urlquery - report: xfantazy.com/video/5cf1ab8c6c89ed59483db333

Overview

URL	xfantazy.com/video/5cf1ab8c6c89ed59483db333
IP	104.26.0.188
ASN	CLOUDFLARENET
Location	United States
Report completed	2022-07-02 19:57:15 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-07-02	2	a.bestcontentfood.top/warp/4787912?r=69542	Phishing
2022-07-02	2	a.bestcontentfood.top/warp/4787914?r=44276	Phishing
2022-07-02	2	a.bestcontentfood.top/warp/4788752?r=19901	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Added / Verified	Severity	Host	Comment
2022-07-02	2	temporarilyruinconsistent.com	Sinkholed
2022-07-02	2	temporarilyruinconsistent.com	Sinkholed
2022-07-02	2	temporarilyruinconsistent.com	Sinkholed
2022-07-02	2	captivatepestilentstormy.com	Sinkholed
2022-07-02	2	addresseepaper.com	Sinkholed
2022-07-02	2	temporarilyruinconsistent.com	Sinkholed
2022-07-02	2	temporarilyruinconsistent.com	Sinkholed
2022-07-02	2	unseenreport.com	Sinkholed

Files

URL	unseenreport.com/pxf.gif?uuid=7f94f9e2-63a5-44d7-9aef-add9109509a2&eb=f2971 (...)
IP	192.243.61.225
Magic	gzip compressed data, max compression\012- data
Size	661
MD5	69f7e5b7a94453990de2b42acd66a683
SHA1	4cc9cf9339dcd1eb21c6c0aab0d0ff51eb12ca25
SHA256	24f2c695e4c4fa7733cac8313595a14625e61af698084e2c58602fa2d00d84bf

Analyzer	Analysed	Verdict	Comment
VirusTotal		0/0

Passive DNS (58)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-07-02 15:26:32 UTC	34.120.237.76
[Mnemonic Passive DNS]	a.adtng.com (1)	15165	2019-01-09 16:12:47 UTC	2021-11-08 18:48:48 UTC	66.254.114.171
[Mnemonic Passive DNS]	pt.wmptctl.com (2)	0	No data	No data	93.93.51.191	Unknown ranking
[Mnemonic Passive DNS]	www.google-analytics.com (1)	40	2017-01-30 05:00:06 UTC	2022-07-02 05:37:32 UTC	142.250.74.174
[Mnemonic Passive DNS]	addresseetransportationsyndrome.com (1)	499417	No data	No data	192.243.61.225
[Mnemonic Passive DNS]	pxl.tsyndicate.com (1)	14763	No data	No data	136.243.46.131
[Mnemonic Passive DNS]	chatw-1.stream.highwebmedia.com (1)	212434	No data	No data	104.19.242.83
[Mnemonic Passive DNS]	api-protected.protoawegw.com (1)	52858	No data	No data	93.93.51.225
[Mnemonic Passive DNS]	xfantazy.com (12)	167260	No data	No data	104.26.1.188
[Mnemonic Passive DNS]	fonts.googleapis.com (1)	8877	2017-01-30 04:59:43 UTC	2019-10-16 05:12:41 UTC	142.250.74.10
[Mnemonic Passive DNS]	temporarilyruinconsistent.com (5)	0	No data	No data	192.243.61.227	Unknown ranking
[Mnemonic Passive DNS]	e1.o.lencr.org (3)	6159	2021-08-20 07:36:30 UTC	2022-07-02 09:43:56 UTC	23.36.76.226
[Mnemonic Passive DNS]	pt-static3.ptlwmstc.com (1)	234386	No data	No data	93.93.51.200
[Mnemonic Passive DNS]	r3.o.lencr.org (15)	344	2020-12-02 08:52:13 UTC	2022-07-02 05:03:49 UTC	23.36.77.32
[Mnemonic Passive DNS]	ocsp.sectigo.com (4)	487	2018-12-17 11:31:55 UTC	2022-07-02 17:19:29 UTC	172.64.155.188
[Mnemonic Passive DNS]	captivatepestilentstormy.com (1)	0	No data	No data	192.243.59.13	Unknown ranking
[Mnemonic Passive DNS]	js-agent.newrelic.com (1)	378	2017-01-30 05:00:15 UTC	2022-07-02 05:25:24 UTC	151.101.86.137
[Mnemonic Passive DNS]	bam.nr-data.net (4)	630	2022-05-18 16:30:58 UTC	2022-07-02 05:16:01 UTC	162.247.241.14
[Mnemonic Passive DNS]	realtime.pa.highwebmedia.com (9)	24791	2021-01-21 22:18:59 UTC	2022-07-02 14:28:10 UTC	54.230.111.129
[Mnemonic Passive DNS]	galleryn2.awemdia.com (1)	51712	No data	No data	93.93.51.190
[Mnemonic Passive DNS]	ocsp.sca1b.amazontrust.com (1)	1015	No data	No data	54.230.245.110
[Mnemonic Passive DNS]	awecre.com (1)	417208	No data	No data	93.93.51.191
