F66C852399562"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6241
Expires: Sun, 16 Oct 2022 22:44:25 GMT
Date: Sun, 16 Oct 2022 21:00:24 GMT
Connection: keep-alive
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
45.133.44.4200 OK 927 B URL HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (377)
Hash c9fe3a1e0b102435b61cb85340b4d847
101ae13662f3715708a7a2dbff2890ed4c2bd1d6
225beeddd9ee47cfec4c9273afc913c4b708f9d142229aa8a34ab5a485af5ec9
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:23 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 16 Oct 2022 22:00:23 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2e85ca944ca4959c3a7fefed9e62409
adb02a689b93e29bc250ccd89a798b4c905f8677
7ebde8e537b6cb68b9a900ffc7beb1d2dd9be7c3fb8efec00e4f66c852399562
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7EBDE8E537B6CB68B9A900FFC7BEB1D2DD9BE7C3FB8EFEC00E4F66C852399562"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6241
Expires: Sun, 16 Oct 2022 22:44:25 GMT
Date: Sun, 16 Oct 2022 21:00:24 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2e85ca944ca4959c3a7fefed9e62409
adb02a689b93e29bc250ccd89a798b4c905f8677
7ebde8e537b6cb68b9a900ffc7beb1d2dd9be7c3fb8efec00e4f66c852399562
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7EBDE8E537B6CB68B9A900FFC7BEB1D2DD9BE7C3FB8EFEC00E4F66C852399562"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6241
Expires: Sun, 16 Oct 2022 22:44:25 GMT
Date: Sun, 16 Oct 2022 21:00:24 GMT
Connection: keep-alive
eautifuleed.xyz/utx?cb=VTozoflEQ20t&top=xfantazy.com&tid=962014
143.204.55.19204 No Content 0 B URL HTTP/2 eautifuleed.xyz/utx?cb=VTozoflEQ20t&top=xfantazy.com&tid=962014
IP 143.204.55.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=VTozoflEQ20t&top=xfantazy.com&tid=962014 HTTP/1.1
Host: eautifuleed.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 16 Oct 2022 21:00:24 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://xfantazy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 16 Oct 2022 21:01:24 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KgZW52ux0uOXGcAIROpMTZtsCxRFL_7ecUcPUoZCIasEqVrWhHbAUA==
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/fc/59/20/fc5920393823855889e86d648285984e/1613742321.html
45.133.44.4200 OK 789 B URL HTTP/2 cdn.barscreative1.com/sb/au/fc/59/20/fc5920393823855889e86d648285984e/1613742321.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382)
Hash 9a2e0bd35f220a9e64223f17d7573514
48bf3a886c1c8a25b12033e0ba7b37dd37403ae2
efe695641f3c87be65d4995abfc366f8932d94e5978b7d3124144f3c8f4e9b8b
GET /sb/au/fc/59/20/fc5920393823855889e86d648285984e/1613742321.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:23 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 13:45:26 GMT
etag: W/"602fc0f6-54d"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 16 Oct 2022 22:00:23 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 483b069ba949f3b38cb5efaa5133def4
9926ffeacae23089f625bf687f5aaaa1c592acb1
20c3bcfcb4987e5b014dff8beb7b15e984388ae7ad0279a576e6d137a078ade3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "20C3BCFCB4987E5B014DFF8BEB7B15E984388AE7AD0279A576E6D137A078ADE3"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8836
Expires: Sun, 16 Oct 2022 23:27:40 GMT
Date: Sun, 16 Oct 2022 21:00:24 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 483b069ba949f3b38cb5efaa5133def4
9926ffeacae23089f625bf687f5aaaa1c592acb1
20c3bcfcb4987e5b014dff8beb7b15e984388ae7ad0279a576e6d137a078ade3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "20C3BCFCB4987E5B014DFF8BEB7B15E984388AE7AD0279A576E6D137A078ADE3"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8836
Expires: Sun, 16 Oct 2022 23:27:40 GMT
Date: Sun, 16 Oct 2022 21:00:24 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 483b069ba949f3b38cb5efaa5133def4
9926ffeacae23089f625bf687f5aaaa1c592acb1
20c3bcfcb4987e5b014dff8beb7b15e984388ae7ad0279a576e6d137a078ade3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "20C3BCFCB4987E5B014DFF8BEB7B15E984388AE7AD0279A576E6D137A078ADE3"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8836
Expires: Sun, 16 Oct 2022 23:27:40 GMT
Date: Sun, 16 Oct 2022 21:00:24 GMT
Connection: keep-alive
eautifuleed.xyz/floater?cs=QmhYck52WW5KeXVYbEt2e15vQ3o&abt=0&red=1&sm=83&k=xfantazy%20crybby%20camp%20counselor%20wakes%20with%20pussy&v=0.8.10.0&sts=0&prn=1&emb=0&tid=961956&rxy=1280_1024&fs=1&t=600&m=1&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&jst=4&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi3_&_FLBe=1665954027127&crc=1
143.204.55.19200 OK 3.2 kB URL HTTP/2 eautifuleed.xyz/floater?cs=QmhYck52WW5KeXVYbEt2e15vQ3o&abt=0&red=1&sm=83&k=xfantazy%20crybby%20camp%20counselor%20wakes%20with%20pussy&v=0.8.10.0&sts=0&prn=1&emb=0&tid=961956&rxy=1280_1024&fs=1&t=600&m=1&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&jst=4&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi3_&_FLBe=1665954027127&crc=1
IP 143.204.55.19:0
File type ASCII text, with very long lines (4843), with no line terminators
Hash 51c7f6ed1ac7f993ec2415ac7dce78a1
9551ad38a701bfa839ccb7de255624dfc3360b93
383248bf9dd1be5560d5ebe0ecef580351ef5478810a54c0024cbe464bf1b97b
GET /floater?cs=QmhYck52WW5KeXVYbEt2e15vQ3o&abt=0&red=1&sm=83&k=xfantazy%20crybby%20camp%20counselor%20wakes%20with%20pussy&v=0.8.10.0&sts=0&prn=1&emb=0&tid=961956&rxy=1280_1024&fs=1&t=600&m=1&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&jst=4&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi3_&_FLBe=1665954027127&crc=1 HTTP/1.1
Host: eautifuleed.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 3178
date: Sun, 16 Oct 2022 21:00:24 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://xfantazy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=6ae47bf2-f4fe-435f-a721-201c786db44d
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BVCsNEshb4Nm-cI_3zjYGN2dHtb4l4WrOQlN3i8RJ9Nx0c9ETw2-Xg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a6e1c15b41a9baf3dcf134b8132912a6
7a9c0e0a369023808a9d9732610cd6f206c584ab
f247489aeb512583b0e1721922abd34e7d98bfb71d2de21d0c6f179cf585d365
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bec8662253487535e988ec1ffb1f53c6
b752af012181b7f6e14413f0482cdf9d6e18af35
2fee7612e3563cd018022c186c8d97b619888a54096a35f0d736a84b00baa18f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5681
Cache-Control: max-age=133870
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:24 GMT
Etag: "634bc2a5-1d7"
Expires: Tue, 18 Oct 2022 10:11:34 GMT
Last-Modified: Sun, 16 Oct 2022 08:36:53 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 13 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
Hash a3122a14ecc4ef9ce2390cf1e850a26a
2df8f89f2f04e4c56defe3de7e398583b5818519
3b5ec01bc8c88eb15b200ae2ef356d2b6eaeed4bdf6cdff3e0043c68333cf876
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: t5z8Y6GlL78Qii1klo5cC5HvBIFCg172vhxRzyGMF5OqyMFEDuabX3jxojyJvm1Qx8uRJq90Omkwh0JPb5APqA==
date: Sun, 16 Oct 2022 21:00:24 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f54a5e8bc9df618c759b36171c3dc59
daa13f44d63b193afc97b0f174b933aa20cb4f05
3b64fc1e4fb9f3f723929f5b66eecff56ffad04b823db4a168d363f5232314bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B64FC1E4FB9F3F723929F5B66EECFF56FFAD04B823DB4A168D363F5232314BB"
Last-Modified: Sat, 15 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9103
Expires: Sun, 16 Oct 2022 23:32:07 GMT
Date: Sun, 16 Oct 2022 21:00:24 GMT
Connection: keep-alive
a.focusde.info/api/spots/391868?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid=
135.181.208.216200 OK 103 kB URL HTTP/2 a.focusde.info/api/spots/391868?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Size 103 kB (103275 bytes)
Hash b80a2c266b55ab53b86b6b370ae2f658
62d05c0661f3cbad5085fff53cf0e80a8907ed81
1f374e6dcacd61878c35a831eaf069cca091bfd722eb766af8bc1d6dc4828804
GET /api/spots/391868?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:23 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=glbNBC4OiP7Y0QdriupS; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
a.focusde.info/api/spots/391867?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid=
135.181.208.216200 OK 1.1 kB URL HTTP/2 a.focusde.info/api/spots/391867?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 02f47e49f99ad8e1c30202ad94108e48
a90137f9ebf529ce504ff962155f961738ab6759
662529948c851984585315df5dc26f29f17815565bd8b53cc96aceb7ecbe9059
GET /api/spots/391867?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:23 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=PKkXTB5LBtOi1FJx7L8Q; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/08/b0/64/08b064f9cee6b282bb956d847033fed5/1658582944.jpg
45.133.44.9200 OK 8.7 kB URL HTTP/2 cdn.cloudimagesb.com/si/08/b0/64/08b064f9cee6b282bb956d847033fed5/1658582944.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 2c29eb5172d6284ce44e9bdddbc9f7f9
7e636afa5c449686a67c15a3eb42e24b4060f3e2
843c2d3a6a428708bfc4ff66793db619e93662cd4a0fe42657ddbc612b4faa7e
GET /si/08/b0/64/08b064f9cee6b282bb956d847033fed5/1658582944.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: image/jpeg
content-length: 8684
server: nginx/1.17.6
last-modified: Sat, 23 Jul 2022 13:29:12 GMT
etag: "62dbf7a8-21ec"
expires: Tue, 18 Oct 2022 21:00:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 483b069ba949f3b38cb5efaa5133def4
9926ffeacae23089f625bf687f5aaaa1c592acb1
20c3bcfcb4987e5b014dff8beb7b15e984388ae7ad0279a576e6d137a078ade3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "20C3BCFCB4987E5B014DFF8BEB7B15E984388AE7AD0279A576E6D137A078ADE3"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8836
Expires: Sun, 16 Oct 2022 23:27:40 GMT
Date: Sun, 16 Oct 2022 21:00:24 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/5d/16/8b/5d168b4c2466b189729f9f9e72ff9e4a/1658144882.jpg
45.133.44.9200 OK 11 kB URL HTTP/2 cdn.cloudimagesb.com/si/5d/16/8b/5d168b4c2466b189729f9f9e72ff9e4a/1658144882.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 62eb9d272cfc03bdc42f5abd423d2dcd
8436ae8ad0ac45946b1bf0fe5768cd868cd8c6a2
0a52e8bbbbe749849d27811ef7404a6623f8908ca7d00f902fc927dab7b828a2
GET /si/5d/16/8b/5d168b4c2466b189729f9f9e72ff9e4a/1658144882.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: image/jpeg
content-length: 11151
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:48:10 GMT
etag: "62d5487a-2b8f"
expires: Tue, 18 Oct 2022 21:00:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
a.focusde.info/api/spots/391866?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid=
135.181.208.216200 OK 112 kB URL HTTP/2 a.focusde.info/api/spots/391866?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Size 112 kB (111502 bytes)
Hash d9dbef3c8ebade0ac01e90d75b3d712e
96e08a7d2367ed76d0e4493b206b42e9f074584e
56c200e02bd2422718804f814df4824f76f370ba238d19757b3773126dba7859
GET /api/spots/391866?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:23 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=lJawsKed2IRHrReUDUZo; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A1048873110%3Arqn%3A8%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1665954023475%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665954026%3At%3ACryBby%20-%20Camp%20Counselor%20Wakes%20u%20up%20With%20Her%20Pussy%20-%20XFantazy.com&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(8)ecs(1)fip(1)rqnl(1)ti(2)
87.250.251.119302 Found 280 B URL HTTP/2 mc.yandex.ru/watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A1048873110%3Arqn%3A8%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1665954023475%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665954026%3At%3ACryBby%20-%20Camp%20Counselor%20Wakes%20u%20up%20With%20Her%20Pussy%20-%20XFantazy.com&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(8)ecs(1)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
Hash f7694a398e6fdfbd282fa5b85f1b4da5
4db92bae35f2e5df50bfc4da8db43f7c7f451a5d
7a3c36eee6afe8f2a891404b046ee960fc8bb168b21dc5daa6f4f92a57a4c81d
GET /watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A1048873110%3Arqn%3A8%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1665954023475%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665954026%3At%3ACryBby%20-%20Camp%20Counselor%20Wakes%20u%20up%20With%20Her%20Pussy%20-%20XFantazy.com&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(8)ecs(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e834df5fb59747046875c89&charset=utf-8&hittoken=1665954022_3057e975b290adedff9492743722e4009f419e41777b9259618f4ca55883b06e&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3wonfuk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A514818929354%3Ahid%3A630527585%3Az%3A0%3Ai%3A20221016210026%3Aet%3A1665954026%3Ac%3A1%3Arn%3A1048873110%3Arqn%3A8%3Au%3A1665954026746947377%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1665954023475%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665954026%3At%3ACryBby%20-%20Camp%20Counselor%20Wakes%20u%20up%20With%20Her%20Pussy%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-6%29clc%280-0-0%29aw%281%29rqnt%288%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
date: Sun, 16 Oct 2022 21:00:22 GMT
access-control-allow-origin: https://xfantazy.com
set-cookie: yandexuid=773406231665954022; Expires=Mon, 16-Oct-2023 21:00:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=773406231665954022; Expires=Mon, 16-Oct-2023 21:00:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=500285381665954022; Path=/; SameSite=None; Secure
i=WOqRVaQtBh0dd4NXLkNycmlMJphmPMtC8olXM1us+R5gp1r2QDbB5GO4gPef+JZTn7Ik/v6tI5lw+0LeFpn87siHodo=; Expires=Wed, 13-Oct-2032 21:00:18 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1697490022.yrts.1665954022#1697490022.yrtsi.1665954022; Expires=Mon, 16-Oct-2023 21:00:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 16-Oct-2022 21:00:22 GMT
last-modified: Sun, 16-Oct-2022 21:00:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js
172.64.110.27200 OK 12 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP 172.64.110.27:0
Hash a5ecb2d189da0cfeb9d754c5cf518332
eefd20fccbd476a821516484db3181336b0fef5f
d02c67e005b53ff4b6a999ad531f90baa552cbcdbef3e9ec8c5e3ed9407d53ff
GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6432905
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcDZfIZKfgmvrunDYeC1j9746s2yqIb2Qd9%2FuKqaYO4qN8k7FBCNh3UpqO%2BAsZBbn92RAMmEpVO7et8r%2FjiqlQNHw46GQeQZh0QkqXgqoKuGuEwzJXBb4jAusClhpR7ks7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3b94afede0079-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/dbyQvCChy6e4_zmTqw/w320h240/0.jpeg
188.72.235.186200 OK 12 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/dbyQvCChy6e4_zmTqw/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 58a77211f09e762ddd753e454698d4a1
dc4415e598c00783ab4f08ba1cd5b729c4fdd060
f464e5ad4b2cba8ad4f9368d9982219764f0ff36fe7734ea64ed1fef07e3db9c
GET /thumbnail/dbyQvCChy6e4_zmTqw/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: image/jpeg
content-length: 12322
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f7694a398e6fdfbd282fa5b85f1b4da5
4db92bae35f2e5df50bfc4da8db43f7c7f451a5d
7a3c36eee6afe8f2a891404b046ee960fc8bb168b21dc5daa6f4f92a57a4c81d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6549
Cache-Control: max-age=129356
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:24 GMT
Etag: "634bad9f-118"
Expires: Tue, 18 Oct 2022 08:56:20 GMT
Last-Modified: Sun, 16 Oct 2022 07:07:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
static-cache.k2s.cc/thumbnail/JuqQuX-nz67o-TmX-g/w320h240/0.jpeg
188.72.235.186200 OK 16 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/JuqQuX-nz67o-TmX-g/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash ebab97a1932e33716fd952135bdf60a8
a2b9bbcbd9f111da7b01bb6c37e26d074fcb0f4c
6e9b6a64dcb33bd9d734342d63d1eafb7c5a1017880219b30e2798bdd48a3252
GET /thumbnail/JuqQuX-nz67o-TmX-g/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: image/jpeg
content-length: 15455
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/vpn/default/us/ios-btn/3/css/style.css
172.64.110.27200 OK 7.9 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/vpn/default/us/ios-btn/3/css/style.css
IP 172.64.110.27:0
Hash 6da0bf37e9e6ab530a6f6f709b519360
1398b48a2e18b9c31caf02d96040ad53f81c0e21
183d939adf2f26abd89c82fd23267f5ec6f602a062b501bd579252dcf51312d5
GET /sb/ssp/vpn/default/us/ios-btn/3/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 11:28:46 GMT
etag: W/"6128cc6e-10a8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3231766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23fL5ZxGg92ym9v95zeUqItG9UoGwq7YmC2Ffd5p4N4g4pA67FnoNqtgpJSC4u6JhhYC%2FJcgJH%2BVtLHNQWc4RDg0QTD8xk%2ByrEI8C6jYvRZIC0q8OzqZCIKadT1KbUekegk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3b94b1f100079-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
104.21.234.233200 OK 44 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.233:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 45d0572823199cbcd36ae35b3ec78b83
44f8d1f7d097848c4e5d1dd038db19b7132c174a
18b5f188d69b9befa974f45dc2bb7c891ca882144ef4699ea8eae6f15cf27a47
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:22 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 218951f7354ed21308cb5d36edff9812
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 16 Oct 2022 21:00:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qp%2F2E4ckl46NLSNKtqYMGoFxAiCocFotuS5j%2BySXEjfzfJCNKmH80s%2BvaQDh0HfdfWOdXPUTmIdni1iYns7BrfCkT8lIudhkyprB25TihDpC3Zop4DurJMM2gJ%2BhNQSGyFCE8io%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3b93fea0e75dd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/cLjAvHH1z6boqWqfrA/w320h240/0.jpeg
188.72.235.186200 OK 16 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/cLjAvHH1z6boqWqfrA/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash edfeb8c2dc860a3c1d0fa7a998f9c263
b7ce979ab1e405125c9ee095729aa312636e045d
ed41a7f27e8c42e1261f8ef0e040772d129b59a01a74ae2e684456fafbf41691
GET /thumbnail/cLjAvHH1z6boqWqfrA/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: image/jpeg
content-length: 16110
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/curBuHeiyf3rrGqQqQ/w320h240/0.jpeg
188.72.235.186200 OK 15 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/curBuHeiyf3rrGqQqQ/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 6c5fa2f713b6c7fada324b4ef2f71e4a
d2c026d68c247a0c6b831386afdf9df05e5512b0
5d993778e4a3c0147bbd30b868c2e26b92e80677456e4d9c8ab88a84664272d1
GET /thumbnail/curBuHeiyf3rrGqQqQ/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: image/jpeg
content-length: 14609
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/deXFuXGinvi4_WqXrg/w320h240/0.jpeg
188.72.235.186200 OK 11 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/deXFuXGinvi4_WqXrg/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 6f6842b11d9f9110151da92ec801a842
360470fed303b752b3de3e66d93d9731eaca831c
c9433babdf42875efc0120de56c55e74e2df5868674159f5f257c16f5fc60745
GET /thumbnail/deXFuXGinvi4_WqXrg/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: image/jpeg
content-length: 11169
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f7694a398e6fdfbd282fa5b85f1b4da5
4db92bae35f2e5df50bfc4da8db43f7c7f451a5d
7a3c36eee6afe8f2a891404b046ee960fc8bb168b21dc5daa6f4f92a57a4c81d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6549
Cache-Control: max-age=129356
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:24 GMT
Etag: "634bad9f-118"
Expires: Tue, 18 Oct 2022 08:56:20 GMT
Last-Modified: Sun, 16 Oct 2022 07:07:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
dwightadjoining.com/pixel/sbs?c=1
192.243.61.227200 OK 0 B URL HTTP/1.1 dwightadjoining.com/pixel/sbs?c=1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: dwightadjoining.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=17661735; uid_id2=219e314f-e8ff-430a-b08d-a77097cd0670:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 21:00:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
a.focusde.info/api/spots/303891?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 4.9 kB URL HTTP/2 a.focusde.info/api/spots/303891?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 5eda45038cbe75553e7810b937df2965
39bb96694de9da5cfc845a77923863c5aeb53e8b
7aa24c9681777cfb70b33093f2309a12611aab99789dd54258a05ffaafd4ec0b
GET /api/spots/303891?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=glbNBC4OiP7Y0QdriupS
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
dwightadjoining.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r81CKYJKN4KWWQhWMNP35vfYRTDGSDC2pVV0Icj99Sa3ufPu4953502yMbQgXQhO%2F4OXM0mDWkRXurGUl4qLrDKusjBb%2FwBRtzLT4OgHj%2B8775zFuef7Pt%2F1pySEpycr75ttpTW90qyGlcsfR9HVyrpK%2FLAy7LQ%2BbTWuVuzgzW6rGr5eeVfyTXOlFkZhGIVRZVVZGZvhlSkJlT7sRtVuWG3UqlGzgaH9P3Y%2BgKMBxOCUvAglJgtPgotQvETS%2F25Fus3MpG%2B80%2FeaZsZiIA4%2BTDYTkyfoz8fYBoiTgzM1jDtefQST7M%2Fswgz%2BFTI1IcEvj8CSgzOTYIO9mU%2BmIRMwcQH5oITUJRQtwc1dKHFMAC5w7TqS%2FoNrxuZ06ylLp%2ByELPz1B1Q%2BIQu%2FXUTS%2F3ZZq2HlltE%2BUyZxGMYF1LCE6pVI%2FSGy7XNQ%2BSF4dgdKECT9AkqcvFqLurIeNeJF2YnjxUY9pIss7IhF2m6H3TYXYasdzoJRqoSKS2g5AnUB%2FPRTAXwcwKcB%2BuKkwqMoaoeC07DT5bwu2pK1RBjRdhzRKGx14PnU%2BwhZOgLXI3C7g9TuYFPdnxByZw%2FWP4bbKOBEAJcRDESBXBLkjiCnBLkiyDOCfFDsC%2B1qrnggtPMsOuu1s14vxibr7dJ9k%2FVkQnbTU%2FLCNLXguc9ew6Y8qdSiWNa7zTBuRDUZ1lq8Xo8j1uJStqK6ZBROFVDu3Oyt22pCLjUvIFUT8szSYzB6CKcPwdXzoP4V0HzcroWgG%2BNGJ8R28mNCM2%2Bp3pBUZxvOeMtllWvPIEyBNFtAthXs6lPy0myTrdrfkPxo6efyy08u%2F3kIbguktsBt9YSgp%2B%2BNb5qc7N00uSPfX08z1VfbdLrlWxnN5Pmv35NbubFibcWNvnqLT4np%2BPAD6bJ1mgiV9Bz5ZlkJIe2qsVySn9bcR5Ld8G5j2dvEp%2Bs33l5d66dWOqdMUoKqY%2FcFuJqQZ6mZne%2FLt3%2BAsiWsL9D3R%2BSsoEwJnu7ApXP3zpyH1XMNSwPkvhjbGpv%2F1IpAyzmmrID7D2bzedfdQ89eAs3uzq52YAsMdAGqR3D%2B%2FDhL7dHSr%2FVZgelgzLQN9pi2%2Bv7TaJ06qdRD0WYylm0mG81GLLlgzSYLecxZXXQ6HJmb8PX0938AAAD%2F%2FwEAAP%2F%2Fu1rp2IkEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 dwightadjoining.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r81CKYJKN4KWWQhWMNP35vfYRTDGSDC2pVV0Icj99Sa3ufPu4953502yMbQgXQhO%2F4OXM0mDWkRXurGUl4qLrDKusjBb%2FwBRtzLT4OgHj%2B8775zFuef7Pt%2F1pySEpycr75ttpTW90qyGlcsfR9HVyrpK%2FLAy7LQ%2BbTWuVuzgzW6rGr5eeVfyTXOlFkZhGIVRZVVZGZvhlSkJlT7sRtVuWG3UqlGzgaH9P3Y%2BgKMBxOCUvAglJgtPgotQvETS%2F25Fus3MpG%2B80%2FeaZsZiIA4%2BTDYTkyfoz8fYBoiTgzM1jDtefQST7M%2Fswgz%2BFTI1IcEvj8CSgzOTYIO9mU%2BmIRMwcQH5oITUJRQtwc1dKHFMAC5w7TqS%2FoNrxuZ06ylLp%2ByELPz1B1Q%2BIQu%2FXUTS%2F3ZZq2HlltE%2BUyZxGMYF1LCE6pVI%2FSGy7XNQ%2BSF4dgdKECT9AkqcvFqLurIeNeJF2YnjxUY9pIss7IhF2m6H3TYXYasdzoJRqoSKS2g5AnUB%2FPRTAXwcwKcB%2BuKkwqMoaoeC07DT5bwu2pK1RBjRdhzRKGx14PnU%2BwhZOgLXI3C7g9TuYFPdnxByZw%2FWP4bbKOBEAJcRDESBXBLkjiCnBLkiyDOCfFDsC%2B1qrnggtPMsOuu1s14vxibr7dJ9k%2FVkQnbTU%2FLCNLXguc9ew6Y8qdSiWNa7zTBuRDUZ1lq8Xo8j1uJStqK6ZBROFVDu3Oyt22pCLjUvIFUT8szSYzB6CKcPwdXzoP4V0HzcroWgG%2BNGJ8R28mNCM2%2Bp3pBUZxvOeMtllWvPIEyBNFtAthXs6lPy0myTrdrfkPxo6efyy08u%2F3kIbguktsBt9YSgp%2B%2BNb5qc7N00uSPfX08z1VfbdLrlWxnN5Pmv35NbubFibcWNvnqLT4np%2BPAD6bJ1mgiV9Bz5ZlkJIe2qsVySn9bcR5Ld8G5j2dvEp%2Bs33l5d66dWOqdMUoKqY%2FcFuJqQZ6mZne%2FLt3%2BAsiWsL9D3R%2BSsoEwJnu7ApXP3zpyH1XMNSwPkvhjbGpv%2F1IpAyzmmrID7D2bzedfdQ89eAs3uzq52YAsMdAGqR3D%2B%2FDhL7dHSr%2FVZgelgzLQN9pi2%2Bv7TaJ06qdRD0WYylm0mG81GLLlgzSYLecxZXXQ6HJmb8PX0938AAAD%2F%2FwEAAP%2F%2Fu1rp2IkEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r81CKYJKN4KWWQhWMNP35vfYRTDGSDC2pVV0Icj99Sa3ufPu4953502yMbQgXQhO%2F4OXM0mDWkRXurGUl4qLrDKusjBb%2FwBRtzLT4OgHj%2B8775zFuef7Pt%2F1pySEpycr75ttpTW90qyGlcsfR9HVyrpK%2FLAy7LQ%2BbTWuVuzgzW6rGr5eeVfyTXOlFkZhGIVRZVVZGZvhlSkJlT7sRtVuWG3UqlGzgaH9P3Y%2BgKMBxOCUvAglJgtPgotQvETS%2F25Fus3MpG%2B80%2FeaZsZiIA4%2BTDYTkyfoz8fYBoiTgzM1jDtefQST7M%2Fswgz%2BFTI1IcEvj8CSgzOTYIO9mU%2BmIRMwcQH5oITUJRQtwc1dKHFMAC5w7TqS%2FoNrxuZ06ylLp%2ByELPz1B1Q%2BIQu%2FXUTS%2F3ZZq2HlltE%2BUyZxGMYF1LCE6pVI%2FSGy7XNQ%2BSF4dgdKECT9AkqcvFqLurIeNeJF2YnjxUY9pIss7IhF2m6H3TYXYasdzoJRqoSKS2g5AnUB%2FPRTAXwcwKcB%2BuKkwqMoaoeC07DT5bwu2pK1RBjRdhzRKGx14PnU%2BwhZOgLXI3C7g9TuYFPdnxByZw%2FWP4bbKOBEAJcRDESBXBLkjiCnBLkiyDOCfFDsC%2B1qrnggtPMsOuu1s14vxibr7dJ9k%2FVkQnbTU%2FLCNLXguc9ew6Y8qdSiWNa7zTBuRDUZ1lq8Xo8j1uJStqK6ZBROFVDu3Oyt22pCLjUvIFUT8szSYzB6CKcPwdXzoP4V0HzcroWgG%2BNGJ8R28mNCM2%2Bp3pBUZxvOeMtllWvPIEyBNFtAthXs6lPy0myTrdrfkPxo6efyy08u%2F3kIbguktsBt9YSgp%2B%2BNb5qc7N00uSPfX08z1VfbdLrlWxnN5Pmv35NbubFibcWNvnqLT4np%2BPAD6bJ1mgiV9Bz5ZlkJIe2qsVySn9bcR5Ld8G5j2dvEp%2Bs33l5d66dWOqdMUoKqY%2FcFuJqQZ6mZne%2FLt3%2BAsiWsL9D3R%2BSsoEwJnu7ApXP3zpyH1XMNSwPkvhjbGpv%2F1IpAyzmmrID7D2bzedfdQ89eAs3uzq52YAsMdAGqR3D%2B%2FDhL7dHSr%2FVZgelgzLQN9pi2%2Bv7TaJ06qdRD0WYylm0mG81GLLlgzSYLecxZXXQ6HJmb8PX0938AAAD%2F%2FwEAAP%2F%2Fu1rp2IkEAAA%3D HTTP/1.1
Host: dwightadjoining.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=17661735; uid_id2=219e314f-e8ff-430a-b08d-a77097cd0670:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 21:00:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 607bf8777cc550c19860df325831a289
Strict-Transport-Security: max-age=0; includeSubdomains
a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 3.4 kB URL HTTP/2 a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 9e66419d0823555eb4f05dc05e8d800e
03f827f62cd0bbb5cb942f1417ec1e568cfabeef
bcdf390adfeb54f1dafa3176c132904c37cfcc81e53988982abe780a529a5a22
GET /api/spots/312873?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=glbNBC4OiP7Y0QdriupS
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
invaderannihilationperky.com/pixel/sbs?c=1
192.243.61.227200 OK 0 B URL HTTP/1.1 invaderannihilationperky.com/pixel/sbs?c=1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=7b9a8694-4a1b-412a-b645-d0a4611d9cae:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 21:00:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
a.focusde.info/api/spots/303892?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 76 kB URL HTTP/2 a.focusde.info/api/spots/303892?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 6deb52d25440c1576b765006a94c10f0
c9d194aceba206d158bb3971e774cd4b672ff6e4
c920e665bf5796f8937cc6422f4437214e0b4d21ac2d73fbe1ca6d863d4198e1
GET /api/spots/303892?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=glbNBC4OiP7Y0QdriupS
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/img/close.svg
172.64.110.27200 OK 69 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP 172.64.110.27:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 284897314786518d9a6ab72ad9b461ba
af73824e8cbb64af7533e77a62e2d85a7a99cffc
845bdd1310f642188befeb87aac6c842d9d363b608e0162cbcfa3597fcd252aa
GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6432966
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWEsfHxQdQrrN5TaDxC%2FXN%2BNQLQU5ekBPwI%2BhX8tBqSuvWW7NPKLZFW41mvbqsmu%2FOu4eru4NtrOqi5TdTKyHOW9EfY6C%2BJBShEm%2BFSQoeoSLSod%2BDhg5JBOhObhTuQbyAI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3b94b7d06e664-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0dc9486bf3508799a50924916ab5f647
c9a0262882f5149272a80cc8577a87e158ffdfc2
78905a604f75956aff7b358d9193840bbeefb8afad993021ad1d7f070e15a839
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 14 Oct 2022 05:56:26 GMT
Expires: Fri, 21 Oct 2022 05:56:25 GMT
Etag: "c9a0262882f5149272a80cc8577a87e158ffdfc2"
Cache-Control: max-age=377160,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75b3b94eee9ab512-OSL
cdn.tsyndicate.com/sdk/v1/master.spot.js
8.247.218.249200 OK 13 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/master.spot.js
IP 8.247.218.249:0
File type ASCII text, with very long lines (28232)
Hash 9403f06a842c17ba14d619a87ea53021
b0b67aa37678053849d4a7d37b61ea2de9a7561c
150a260e05a1c03c3320cb9b8da0a376a5a273ca384d69065796afb7f093efb9
GET /sdk/v1/master.spot.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: application/javascript
content-length: 12719
last-modified: Mon, 19 Sep 2022 08:55:31 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"63282e83-887a"
age: 2375778
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.realsrv.com/v1/api.php
95.211.229.247200 OK 1.1 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1455), with no line terminators
Hash 35052164762dc15a6cce04924854d482
c904b7e56d5d6195001c2e8a91a721b722e7c498
e27ace6898ae09c9b9e92ff320a3eacc9bd91f5b82bdce67b5ef7caeafd2b2b4
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 289
Origin: https://a.focusde.info
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 21:00:25 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.focusde.info