[Mnemonic Passive DNS]	ocsp.pki.goog (9)	175	2017-06-14 07:23:31 UTC	2022-07-02 05:05:05 UTC	142.250.74.3
[Mnemonic Passive DNS]	rtbbnr.com (1)	22279	2022-03-29 10:14:49 UTC	2022-06-30 00:34:11 UTC	159.69.163.6
[Mnemonic Passive DNS]	ocsp.globalsign.com (2)	2075	2012-05-25 06:20:55 UTC	2022-07-02 05:50:08 UTC	104.18.21.226
[Mnemonic Passive DNS]	pt-static1.ptlwmstc.com (1)	154690	No data	No data	93.93.51.200
[Mnemonic Passive DNS]	hw-cdn2.ang-content.com (1)	165651	2019-03-25 22:41:04 UTC	2022-07-02 13:30:29 UTC	205.185.208.20
[Mnemonic Passive DNS]	static-assets.highwebmedia.com (4)	16059	No data	No data	104.16.93.42
[Mnemonic Passive DNS]	m1.nsimg.net (1)	15908	2013-05-10 03:24:09 UTC	2021-01-08 23:35:28 UTC	207.178.0.91
[Mnemonic Passive DNS]	realtime.pa.highwebmedia.com (9)	24791	2021-01-21 22:18:59 UTC	2022-07-02 14:28:10 UTC	54.230.111.8
[Mnemonic Passive DNS]	as.sexad.net (3)	86240	No data	No data	216.127.52.241
[Mnemonic Passive DNS]	m.sancdn.net (4)	89507	2012-09-29 23:09:57 UTC	2022-07-02 18:27:17 UTC	69.16.175.42
[Mnemonic Passive DNS]	cbjpeg.stream.highwebmedia.com (15)	23619	2017-04-28 19:22:25 UTC	2019-04-04 16:04:10 UTC	131.153.88.92
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.7
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	static-cache.k2s.cc (12)	182663	No data	No data	188.72.235.185
[Mnemonic Passive DNS]	mc.yandex.ru (8)	2672	2017-01-29 05:34:36 UTC	2022-07-02 13:23:48 UTC	93.158.134.119
[Mnemonic Passive DNS]	chaturbate.com (1)	6807	2012-10-03 13:53:21 UTC	2022-06-21 21:06:18 UTC	104.18.101.40
[Mnemonic Passive DNS]	xfantazy.com (12)	167260	No data	No data	172.67.69.220
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-07-02 05:33:42 UTC	54.230.111.7
[Mnemonic Passive DNS]	in16.zog.link (1)	76485	No data	No data	62.122.173.146
[Mnemonic Passive DNS]	code.jquery.com (1)	634	2012-05-21 17:28:02 UTC	2022-07-02 06:00:42 UTC	69.16.175.42
[Mnemonic Passive DNS]	cdn.jsdelivr.net (1)	439	2012-09-30 00:15:09 UTC	2022-07-02 05:04:04 UTC	151.101.85.229
[Mnemonic Passive DNS]	stats.g.doubleclick.net (1)	96	2017-01-30 04:59:59 UTC	2022-07-02 04:57:07 UTC	173.194.222.157
[Mnemonic Passive DNS]	addresseepaper.com (1)	18169	No data	No data	104.21.235.2
[Mnemonic Passive DNS]	cdn.tsyndicate.com (1)	16265	2020-06-24 08:05:11 UTC	2022-07-02 18:12:31 UTC	8.254.252.214
[Mnemonic Passive DNS]	rtbrennab.com (1)	0	No data	No data	159.69.163.6	Unknown ranking
[Mnemonic Passive DNS]	ocsp.digicert.com (2)	86	2012-11-29 12:49:49 UTC	2022-07-02 12:46:10 UTC	93.184.220.29
[Mnemonic Passive DNS]	fonts.gstatic.com (2)	0	2017-01-30 04:59:51 UTC	2022-07-02 04:57:04 UTC	142.250.74.163	Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS]	a.bestcontentfood.top (3)	54526	No data	No data	172.67.200.139
[Mnemonic Passive DNS]	roomimg.stream.highwebmedia.com (1)	23037	No data	No data	104.19.241.83
[Mnemonic Passive DNS]	a.focusde.info (4)	499386	2022-01-15 21:28:39 UTC	2022-07-01 18:17:29 UTC	135.181.208.216
[Mnemonic Passive DNS]	cdn.tubecorp.com (1)	89278	2020-03-02 13:43:37 UTC	2022-07-02 19:39:55 UTC	45.133.44.24
[Mnemonic Passive DNS]	galleryn11.awemdia.com (5)	0	No data	No data	93.93.51.190	Domain (awemdia.com) ranked at: 26880
[Mnemonic Passive DNS]	www.googletagmanager.com (1)	75	2017-01-30 05:00:47 UTC	2022-07-02 04:59:18 UTC	142.250.74.72
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-07-02 06:56:22 UTC	54.191.251.76
[Mnemonic Passive DNS]	unseenreport.com (1)	0	No data	No data	192.243.61.225	Unknown ranking
[Mnemonic Passive DNS]	pt-static2.ptlwmstc.com (2)	188311	No data	No data	93.93.51.200

Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 104.26.0.188

Date	UQ / IDS / BL	URL	IP
2022-08-07 05:26:28 +0000	0 - 0 - 7	xfantazy.com/video/60ceeb19fc8074710cd8d346	104.26.0.188
2022-07-21 02:48:29 +0000	0 - 0 - 15	xfantazy.com/video/62c1006a13dbbc05e42f0fe4?a (...)	104.26.0.188
2022-07-18 07:56:58 +0000	0 - 0 - 11	xfantazy.com/video/6077ed9571522c56cc49527e	104.26.0.188
2022-06-30 21:45:10 +0000	0 - 0 - 13	xfantazy.com/video/61a9022f44a9b903f78ac06c	104.26.0.188
2022-06-30 10:48:51 +0000	0 - 0 - 12	xfantazy.com/video/5faf3f85933a6a4a0dd17289	104.26.0.188
2022-06-09 18:40:53 +0000	0 - 0 - 11	https://xfantazy.com/search/dom%20karin	104.26.0.188

Last 10 reports on ASN: CLOUDFLARENET

Date	UQ / IDS / BL	URL	IP
2022-08-09 11:15:52 +0000	0 - 0 - 2	https://uylab.org/assets/bin.exe	172.67.223.74
2022-08-09 11:11:35 +0000	0 - 0 - 9	ezl.app/c/BOT/ch/login.php	104.21.11.251
2022-08-09 11:09:32 +0000	0 - 0 - 3	demonware.online/AuDemon1/dashboard/programs/ (...)	172.67.222.253
2022-08-09 11:08:42 +0000	0 - 0 - 4	postmailer.onedrive0001.workers.dev/	104.21.3.84
2022-08-09 11:07:50 +0000	0 - 0 - 1	https://www.mediafire.com/file/ksfd0w3im5lqiq (...)	104.18.182.224
2022-08-09 11:06:21 +0000	0 - 0 - 0	hhtps://posta-rs.id62845.site/71093649597	172.67.182.2
2022-08-09 11:05:06 +0000	0 - 0 - 1	placebonusextra.com/gb/tar/sur3box-650/15	104.26.14.156
2022-08-09 11:04:30 +0000	0 - 0 - 2	shopbacgau.com/	104.21.80.142
2022-08-09 11:04:27 +0000	0 - 0 - 2	dichvumomo.online/	104.21.76.139
2022-08-09 11:03:57 +0000	0 - 0 - 0	posta-rs.id62845.site	104.21.59.173