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22634c70e91929a4.046341852940593715%22%3B%7D; expires=Tue, 15-Oct-2024 21:00:25 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/v1/api.php
95.211.229.247200 OK 1.1 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1453), with no line terminators
Hash c7f60c7cdbca027a6874dc745e23cc4d
aa31bbd82866f55b25c000e43c3d2d07fbc12bde
66be22f89573463b853385e448c04647fad160a48317e22646a78db3eef96fbe
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 289
Origin: https://a.focusde.info
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 21:00:25 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.focusde.info
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22634c70e91858f8.076693341348724064%22%3B%7D; expires=Tue, 15-Oct-2024 21:00:25 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/v1/api.php
95.211.229.247200 OK 2.5 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5542), with no line terminators
Hash 94e9f68668a5d2510738ecce23d9c37d
66f3a7d9458b305eba522ee80022c67f62163fc9
e7acc4b66efd40948e7a1fc5c4e7a196656dbaea91265ddad376a4b231ae7852
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 289
Origin: https://a.focusde.info
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 21:00:25 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.focusde.info
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22634c70e9162411.034746342569777849%22%3B%7D; expires=Tue, 15-Oct-2024 21:00:25 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
a.focusde.info/api/spots/312874?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 3.5 kB URL HTTP/2 a.focusde.info/api/spots/312874?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Hash b13d4870b6bdcfff43453ed7bcab9649
ce4d29c9422094263272c5fdaaabab7d367e63f6
5d20c6680dd7700a15770e42b5c9fdca073ef1cddd568f83d3fce3b1e99f1787
GET /api/spots/312874?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=glbNBC4OiP7Y0QdriupS
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
syndication.realsrv.com/v1/api.php
95.211.229.247200 OK 2.5 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5543), with no line terminators
Hash 81912c735034b3f3add09d10e5595913
7f2f8cd93f47a844b5a39fa7b17ea0c5be9b4655
708a8e3964d8288cd792f80e421c112185ef0f43b6955c5147d8f3158495f06f
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 289
Origin: https://a.focusde.info
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 21:00:25 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.focusde.info
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22634c70e908b2f9.999309914032266213%22%3B%7D; expires=Tue, 15-Oct-2024 21:00:25 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Py2oDMRD7lf5AjGY840fOzbWFlHyA7eySQshCkoUU5uPr9aF0dJAOEhoxmHeEHYU3intgz2qZXIYTdqRiH59HE7Jbea73cr1M5fq8PJb13ibXrms1EkCTaQiSg+UI+GASU9DMpkgmnjQnNskcIAwjNW/oYPUim3IAWYIdTkc7fb0bOZCPRsaWgRdrD41HrMela7y2PJ1bZSDkNDO3lqgh+pq4Jl+klrwZrbh5aevjPLnv27yM3tFI8KMAf9jRoH6wocrj59bM/lk26AhRHy4bFZ81cq1+miVN8Uwpl6Kc+txKOvMvvuAHiWEBAAA=
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Py2oDMRD7lf5AjGY840fOzbWFlHyA7eySQshCkoUU5uPr9aF0dJAOEhoxmHeEHYU3intgz2qZXIYTdqRiH59HE7Jbea73cr1M5fq8PJb13ibXrms1EkCTaQiSg+UI+GASU9DMpkgmnjQnNskcIAwjNW/oYPUim3IAWYIdTkc7fb0bOZCPRsaWgRdrD41HrMela7y2PJ1bZSDkNDO3lqgh+pq4Jl+klrwZrbh5aevjPLnv27yM3tFI8KMAf9jRoH6wocrj59bM/lk26AhRHy4bFZ81cq1+miVN8Uwpl6Kc+txKOvMvvuAHiWEBAAA=
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01Py2oDMRD7lf5AjGY840fOzbWFlHyA7eySQshCkoUU5uPr9aF0dJAOEhoxmHeEHYU3intgz2qZXIYTdqRiH59HE7Jbea73cr1M5fq8PJb13ibXrms1EkCTaQiSg+UI+GASU9DMpkgmnjQnNskcIAwjNW/oYPUim3IAWYIdTkc7fb0bOZCPRsaWgRdrD41HrMela7y2PJ1bZSDkNDO3lqgh+pq4Jl+klrwZrbh5aevjPLnv27yM3tFI8KMAf9jRoH6wocrj59bM/lk26AhRHy4bFZ81cq1+miVN8Uwpl6Kc+txKOvMvvuAHiWEBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.focusde.info
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22634c70e91929a4.046341852940593715%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22634c70e91929a4.046341852940593715%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 21:00:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.focusde.info
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22634c70e91929a4.046341852940593715%22%3B%7D; expires=Tue, 15 Oct 2024 21:00:25 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22634c70e91929a4.046341852940593715%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D; expires=Tue, 15 Oct 2024 21:00:25 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2rDQAy8Si+QRdJK+8h389tCSg5gr72kYGJIYmhhDt9dl1YCaRCa0UhI5MB04PDC8Uh0FENml8mpODbF2/sZyrgNz+0+LNd5WJ7Xx7rdy+zKso3QaBYiLATNATkS+dCGKQQiGCUYZw4cENX7mE3ABg9qKeZVO3JEjEQ4Xc64fLyCHbGPYAih1W6hQ22YvjpzslrMWNRmqURmmctUTW0c81hp6IsYXF3L9phm93mr636x32JOXUj+Bi0PvLcWhB0Nj+9bAf4Xfm3CdpYHq1KTSLVq8TWUoiSZrT3n55GTjYFTFv4BHLC4+1wBAAA=
95.211.229.247200 OK 1.6 kB URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2rDQAy8Si+QRdJK+8h389tCSg5gr72kYGJIYmhhDt9dl1YCaRCa0UhI5MB04PDC8Uh0FENml8mpODbF2/sZyrgNz+0+LNd5WJ7Xx7rdy+zKso3QaBYiLATNATkS+dCGKQQiGCUYZw4cENX7mE3ABg9qKeZVO3JEjEQ4Xc64fLyCHbGPYAih1W6hQ22YvjpzslrMWNRmqURmmctUTW0c81hp6IsYXF3L9phm93mr636x32JOXUj+Bi0PvLcWhB0Nj+9bAf4Xfm3CdpYHq1KTSLVq8TWUoiSZrT3n55GTjYFTFv4BHLC4+1wBAAA=
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 306872bde3f4d14b8a2acc4b0afdcbeb
8257763b11ab00eb01375118a64344ad925a299e
16ab05045a6bbb0ecf8975a9089e737aa5b4a97a711efc42ea0b2ca0d9edebe1
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2rDQAy8Si+QRdJK+8h389tCSg5gr72kYGJIYmhhDt9dl1YCaRCa0UhI5MB04PDC8Uh0FENml8mpODbF2/sZyrgNz+0+LNd5WJ7Xx7rdy+zKso3QaBYiLATNATkS+dCGKQQiGCUYZw4cENX7mE3ABg9qKeZVO3JEjEQ4Xc64fLyCHbGPYAih1W6hQ22YvjpzslrMWNRmqURmmctUTW0c81hp6IsYXF3L9phm93mr636x32JOXUj+Bi0PvLcWhB0Nj+9bAf4Xfm3CdpYHq1KTSLVq8TWUoiSZrT3n55GTjYFTFv4BHLC4+1wBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.focusde.info
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22634c70e9162411.034746342569777849%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22634c70e91929a4.046341852940593715%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 21:00:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.focusde.info
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22634c70e9162411.034746342569777849%22%3B%7D; expires=Tue, 15 Oct 2024 21:00:25 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22634c70e91929a4.046341852940593715%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D; expires=Tue, 15 Oct 2024 21:00:25 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/475567/8d426f816cbaeff1b5b985f59529c8fac01088a4.jpg
185.76.9.15200 OK 19 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/475567/8d426f816cbaeff1b5b985f59529c8fac01088a4.jpg
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 600a2563a9ff954ee2d89bb3fb028018
8d426f816cbaeff1b5b985f59529c8fac01088a4
c8b0a6e6d79b601ba5e1035656e4950f7905e76fb619e71332a9843efb4d8eaa
GET /library/475567/8d426f816cbaeff1b5b985f59529c8fac01088a4.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:25 GMT
content-type: image/jpeg
content-length: 18683
last-modified: Wed, 21 Aug 2019 03:50:42 GMT
etag: "5d5cbf92-48fb"
expires: Fri, 30 Jun 2023 14:44:03 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195213
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ06lv3/3NONAA
x-77-nzt-ray: Qyj41qKq/bg
x-cache: HIT
x-age: 9294812
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/140058/ce7cd314104443460766af6d959f2f187dac05ca.mp4
185.76.9.15206 Partial Content 38 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/140058/ce7cd314104443460766af6d959f2f187dac05ca.mp4
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash eaaaa58beeb0defc048150287c4e0b5c
ce7cd314104443460766af6d959f2f187dac05ca
25232d9ff354f436a1b2d6d69ac45bce2d85234035d90c004938eb115368b536
GET /library/140058/ce7cd314104443460766af6d959f2f187dac05ca.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Sun, 16 Oct 2022 21:00:25 GMT
content-type: video/mp4
content-length: 37674
last-modified: Fri, 27 Mar 2020 00:09:40 GMT
etag: "5e7d4444-932a"
expires: Fri, 30 Jun 2023 12:23:32 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195591
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ0fJb3/YtKNAA
x-77-nzt-ray: AO3CYckqbu0
x-cache: HIT
x-age: 9294434
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-37673/37674
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/140058/ce7cd314104443460766af6d959f2f187dac05ca.mp4
185.76.9.15206 Partial Content 38 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/140058/ce7cd314104443460766af6d959f2f187dac05ca.mp4
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash eaaaa58beeb0defc048150287c4e0b5c
ce7cd314104443460766af6d959f2f187dac05ca
25232d9ff354f436a1b2d6d69ac45bce2d85234035d90c004938eb115368b536
GET /library/140058/ce7cd314104443460766af6d959f2f187dac05ca.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Sun, 16 Oct 2022 21:00:25 GMT
content-type: video/mp4
content-length: 37674
last-modified: Fri, 27 Mar 2020 00:09:40 GMT
etag: "5e7d4444-932a"
expires: Fri, 30 Jun 2023 12:23:32 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195591
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ0y3xr/YtKNAA
x-77-nzt-ray: wDOXit3rBFU
x-cache: HIT
x-age: 9294434
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-37673/37674
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PbWrDMAy9yi4Qo2/b/b3+3aCjB3AShw5CC20DG+jwszM2CUkP8aQnERANCAPaC8YDwIHUM4YMQSigir+9n1zQr+W53ct6qWV9Xh637T7VMK3b6BJVLbqaSTbPEYCtNZNpTq7QAjMamkdhjlnJUZ0dmpOySEcBAD2BH88nP3+8OgZAjo5O4C33EzqUhuGrT0pNdclZhaMVy0iGNOeElAgFTTvRS1hu0/aYa/i8LrddsWuRCvXVf43mA+6lGfiOyuP7Orn/E37PdN2n2FEEukQdJ6CxzKm9PYouCVF55joqFzb7Aaj/5axcAQAA
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PbWrDMAy9yi4Qo2/b/b3+3aCjB3AShw5CC20DG+jwszM2CUkP8aQnERANCAPaC8YDwIHUM4YMQSigir+9n1zQr+W53ct6qWV9Xh637T7VMK3b6BJVLbqaSTbPEYCtNZNpTq7QAjMamkdhjlnJUZ0dmpOySEcBAD2BH88nP3+8OgZAjo5O4C33EzqUhuGrT0pNdclZhaMVy0iGNOeElAgFTTvRS1hu0/aYa/i8LrddsWuRCvXVf43mA+6lGfiOyuP7Orn/E37PdN2n2FEEukQdJ6CxzKm9PYouCVF55joqFzb7Aaj/5axcAQAA
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PbWrDMAy9yi4Qo2/b/b3+3aCjB3AShw5CC20DG+jwszM2CUkP8aQnERANCAPaC8YDwIHUM4YMQSigir+9n1zQr+W53ct6qWV9Xh637T7VMK3b6BJVLbqaSTbPEYCtNZNpTq7QAjMamkdhjlnJUZ0dmpOySEcBAD2BH88nP3+8OgZAjo5O4C33EzqUhuGrT0pNdclZhaMVy0iGNOeElAgFTTvRS1hu0/aYa/i8LrddsWuRCvXVf43mA+6lGfiOyuP7Orn/E37PdN2n2FEEukQdJ6CxzKm9PYouCVF55joqFzb7Aaj/5axcAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.focusde.info
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22634c70e908b2f9.999309914032266213%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22634c70e91929a4.046341852940593715%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 21:00:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.focusde.info
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22634c70e908b2f9.999309914032266213%22%3B%7D; expires=Tue, 15 Oct 2024 21:00:25 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22634c70e91929a4.046341852940593715%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.03940399%22%7D; expires=Tue, 15 Oct 2024 21:00:25 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
cdn.tsyndicate.com/sdk/v1/video.instant.message.js
8.247.218.249200 OK 3.5 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/video.instant.message.js
IP 8.247.218.249:0
File type ASCII text, with very long lines (539)
Hash b4ccf5d14fbe6be7a62784f96fbed92e
9d3391b4a10cc28bb455ebfbe1caccb3db1c4efd
e3f294d4f9f7227ebaaeb508792345e6bda148885c2d6335e8595338312b67e1
GET /sdk/v1/video.instant.message.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Cookie: ts_uid=fa612214-52ca-4458-b0b5-47aaaa219851; bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PY2AiDRkcZDvso
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:25 GMT
content-type: application/javascript
content-length: 3512
last-modified: Mon, 19 Sep 2022 08:52:46 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"63282dde-21d4"
age: 2373818
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b4278b479978152c8564dcae880c514f
e1c28f4ecf9a4c7bdc19efef4a7071fca2b59e42
643ea0732c4f4c3dc372058a796e062e9e981b41c8f516b95219fb4ff8895a44
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 15:56:18 GMT
Expires: Sat, 22 Oct 2022 15:56:17 GMT
Etag: "e1c28f4ecf9a4c7bdc19efef4a7071fca2b59e42"
Cache-Control: max-age=499551,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75b3b9537e4db4f3-OSL
lcdn.tsyndicate.com/sdk/v1/b.b.js
8.247.219.249200 OK 2.8 kB URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP 8.247.219.249:0
File type ASCII text, with very long lines (2590)
Hash 01c3ce239d639853ba1e41661c115938
704741ca41e890a26eef6190c2d61131ff294f56
9aabcddb7b91826c4b8bf721d77fa448ceba501616a38c6fe0d6c4f11091ed47
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: ts_uid=fa612214-52ca-4458-b0b5-47aaaa219851; bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PY2AiDRkcZDvso
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:25 GMT
content-type: application/javascript
content-length: 2808
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 19219762
accept-ranges: bytes
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/sdk/v1/b.b.js
8.247.219.249304 Not Modified 0 B URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP 8.247.219.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=fa612214-52ca-4458-b0b5-47aaaa219851; bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PY2AiDRkcZDvso
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
If-Modified-Since: Tue, 22 Feb 2022 13:07:15 GMT
If-None-Match: W/"6214e003-1eb1"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 16 Oct 2022 21:00:25 GMT
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 19219762
X-Firefox-Spdy: h2
s.optnx.com/cimp.php?data=TVRZMk5UazFOREF5Tkh3M1pqVXdNR0poTURReU5XVmtaakl5WW1ObFptTmpOamxtTm1Gak5UazNaZy0tfC9saWJyYXJ5LzE2ODI3Ni81NDI0MDhiYzNmMWEyMWI0OWE4ZjcyNDIwZTBhNjU4OGI0MDJjZTc0LmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfGFkLW1hdmVuLmNvbXwxNjgyNzZ8NDMwNjc1fDg2NzMwMHw0NDQ0NzE0fDUwOHw1Mzc2NjMwfDc2MTA0Mjg4fDE1fDN8MHwwfDI1MzQ0fDk2MTk1Nnx8NzV8VVNEfFVTRHwxfDF8NDN8fDF8Tk9SfHwyMHwxfDF8fDdjNjY2ZGJkY2VjMmRlN2ZjOGNhYzg0ZmNlZWEzM2EzfDFjZmZhMjZjYWI5MjI3ZTE2MDAzNDNhOWZmYmYwZGUyfDF8MHx4ZmFudGF6eS5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfaW5fcGFnZV9wdXNoX25vdGlmaWNhdGlvbnwwfDB8MHwtMXwwfDB8fHwyfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHx8OHwxfE1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wfE9LfGFkOWIzZTc1ODdhOTdjNGU0ZTgxM2I0OGYxZjA3M2Yz