Last 10 reports on domain: xfantazy.com

Date	UQ / IDS / BL	URL	IP
2022-08-07 05:26:28 +0000	0 - 0 - 7	xfantazy.com/video/60ceeb19fc8074710cd8d346	104.26.0.188
2022-08-04 22:26:39 +0000	0 - 0 - 12	xfantazy.com/video/5d2d437e096092717ce5de4d	104.26.1.188
2022-08-02 14:47:40 +0000	0 - 0 - 12	xfantazy.com/video/6241e9cd5dffd01d05ad683f	104.26.1.188
2022-07-21 02:48:29 +0000	0 - 0 - 15	xfantazy.com/video/62c1006a13dbbc05e42f0fe4?a (...)	104.26.0.188
2022-07-18 07:56:58 +0000	0 - 0 - 11	xfantazy.com/video/6077ed9571522c56cc49527e	104.26.0.188
2022-07-11 03:39:28 +0000	0 - 0 - 2	xfantazy.com/video/604d8d64c9215d189dd38dc9	104.26.1.188
2022-07-03 19:42:38 +0000	0 - 0 - 1	xfantazy.com/video/5f8a67a0b10ac0696f76bef4	172.67.69.220
2022-07-03 14:58:28 +0000	0 - 0 - 2	xfantazy.com/video/5fd7f7e0bd2f3b4a261325ef	104.26.1.188
2022-06-30 21:45:10 +0000	0 - 0 - 13	xfantazy.com/video/61a9022f44a9b903f78ac06c	104.26.0.188
2022-06-30 10:48:51 +0000	0 - 0 - 12	xfantazy.com/video/5faf3f85933a6a4a0dd17289	104.26.0.188

JavaScript

Executed Scripts (148)

Executed Evals (2)

#1 JavaScript::Eval (size: 125, repeated: 1) - SHA256: 920d80e57685294073e6844ab22908618709844b22774b5e6c29e260c3a62799

                                        (function() {
    try {
        return document.getElementsByTagName("video")["fluid-videoplayer"] ? "ready" : "null"
    } catch (a) {
        return "null"
    }
})();

#2 JavaScript::Eval (size: 84, repeated: 1) - SHA256: 44379bf89e3d499c6e5084c2762e92070d823eb0c3b4f20d8fa9adbafe954ba9

                                        (function() {
    var b = 23;
    return function(a) {
        a.set("dimension" + b, a.get("clientId"))
    }
})();

Executed Writes (7)

#1 JavaScript::Write (size: 466, repeated: 1) - SHA256: 7e39e1ccad5d1f4baf21a097c72621648e45cb2a83029705e97c51036a870350

                                        < center > < div style = "width:900px;height:250px;" >
    < script id = "adn-4788749"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4788749?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div></center >

#2 JavaScript::Write (size: 1039, repeated: 1) - SHA256: a558378b92f39bd20c76164ce0e0a28358832054cf34c4ddeb7ab8e9a4103a4f

                                        < div id = "ts_ad_native_ljm8b" > < /div> < script src = "//cdn.tsyndicate.com/sdk/v1/master.spot.js" > < /script> < script >
    TsMasterSpot({
        "containerId": "ts_ad_native_ljm8b",
        "spot": "gtpedNcWKkqbcJr5gX4hNBaeGvryR5tY",
        "nativeSettings": {
            "cols": 5,
            "rows": 1,
            "titlePosition": "none",
            "adsByPosition": "none",
            "type": "label-under",
            "styles": {
                "container": {
                    "width": "100%"
                },
                "thumb": {
                    "border-radius": "4px"
                },
                "label": {
                    "height": "80px",
                    "background": "rgba(255,255,255,0.65)"
                },
                "headlineLink": {
                    "padding-top": "5px",
                    "font-size": "12px",
                    "font-weight": "bold",
                    "min-height": "45px"
                },
                "brandnameLink": {
                    "color": "#444"
                }
            }
        }
    }); < /script>

#3 JavaScript::Write (size: 466, repeated: 1) - SHA256: e53c2ba3b0fa3fffef0679dc24186bdff26171c74a7bc47075a33a4e481f366a

                                        < center > < div style = "width:900px;height:250px;" >
    < script id = "adn-4788752"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4788752?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div></center >

#4 JavaScript::Write (size: 6251, repeated: 1) - SHA256: 129ad810fa98a02fab444a076275255d4418c535bb9c0068890295eb7665774c

                                        < !DOCTYPE html > < html > < head > < meta charset = "UTF-8" > < meta http - equiv = "X-UA-Compatible"
content = "ie=edge" > < meta name = "viewport"
content = "width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0" > < style type = "text/css" > * , body, html {
    margin: 0;padding: 0;border: none;
}
body, html {
    width: 100 % ;height: 100 % ;
}
iframe[seamless] {
    background - color: transparent;
    border: 0 px none transparent;
    padding: 0 px;
    overflow: hidden;
    margin: 0;
} < /style></head > < body > < script src = "//lcdn.tsyndicate.com/sdk/v1/b.b.js" > < /script><script type="text/javascript
">function openLink(e) {this.elmHref = e.href, this.elm = e, this.init()}openLink.prototype = {init: function() {var e = this;this.addEvent("
click ", this.elm, function(t) {var n = t || window.event;n.preventDefault ? n.preventDefault() : n.returnValue = !1, window.open(e.elmHref + e.getPositionCursor(n), "
_blank ")})},getPositionCursor: function(e) {var t = document.documentElement,n = e.pageX || e.clientX + (t.scrollLeft ? t.scrollLeft : document.body.scrollLeft),o = e.pageY || e.clientY + (t.scrollTop ? t.scrollTop : document.body.scrollTop);return " & x = " + n + " & y = " + o},addEvent: function(e, t, n) {if (t.addEventListener) t.addEventListener(e, n, !1);else if (t.attachEvent) return t.attachEvent("
on " + e, n)}};var t = new Date();var d = new PrivacyModeDetector();var count = 0;var processed = 0;var delta;function l(turl, r, cid, s, p, w, cl) {if (!r && window['BackUpCampaignBanner']) {BackUpCampaignBanner();return;}delta = new Date() - t;setTimeout(insertPixel, 1000);d.report(insertPixel);function insertPixel(priv) {if (processed >= count) return false;var qPixel = document.createElement("
script ");var pm = priv === undefined ? '' : '&priv=' + priv;qPixel.src = turl + (turl.match(/&$/) ? '' : '&') + 'r=' + r + '&d=' + delta + pm + (turl.match(/&w=/) ? '' : '&w=' + (w ? 't' : 'f'));document.body.appendChild(qPixel);processed++;}if (cl) { new trackIFrameClick({id:'ts_t_'+cid, params:['s='+s,'p='+p,'t=' + (w ? 't' : 'f')]}); }};</script>




< script type = "text/javascript" > function u6e4575db(r) {
    l('//pxl.tsyndicate.com/api/v1/p/p.js?p=e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFImyUoVHjRg0yYlqQmZFDRgsaYmDcaGHyBpkWNsaYsXEQRw4yNcrEEPEwTJ0xGTuGMTOGRgwYLWqEkQGTRpmaLWPcOEnjxgwZNmKUuQGjhsmeEMnYWWgjhw0ZD-HUEUNRRg4YFSHCgbMQxw0aMx7OgTNRxwwcMALjwPGwDV-_NGDYqFEj68MxberqoCHjaw6HYs0slFFYhBg3bjgHjoGjsWE3GBlilQFDbZvUZWscfViHp46BdOjAmaPjxYswLgzSSe1izJs2L86UofMCaVwYMmjg-EEnTZsyPRqapJGje2eqNrjUgRHdRhg6Y3pUvlxjfPmsYeCI6TEkTRQZWqhEieFEj5U1skgjhjWa0GONPJigQoo0miBCoieoSGIGLYaILgsZMNTiiCpoeOIK_vQrIoo51MgiixpAPEMGJsR4IwgqhmDiDCHeoMEOGo6QI4gqghBiCiaSEOKKIJDQIokxhoDjizqqEIMIJpBIIiw42qDooTeqvFIEMpDLKDgz3hijjjkOciENN8IMawz0Ftpihhi6UEuOoHSAwYXy5MqSzoXuzPMhMTazE0-55LBjsoZqqyONjAoCbIwZyigjptlyQEmMMmpoAQcxbjBDqRm-iggHR2uwIaw0JhMhhxhcgMuFylxoiIaw5Pgi1YxYdfXOWGcNq44wMmriDT3SYIONMF6oAU8QUMAihhh2AIEJNOvAAwQ8cLDhCxtokNZQHc7CMwUQjihjjDXeeKG155CKAQQj0pCjjDDxeEFcGNasUwQnngjrDVvH2LffsNjYtwgnwjrIji_mZYMij27AYQYbAnNNBDnOEE0Hy-56aOEvxJDDLs9AbuMNMkbT6mM53lhILxHeUIjjOd_AI4-FaHhoXkFz262338AUk0wz0QzzhbDuyCiGzvJ9CI2lo6N1L0MzapkO9ABuoQ430qCjBRlaJUMGhfc96Iuxw6LDSoYYs-EGVnGQzqI2yG7bVLhLk64GpHwio-Ey-PqizbvfjntuEcpgOAw2EKJj5jdpkBMiMfzikt6f2JhILYP7hEw1GPpQICA%3D&s=ed2593026346d7b6b267951055ac49e1b8803a2085467a9ea1310d70e45945a41656791824&w=t', r, '6e4575db', 'ed2593026346d7b6b267951055ac49e1b8803a2085467a9ea1310d70e45945a41656791824', 'e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFImyUoVHjRg0yYlqQmZFDRgsaYmDcaGHyBpkWNsaYsXEQRw4yNcrEEPEwTJ0xGTuGMTOGRgwYLWqEkQGTRpmaLWPcOEnjxgwZNmKUuQGjhsmeEMnYWWgjhw0ZD-HUEUNRRg4YFSHCgbMQxw0aMx7OgTNRxwwcMALjwPGwDV-_NGDYqFEj68MxberqoCHjaw6HYs0slFFYhBg3bjgHjoGjsWE3GBlilQFDbZvUZWscfViHp46BdOjAmaPjxYswLgzSSe1izJs2L86UofMCaVwYMmjg-EEnTZsyPRqapJGje2eqNrjUgRHdRhg6Y3pUvlxjfPmsYeCI6TEkTRQZWqhEieFEj5U1skgjhjWa0GONPJigQoo0miBCoieoSGIGLYaILgsZMNTiiCpoeOIK_vQrIoo51MgiixpAPEMGJsR4IwgqhmDiDCHeoMEOGo6QI4gqghBiCiaSEOKKIJDQIokxhoDjizqqEIMIJpBIIiw42qDooTeqvFIEMpDLKDgz3hijjjkOciENN8IMawz0Ftpihhi6UEuOoHSAwYXy5MqSzoXuzPMhMTazE0-55LBjsoZqqyONjAoCbIwZyigjptlyQEmMMmpoAQcxbjBDqRm-iggHR2uwIaw0JhMhhxhcgMuFylxoiIaw5Pgi1YxYdfXOWGcNq44wMmriDT3SYIONMF6oAU8QUMAihhh2AIEJNOvAAwQ8cLDhCxtokNZQHc7CMwUQjihjjDXeeKG155CKAQQj0pCjjDDxeEFcGNasUwQnngjrDVvH2LffsNjYtwgnwjrIji_mZYMij27AYQYbAnNNBDnOEE0Hy-56aOEvxJDDLs9AbuMNMkbT6mM53lhILxHeUIjjOd_AI4-FaHhoXkFz262338AUk0wz0QzzhbDuyCiGzvJ9CI2lo6N1L0MzapkO9ABuoQ430qCjBRlaJUMGhfc96Iuxw6LDSoYYs-EGVnGQzqI2yG7bVLhLk64GpHwio-Ey-PqizbvfjntuEcpgOAw2EKJj5jdpkBMiMfzikt6f2JhILYP7hEw1GPpQICA=', true, true)
};
count++; < /script><noscript><img src="/ / pxl.tsyndicate.com / api / v1 / p / p.js ? p = e0SgKROGTBk5c0ToiFGDhYgwY - gsjPGQzpmFImyUoVHjRg0yYlqQmZFDRgsaYmDcaGHyBpkWNsaYsXEQRw4yNcrEEPEwTJ0xGTuGMTOGRgwYLWqEkQGTRpmaLWPcOEnjxgwZNmKUuQGjhsmeEMnYWWgjhw0ZD - HUEUNRRg4YFSHCgbMQxw0aMx7OgTNRxwwcMALjwPGwDV - _NGDYqFEj68MxberqoCHjaw6HYs0slFFYhBg3bjgHjoGjsWE3GBlilQFDbZvUZWscfViHp46BdOjAmaPjxYswLgzSSe1izJs2L86UofMCaVwYMmjg - EEnTZsyPRqapJGje2eqNrjUgRHdRhg6Y3pUvlxjfPmsYeCI6TEkTRQZWqhEieFEj5U1skgjhjWa0GONPJigQoo0miBCoieoSGIGLYaILgsZMNTiiCpoeOIK_vQrIoo51MgiixpAPEMGJsR4IwgqhmDiDCHeoMEOGo6QI4gqghBiCiaSEOKKIJDQIokxhoDjizqqEIMIJpBIIiw42qDooTeqvFIEMpDLKDgz3hijjjkOciENN8IMawz0Ftpihhi6UEuOoHSAwYXy5MqSzoXuzPMhMTazE0 - 55 LBjsoZqqyONjAoCbIwZyigjptlyQEmMMmpoAQcxbjBDqRm - iggHR2uwIaw0JhMhhxhcgMuFylxoiIaw5Pgi1YxYdfXOWGcNq44wMmriDT3SYIONMF6oAU8QUMAihhh2AIEJNOvAAwQ8cLDhCxtokNZQHc7CMwUQjihjjDXeeKG155CKAQQj0pCjjDDxeEFcGNasUwQnngjrDVvH2LffsNjYtwgnwjrIji_mZYMij27AYQYbAnNNBDnOEE0Hy - 56 aOEvxJDDLs9AbuMNMkbT6mM53lhILxHeUIjjOd_AI4 - FaHhoXkFz262338AUk0wz0QzzhbDuyCiGzvJ9CI2lo6N1L0MzapkO9ABuoQ430qCjBRlaJUMGhfc96Iuxw6LDSoYYs - EGVnGQzqI2yG7bVLhLk64GpHwio - Ey - PqizbvfjntuEcpgOAw2EKJj5jdpkBMiMfzikt6f2JhILYP7hEw1GPpQICA % 3 D & r = 1 & s = ed2593026346d7b6b267951055ac49e1b8803a2085467a9ea1310d70e45945a41656791824 & w = t "></noscript> < div style = "width:100%;height:100%;border:none"
id = "ts_t_6e4575db" > < iframe src = "//a.adtng.com/get/10010248?time=1592494928726&atc=425995&apb=CiQ2ZTQ1NzVkYi1kMzkyLTRiMDctOTI3ZC02Y2Y2ZGU4OWQ1ZTEQsjYY5WQg2LboATCLgBo4v4GrAUABSLIBWAHZIcCp_uUbDLHI"
style = "width:100%;height:100%;;border:none"
scrolling = "no"
allowtransparency = "true"
allowfullscreen = "true"
frameborder = "0"
marginheight = "0"
marginwidth = "0"
vspace = "0"
hspace = "0"
onload = "u6e4575db(1)"
onerror = "u6e4575db(0)"
seamless > < /iframe></div >