95.211.229.247302 Found 0 B URL HTTP/1.1 s.optnx.com/cimp.php?data=TVRZMk5UazFOREF5Tkh3M1pqVXdNR0poTURReU5XVmtaakl5WW1ObFptTmpOamxtTm1Gak5UazNaZy0tfC9saWJyYXJ5LzE2ODI3Ni81NDI0MDhiYzNmMWEyMWI0OWE4ZjcyNDIwZTBhNjU4OGI0MDJjZTc0LmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfGFkLW1hdmVuLmNvbXwxNjgyNzZ8NDMwNjc1fDg2NzMwMHw0NDQ0NzE0fDUwOHw1Mzc2NjMwfDc2MTA0Mjg4fDE1fDN8MHwwfDI1MzQ0fDk2MTk1Nnx8NzV8VVNEfFVTRHwxfDF8NDN8fDF8Tk9SfHwyMHwxfDF8fDdjNjY2ZGJkY2VjMmRlN2ZjOGNhYzg0ZmNlZWEzM2EzfDFjZmZhMjZjYWI5MjI3ZTE2MDAzNDNhOWZmYmYwZGUyfDF8MHx4ZmFudGF6eS5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfaW5fcGFnZV9wdXNoX25vdGlmaWNhdGlvbnwwfDB8MHwtMXwwfDB8fHwyfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHx8OHwxfE1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wfE9LfGFkOWIzZTc1ODdhOTdjNGU0ZTgxM2I0OGYxZjA3M2Yz
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cimp.php?data=TVRZMk5UazFOREF5Tkh3M1pqVXdNR0poTURReU5XVmtaakl5WW1ObFptTmpOamxtTm1Gak5UazNaZy0tfC9saWJyYXJ5LzE2ODI3Ni81NDI0MDhiYzNmMWEyMWI0OWE4ZjcyNDIwZTBhNjU4OGI0MDJjZTc0LmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfGFkLW1hdmVuLmNvbXwxNjgyNzZ8NDMwNjc1fDg2NzMwMHw0NDQ0NzE0fDUwOHw1Mzc2NjMwfDc2MTA0Mjg4fDE1fDN8MHwwfDI1MzQ0fDk2MTk1Nnx8NzV8VVNEfFVTRHwxfDF8NDN8fDF8Tk9SfHwyMHwxfDF8fDdjNjY2ZGJkY2VjMmRlN2ZjOGNhYzg0ZmNlZWEzM2EzfDFjZmZhMjZjYWI5MjI3ZTE2MDAzNDNhOWZmYmYwZGUyfDF8MHx4ZmFudGF6eS5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfaW5fcGFnZV9wdXNoX25vdGlmaWNhdGlvbnwwfDB8MHwtMXwwfDB8fHwyfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHx8OHwxfE1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wfE9LfGFkOWIzZTc1ODdhOTdjNGU0ZTgxM2I0OGYxZjA3M2Yz HTTP/1.1
Host: s.optnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 16 Oct 2022 21:00:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22634c70e9961e37.748921463433780961%22%3B%7D; expires=Tue, 15 Oct 2024 21:00:25 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Location: https://s3t3d2y8.afcdn.net/library/168276/542408bc3f1a21b49a8f72420e0a6588b402ce74.jpg
X-Robots-Tag: noindex, follow
s3t3d2y8.afcdn.net/library/168276/542408bc3f1a21b49a8f72420e0a6588b402ce74.jpg
185.76.9.15200 OK 15 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/168276/542408bc3f1a21b49a8f72420e0a6588b402ce74.jpg
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 192x192, components 3\012- data
Hash 12f64f4020ac75bad40554948d954038
542408bc3f1a21b49a8f72420e0a6588b402ce74
d7455bf0acff742bde33a1ffb21071ee7d369c5cb1aa5f3bd8bb826e03c4ac5f
GET /library/168276/542408bc3f1a21b49a8f72420e0a6588b402ce74.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:25 GMT
content-type: image/jpeg
content-length: 14636
last-modified: Thu, 29 Apr 2021 09:31:15 GMT
etag: "608a7ce3-392c"
expires: Tue, 19 Sep 2023 10:56:23 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1697123956
server: CDN77-Turbo
x-77-nzt: AblMCQ34xbr/9ZUFAA
x-77-nzt-ray: YbqlM1hFLS4
x-cache: HIT
x-age: 366069
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 2e1c8f5022047531c867ac39a304a294
0db9e817cd8fc78b54ed3fb0067d4ba919a09248
bfbf2c7a44a86488a1703c58af0838f905b70b1cbec33ec54442528b7b64c3d7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 14 Oct 2022 20:27:06 GMT
Expires: Fri, 21 Oct 2022 20:27:05 GMT
Etag: "0db9e817cd8fc78b54ed3fb0067d4ba919a09248"
Cache-Control: max-age=429399,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75b3b9539f27b523-OSL
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 4bbf456f78d30ce3ef55bdfa15300fb9
21e5975983764d5255196aedf1e33c0634d8f016
60678be235a7a64599e799e4fa2b7a9ab75c21bcb55ff34a537d05e6e13b12cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5677
Cache-Control: max-age=160512
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:25 GMT
Etag: "634c2abc-13a"
Expires: Tue, 18 Oct 2022 17:35:37 GMT
Last-Modified: Sun, 16 Oct 2022 16:01:00 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 4bbf456f78d30ce3ef55bdfa15300fb9
21e5975983764d5255196aedf1e33c0634d8f016
60678be235a7a64599e799e4fa2b7a9ab75c21bcb55ff34a537d05e6e13b12cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5677
Cache-Control: max-age=160512
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:25 GMT
Etag: "634c2abc-13a"
Expires: Tue, 18 Oct 2022 17:35:37 GMT
Last-Modified: Sun, 16 Oct 2022 16:01:00 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 314
poweredby.jads.co/js/jads.js
185.94.237.64301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.237.64:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 16 Oct 2022 21:00:25 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
thachuchopy.com/c.H-VzzAaBGCl_tEZFzG9Hh-ZJEKlLkMP_TOQP0QORD-ATzUMViWZ_jYdZDa0bm-ZdneBf2gP_TiEjykMlD-AnwoJpmqZ_ysdtju0vx-NxTyAzwAM_CCZDpEbFW-cH9IaJHKR_0McNHOMPl-MR0SETlUM_kWYXlYMZk-YbxcMdDek_0gNhSi0jy-LlnmMnuoY_2qRrusMtT-UvuwYx2y9_tAJBTCJDG-YF3GJHlIY_XKRLpMdNm-VPzQJRTSJ_GUMVTWcXx-MZzaUb3cJ_TeJfGgMhj-Ej2kMlTmE_zoJpTqJrG-NtDuQv4wM_DyMzyAXBz-QD1EYFTGc_4ILJnKBLu-ZNyOZPwQY_XSkT9UMVT-IXwYMZDaA_mccdGeFf5-bh3iVj0kU_GmVnyoQp2-xrpsYt2us_9wMxCyZzy-ZBXCYD9EM_TGUHwIMJD-ALmMcN0Ol_kQMRzS1To-aVWWwX5YN_zaMb3cLdW-Vf4gbhyi1_ikbl3mRn0-bp2q0rmsc_3uMv9wNxS-ZzzAdBDC0_xEJFnGpHv-bJmKVLJMZ_DO0P0QNRD-YT0UOVTWY_yY
88.85.94.245302 Found 0 B URL HTTP/2 thachuchopy.com/c.H-VzzAaBGCl_tEZFzG9Hh-ZJEKlLkMP_TOQP0QORD-ATzUMViWZ_jYdZDa0bm-ZdneBf2gP_TiEjykMlD-AnwoJpmqZ_ysdtju0vx-NxTyAzwAM_CCZDpEbFW-cH9IaJHKR_0McNHOMPl-MR0SETlUM_kWYXlYMZk-YbxcMdDek_0gNhSi0jy-LlnmMnuoY_2qRrusMtT-UvuwYx2y9_tAJBTCJDG-YF3GJHlIY_XKRLpMdNm-VPzQJRTSJ_GUMVTWcXx-MZzaUb3cJ_TeJfGgMhj-Ej2kMlTmE_zoJpTqJrG-NtDuQv4wM_DyMzyAXBz-QD1EYFTGc_4ILJnKBLu-ZNyOZPwQY_XSkT9UMVT-IXwYMZDaA_mccdGeFf5-bh3iVj0kU_GmVnyoQp2-xrpsYt2us_9wMxCyZzy-ZBXCYD9EM_TGUHwIMJD-ALmMcN0Ol_kQMRzS1To-aVWWwX5YN_zaMb3cLdW-Vf4gbhyi1_ikbl3mRn0-bp2q0rmsc_3uMv9wNxS-ZzzAdBDC0_xEJFnGpHv-bJmKVLJMZ_DO0P0QNRD-YT0UOVTWY_yY
IP 88.85.94.245:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.H-VzzAaBGCl_tEZFzG9Hh-ZJEKlLkMP_TOQP0QORD-ATzUMViWZ_jYdZDa0bm-ZdneBf2gP_TiEjykMlD-AnwoJpmqZ_ysdtju0vx-NxTyAzwAM_CCZDpEbFW-cH9IaJHKR_0McNHOMPl-MR0SETlUM_kWYXlYMZk-YbxcMdDek_0gNhSi0jy-LlnmMnuoY_2qRrusMtT-UvuwYx2y9_tAJBTCJDG-YF3GJHlIY_XKRLpMdNm-VPzQJRTSJ_GUMVTWcXx-MZzaUb3cJ_TeJfGgMhj-Ej2kMlTmE_zoJpTqJrG-NtDuQv4wM_DyMzyAXBz-QD1EYFTGc_4ILJnKBLu-ZNyOZPwQY_XSkT9UMVT-IXwYMZDaA_mccdGeFf5-bh3iVj0kU_GmVnyoQp2-xrpsYt2us_9wMxCyZzy-ZBXCYD9EM_TGUHwIMJD-ALmMcN0Ol_kQMRzS1To-aVWWwX5YN_zaMb3cLdW-Vf4gbhyi1_ikbl3mRn0-bp2q0rmsc_3uMv9wNxS-ZzzAdBDC0_xEJFnGpHv-bJmKVLJMZ_DO0P0QNRD-YT0UOVTWY_yY HTTP/1.1
Host: thachuchopy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 16 Oct 2022 21:00:25 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
location: https://10945-2.s.cdn15.com/creatives/171357/216113/448032_45a78.png
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.tsyndicate.com/sdk/v1/video.instant.message.css
8.247.218.249200 OK 4.7 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/video.instant.message.css
IP 8.247.218.249:0
File type ASCII text, with very long lines (4667), with no line terminators
Hash 9fba1a3e7202a1124dec5d68f4f07bd1
6d880383c56bbe8244e98f135c7e8ef76e65ebfb
857634cc0df9324a79abf3ae0dc675507c22f020260e3c6ba8b2f2d04c1d24ec
GET /sdk/v1/video.instant.message.css HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Cookie: ts_uid=fa612214-52ca-4458-b0b5-47aaaa219851; bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PY2AiDRkcZDvso
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:25 GMT
content-type: text/css
content-length: 4667
etag: "63282dde-123b"
last-modified: Mon, 19 Sep 2022 08:52:46 GMT
server: nginx
x-robots-tag: noindex, nofollow
age: 2373819
accept-ranges: bytes
X-Firefox-Spdy: h2
a.adtng.com/get/10010248?time=1592494928726&atc=425995&apb=7Lo-YpRw-4IvCxUOqPlgRxaDV7nhovk8bIcZNLEgioTXe30LgJQ5S1gF3pLx-h1m0NxqPgXP_JC3MaaSWTi_rnjns1A2Vkg5vzKycvEnvFGl_gUIDRUi
66.254.114.171200 OK 9.4 kB URL HTTP/2 a.adtng.com/get/10010248?time=1592494928726&atc=425995&apb=7Lo-YpRw-4IvCxUOqPlgRxaDV7nhovk8bIcZNLEgioTXe30LgJQ5S1gF3pLx-h1m0NxqPgXP_JC3MaaSWTi_rnjns1A2Vkg5vzKycvEnvFGl_gUIDRUi
IP 66.254.114.171:0
Hash f4ae4337284878a1c06781f5dea24b93
3f6863d9b7db664ba86465630143d1ba586d0ce2
260c25255bacf746372357ee29c84705ea282f548882a7cf9568bbe732c7643d
GET /get/10010248?time=1592494928726&atc=425995&apb=7Lo-YpRw-4IvCxUOqPlgRxaDV7nhovk8bIcZNLEgioTXe30LgJQ5S1gF3pLx-h1m0NxqPgXP_JC3MaaSWTi_rnjns1A2Vkg5vzKycvEnvFGl_gUIDRUi HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sun, 16 Oct 2022 21:00:25 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KJmNMcOk991rCA1l1Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded6742; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 634C70E9-42FE72AB01BBC2C8-64F917A
X-Firefox-Spdy: h2
poweredby.jads.co/js/jads2.js
185.94.237.64200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.237.64:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://media.aso1.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 21:00:25 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
tsyndicate.com/do2/e34c35971ea748b9b1852052198ea740/vast?w=1280&h=1024&keywords=ifr&tz=0
148.251.120.78200 OK 12 kB URL HTTP/2 tsyndicate.com/do2/e34c35971ea748b9b1852052198ea740/vast?w=1280&h=1024&keywords=ifr&tz=0
IP 148.251.120.78:0
ASN #24940 Hetzner Online GmbH
Hash 2c441480dbc687f6b8e37386a8d7e075
c836d55b901c0dcb1271435e4367b5a93d721f6c
ab7cfc758b2cead96e75e59b2411e9ed4aa1bf78500278663f7bc6b8bde90c4d
GET /do2/e34c35971ea748b9b1852052198ea740/vast?w=1280&h=1024&keywords=ifr&tz=0 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://media.aso1.net
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:25 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://media.aso1.net
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-vast: 3.0
x-request-id: 9d34834ba65ea0cf
set-cookie: ts_uid=c360a70e-6681-4c2b-8e63-bb55d5f34431; expires=Sun, 16 Apr 2023 21:00:25 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZOWjAiDFDRhcWIsYU3BLjoYgyE2PY2AhDIQ0ZNbr0URAQ; expires=Mon, 17 Oct 2022 21:00:25 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
209.197.3.25200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP 209.197.3.25:0
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:25 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10721591
X-HW: 1665954025.dop211.sk1.t,1665954025.cds208.sk1.shn,1665954025.dop211.sk1.t,1665954025.cds228.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
205.185.208.20200 OK 5.0 kB URL HTTP/1.1 hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP 205.185.208.20:0
File type ASCII text, with very long lines (5027), with no line terminators
Hash 5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:25 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10554782
X-HW: 1665954025.dop231.sk1.t,1665954025.cds230.sk1.shn,1665954025.cds230.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/58/612/814876/1038914/1038914_logo.png
205.185.208.20200 OK 3.3 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/58/612/814876/1038914/1038914_logo.png
IP 205.185.208.20:0
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 6d0e285d54109f995d68403b89f84cfc
b6c5a2b07f4c5772121fc94ba87ac93716fd760c
b42a7e54025ccd8aeda380a13558be674b901779db5c91f5edcb6539f4ad5ff7
GET /a7/creatives/58/612/814876/1038914/1038914_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:25 GMT
Connection: Keep-Alive
ETag: "1659360820"
Content-Length: 3343
Content-Type: image/png
Last-Modified: Mon, 01 Aug 2022 13:33:40 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10639271
X-HW: 1665954025.dop013.sk1.t,1665954025.cds210.sk1.shn,1665954025.dop013.sk1.t,1665954025.cds235.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/1/1322/814271/1028051/1028051_logo.png
205.185.208.20200 OK 62 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/1/1322/814271/1028051/1028051_logo.png
IP 205.185.208.20:0
File type PNG image data, 900 x 250, 8-bit colormap, non-interlaced\012- data
Hash ebcac7407da9e155302da2b91f4553fa
6e7b2ac10f618dfa219c2cf1334e4319e2be0cbc
784092a284f36151de8169050ef3e25db944e48f6852092e1a6da74001e3ae9c
GET /a7/creatives/1/1322/814271/1028051/1028051_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:25 GMT
Connection: Keep-Alive
ETag: "1648748302"
Content-Length: 61941
Content-Type: image/png
Last-Modified: Thu, 31 Mar 2022 17:38:22 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10757791
X-HW: 1665954025.dop221.sk1.t,1665954025.cds023.sk1.shn,1665954025.dop221.sk1.t,1665954025.cds024.sk1.c
Access-Control-Allow-Origin: *
unseenreport.com/pxf.gif?uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 21:00:26 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bba0fce4de335bfa4e642525f15d9fb2
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1dba55425c495648f11649416f506d5e
148d0b8070ab5cde7b5ec4ec9b581f3107806d15
3c550c61d4d42ed21fd18f79ed7670431217b074323e448ba06ef1e274cbe3e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C550C61D4D42ED21FD18F79ED7670431217B074323E448BA06EF1E274CBE3E0"
Last-Modified: Sun, 16 Oct 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4928
Expires: Sun, 16 Oct 2022 22:22:34 GMT
Date: Sun, 16 Oct 2022 21:00:26 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 21:00:26 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 14b81d2f90b0b21e46a25808a56e336a
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=21fe3950f412e026c33f1b6cee613eba&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=21fe3950f412e026c33f1b6cee613eba&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=21fe3950f412e026c33f1b6cee613eba&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 21:00:26 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ee9725132374808c7981bc66d0720717