    < /body></html >

#5 JavaScript::Write (size: 449, repeated: 1) - SHA256: 6b753a82c2b4c4c9bd8b83e6d79c44c37b36478ed443a43a338af303929d6bbf

                                        < div style = "width:300px;height:250px;" >
    < script id = "adn-4787914"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4787914?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div>

#6 JavaScript::Write (size: 449, repeated: 1) - SHA256: 9524621c7f4d8fac4161095ac512d69df866d67f58ad26324b41dbc39d245af9

                                        < div style = "width:300px;height:250px;" >
    < script id = "adn-4787912"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4787912?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div>

#7 JavaScript::Write (size: 207, repeated: 1) - SHA256: dbf7fa7be94610544db6f36bd7690b6f2cf8d1bcaf76d799f988531caa892851

                                        < iframe width = "300"
height = "250"
src = "//cdn.tubecorp.com/i/b.html?spot=4692&src=562949385&pid=19775&width=300&height=250&spaceid=859"
scrolling = "no"
frameborder = "0"
marginheight = "0"
marginwidth = "0" > < /iframe>

HTTP Transactions (169)

Request	Response
GET /video/5cf1ab8c6c89ed59483db333 HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	172.67.69.220 HTTP/1.1 302 Found Date: Sat, 02 Jul 2022 19:56:59 GMT Content-Length: 0 Connection: keep-alive location: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333 cache-control: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aie7BBa%2BD6IImEyzAvDqBegjQZ3Dd4wwlBIITpyL9EIVEULE1cULKJ46QuNLdxlsu9MppUIDSP2n9Fo3ZA6wPnYQ8TN%2F6e2mGuLq%2FFtbDEoyM%2FfeeJsJUkiHDOpkpQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7249f2aa08c5b4f4-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sat, 02 Jul 2022 19:51:06 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: kUhoMMoIpFq3Cy6mec-lDU1jTJ7qvhJVC2rx4vzJD72iVW0CbZoicg== Age: 353 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8E263E6763753F5659AC0FC2D11DAF8ECE9720988153C38CB40631AF26C86575" Last-Modified: Fri, 01 Jul 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3956 Expires: Sat, 02 Jul 2022 21:02:56 GMT Date: Sat, 02 Jul 2022 19:57:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a7e37e80f3a67a41ff567648c1f2d285 Sha1: 7ce66e5153f2d4a7b14ccba49fd1a4b70ae274f5 Sha256: 8e263e6763753f5659ac0fc2d11daf8ece9720988153c38cb40631af26c86575
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29$ 54.230.111.7 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Tue, 21 Jun 2022 12:10:22 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sat, 02 Jul 2022 03:26:42 GMT etag: "581454acdd98f34fd3fbabd0977ade29" x-cache: Hit from cloudfront via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: TK3EaQXV7Y_czVvZCmpYSNNZlTTCb_6ov1SMjcKvqczVvTuHxbbihA== age: 59419 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29 Sha1: d8d86c0b513137aeb85de01cea7b272c35eb6ab4 Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Sat, 02 Jul 2022 19:57:00 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /_next/static/chunks/9.be198c87e436634bf765.js HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333 Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	104.26.1.188 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:00 GMT content-type: application/javascript; charset=UTF-8 vary: Origin, Accept-Encoding cache-control: public, max-age=31536000, immutable last-modified: Mon, 06 Jun 2022 14:51:13 GMT etag: W/"9c95-181397f9e55" cf-cache-status: HIT age: 2232579 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ep6xFqYUWP9BfUZm%2Fn5uPyB%2Bm59bhmdbjdzkeV1Lg3Bm7Zd9gHwM9MqQIPxmb1kHLXeyUlbWGlYXzMttdu4JIBba6wBVvjqgFmbaq46RkOAm%2FawVDe3ZX2chIJvw0w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7249f2b06a91b512-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (40085), with no line terminators Size: 11315 Md5: 5f8b8be7679a0d7c02a1488426868d7e Sha1: f698d3a54c69ba4f0d6ea34b3926cd2ccbb7304e Sha256: 164b256feaa20513c074ef28e9d5cd1a3c8c195a715a5167a8a1957a0923aace
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ccd471e21879c0bb72591571b7f9bf74 Sha1: d1ad3815366ca978acbf63d0f9deffecacd7bb3c Sha256: 0ae629c4bebc8d4c13e9cf0aa267b66f0870b39f2ace308dc7197fb425d1922d
GET /cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1656777600 HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333 Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	104.26.1.188 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:00 GMT content-type: application/javascript; charset=UTF-8 cache-control: max-age=14400, public x-control-type-options: nosniff expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BcERLYQpvOmsq5sRR%2BMKEB98A5EweicqIB%2FeM2XwV4phQ%2B6Qd2IpcS9TgXRdjk0zcQ%2By%2FYajDpcwL857fw9S%2FlZANkXCGu9uZsKytaEBwZ5jn24DZHAPtXwmwUkmA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7249f2b07aa7b512-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (43654), with no line terminators Size: 15706 Md5: 9b5b26f4fcaa31faa04da870efac9bd7 Sha1: 60570e975406302526db2ae3af8bb8027daa9c77 Sha256: 321e31e8e3e22750a7e3e0f805b2d03aabbafb22da0af5421a5ecec236126298
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:01 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Fri, 01 Jul 2022 06:36:56 GMT Expires: Fri, 08 Jul 2022 06:36:56 GMT ETag: A822F5F0A6F91311B96116998B7D21B95164E8B5 Cache-Control: max-age=469794,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp9 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7249f2b0f829b505-OSL --- Additional Info --- Magic: data Size: 472 Md5: 240dc341ba8388dcf8e0fea2180b997a Sha1: a822f5f0a6f91311b96116998b7d21b95164e8b5 Sha256: da506b8a0cd60265ec323f3c38cbe826ec4f8a8abc40ad61dc1f03f00ddc779a
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:01 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Fri, 01 Jul 2022 06:36:56 GMT Expires: Fri, 08 Jul 2022 06:36:56 GMT ETag: A822F5F0A6F91311B96116998B7D21B95164E8B5 Cache-Control: max-age=469794,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp5 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7249f2b0f8fe0b65-OSL --- Additional Info --- Magic: data Size: 472 Md5: 240dc341ba8388dcf8e0fea2180b997a Sha1: a822f5f0a6f91311b96116998b7d21b95164e8b5 Sha256: da506b8a0cd60265ec323f3c38cbe826ec4f8a8abc40ad61dc1f03f00ddc779a