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=01f75a95a38a8db0a8e82d995253a076&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=01f75a95a38a8db0a8e82d995253a076&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=7b9a8694-4a1b-412a-b645-d0a4611d9cae&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=01f75a95a38a8db0a8e82d995253a076&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 21:00:26 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a66a3aa2ee8387a01ebf4bd1f114a84b
Strict-Transport-Security: max-age=0; includeSubdomains
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XEICMjDI4YM8a0wAEDZAsaY8qIaSGmBg0cLHGECXOjhpkYOG6gFPEwTJ0xGWvYKFOjzJgaM1qYkVHzZBgxZVqEkUFDRguVOajKEAPDDBkbMXhCJGNnoY0cNmQ8hFNHDEUZOUr2hANnYU4aMx7OgTNRxwySgG88bLO3Lw0YNmrUiFFRxJg2dXVUrZEjh8OxZhbKwPFQjBs3mkniVDzYDUYdTGecXdvGtFmXjeuE1TGQDh04c3S8eBHGhUE6pl2MedPmxZkydF7EgFESBlUcP-ikaVOmR8OsNHJk33xDhg0udZh7D0NnTI_JlWuAF28jDBwxPZwgwTEFzx0mSKAYeWKkxQw6clghBBRoJBHHcGMIoUUQSyBxhxtYrBFDGWQ8kQUeQdgRgx1hoEGHFEzoAUUdbGihhhtVRKFFG2TAgIUZVORwRBpG6JHEGzhkMUQSZUghRA5mPGFHGWpkMccVMcihBhlqXMFGGjbgocQNUMRhBQxBDIFFFl-cUUUSREhRRRpiwdEGRQ-9YSaaIpBBXEa9mfHGGHXMcZALabghp1hjkLfQFjPE0MVacgClAwwuMNeYGJkdmmhjctgRWUMP1VEHmbSZEQZYMsgQAw0t1CBDnyfRUANMXLV00g0zzeRpDjgsJlYakYmQQwwuxOVCVS40RINYcnxBa0a35ooor76KVUcYGTXxhh5psMFGGC_UkCgIKGDB2A4gMJFnHXiAgAcONnxhAw3cRqoDWommAMIRRq3xxgsyNNdcDCAYkYYcZciJxwvswsCnoSI48YRYbwQ7BsEGi8UGwUU4IdZBdnzBLxsU1XDDDTioRhIMD8lxBmionSpYm2VULIYcdnGGcsVtvEFGaGA9RIYcbyyUlwhvKIQaoW_gkcdCNITcb0Ye3pbbbnHOWeedecr5glh3ZBTDZgI_hIbVzv2qV6QZ4UwHeQm3UIcbadARqg0ukDHG1RMTfNAXbsNt0ZkM2ZCYZYfJcBkdbchAkd6UueQcUjTY0BMZFpex1xd-5r234X4_lDLkbCBEh8-A0jAoRGL0hbKmJE601sMLgezYaTD0oUBA&s=5c0f77777fc569c3196c537b2b17a098bb56a2fbb35248dfea57ff639b078a041665954025&w=t&r=1&d=425&priv=false
136.243.81.150200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XEICMjDI4YM8a0wAEDZAsaY8qIaSGmBg0cLHGECXOjhpkYOG6gFPEwTJ0xGWvYKFOjzJgaM1qYkVHzZBgxZVqEkUFDRguVOajKEAPDDBkbMXhCJGNnoY0cNmQ8hFNHDEUZOUr2hANnYU4aMx7OgTNRxwySgG88bLO3Lw0YNmrUiFFRxJg2dXVUrZEjh8OxZhbKwPFQjBs3mkniVDzYDUYdTGecXdvGtFmXjeuE1TGQDh04c3S8eBHGhUE6pl2MedPmxZkydF7EgFESBlUcP-ikaVOmR8OsNHJk33xDhg0udZh7D0NnTI_JlWuAF28jDBwxPZwgwTEFzx0mSKAYeWKkxQw6clghBBRoJBHHcGMIoUUQSyBxhxtYrBFDGWQ8kQUeQdgRgx1hoEGHFEzoAUUdbGihhhtVRKFFG2TAgIUZVORwRBpG6JHEGzhkMUQSZUghRA5mPGFHGWpkMccVMcihBhlqXMFGGjbgocQNUMRhBQxBDIFFFl-cUUUSREhRRRpiwdEGRQ-9YSaaIpBBXEa9mfHGGHXMcZALabghp1hjkLfQFjPE0MVacgClAwwuMNeYGJkdmmhjctgRWUMP1VEHmbSZEQZYMsgQAw0t1CBDnyfRUANMXLV00g0zzeRpDjgsJlYakYmQQwwuxOVCVS40RINYcnxBa0a35ooor76KVUcYGTXxhh5psMFGGC_UkCgIKGDB2A4gMJFnHXiAgAcONnxhAw3cRqoDWommAMIRRq3xxgsyNNdcDCAYkYYcZciJxwvswsCnoSI48YRYbwQ7BsEGi8UGwUU4IdZBdnzBLxsU1XDDDTioRhIMD8lxBmionSpYm2VULIYcdnGGcsVtvEFGaGA9RIYcbyyUlwhvKIQaoW_gkcdCNITcb0Ye3pbbbnHOWeedecr5glh3ZBTDZgI_hIbVzv2qV6QZ4UwHeQm3UIcbadARqg0ukDHG1RMTfNAXbsNt0ZkM2ZCYZYfJcBkdbchAkd6UueQcUjTY0BMZFpex1xd-5r234X4_lDLkbCBEh8-A0jAoRGL0hbKmJE601sMLgezYaTD0oUBA&s=5c0f77777fc569c3196c537b2b17a098bb56a2fbb35248dfea57ff639b078a041665954025&w=t&r=1&d=425&priv=false
IP 136.243.81.150:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XEICMjDI4YM8a0wAEDZAsaY8qIaSGmBg0cLHGECXOjhpkYOG6gFPEwTJ0xGWvYKFOjzJgaM1qYkVHzZBgxZVqEkUFDRguVOajKEAPDDBkbMXhCJGNnoY0cNmQ8hFNHDEUZOUr2hANnYU4aMx7OgTNRxwySgG88bLO3Lw0YNmrUiFFRxJg2dXVUrZEjh8OxZhbKwPFQjBs3mkniVDzYDUYdTGecXdvGtFmXjeuE1TGQDh04c3S8eBHGhUE6pl2MedPmxZkydF7EgFESBlUcP-ikaVOmR8OsNHJk33xDhg0udZh7D0NnTI_JlWuAF28jDBwxPZwgwTEFzx0mSKAYeWKkxQw6clghBBRoJBHHcGMIoUUQSyBxhxtYrBFDGWQ8kQUeQdgRgx1hoEGHFEzoAUUdbGihhhtVRKFFG2TAgIUZVORwRBpG6JHEGzhkMUQSZUghRA5mPGFHGWpkMccVMcihBhlqXMFGGjbgocQNUMRhBQxBDIFFFl-cUUUSREhRRRpiwdEGRQ-9YSaaIpBBXEa9mfHGGHXMcZALabghp1hjkLfQFjPE0MVacgClAwwuMNeYGJkdmmhjctgRWUMP1VEHmbSZEQZYMsgQAw0t1CBDnyfRUANMXLV00g0zzeRpDjgsJlYakYmQQwwuxOVCVS40RINYcnxBa0a35ooor76KVUcYGTXxhh5psMFGGC_UkCgIKGDB2A4gMJFnHXiAgAcONnxhAw3cRqoDWommAMIRRq3xxgsyNNdcDCAYkYYcZciJxwvswsCnoSI48YRYbwQ7BsEGi8UGwUU4IdZBdnzBLxsU1XDDDTioRhIMD8lxBmionSpYm2VULIYcdnGGcsVtvEFGaGA9RIYcbyyUlwhvKIQaoW_gkcdCNITcb0Ye3pbbbnHOWeedecr5glh3ZBTDZgI_hIbVzv2qV6QZ4UwHeQm3UIcbadARqg0ukDHG1RMTfNAXbsNt0ZkM2ZCYZYfJcBkdbchAkd6UueQcUjTY0BMZFpex1xd-5r234X4_lDLkbCBEh8-A0jAoRGL0hbKmJE601sMLgezYaTD0oUBA&s=5c0f77777fc569c3196c537b2b17a098bb56a2fbb35248dfea57ff639b078a041665954025&w=t&r=1&d=425&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: ts_uid=fa612214-52ca-4458-b0b5-47aaaa219851; bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PY2AiDRkcZDvso
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:26 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XAgGHDTBgcZMy0KHPDzI0WNGjEINNCjBkZYVrAIGMjxg0xNcSEkTGGhoiHYeqMySimzIwbNXbiaDHjoA2UNcwsDWNDhpgWHXGMISNjhhkbOXLA-AmRjJ2FYKs-hFNHzMIZOGzUgAEUDpy3NHDcoCtiDpyJOlTasIFDRo2HY9rcDUyjxtwcQENSfCjGjZuFMvTiyCHDxsM2bjDqkHFjBti1oEXHUBkDx8M6MTKioUMHzhwdL16EcWGQTmgXY960eXGmDJ0XMTbCqGF6xg86adqU6RGjBmcaOVY7ptGQS52NncPQGdMjpWMYObyDtxEGjpgeQWzciUGwxhInRpBA0VJliZskX-QRRAt66HEFFHC40QYNQSBBBw1u2EBHE228QYYWZ5wxQxhStGGGGU988UUTcczQBBtjnPHFGUI4YYMcMMhxBx5hRPGEDUPkEEQUbaxBhxFUjCFEHExcoYUQd0wxBX13rKGFE2E8cYQQZkyxYhVJECFFFWmQRYZwGUlHRhq7hTHHGzG44IZxZI0h3kJbNNTFWnIMpUMMZch0mAguLQSDCxvtOQYcbXwBR51-ArrcQ3LYsdhcD5UxaBuJwlBRHXV0qYMIHtUkgwyrtVADTzGZt5QYMOCE0g1htLpTDDngUENsD6WxmAjZuSCWCzTI4EJ1PjH6ha0Z5bprr7_WEKwIdYSRURNv6JEGG2yE8UINgIKAAhYxxLADCEyk4UYdeICAR1xf2EDDt43qkIMNgKYAwhGSrvHGCzJYulFyMYBgRBpylGHGG3i88C6gbdopghNPkPWGHF-MoTDDZKGYURFOeFmGHV8EzAZFNdxwAw6m4bARo2dcNloNej10EMdiyLEQDq6J8PIXFZKBWVwVkSHHG2899IZCo9FJcB4L0cCowLLRZhtuL4hJJm9nprnmcWTN0WhGP9Mh3sMt1OFGGnS0YJMLZIwRgwxeKnzQF2mvTRYdlN45mHXKwmDYQ3SzbbdcOeRtGHZKl9VxGX598ebfeNOg954bK84GQnQQvYVNc0IkBmA2CxwUGxOtZbEOfKXoZx8KBAQ%3D&s=ba915d29bf678a912781e058aa26b0b2f27a90d292d893b9c8d57f22d959eb9a1665954025&w=t&r=1&d=384&priv=false
136.243.81.150200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XAgGHDTBgcZMy0KHPDzI0WNGjEINNCjBkZYVrAIGMjxg0xNcSEkTGGhoiHYeqMySimzIwbNXbiaDHjoA2UNcwsDWNDhpgWHXGMISNjhhkbOXLA-AmRjJ2FYKs-hFNHzMIZOGzUgAEUDpy3NHDcoCtiDpyJOlTasIFDRo2HY9rcDUyjxtwcQENSfCjGjZuFMvTiyCHDxsM2bjDqkHFjBti1oEXHUBkDx8M6MTKioUMHzhwdL16EcWGQTmgXY960eXGmDJ0XMTbCqGF6xg86adqU6RGjBmcaOVY7ptGQS52NncPQGdMjpWMYObyDtxEGjpgeQWzciUGwxhInRpBA0VJliZskX-QRRAt66HEFFHC40QYNQSBBBw1u2EBHE228QYYWZ5wxQxhStGGGGU988UUTcczQBBtjnPHFGUI4YYMcMMhxBx5hRPGEDUPkEEQUbaxBhxFUjCFEHExcoYUQd0wxBX13rKGFE2E8cYQQZkyxYhVJECFFFWmQRYZwGUlHRhq7hTHHGzG44IZxZI0h3kJbNNTFWnIMpUMMZch0mAguLQSDCxvtOQYcbXwBR51-ArrcQ3LYsdhcD5UxaBuJwlBRHXV0qYMIHtUkgwyrtVADTzGZt5QYMOCE0g1htLpTDDngUENsD6WxmAjZuSCWCzTI4EJ1PjH6ha0Z5bprr7_WEKwIdYSRURNv6JEGG2yE8UINgIKAAhYxxLADCEyk4UYdeICAR1xf2EDDt43qkIMNgKYAwhGSrvHGCzJYulFyMYBgRBpylGHGG3i88C6gbdopghNPkPWGHF-MoTDDZKGYURFOeFmGHV8EzAZFNdxwAw6m4bARo2dcNloNej10EMdiyLEQDq6J8PIXFZKBWVwVkSHHG2899IZCo9FJcB4L0cCowLLRZhtuL4hJJm9nprnmcWTN0WhGP9Mh3sMt1OFGGnS0YJMLZIwRgwxeKnzQF2mvTRYdlN45mHXKwmDYQ3SzbbdcOeRtGHZKl9VxGX598ebfeNOg954bK84GQnQQvYVNc0IkBmA2CxwUGxOtZbEOfKXoZx8KBAQ%3D&s=ba915d29bf678a912781e058aa26b0b2f27a90d292d893b9c8d57f22d959eb9a1665954025&w=t&r=1&d=384&priv=false
IP 136.243.81.150:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XAgGHDTBgcZMy0KHPDzI0WNGjEINNCjBkZYVrAIGMjxg0xNcSEkTGGhoiHYeqMySimzIwbNXbiaDHjoA2UNcwsDWNDhpgWHXGMISNjhhkbOXLA-AmRjJ2FYKs-hFNHzMIZOGzUgAEUDpy3NHDcoCtiDpyJOlTasIFDRo2HY9rcDUyjxtwcQENSfCjGjZuFMvTiyCHDxsM2bjDqkHFjBti1oEXHUBkDx8M6MTKioUMHzhwdL16EcWGQTmgXY960eXGmDJ0XMTbCqGF6xg86adqU6RGjBmcaOVY7ptGQS52NncPQGdMjpWMYObyDtxEGjpgeQWzciUGwxhInRpBA0VJliZskX-QRRAt66HEFFHC40QYNQSBBBw1u2EBHE228QYYWZ5wxQxhStGGGGU988UUTcczQBBtjnPHFGUI4YYMcMMhxBx5hRPGEDUPkEEQUbaxBhxFUjCFEHExcoYUQd0wxBX13rKGFE2E8cYQQZkyxYhVJECFFFWmQRYZwGUlHRhq7hTHHGzG44IZxZI0h3kJbNNTFWnIMpUMMZch0mAguLQSDCxvtOQYcbXwBR51-ArrcQ3LYsdhcD5UxaBuJwlBRHXV0qYMIHtUkgwyrtVADTzGZt5QYMOCE0g1htLpTDDngUENsD6WxmAjZuSCWCzTI4EJ1PjH6ha0Z5bprr7_WEKwIdYSRURNv6JEGG2yE8UINgIKAAhYxxLADCEyk4UYdeICAR1xf2EDDt43qkIMNgKYAwhGSrvHGCzJYulFyMYBgRBpylGHGG3i88C6gbdopghNPkPWGHF-MoTDDZKGYURFOeFmGHV8EzAZFNdxwAw6m4bARo2dcNloNej10EMdiyLEQDq6J8PIXFZKBWVwVkSHHG2899IZCo9FJcB4L0cCowLLRZhtuL4hJJm9nprnmcWTN0WhGP9Mh3sMt1OFGGnS0YJMLZIwRgwxeKnzQF2mvTRYdlN45mHXKwmDYQ3SzbbdcOeRtGHZKl9VxGX598ebfeNOg954bK84GQnQQvYVNc0IkBmA2CxwUGxOtZbEOfKXoZx8KBAQ%3D&s=ba915d29bf678a912781e058aa26b0b2f27a90d292d893b9c8d57f22d959eb9a1665954025&w=t&r=1&d=384&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=fa612214-52ca-4458-b0b5-47aaaa219851; bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PY2AiDRkcZDvso
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:26 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
thachuchopy.com/aMW/5.wRY/Wyd/l/Qi2L9MkXZETu9j6KbD2y5VlESBWZQQ9IN_DyQL2pNNDvk/2WMDid0Z0HNvDcYk0ZO_T_YwzA
88.85.94.245200 OK 48 kB URL HTTP/2 thachuchopy.com/aMW/5.wRY/Wyd/l/Qi2L9MkXZETu9j6KbD2y5VlESBWZQQ9IN_DyQL2pNNDvk/2WMDid0Z0HNvDcYk0ZO_T_YwzA
IP 88.85.94.245:0
File type Unicode text, UTF-8 text, with very long lines (65511)
Hash 41c3916f3337509d84f89971364e1a06
f9f22b472c7d0ea6d1c8869262850260cd74f09d
901673d1c9a73f64a653faee58c2c14262b347006b0a11f2180370613761e70d
GET /aMW/5.wRY/Wyd/l/Qi2L9MkXZETu9j6KbD2y5VlESBWZQQ9IN_DyQL2pNNDvk/2WMDid0Z0HNvDcYk0ZO_T_YwzA HTTP/1.1
Host: thachuchopy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:25 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
i.jads.co/1x1.gif
69.16.175.10200 OK 43 B IP 69.16.175.10:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=77f81a0d410f7bca12fa875280d7ec0b; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:26 GMT
etag: "1457030838"
cache-control: max-age=21271240
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1665954026.dop018.sk1.t,1665954026.cds205.sk1.hn,1665954026.cds217.sk1.c
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 03b2003fd0403191b6ab0ae3d88c43ba
78cb90521530b87fa689a5c1df8ebd726020e22f
869bc74338d9ae3e5198636572260b299e87b76e4e81a3b3734ddf6fc7342ff1
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 13 Oct 2022 20:56:05 GMT
Expires: Thu, 20 Oct 2022 20:56:04 GMT
Etag: "78cb90521530b87fa689a5c1df8ebd726020e22f"
Cache-Control: max-age=602991,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1228
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b3b95baa77b52d-OSL
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash a81721708b26da25efb3bdc5d498cde3
2ad514babb239357136db65378276135c1eaf17c
061ee903275b40275b6700b60880b63fc36088df054740197b1961a7d7eb06e1
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 13:29:44 GMT
Expires: Sat, 22 Oct 2022 13:29:43 GMT
Etag: "2ad514babb239357136db65378276135c1eaf17c"
Cache-Control: max-age=602504,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 634
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b3b95c3b28b52d-OSL
bcprm.com/promo.php?type=direct_link&v=2&c=401977&amute=1&page=popular_chat
185.75.252.140302 Found 138 B URL HTTP/2 bcprm.com/promo.php?type=direct_link&v=2&c=401977&amute=1&page=popular_chat
IP 185.75.252.140:0
ASN #48684 Viking Host B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /promo.php?type=direct_link&v=2&c=401977&amute=1&page=popular_chat HTTP/1.1
Host: bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 16 Oct 2022 21:00:26 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin:
location: https://bongacams.com/track?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
expires: Sun, 16 Oct 2022 21:00:25 GMT
x-bcs: ded7013
strict-transport-security: max-age=0;
cache-control: no-cache, public
x-bc-bl: 103
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8dbfe34fca3ad1147c45a8f03bf74f03
4ef717580704c3e70743e43825138e7c50b220b9
b4b2f9c0adb437988c92697891f34bbc76932301f0a83d6d65778df7cc76635a
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 15:56:32 GMT
Expires: Sat, 22 Oct 2022 15:56:31 GMT
Etag: "4ef717580704c3e70743e43825138e7c50b220b9"
Cache-Control: max-age=602561,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 428
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b3b95d3c98b52d-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4aa8f0fb4aaa06e2604b5355b091a807
7ec7e72102d02a0808bd4afaea309a6864497528
d4a81a90b9e021a6161d99e959c48c4dacba78f6f12b91ec89cb0475ed818c0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2799
Cache-Control: max-age=92085
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:28 GMT
Etag: "634b2ab2-117"
Expires: Mon, 17 Oct 2022 22:35:13 GMT
Last-Modified: Sat, 15 Oct 2022 21:48:34 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4aa8f0fb4aaa06e2604b5355b091a807
7ec7e72102d02a0808bd4afaea309a6864497528
d4a81a90b9e021a6161d99e959c48c4dacba78f6f12b91ec89cb0475ed818c0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2799
Cache-Control: max-age=92085
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:28 GMT
Etag: "634b2ab2-117"
Expires: Mon, 17 Oct 2022 22:35:13 GMT
Last-Modified: Sat, 15 Oct 2022 21:48:34 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4aa8f0fb4aaa06e2604b5355b091a807
7ec7e72102d02a0808bd4afaea309a6864497528
d4a81a90b9e021a6161d99e959c48c4dacba78f6f12b91ec89cb0475ed818c0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3486
Cache-Control: max-age=92772
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:28 GMT
Etag: "634b2ab2-117"
Expires: Mon, 17 Oct 2022 22:46:40 GMT
Last-Modified: Sat, 15 Oct 2022 21:48:34 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4aa8f0fb4aaa06e2604b5355b091a807
7ec7e72102d02a0808bd4afaea309a6864497528
d4a81a90b9e021a6161d99e959c48c4dacba78f6f12b91ec89cb0475ed818c0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2799
Cache-Control: max-age=92085
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:28 GMT
Etag: "634b2ab2-117"
Expires: Mon, 17 Oct 2022 22:35:13 GMT
Last-Modified: Sat, 15 Oct 2022 21:48:34 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4aa8f0fb4aaa06e2604b5355b091a807
7ec7e72102d02a0808bd4afaea309a6864497528
d4a81a90b9e021a6161d99e959c48c4dacba78f6f12b91ec89cb0475ed818c0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3486
Cache-Control: max-age=92772
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 21:00:28 GMT
Etag: "634b2ab2-117"
Expires: Mon, 17 Oct 2022 22:46:40 GMT
Last-Modified: Sat, 15 Oct 2022 21:48:34 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
trkbng.com/hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
31.192.112.221302 Found 80 kB URL HTTP/2 trkbng.com/hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
IP 31.192.112.221:0
ASN #48684 Viking Host B.V.
Hash 68d03c3ad070f834106e2a2a8cd18401
6e86006dc063b6efebe053209b95e7b450287247
0c924758a1a8e4958006af8c55a6d25c92ed38babc1ead18b075edb50f9169aa
GET /hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat HTTP/1.1
Host: trkbng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 16 Oct 2022 21:00:27 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.promo-bc.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.bongocams.biz
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.bongacams.org
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.bongacams10.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.bcmspt.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.bngwlt.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.bngpt.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.bngpst.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.bngprl.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.bngpop.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.bngosv.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.bngvs.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.bngdyn.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.dynspt.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.ecdyn.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.trkbc.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.trkbng.com
BCH_H=c0f89bfea3bceef03f8cb79f92184fcc%7C2022-10-17; expires=Mon, 03-Oct-2072 21:00:27 GMT; Max-Age=1576800000; path=/; domain=.bcprm.com
location: https://bongacams.com/popular-chat?bcs=a25vd2MwZjg5YmZlYTNiY2VlZjAzZjhjYjc5ZjkyMTg0ZmNjOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
expires: Sun, 16 Oct 2022 21:00:26 GMT
x-bcs: ded7013
strict-transport-security: max-age=0;
cache-control: no-cache, public
x-bc-bl: 102
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/04d/124/xbig_lq/eca8b4.webp
195.85.23.30200 OK 5.7 kB URL HTTP/2 i.bcicdn.com/live/09e/04d/124/xbig_lq/eca8b4.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3c89c6335e8ac2f9f007131046e4b236
bfda433e8da0403abf8f7182b4518a3b74120e78
6e26b5a8517a1bfc1cafa3d7bd77a6a2a08142361f159fc1492d00aec97f146c
GET /live/09e/04d/124/xbig_lq/eca8b4.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 5744
last-modified: Sun, 16 Oct 2022 20:54:44 GMT
etag: "634c6f94-1670"
expires: Sun, 23 Oct 2022 20:54:45 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 342
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a812b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/0d7/2a4/xbig_lq/9e45b1.webp
195.85.23.30200 OK 11 kB URL HTTP/2 i.bcicdn.com/live/09e/0d7/2a4/xbig_lq/9e45b1.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4b5c20bbd9e52ecf67965b3ec92d263a
2dce699fec6174508536732559fd6cdc3602c556
0dcdb4e7383b459bea1307108e5d5d3f45c9c31a309f020acb49bccf76cd3be7
GET /live/09e/0d7/2a4/xbig_lq/9e45b1.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 10690
last-modified: Sun, 16 Oct 2022 20:57:06 GMT
etag: "634c7022-29c2"
expires: Sun, 23 Oct 2022 20:57:06 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 191
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a80fb503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09d/312/378/xbig_lq/d90d1b.webp
195.85.23.30200 OK 7.8 kB URL HTTP/2 i.bcicdn.com/live/09d/312/378/xbig_lq/d90d1b.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4fce0c8049383920db78416522b44b12
9881d84edad8aa299f95c121ce95df0321f6a002
9dc9ba7d27d5b5e024c2f6fc3d8e78213493eabecb26c4afb10141fe557a5ef7
GET /live/09d/312/378/xbig_lq/d90d1b.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 7750
last-modified: Sun, 16 Oct 2022 20:55:04 GMT
etag: "634c6fa8-1e46"
expires: Sun, 23 Oct 2022 20:55:04 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 320
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a817b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/171/3c7/xbig_lq/7910cf.webp
195.85.23.30200 OK 10 kB URL HTTP/2 i.bcicdn.com/live/09e/171/3c7/xbig_lq/7910cf.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aac2946e2a2c09de19baaf63b6eec085
1ba8415f538d3b8660f35f826f63b7c4b2e6fcf2
cec82394057409b9492879cd34a67dcef50a932856231f8903386ca9acb9fcc8
GET /live/09e/171/3c7/xbig_lq/7910cf.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 10162
last-modified: Sun, 16 Oct 2022 20:59:18 GMT
etag: "634c70a6-27b2"
expires: Sun, 23 Oct 2022 20:59:20 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: HIT
cf-cache-status: HIT
age: 56
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a819b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/12c/0b7/xbig_lq/c9a579.webp
195.85.23.30200 OK 13 kB URL HTTP/2 i.bcicdn.com/live/09e/12c/0b7/xbig_lq/c9a579.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d4d14ba737c87d36300740befd8c1df9
d1ab4c91f8ae7fd2a980a12bbfda72882a241d7c
584cefdb9853873c0c8d5266b5839a0614e7c9995b2321ad23bd28c4fdb0286d
GET /live/09e/12c/0b7/xbig_lq/c9a579.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 12962
last-modified: Sun, 16 Oct 2022 20:57:22 GMT
etag: "634c7032-32a2"
expires: Sun, 23 Oct 2022 20:57:23 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: HIT
cf-cache-status: HIT
age: 185
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a81ab503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/118/0b3/xbig_lq/5bc507.webp
195.85.23.30200 OK 4.9 kB URL HTTP/2 i.bcicdn.com/live/09e/118/0b3/xbig_lq/5bc507.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 02235026a6122a727214745ad05be0b3
0464f214f558f18645d67b4d5aba63a3bd751ef1
8cc3b7d5a25875f7ca510e02d8389064d22ea3b9b48634c97e641580df5a801c
GET /live/09e/118/0b3/xbig_lq/5bc507.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 4902
last-modified: Sun, 16 Oct 2022 20:55:43 GMT
etag: "634c6fcf-1326"
expires: Sun, 23 Oct 2022 20:55:44 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 284
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a81bb503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/145/1ae/xbig_lq/c07f18.webp
195.85.23.30200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/09e/145/1ae/xbig_lq/c07f18.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 01d3ddbcef679c709a1ecbd26e382701
e0b333c8ebaded07b57ee53cb3e150763e5bafb1
c0d9682d32631a1a5d99fa89de1f9733db7dd2fc52996c99ff44fd1ce241e093
GET /live/09e/145/1ae/xbig_lq/c07f18.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 16146
last-modified: Sun, 16 Oct 2022 20:58:55 GMT
etag: "634c708f-3f12"
expires: Sun, 23 Oct 2022 20:58:56 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 88
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a81db503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/160/14c/xbig_lq/5bf40c.webp
195.85.23.30200 OK 6.2 kB URL HTTP/2 i.bcicdn.com/live/09e/160/14c/xbig_lq/5bf40c.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aaa25c7559a541bb0ab16a85ddeeff20
97485560f71a1e37ce10e14d4e81d8d26cc35541
1ba3e7bcbe52bcb55aabec9bff9bfe0a770187017969bb7be5e828c6b3a6b26e
GET /live/09e/160/14c/xbig_lq/5bf40c.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 6188
last-modified: Sun, 16 Oct 2022 20:55:00 GMT
etag: "634c6fa4-182c"
expires: Sun, 23 Oct 2022 20:55:01 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 319
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a818b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09d/3d3/1b4/xbig_lq/c0e413.webp
195.85.23.30200 OK 4.9 kB URL HTTP/2 i.bcicdn.com/live/09d/3d3/1b4/xbig_lq/c0e413.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 67ee417795af41e382458e9f9df98729
c8f68195e30faa8d39c4caeaf6fcda20df6ead2b
ef33f341939757921454b7958575491411abfb18e490e4a8911de9bf42d14f0f
GET /live/09d/3d3/1b4/xbig_lq/c0e413.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 4874
last-modified: Sun, 16 Oct 2022 20:58:43 GMT
etag: "634c7083-130a"
expires: Sun, 23 Oct 2022 20:58:44 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 104
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a81cb503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/02b/01a/xbig_lq/df4da9.webp
195.85.23.30200 OK 14 kB URL HTTP/2 i.bcicdn.com/live/09e/02b/01a/xbig_lq/df4da9.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec6c8bfe44f8dcaf6eaf207eac8ad527
f4b127a20980f996079f0bf0922ecea59a8ae2bf
d41938212408534b36236f568931fc5c47b7d5586a42a6a11b1a6435eb5554da
GET /live/09e/02b/01a/xbig_lq/df4da9.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 14132
last-modified: Sun, 16 Oct 2022 20:58:55 GMT
etag: "634c708f-3734"
expires: Sun, 23 Oct 2022 20:58:56 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 88
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a813b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/0ac/15c/xbig_lq/180bd2.webp
195.85.23.30200 OK 9.1 kB URL HTTP/2 i.bcicdn.com/live/09e/0ac/15c/xbig_lq/180bd2.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54c48efca32e7f072dfdaa8df665b602
812c078a4ad97403e60d9c591a4aed9c6ca7cb61
7327018c455e1030ad351e546f6280dc6e01c7c044177d3f062aac55b04f0924
GET /live/09e/0ac/15c/xbig_lq/180bd2.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 9070
last-modified: Sun, 16 Oct 2022 20:59:21 GMT
etag: "634c70a9-236e"
expires: Sun, 23 Oct 2022 20:59:22 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 66
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a815b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/020/225/xbig_lq/11de9d.webp
195.85.23.30200 OK 11 kB URL HTTP/2 i.bcicdn.com/live/09e/020/225/xbig_lq/11de9d.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cfc7a15adec396bb740193f9f46fec6e
8d88c511b2805630c5ad3f56e2b8490bba9b58ec
db37f3ae7b229704e97b5ee60ae63207f60f8f7382c014b660960862a0eac109
GET /live/09e/020/225/xbig_lq/11de9d.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 10922
last-modified: Sun, 16 Oct 2022 20:58:02 GMT
etag: "634c705a-2aaa"
expires: Sun, 23 Oct 2022 20:58:05 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 143
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a81eb503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/gifts/901/771be9d5e351d1e4888537352321debb_th.png
195.85.23.30200 OK 20 kB URL HTTP/2 i.bcicdn.com/gifts/901/771be9d5e351d1e4888537352321debb_th.png
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 155 x 155, 8-bit/color RGBA, non-interlaced\012- data
Hash b625446ac227298550d01479011e9bcc
278523298af00f936dcad9b5d230d4835b743726
0a77445d70f74cf91ec3ec5e3797ecd6ab7c0a16f1432235f5f921ce1f2b61c1
GET /gifts/901/771be9d5e351d1e4888537352321debb_th.png HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/png
content-length: 19980
last-modified: Mon, 04 Feb 2019 08:50:36 GMT
etag: "5c57fcdc-4e0c"
expires: Wed, 19 Oct 2022 13:47:23 GMT
cache-control: max-age=2592000
vary: Accept-Encoding
x-cache-0: 1
cf-cache-status: HIT
age: 2358700
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a80cb503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/04e/229/3bf/xbig_lq/24e910.webp
195.85.23.30200 OK 8.2 kB URL HTTP/2 i.bcicdn.com/live/04e/229/3bf/xbig_lq/24e910.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d44207b7b6cfcc7e956a2b9ae65d274d
a626a0e0514dd5a84df3308b356fa171405a4f58
6fc01820b42baea6e8df92afc01f60e63e62655673f56fdf75ba062042ee7897
GET /live/04e/229/3bf/xbig_lq/24e910.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 8184
last-modified: Sun, 16 Oct 2022 20:59:41 GMT
etag: "634c70bd-1ff8"
expires: Sun, 23 Oct 2022 20:59:42 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 43
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964b82db503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/076/3df/1da/xbig_lq/54172b.webp
195.85.23.30200 OK 36 kB URL HTTP/2 i.bcicdn.com/live/076/3df/1da/xbig_lq/54172b.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5c0631a521cbb85b4c55c64f6728f516
0ca26ba06a1ef7be4f60173c6bb5141aeba54ae1
32e525ba3e99a8b456874fadcf6a7409c7a154cde25548b8713a9ff47506c483
GET /live/076/3df/1da/xbig_lq/54172b.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 35648
last-modified: Sun, 16 Oct 2022 20:55:56 GMT
etag: "634c6fdc-8b40"
expires: Sun, 23 Oct 2022 20:55:59 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 251
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a81fb503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/068/30e/37f/xbig_lq/b9ad5d.webp
195.85.23.30200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/068/30e/37f/xbig_lq/b9ad5d.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cf307d25f003ec52e7ab1787a7fd7601
ca9abe269f8a96991a4aa52a880c3c506acb94a5
fe474a5b71d0994a209a1b47c9c3f51a9dffa001988f2107cb80d30829142411
GET /live/068/30e/37f/xbig_lq/b9ad5d.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 15838
last-modified: Sun, 16 Oct 2022 20:59:58 GMT
etag: "634c70ce-3dde"
expires: Sun, 23 Oct 2022 20:59:59 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 29
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a820b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/07c/1e0/0a3/xbig_lq/102840.webp
195.85.23.30200 OK 13 kB URL HTTP/2 i.bcicdn.com/live/07c/1e0/0a3/xbig_lq/102840.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3bcd79302634a5716bc0e95738d14530
dce34456ff807c42d9082fcd2ef0a50da408e4d7
c71855951f0364ffe00c93dc403848ce6737c820cae70289b350df4d963cadbc
GET /live/07c/1e0/0a3/xbig_lq/102840.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 12710
last-modified: Sun, 16 Oct 2022 20:56:17 GMT
etag: "634c6ff1-31a6"
expires: Sun, 23 Oct 2022 20:56:18 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 248
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964b822b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/05b/2cc/0af/xbig_lq/aace78.webp
195.85.23.30200 OK 15 kB URL HTTP/2 i.bcicdn.com/live/05b/2cc/0af/xbig_lq/aace78.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d41f1d679b0dbd9ba81760c8f4a7171e
024a339324ac3b73977b9ca8ce6b4b00d1162475
3aee9e589db8dc95bc02c231485244e61bf91e1eb61684494dbb780818471246
GET /live/05b/2cc/0af/xbig_lq/aace78.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 14584
last-modified: Sun, 16 Oct 2022 20:47:34 GMT
etag: "634c6de6-38f8"
expires: Sun, 23 Oct 2022 20:47:38 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: HIT
cf-cache-status: HIT
age: 763
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964b823b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/062/390/06c/xbig_lq/634fff.webp
195.85.23.30200 OK 15 kB URL HTTP/2 i.bcicdn.com/live/062/390/06c/xbig_lq/634fff.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ff14ed025e1c478e193d3940ff3df932
76497ffb7445d1befa2efa5adfd69576df944f2a
313fb83c9718e9c1b1ba8a8bc948b4d0a980ff4d9997bfba73557dcfaffb348b
GET /live/062/390/06c/xbig_lq/634fff.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 15090
last-modified: Sun, 16 Oct 2022 20:57:15 GMT
etag: "634c702b-3af2"
expires: Sun, 23 Oct 2022 20:57:15 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: HIT
cf-cache-status: HIT
age: 192
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964b825b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/078/299/32c/xbig_lq/0e7dd4.webp
195.85.23.30200 OK 15 kB URL HTTP/2 i.bcicdn.com/live/078/299/32c/xbig_lq/0e7dd4.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69e0acc34ffde3bfb77432a730a39851
184e645502bc0414d232ae380f35915b4a63b2c4
7f153b77c46bb4756eb85e12ad8cb678ebb88028709c5e59b51ae0abae4914c2
GET /live/078/299/32c/xbig_lq/0e7dd4.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 14746
last-modified: Sun, 16 Oct 2022 20:57:16 GMT
etag: "634c702c-399a"
expires: Sun, 23 Oct 2022 20:57:17 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 189
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964b826b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/045/387/0a6/xbig_lq/67ca1c.webp
195.85.23.30200 OK 9.7 kB URL HTTP/2 i.bcicdn.com/live/045/387/0a6/xbig_lq/67ca1c.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 29f999309fd0bd6ccae377246e568f27
7ba3dd1eaf6775d602ccf9a16e50fed04110409b
1a3e3c2bf310015f4f791f49024b3032fea837c4e4ffef73ff80dfbd54c04118
GET /live/045/387/0a6/xbig_lq/67ca1c.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 9698
last-modified: Sun, 16 Oct 2022 20:57:44 GMT
etag: "634c7048-25e2"
expires: Sun, 23 Oct 2022 20:57:45 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 150
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964b829b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/096/1ea/1a4/xbig_lq/9e345e.webp
195.85.23.30200 OK 15 kB URL HTTP/2 i.bcicdn.com/live/096/1ea/1a4/xbig_lq/9e345e.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0969d1597e07c8dc5f50eea5149ee35a
0978cc2e79b413a1eaa6a1db6f08327d53b381dd
9f40c3c9245d89d28a88432dbf671d75652b94da894b0f75067534810324f393
GET /live/096/1ea/1a4/xbig_lq/9e345e.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 14668
last-modified: Sun, 16 Oct 2022 20:58:21 GMT
etag: "634c706d-394c"
expires: Sun, 23 Oct 2022 20:58:22 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 126
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964b834b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/00d/048/35f/xbig_lq/c9a579.webp
195.85.23.30200 OK 12 kB URL HTTP/2 i.bcicdn.com/live/00d/048/35f/xbig_lq/c9a579.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 79239ca6ceaf5ea911edc0cf01690196
352d534eaf88846fffe455fb7e7009ff1d88dac0
724d38b7230a0dc9c938cc38b7f935501f5b5d44472b05e44464bbe10044f3f9
GET /live/00d/048/35f/xbig_lq/c9a579.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 12440
last-modified: Sun, 16 Oct 2022 20:57:21 GMT
etag: "634c7031-3098"
expires: Sun, 23 Oct 2022 20:57:22 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 185
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964b835b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/03a/014/1a5/xbig_lq/505d40.webp
195.85.23.30200 OK 13 kB URL HTTP/2 i.bcicdn.com/live/03a/014/1a5/xbig_lq/505d40.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5cbf739276a9af0f78db77f7d22de515
7f9181e0a10ae205a6be6e27edf1aac2fb25608c
87986c1a34ad7ee3366a2f73c830be9acc53fcd3637b1237b60dc48395085330
GET /live/03a/014/1a5/xbig_lq/505d40.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 12924
last-modified: Sun, 16 Oct 2022 20:58:18 GMT
etag: "634c706a-327c"
expires: Sun, 23 Oct 2022 20:58:18 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 129
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964c83ab503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/067/3e2/00a/xbig_lq/0bbd11.webp
195.85.23.30200 OK 20 kB URL HTTP/2 i.bcicdn.com/live/067/3e2/00a/xbig_lq/0bbd11.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f463c19d252567c47e17debbbeb656fd
b7cddf8f5e2216dc1a7ec66d457a86d1876650c1
ac99ec2d2562a9ca8e5e0dec47155e245650767dc253ebb4f8666e7b929026e7
GET /live/067/3e2/00a/xbig_lq/0bbd11.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 19912
last-modified: Sun, 16 Oct 2022 20:59:06 GMT
etag: "634c709a-4dc8"
expires: Sun, 23 Oct 2022 20:59:07 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 79
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964b828b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/01a/18f/xbig_lq/0293e8.webp
195.85.23.30200 OK 14 kB URL HTTP/2 i.bcicdn.com/live/09e/01a/18f/xbig_lq/0293e8.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b9052870905d269d782a2a2703c7cdd