GET /static/logo-tv-light.svg HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333 Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1395) Size: 1771 Md5: c7ff0143fa8cbad72a6e9e9fa991972f$ 104.26.1.188 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:00 GMT content-type: image/svg+xml vary: Origin, Accept-Encoding cache-control: public, max-age=14400 last-modified: Tue, 28 Jun 2022 11:04:24 GMT etag: W/"101b-181a9fbdc75" cf-cache-status: EXPIRED expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RanDnhWTXzpvyMfSC6O7VjlVMno%2FRXrkHgwP8L8cNwq%2F4sJ4x0nJkWUhDYetORMRLoSrIdhc%2BaMZOZ8cu5ZVpKNhAZFCCHrtuOjfW6lLxlhzvpvjUYbR3DCqhhnjyA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7249f2b07aaab512-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1395) Size: 1771 Md5: c7ff0143fa8cbad72a6e9e9fa991972f Sha1: ab9823042d2fc6106e4d77907869bac8cb28a177 Sha256: ad1121c23b9d9ba151c7e42a24e41c35008f235f97a3825da96b6ce4ddec7c73
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: d4cccef690ee88943e343cc677fe2055 Sha1: a9169eaa539adb71d008ca47b3edd4efee6e0d26 Sha256: 860eb5ae9e48b81ced6f178df682f99b8c44de30431fe53b04aa7dc2d7e1b209
GET /thumbnail/J-ibvnD1m6zqq2iQ_g/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 12291 Md5: 44dda25ede482ff89be22ef60e59d5f8$ 188.72.235.185 HTTP/2 200 OK server: openresty date: Sat, 02 Jul 2022 19:57:01 GMT content-type: image/jpeg content-length: 12291 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 12291 Md5: 44dda25ede482ff89be22ef60e59d5f8 Sha1: 0d18faffada7eeef728ce387282d29b432b41fd0 Sha256: fbd04c2536abfd09b0a4cabbd309207cf919a3ffeafd3fb9a4e4a6cea43907b3
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2725 Cache-Control: 'max-age=158059' Date: Sat, 02 Jul 2022 19:57:01 GMT Last-Modified: Sat, 02 Jul 2022 19:11:36 GMT Server: ECS (ska/F6FE) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 1bbeee0af8ba2baaa7ba2cfd41d985fe Sha1: b8ebc12a31a06bb371e40a11190af4a51efa169d Sha256: 12f4813aabd9a8839077cfa09cf1115f357f7772d4544ecad4be03f1d13fee1c
GET /thumbnail/IO7AtH_0n63o-D3B-Q/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 12028 Md5: a177496d4fc05a3945a0388c467a42e3$ 188.72.235.185 HTTP/2 200 OK server: openresty date: Sat, 02 Jul 2022 19:57:01 GMT content-type: image/jpeg content-length: 12028 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 12028 Md5: a177496d4fc05a3945a0388c467a42e3 Sha1: 0585ae7565cedb41c60970e3a3b942f7ff6b983c Sha256: c411265cacd5375c9e168c25a982e958a96e0261e8d4b86e097101673fc2137c
GET /gtm.js?id=GTM-PLKQLTX HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.72 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sat, 02 Jul 2022 19:57:01 GMT expires: Sat, 02 Jul 2022 19:57:01 GMT cache-control: private, max-age=900 last-modified: Sat, 02 Jul 2022 18:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 49700 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (15971) Size: 49700 Md5: 3dbc4767fbb1bf1e302b48faa7ae3547 Sha1: 51050b4fbc1dc5b395a78feb88888630228939a4 Sha256: a22629f9bbc84b42b1e9085e0f161e71f7ab9fcf704de600ff480ee54c4e1b4f
GET /thumbnail/J--WviL1m6vl8TrB-w/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 6048 Md5: 7bcb92e6ed1cfe2f099f1c0f57f6eb9f$ 188.72.235.185 HTTP/2 200 OK server: openresty date: Sat, 02 Jul 2022 19:57:01 GMT content-type: image/jpeg content-length: 6048 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 6048 Md5: 7bcb92e6ed1cfe2f099f1c0f57f6eb9f Sha1: 306c1ccaa98caf98667a1fac0d079a6414ad3649 Sha256: d51bd4d14ab9272722e3073acba035534177d0b89d51d74f323c9eadbd9e1b77
GET /thumbnail/IeTBunL3nvq9rjqRrQ/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 16992 Md5: 0ed4a15d01d6f1137580e846ef609b9e$ 188.72.235.185 HTTP/2 200 OK server: openresty date: Sat, 02 Jul 2022 19:57:01 GMT content-type: image/jpeg content-length: 16992 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 16992 Md5: 0ed4a15d01d6f1137580e846ef609b9e Sha1: 5d54b3e3e1119b2cd90026569b1afcff0cdf41b8 Sha256: 0d7a2e9324ba143af7ebae2b3c9ffc9d42e322b306b45f117a22fd82762423e4
GET /thumbnail/3909ea9fc017e/main/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 40x33, segment length 16, comment: "Lavc57.107.100", baseline, precision 8, 720x480, components 3\012- data Size: 17883 Md5: b3da3461b5d080865b0c3654d1d92b30$ 188.72.235.185 HTTP/2 200 OK server: openresty date: Sat, 02 Jul 2022 19:57:01 GMT content-type: image/jpeg content-length: 17883 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 40x33, segment length 16, comment: "Lavc57.107.100", baseline, precision 8, 720x480, components 3\012- data Size: 17883 Md5: b3da3461b5d080865b0c3654d1d92b30 Sha1: 5f3b59f9d2aed7815f84960ac057b40ec7c184d2 Sha256: 68b73bcbb7e9a620ae6be6bcc81edd6835b5a671f827fed7956593a5dff1fcc2
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: fa4b6dcf56e1df3d3181a137fa697342 Sha1: a60a48d90b37205a1e1ffa54a68bc0855a4a472b Sha256: 3c209d136273d868395bfbfb2999f34c58fd0846f559d209ae5f6f35aaa18ee1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: fa4b6dcf56e1df3d3181a137fa697342 Sha1: a60a48d90b37205a1e1ffa54a68bc0855a4a472b Sha256: 3c209d136273d868395bfbfb2999f34c58fd0846f559d209ae5f6f35aaa18ee1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: fa4b6dcf56e1df3d3181a137fa697342 Sha1: a60a48d90b37205a1e1ffa54a68bc0855a4a472b Sha256: 3c209d136273d868395bfbfb2999f34c58fd0846f559d209ae5f6f35aaa18ee1