a2d478b150c47aaec5dbaed6192c89de63927904
a28181f60680f4183bd13166545473f91117e33a802329c4445043e3e59d8b78
GET /live/09e/01a/18f/xbig_lq/0293e8.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 14298
last-modified: Sun, 16 Oct 2022 20:57:02 GMT
etag: "634c701e-37da"
expires: Sun, 23 Oct 2022 20:57:02 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 205
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964c83fb503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09d/0b7/0d5/xbig_lq/26dce5.webp
195.85.23.30200 OK 14 kB URL HTTP/2 i.bcicdn.com/live/09d/0b7/0d5/xbig_lq/26dce5.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 57a4de0798feda0003a485d87da39912
b14ee07e603df19501afbcc6e82a6e13b29193aa
32df70971b3490aaf21b24191b92d64879e8c4c2fd12f9ef378413acfd01b5d6
GET /live/09d/0b7/0d5/xbig_lq/26dce5.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 14256
last-modified: Sun, 16 Oct 2022 20:59:37 GMT
etag: "634c70b9-37b0"
expires: Sun, 23 Oct 2022 20:59:38 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 50
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964c841b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/125/092/xbig_lq/245782.webp
195.85.23.30200 OK 14 kB URL HTTP/2 i.bcicdn.com/live/09e/125/092/xbig_lq/245782.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 37ed83a73f0e68253949a12e58e208ef
cc8a6e67af6287d9e931aabbfb03f7f73d3d8333
5d68172995a2737f77e8e65f8253342809fb02749321024de19feb5111b0acea
GET /live/09e/125/092/xbig_lq/245782.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 14448
last-modified: Sun, 16 Oct 2022 20:57:21 GMT
etag: "634c7031-3870"
expires: Sun, 23 Oct 2022 20:57:22 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 185
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964e858b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/1d8/37f/xbig_lq/98e2f1.webp
195.85.23.30200 OK 10 kB URL HTTP/2 i.bcicdn.com/live/09e/1d8/37f/xbig_lq/98e2f1.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a69cb9f8bf327be2681bf93d1ec09546
99c392a58b5c87c28cd197457d0834af46cd0271
d5d34474dbd71e9508cbd44e493f71447a8a7ac3056b095a918de4813d860ce9
GET /live/09e/1d8/37f/xbig_lq/98e2f1.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 10246
last-modified: Sun, 16 Oct 2022 20:59:59 GMT
etag: "634c70cf-2806"
expires: Sun, 23 Oct 2022 21:00:00 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 26
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964e861b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/075/1f1/277/xbig_lq/d25645.webp
195.85.23.30200 OK 10 kB URL HTTP/2 i.bcicdn.com/live/075/1f1/277/xbig_lq/d25645.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1493e9c48bb707b46a9d22c7291c97c9
04e419a386b8db85c1d19bb5e8ffaaf85a19f41b
082b914b911961a27f33463d14cb8afcf1c99f2ef8c7f6583ed3d3f63703a6cd
GET /live/075/1f1/277/xbig_lq/d25645.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 10202
last-modified: Sun, 16 Oct 2022 20:58:38 GMT
etag: "634c707e-27da"
expires: Sun, 23 Oct 2022 20:58:40 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 108
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964e865b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/095/392/0c7/xbig_lq/188aba.webp
195.85.23.30200 OK 13 kB URL HTTP/2 i.bcicdn.com/live/095/392/0c7/xbig_lq/188aba.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c857e01e5ebd9623fa95a493a84dd4b8
26a0b56408f1804f3de31e8e8912cafc27b6bf74
2df71e5037563a5379008df7a73bc52fbef451257dfdfd698cb918e5e47db4b3
GET /live/095/392/0c7/xbig_lq/188aba.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 13374
last-modified: Sun, 16 Oct 2022 20:57:53 GMT
etag: "634c7051-343e"
expires: Sun, 23 Oct 2022 20:57:53 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 154
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964e868b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/04a/233/342/305d2b80cdec2ce54b48597ee9a027bf_profile_s.jpg
195.85.23.30200 OK 9.4 kB URL HTTP/2 i.bcicdn.com/04a/233/342/305d2b80cdec2ce54b48597ee9a027bf_profile_s.jpg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, progressive, precision 8, 226x224, components 3\012- data
Hash f12c637ac4b383763a8bfcf340012590
d3a7682fae3c95d8625bbad15012f3ece65f3a10
6590b2d0e7d5377bb27944649dad328b1e9111aa6a11d881b4331a359a6cb097
GET /04a/233/342/305d2b80cdec2ce54b48597ee9a027bf_profile_s.jpg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/jpeg
content-length: 9389
access-control-allow-origin: *
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "634a209d-24ad"
expires: Mon, 14 Nov 2022 02:53:29 GMT
last-modified: Sat, 15 Oct 2022 02:53:17 GMT
x-o1-p4: MISS
x-bc-o: 2
cf-cache-status: HIT
age: 150999
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a808b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09d/29f/28f/xbig_lq/e3caaa.webp
195.85.23.30200 OK 11 kB URL HTTP/2 i.bcicdn.com/live/09d/29f/28f/xbig_lq/e3caaa.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5d0c53d11981c72e3801bc77562a6303
4c8ea26fff06ab68424a0604b4ba0ca078f2b724
7877a2bef5acbac4279a56344aa9ecdc4d4690759eed9159e8629723c4ae93f6
GET /live/09d/29f/28f/xbig_lq/e3caaa.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 10592
last-modified: Sun, 16 Oct 2022 20:58:31 GMT
etag: "634c7077-2960"
expires: Sun, 23 Oct 2022 20:58:33 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 115
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b9650880b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09d/29f/16b/xbig_lq/dafe95.webp
195.85.23.30200 OK 18 kB URL HTTP/2 i.bcicdn.com/live/09d/29f/16b/xbig_lq/dafe95.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1d17bd5b5c9d4284583cdb246f7abdb9
799a8ca9b0e98931911cbc151d58c23ee656e020
d626e040927d25aa4ef344e33696ea75d218af78d444781501963777fd46d63b
GET /live/09d/29f/16b/xbig_lq/dafe95.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 18172
last-modified: Sun, 16 Oct 2022 20:58:08 GMT
etag: "634c7060-46fc"
expires: Sun, 23 Oct 2022 20:58:09 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 138
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b9650881b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/0ad/383/xbig_lq/6f2be7.webp
195.85.23.30200 OK 12 kB URL HTTP/2 i.bcicdn.com/live/09e/0ad/383/xbig_lq/6f2be7.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6593e4031f2a4ce5df0edb5853ec3462
f1c9c1b6c5cd8ee24f07e55cc4a4e786729007d9
b882784561276d4387183d7fbb3b16faa8505fbcfce34644362e11ba2071ab0c
GET /live/09e/0ad/383/xbig_lq/6f2be7.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 11740
last-modified: Sun, 16 Oct 2022 20:58:58 GMT
etag: "634c7092-2ddc"
expires: Sun, 23 Oct 2022 20:58:59 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 87
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528a9b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/0e9/13d/xbig_lq/967805.webp
195.85.23.30200 OK 9.4 kB URL HTTP/2 i.bcicdn.com/live/09e/0e9/13d/xbig_lq/967805.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cd0979cdb641c37387d0a98856739759
50367ced382465402b49e7ca9b9264982656c79c
a3d32df661fa5944fcb3dd0143853bfc25b0370bae008d0c784c7eb997a5db48
GET /live/09e/0e9/13d/xbig_lq/967805.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 9388
last-modified: Sun, 16 Oct 2022 20:57:09 GMT
etag: "634c7025-24ac"
expires: Sun, 23 Oct 2022 20:57:10 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 198
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528a3b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/04b/1ae/xbig_lq/e0a4ae.webp
195.85.23.30200 OK 14 kB URL HTTP/2 i.bcicdn.com/live/09c/04b/1ae/xbig_lq/e0a4ae.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6494bc5ea74febf30d1c3d9757ef26a7
b14c7fe223c04abbd91a36c32c72354e18d1db61
6feef54c5ecf1c33dc4127b792f2bac9c1e259daa02ca05bf73346bd071b2a76
GET /live/09c/04b/1ae/xbig_lq/e0a4ae.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 14212
last-modified: Sun, 16 Oct 2022 20:54:31 GMT
etag: "634c6f87-3784"
expires: Sun, 23 Oct 2022 20:54:32 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 352
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528aab503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/promotions/invisible_mode/2/182x600/no.jpg
195.85.23.30200 OK 74 kB URL HTTP/2 i.bcicdn.com/promotions/invisible_mode/2/182x600/no.jpg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 182x600, components 3\012- data
Hash d35ca9a1129049ea13fe0f65b07acd2d
a4fdbde0302c6fd5d7ff3536bd693eb2eab87e4d
6f463f0413db3e7d213fbd83375ab29ba5c4b8e7e0dea558e1843aaad3db4a70
GET /promotions/invisible_mode/2/182x600/no.jpg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/jpeg
content-length: 73918
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "624a9aa4-120be"
expires: Wed, 19 Oct 2022 13:47:31 GMT
last-modified: Mon, 04 Apr 2022 07:13:40 GMT
vary: Accept-Encoding
x-cache-0: 1
cf-cache-status: HIT
age: 2358777
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528abb503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09e/01c/30e/xbig_lq/109daf.webp
195.85.23.30200 OK 20 kB URL HTTP/2 i.bcicdn.com/live/09e/01c/30e/xbig_lq/109daf.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 06957dddf58f0dcdfa32588c0b5ca946
e444646d95af4959e054bc4acbb3939394273acc
10517862d36924e2d1bcdf01835095fe8193a7e258baa403149159b921f5d106
GET /live/09e/01c/30e/xbig_lq/109daf.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/webp
content-length: 20394
last-modified: Sun, 16 Oct 2022 21:00:06 GMT
etag: "634c70d6-4faa"
expires: Sun, 23 Oct 2022 21:00:07 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 8
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528a6b503-OSL
X-Firefox-Spdy: h2
no.bongacams.com/images/sprite/bc/layout3.svg
195.85.23.95200 OK 5.0 kB URL HTTP/2 no.bongacams.com/images/sprite/bc/layout3.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4519), with no line terminators
Hash 665807f9d03d3d9bf8afdf78b618fd35
4122e788bd1598808d5fea76fead09704eac9562
a5e58f3a4430bbd1f414d63455fb61b773e6f3a7b5a64eaa842666d9aed1b565
GET /images/sprite/bc/layout3.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=a25vd2MwZjg5YmZlYTNiY2VlZjAzZjhjYjc5ZjkyMTg0ZmNjOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=1F5mA7BXHOHrRn.MWXjEIsihR9zr2UqfFoz0Jbq.Uww-1665954026-0-AY+UUvtXyj7wmi8UITgilkGdp4DiSJipmrWLcHcWqmwTzsprJ40M2rsKvOV1uozNRGNdT/QjBcIeW4SfUxKfvMM=; bonga20120608=7cc51d4cd7ef077d475acbfc2cf2764d; BONGAH_HIT=c0f89bfea3bceef03f8cb79f92184fcc%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-10-17%2000%3A00%3A27; sg=339; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/svg+xml
last-modified: Fri, 10 Sep 2021 04:18:28 GMT
etag: W/"613adc94-11a7"
expires: Tue, 15 Nov 2022 21:00:28 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 924997
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3b9667d70b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
no.bongacams.com/images/sprite/bc/listing.svg
195.85.23.95200 OK 17 kB URL HTTP/2 no.bongacams.com/images/sprite/bc/listing.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (31758), with no line terminators
Hash 27321908fd09bb5ac0753264a2761d82
85e9f1a76e3ecc6a33709ee25348d0c49448c2d4
30c44688d95bcf9dfae0c38b6191fb7a4778d3f5c1217beda999e7aafe181d1b
GET /images/sprite/bc/listing.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=a25vd2MwZjg5YmZlYTNiY2VlZjAzZjhjYjc5ZjkyMTg0ZmNjOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=1F5mA7BXHOHrRn.MWXjEIsihR9zr2UqfFoz0Jbq.Uww-1665954026-0-AY+UUvtXyj7wmi8UITgilkGdp4DiSJipmrWLcHcWqmwTzsprJ40M2rsKvOV1uozNRGNdT/QjBcIeW4SfUxKfvMM=; bonga20120608=7cc51d4cd7ef077d475acbfc2cf2764d; BONGAH_HIT=c0f89bfea3bceef03f8cb79f92184fcc%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-10-17%2000%3A00%3A27; sg=339; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Oct 2020 04:23:05 GMT
etag: W/"5f964f29-7c0e"
expires: Tue, 15 Nov 2022 21:00:28 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 924954
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3b9667d6bb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
no.bongacams.com/images/sprite/bc/ui2.svg
195.85.23.95200 OK 15 kB URL HTTP/2 no.bongacams.com/images/sprite/bc/ui2.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2337), with no line terminators
Hash f2670414164a5f113b491b1d44ed8400
f257b9b3453546041e7d16e2454e50d095c86149
e860c2d20be72b786c843cc28c98f6c437773629413dc8c476987fa3baff3cf9
GET /images/sprite/bc/ui2.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=a25vd2MwZjg5YmZlYTNiY2VlZjAzZjhjYjc5ZjkyMTg0ZmNjOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=1F5mA7BXHOHrRn.MWXjEIsihR9zr2UqfFoz0Jbq.Uww-1665954026-0-AY+UUvtXyj7wmi8UITgilkGdp4DiSJipmrWLcHcWqmwTzsprJ40M2rsKvOV1uozNRGNdT/QjBcIeW4SfUxKfvMM=; bonga20120608=7cc51d4cd7ef077d475acbfc2cf2764d; BONGAH_HIT=c0f89bfea3bceef03f8cb79f92184fcc%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-10-17%2000%3A00%3A27; sg=339; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/svg+xml
last-modified: Tue, 21 Dec 2021 07:10:25 GMT
etag: W/"61c17de1-921"
expires: Tue, 15 Nov 2022 21:00:28 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 924997
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3b9667d71b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
no.bongacams.com/images/sprite/bc/category.svg
195.85.23.95200 OK 17 kB URL HTTP/2 no.bongacams.com/images/sprite/bc/category.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (783), with no line terminators
Hash 182cf379463cafbd7b47e55216e4e031
8050f3b0a28995aebff1188c4c1403929e25d61b
309365f234d495344cffe989ead1baf6801bef125a188f790159ee71044be328
GET /images/sprite/bc/category.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=a25vd2MwZjg5YmZlYTNiY2VlZjAzZjhjYjc5ZjkyMTg0ZmNjOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=1F5mA7BXHOHrRn.MWXjEIsihR9zr2UqfFoz0Jbq.Uww-1665954026-0-AY+UUvtXyj7wmi8UITgilkGdp4DiSJipmrWLcHcWqmwTzsprJ40M2rsKvOV1uozNRGNdT/QjBcIeW4SfUxKfvMM=; bonga20120608=7cc51d4cd7ef077d475acbfc2cf2764d; BONGAH_HIT=c0f89bfea3bceef03f8cb79f92184fcc%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-10-17%2000%3A00%3A27; sg=339; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/svg+xml
last-modified: Thu, 13 Jan 2022 02:31:17 GMT
etag: W/"61df8ef5-30f"
expires: Tue, 15 Nov 2022 21:00:28 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 925053
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3b9667d6fb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/fonts/open_sans/v23/regular/latin.woff2
195.85.23.30200 OK 14 kB URL HTTP/2 i.bcicdn.com/fonts/open_sans/v23/regular/latin.woff2
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type Web Open Font Format (Version 2), TrueType, length 14440, version 1.0\012- data
Hash ff9d619b59f5cb3529b100448f398ac5
f821770af8dcac25fd51b691be779fb56dde7783
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
GET /fonts/open_sans/v23/regular/latin.woff2 HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://no.bongacams.com
Connection: keep-alive
Referer: https://i.bcicdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: application/octet-stream
content-length: 14440
last-modified: Wed, 15 Sep 2021 03:49:40 GMT
etag: "61416d54-3868"
expires: Sat, 05 Nov 2022 04:03:06 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 925042
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b9672bdeb503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/fonts/open_sans/v23/regular/cyrillic.woff2
195.85.23.30200 OK 20 kB URL HTTP/2 i.bcicdn.com/fonts/open_sans/v23/regular/cyrillic.woff2
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type Web Open Font Format (Version 2), TrueType, length 19512, version 1.0\012- data
Hash 02e07184987accdb6ce8886b3fdad18e
e639608469bce8b81a19c3bb10bec1cc79f890ad
6cdb2e46ce7be00273368a16d259335bef2f15bd6acae757728f451ef54897a6
GET /fonts/open_sans/v23/regular/cyrillic.woff2 HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://no.bongacams.com
Connection: keep-alive
Referer: https://i.bcicdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: application/octet-stream
content-length: 19512
last-modified: Wed, 15 Sep 2021 03:49:40 GMT
etag: "61416d54-4c38"
expires: Sat, 05 Nov 2022 04:08:34 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 924461
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b9672be0b503-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/images/sprite/bc/ft_atlas_2.svg
195.85.23.30200 OK 31 kB URL HTTP/2 i.bcicdn.com/images/sprite/bc/ft_atlas_2.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (43987), with no line terminators
Hash aae494e0c7ab992188244fc5d4638daf
950fa1765323df66f0eb7efead0fa856e2684030
40e5f715c2b2520e1c6b24bd98dd6b215f0fb9801c7fce0fdbb433d52a038fda
GET /images/sprite/bc/ft_atlas_2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.bcicdn.com/css-min/1FPUY/lt.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Apr 2021 10:07:22 GMT
etag: W/"607961da-abd3"
expires: Wed, 19 Oct 2022 13:47:19 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2358787
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b966fb7cb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5a0ca8b28fd3e13be0ee6e4d12d2e803
0f1c8fdb4c14b8e03d2e438e42483ecafcf7694d
21c54e0025969c76ef8c272ce8582bf4d30e909cf87cd9611092d5f9f63396fe
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 21:00:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 16 Oct 2022 15:32:24 GMT
Expires: Sun, 23 Oct 2022 15:32:23 GMT
Etag: "0f1c8fdb4c14b8e03d2e438e42483ecafcf7694d"
Cache-Control: max-age=604071,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 651
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b3b9673ec3b52d-OSL
i.bcicdn.com/images/default/social/snapchat.svg
195.85.23.30200 OK 29 kB URL HTTP/2 i.bcicdn.com/images/default/social/snapchat.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2654)
Hash c71f797b80962705b9799f41d00a3747
c2721fc640d81ed8ca04e3d99b3d0239b7929388
c2c36d835b256285854e222c4c2aa5d2fddb70e2d9bbfd17244b7b4ce7833730
GET /images/default/social/snapchat.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/svg+xml
last-modified: Wed, 10 Apr 2019 02:37:07 GMT
etag: W/"5cad56d3-1563"
expires: Wed, 19 Oct 2022 13:47:21 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2358777
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a80ab503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/sprite/bc/flag_pack-7fa3aa73.svg
195.85.23.30200 OK 24 kB URL HTTP/2 i.bcicdn.com/images/sprite/bc/flag_pack-7fa3aa73.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (22389), with no line terminators
Hash 02e1bce6ac9c64b1747ef7b0c60bddd6
604cda24c1ddb72e05ca3c1a97cd178f0ec4f874
2c4f560ce7a7e0e7968ecb521ff6b83d9cc611edf174acb9d69895929e08c3ab
GET /images/sprite/bc/flag_pack-7fa3aa73.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.bcicdn.com/css-min/1FPUY/cr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/svg+xml
last-modified: Thu, 30 May 2019 03:12:25 GMT
etag: W/"5cef4a19-5775"
expires: Wed, 19 Oct 2022 13:47:19 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2358784
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b9668aa7b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1FPUY/3997.js
195.85.23.30200 OK 12 kB URL HTTP/2 i.bcicdn.com/js-min/1FPUY/3997.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (18490), with no line terminators
Hash 345be67382e657ea0f13e533eab1f299
383044eca9472db4c05b6b960605cce60a0a7cfa
f09e9ea27ca4a335f70720e15fadaec29d645b8f89fb6b759359f7683e7a9da5
GET /js-min/1FPUY/3997.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-483a"
expires: Sun, 13 Nov 2022 10:18:55 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b968ada8b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
media.aso1.net/js/ifr.html
104.21.234.222200 OK 0 B URL HTTP/2 media.aso1.net/js/ifr.html
IP 104.21.234.222:0
GET /js/ifr.html HTTP/1.1
Host: media.aso1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: text/html
last-modified: Mon, 29 Aug 2022 13:18:49 GMT
etag: W/"630cbcb9-6ea"
expires: Fri, 02 Sep 2022 06:53:13 GMT
cache-control: max-age=259200
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-cache-status: HIT
age: 2451933
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoANVkJ57W8H0g%2F1ulvh1SLuNMLqJexVHsZGyYZsRnR3VRFvoww98lMklWEwBuPKnimXQvlGBXJs2PqQMWOPQ9kv4OiV56ImpnDhJUgcBBZomF4RJIYoacqhRWfHIEIjpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3b94d9f7f742b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.focusde.info/api/spots/303894?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/303894?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/303894?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=glbNBC4OiP7Y0QdriupS
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
a.adtng.com/get/10005363?time=1592491455431&atc=445509&apb=T7ed9QAXSGduGMqw5diqnF18VK4nz-McJLFoXVW6w7imCinuXTAaEAcakkTuHrlvwfuIo4iEDKUp4Db0AFmHrudWMe3LKjjuA1c1zN6p_gUIDRUi
66.254.114.171200 OK 0 B URL HTTP/2 a.adtng.com/get/10005363?time=1592491455431&atc=445509&apb=T7ed9QAXSGduGMqw5diqnF18VK4nz-McJLFoXVW6w7imCinuXTAaEAcakkTuHrlvwfuIo4iEDKUp4Db0AFmHrudWMe3LKjjuA1c1zN6p_gUIDRUi
IP 66.254.114.171:0
GET /get/10005363?time=1592491455431&atc=445509&apb=T7ed9QAXSGduGMqw5diqnF18VK4nz-McJLFoXVW6w7imCinuXTAaEAcakkTuHrlvwfuIo4iEDKUp4Db0AFmHrudWMe3LKjjuA1c1zN6p_gUIDRUi HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sun, 16 Oct 2022 21:00:25 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KImNMcOkGVyXXUFdHAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7079; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 634C70E9-42FE72AB01BBC2C8-64F9177
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1FPUY/f1485.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1FPUY/f1485.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1FPUY/f1485.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-25de"
expires: Sun, 13 Nov 2022 10:18:55 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b968bdadb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
172.64.110.27200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP 172.64.110.27:0
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6356580
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZA%2B%2FvrRAutMH1c9WuNfux7t63Lj98X7x37a7zf3aDB5Qnwj3AwD3uM9PQp4fooJxj2PbG24iNzGa%2BXxarxkNW%2FRLfWtuZpa%2BN7euzlZ75p33uqBUfNJVnjr3bxDPxwNNPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3b94afee50079-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1FPUY/extra/chat.css
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1FPUY/extra/chat.css
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1FPUY/extra/chat.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: text/css
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-57095"
expires: Sun, 13 Nov 2022 10:18:59 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a805b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/vpn/default/us/ios-btn/3/js/jquery.min.js
172.64.110.27200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/vpn/default/us/ios-btn/3/js/jquery.min.js
IP 172.64.110.27:0
GET /sb/ssp/vpn/default/us/ios-btn/3/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: application/javascript
last-modified: Thu, 18 Feb 2021 10:42:25 GMT
etag: W/"602e4491-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6432947
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=op4qy38eBJ0CIMoC2Pwb8CGo8P8MuZeskpOC%2Fv3OqBwGLY319wNnf7rnka%2Bs3zfisLc8zS7lx6WyO3sn1RPiHNyX1JU4FAFRPakrnQ6cuERwdtZA1GOAjBET9cM90C2DtCc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3b94b1f170079-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/images/replace/10/arial/999/bnct_v2.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/images/replace/10/arial/999/bnct_v2.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /images/replace/10/arial/999/bnct_v2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Mar 2022 11:31:02 GMT
etag: W/"6231ca76-345d"
expires: Wed, 19 Oct 2022 13:47:20 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2358789
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528acb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/replace/10/arial/999/bnct_add2.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/images/replace/10/arial/999/bnct_add2.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /images/replace/10/arial/999/bnct_add2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jun 2021 09:45:11 GMT
etag: W/"60c08da7-2a63"
expires: Wed, 19 Oct 2022 13:47:19 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2358772
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528afb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/i18n-min/1665746077/messages/no.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/i18n-min/1665746077/messages/no.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /i18n-min/1665746077/messages/no.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 11:14:54 GMT
etag: W/"634944ae-2a6cc"
expires: Sun, 13 Nov 2022 11:15:27 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 207821
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528b0b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1FPUY/eb4e3.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1FPUY/eb4e3.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1FPUY/eb4e3.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-630"
expires: Sun, 13 Nov 2022 10:18:56 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b9693e6cb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1FPUY/a7dd3.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1FPUY/a7dd3.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1FPUY/a7dd3.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:29 GMT
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-2c9"
expires: Sun, 13 Nov 2022 10:18:56 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211287
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b9693e7eb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/video/5e834df5fb59747046875c89
172.67.137.4200 OK 0 B URL HTTP/2 xfantazy.com/video/5e834df5fb59747046875c89
IP 172.67.137.4:0
GET /video/5e834df5fb59747046875c89 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:20 GMT
content-type: text/html; charset=utf-8
vary: Origin
set-cookie: visitorId=wt3nlbkasf8smc46don9x; Domain=xfantazy.com; Path=/; Expires=Sat, 16 Oct 2032 21:00:20 GMT; HttpOnly
experiment-popup-payment-7=0; Path=/; Expires=Sun, 23 Oct 2022 21:00:20 GMT
experiment-save-to-button-2=0; Path=/; Expires=Sun, 23 Oct 2022 21:00:20 GMT
x-powered-by: Next.js
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gu5z2F0m3lWJPK16BXC8n%2BUwCCQuGnkQQ%2FdNaqf%2BlJLnHyEn%2FwTivzBr8RWEqG3PwgUzLu%2FnI2EeQW8olfau2el4Fb%2F8E16wAmkLgQfc%2Fz%2FeOgl9yYNU9nPJsLTepRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b3b9317831b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
172.64.110.27200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP 172.64.110.27:0
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:24 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6432905
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZ4MOcapPZCDDd%2BpM%2FKgJTge2Ry9f0C99EPQ3GpDMns14rgATqWT9FpaTvBNIAOxS%2BhXlUBYsGH3nhOxiFW4wEkaBBdLnsiWofEjgYRadUWlG7R6HRUxhAzpm%2FNlzf0c7lc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3b94b0efe0079-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1FPUY/5ba8.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1FPUY/5ba8.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1FPUY/5ba8.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-cc"
expires: Sun, 13 Nov 2022 10:18:56 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b968bdaab503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1FPUY/7dfar.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1FPUY/7dfar.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1FPUY/7dfar.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-854"
expires: Sun, 13 Nov 2022 10:18:54 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b968bdb1b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
tsyndicate.com/do2/4K7esoiMRbdmWXtGu7Vp9FjsD2M7K5vE/master?w=1280&h=1024&tz=0&count=10
148.251.120.78200 OK 0 B URL HTTP/2 tsyndicate.com/do2/4K7esoiMRbdmWXtGu7Vp9FjsD2M7K5vE/master?w=1280&h=1024&tz=0&count=10
IP 148.251.120.78:0
ASN #24940 Hetzner Online GmbH
GET /do2/4K7esoiMRbdmWXtGu7Vp9FjsD2M7K5vE/master?w=1280&h=1024&tz=0&count=10 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.focusde.info
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://a.focusde.info
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 16cc49d07fdc75dc
set-cookie: ts_uid=fa612214-52ca-4458-b0b5-47aaaa219851; expires=Sun, 16 Apr 2023 21:00:25 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PY2AiDRkcZDvso; expires=Mon, 17 Oct 2022 21:00:25 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/images/replace/10/arial/999/bnct_add1_v2.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/images/replace/10/arial/999/bnct_add1_v2.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /images/replace/10/arial/999/bnct_add1_v2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Mar 2022 11:31:02 GMT
etag: W/"6231ca76-35ac"
expires: Wed, 19 Oct 2022 13:47:19 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2358772
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528aeb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/svg/bc/model_of_hour/female_1.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/images/svg/bc/model_of_hour/female_1.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /images/svg/bc/model_of_hour/female_1.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Dec 2019 03:04:32 GMT
etag: W/"5e096940-31eb"
expires: Wed, 19 Oct 2022 13:47:19 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2358777
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a80db503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1FPUY/a4ah2.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1FPUY/a4ah2.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1FPUY/a4ah2.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-1108"
expires: Sun, 13 Nov 2022 10:18:54 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b9690e1fb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1FPUY/hg.css
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1FPUY/hg.css
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1FPUY/hg.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: text/css
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-c4a5"
expires: Sun, 13 Nov 2022 10:18:55 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528b8b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1FPUY/cr.css
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1FPUY/cr.css
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1FPUY/cr.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: text/css
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-13584"
expires: Sun, 13 Nov 2022 10:18:59 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528b5b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1FPUY/h.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1FPUY/h.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1FPUY/h.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-aa6ee"
expires: Sun, 13 Nov 2022 10:18:54 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528b3b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1FPUY/e6b9.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1FPUY/e6b9.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1FPUY/e6b9.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-17ce"
expires: Sun, 13 Nov 2022 10:18:55 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b968bdacb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1FPUY/a2fh0.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1FPUY/a2fh0.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1FPUY/a2fh0.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-1bf"
expires: Sun, 13 Nov 2022 10:18:56 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b9690e1bb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/b41eb41d40c04dfdad857c6fe8c82575.html?
148.251.120.78200 OK 0 B URL HTTP/2 tsyndicate.com/iframes2/b41eb41d40c04dfdad857c6fe8c82575.html?
IP 148.251.120.78:0
ASN #24940 Hetzner Online GmbH
GET /iframes2/b41eb41d40c04dfdad857c6fe8c82575.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Cookie: ts_uid=fa612214-52ca-4458-b0b5-47aaaa219851; bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PY2AiDRkcZDvso
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 21:00:25 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 3a270b44c8c014a4
set-cookie: ts_uid=fa612214-52ca-4458-b0b5-47aaaa219851; expires=Sun, 16 Apr 2023 21:00:25 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PY2AiDRkcZDvso; expires=Mon, 17 Oct 2022 21:00:25 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1FPUY/9ccb4.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1FPUY/9ccb4.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1FPUY/9ccb4.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:29 GMT
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-3847"
expires: Sun, 13 Nov 2022 10:18:54 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211287
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96ad938b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1FPUY/extra/listing.css
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1FPUY/extra/listing.css
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1FPUY/extra/listing.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: text/css
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-121bd"
expires: Sun, 13 Nov 2022 10:18:55 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528b9b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1FPUY/d5c61.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1FPUY/d5c61.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1FPUY/d5c61.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:29 GMT
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-4251"
expires: Sun, 13 Nov 2022 10:18:56 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211287
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96c3b79b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/svg/bc/model_of_hour/female_2.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/images/svg/bc/model_of_hour/female_2.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /images/svg/bc/model_of_hour/female_2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Dec 2019 03:04:32 GMT
etag: W/"5e096940-3744"
expires: Wed, 19 Oct 2022 13:47:19 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2358777
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a80eb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap
IP 142.250.74.10:0
GET /css?family=Roboto:100,300,400,500,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 16 Oct 2022 21:00:20 GMT
date: Sun, 16 Oct 2022 21:00:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1FPUY/ft.css
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1FPUY/ft.css
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1FPUY/ft.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: text/css
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-3a14"
expires: Sun, 13 Nov 2022 10:18:55 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b964a802b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1FPUY/lt.css
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1FPUY/lt.css
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1FPUY/lt.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: text/css
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-19f69"
expires: Sun, 13 Nov 2022 10:18:55 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528b7b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1FPUY/extra/listing_catrows.css
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1FPUY/extra/listing_catrows.css
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1FPUY/extra/listing_catrows.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: text/css
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-1454"
expires: Sun, 13 Nov 2022 10:18:55 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b96528a8b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
no.bongacams.com/images/sprite/bc/chat9.svg
195.85.23.95200 OK 0 B URL HTTP/2 no.bongacams.com/images/sprite/bc/chat9.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
GET /images/sprite/bc/chat9.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=a25vd2MwZjg5YmZlYTNiY2VlZjAzZjhjYjc5ZjkyMTg0ZmNjOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=1F5mA7BXHOHrRn.MWXjEIsihR9zr2UqfFoz0Jbq.Uww-1665954026-0-AY+UUvtXyj7wmi8UITgilkGdp4DiSJipmrWLcHcWqmwTzsprJ40M2rsKvOV1uozNRGNdT/QjBcIeW4SfUxKfvMM=; bonga20120608=7cc51d4cd7ef077d475acbfc2cf2764d; BONGAH_HIT=c0f89bfea3bceef03f8cb79f92184fcc%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-10-17%2000%3A00%3A27; sg=339; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/svg+xml
last-modified: Wed, 04 May 2022 09:27:49 GMT
etag: W/"62724715-9a48"
expires: Tue, 15 Nov 2022 21:00:28 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 925052
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3b9666d5bb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/sprite/bc/listing_atlas8.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/images/sprite/bc/listing_atlas8.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /images/sprite/bc/listing_atlas8.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.bcicdn.com/css-min/1FPUY/extra/listing.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 12:30:04 GMT
etag: W/"620a4b4c-a703"
expires: Wed, 19 Oct 2022 13:47:20 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2358784
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b966db4fb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1FPUY/4fdan.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1FPUY/4fdan.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1FPUY/4fdan.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 21:00:28 GMT
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:18:24 GMT
etag: W/"63493770-34ca"
expires: Sun, 13 Nov 2022 10:18:55 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 211286
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75b3b968bdbcb503-OSL
content-encoding: br
X-Firefox-Spdy: h2