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Sat, 02 Jul 2022 19:38:50 GMT Cache-Control: max-age=3600 Expires: Sat, 02 Jul 2022 19:46:45 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: ro4hsffZQZYMD6vaFLZ761M34eglFXfx794Oq_036FifIpshSjuTAQ== Age: 1093 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://xfantazy.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size: 15744 Md5: 15d9f621c3bd1599f0169dcf0bd5e63e$ 142.250.74.163 HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 29 Jun 2022 19:34:08 GMT expires: Thu, 29 Jun 2023 19:34:08 GMT cache-control: public, max-age=31536000 age: 260573 last-modified: Wed, 11 May 2022 19:24:48 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size: 15744 Md5: 15d9f621c3bd1599f0169dcf0bd5e63e Sha1: 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://xfantazy.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Size: 15860 Md5: e9f5aaf547f165386cd313b995dddd8e$ 142.250.74.163 HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15860 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 29 Jun 2022 19:34:08 GMT expires: Thu, 29 Jun 2023 19:34:08 GMT cache-control: public, max-age=31536000 age: 260573 last-modified: Wed, 11 May 2022 19:24:42 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Size: 15860 Md5: e9f5aaf547f165386cd313b995dddd8e Sha1: acdef5603c2387b0e5bffd744b679a24a8bc1968 Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /_next/static/chunks/commons.c6be2f5ddce0c474c306.js HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333 Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	104.26.1.188 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:00 GMT content-type: application/javascript; charset=UTF-8 vary: Origin, Accept-Encoding cache-control: public, max-age=31536000, immutable last-modified: Fri, 11 Jun 2021 14:18:38 GMT etag: W/"152f30-179fb706939" cf-cache-status: HIT age: 23248888 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAUEKRzYW6m1TBeBf382hXamcnDg7ULCs5WdxpSE6x05SfUdGV6mRdRbXmxrLkVyTv1sz6bZoJrTvYiVpP9DqgRDvKon19z6fP2f%2Fm3h%2FekWGqNS0LZR%2BUHEXLTPmA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7249f2b06a8cb512-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 415824 Md5: 4cdd4a80072f075d24c86d5e3f0886f4 Sha1: e0cacf2c9034f162ba1b290d539e97ee61ea5f51 Sha256: 332e500ddc0890fcce451938165422a7bb8c19fd5771fa291bdbcc04af42a0b7
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: d4cccef690ee88943e343cc677fe2055 Sha1: a9169eaa539adb71d008ca47b3edd4efee6e0d26 Sha256: 860eb5ae9e48b81ced6f178df682f99b8c44de30431fe53b04aa7dc2d7e1b209
GET /static/xf-small.png HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333 Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 1153 Md5: 73788af337ff4a5e7c8d8ea19dba155f$ 104.26.1.188 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:01 GMT content-type: image/png content-length: 1153 vary: Origin, Accept-Encoding cache-control: public, max-age=14400 last-modified: Tue, 28 Jun 2022 11:04:25 GMT etag: W/"481-181a9fbe16c" cf-cache-status: HIT age: 559 accept-ranges: bytes expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Swy%2FB8lZpiYifs1GdoEmt7tXF0VU63W6k73Ton%2FIv8Hz9Wp7k6BVxzu8OIS0gCPjA0IyLgr1gki8LnhNfnmXMRSwrEiQSi36kfUpx6LzGQP%2Bbl1gHfegPLNgEkqTUw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7249f2b2de65b512-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 1153 Md5: 73788af337ff4a5e7c8d8ea19dba155f Sha1: e0bd72878475603f40ebd05077c626816ed3285c Sha256: be4a320fd44fdaaced2a2056ff7a4c0765a6ed0996c9b4c94a0cb2458967e8df
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: fa4b6dcf56e1df3d3181a137fa697342 Sha1: a60a48d90b37205a1e1ffa54a68bc0855a4a472b Sha256: 3c209d136273d868395bfbfb2999f34c58fd0846f559d209ae5f6f35aaa18ee1
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: XAgg5cREBjOgGJYTdI2FNA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	54.191.251.76 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: RvgJMMs2vw0/6wuieKoltvVTCxU= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.174 HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20006 date: Sat, 02 Jul 2022 18:41:12 GMT expires: Sat, 02 Jul 2022 20:41:12 GMT cache-control: public, max-age=7200 age: 4549 last-modified: Wed, 13 Apr 2022 21:02:38 GMT content-type: text/javascript alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1325) Size: 20006 Md5: 56f5d7f608e25d64207135f045f988cb Sha1: 901eb59372ae330ae85e1384da93479b21ae1082 Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	151.101.85.229 HTTP/2 200 OK alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * cache-control: public, max-age=604800, s-maxage=43200 cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload content-type: application/javascript; charset=utf-8 x-jsd-version: 1.236.0 x-jsd-version-type: version etag: W/"33399-sRq4vuUrHDiwktfyAT2Spsy5N90" content-encoding: gzip accept-ranges: bytes date: Sat, 02 Jul 2022 19:57:01 GMT age: 38856 x-served-by: cache-fra19135-FRA, cache-bma1678-BMA x-cache: HIT, HIT vary: Accept-Encoding content-length: 82808 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 (with BOM) text, with very long lines (724) Size: 82808 Md5: 62b15f388db12424df7edbe4e644ff8b Sha1: c0b3c0c7de15648e3f257341b61fe0a8599b1218 Sha256: e5649a8f48bb65b57442543270fed0606825529b196758428cf0c812cafed01f
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:01 GMT Transfer-Encoding: chunked Connection: keep-alive Etag: "E774F3A3317C3547371453DCB7892563F8B3B02D" Expires: Sun, 03 Jul 2022 07:00:00 GMT Last-Modified: Sat, 02 Jul 2022 19:00:00 UTC Cache-Control: s-maxage=3600, public, no-transform, must-revalidate CF-Cache-Status: HIT Age: 948 Vary: Accept-Encoding Server: cloudflare CF-RAY: 7249f2b4fcbdb515-OSL --- Additional Info --- Magic: data Size: 1462 Md5: d9bb997a6244ea04e44e43dbbd360060 Sha1: f405eb608aeea8d963797ded1fdbcaed45fd1230 Sha256: 7b899ef93a6e26143998b1300a00a3cef1cc6eeef192ed4de056afb5a2c59720
GET /_next/static/chunks/70.aeba4e9e28ccf1bae13a.js HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333 Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	104.26.1.188 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:01 GMT content-type: application/javascript; charset=UTF-8 vary: Origin, Accept-Encoding cache-control: public, max-age=31536000, immutable last-modified: Mon, 06 Jun 2022 14:51:13 GMT etag: W/"56d-181397f9e5d" cf-cache-status: HIT age: 2238084 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osep%2FYm3Jcw2B8tejwI6RNwvN5Y714rmXlZoMWP3HOtcmg964k%2Bm5tUJQF2UGOfG6Nm7ti6OiPh%2B0uSRJz30wt9h5Z7pyEnekqQsvEDiJN89LRJkadZtTZGhWwL4Ug%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7249f2b5aa8db512-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1389), with no line terminators Size: 805 Md5: be30d94d7cf869f40fcbc95643655ca5 Sha1: a8a77fd5b1ed8ce33781a4e44d760064ab030ded Sha256: 34e7865137d7296801630cf66bac4b4483f30b654e20440723b8106aa4a3d963
GET /_next/static/chunks/242.e6062ff562716b6e41db.js HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333 Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	104.26.1.188 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:01 GMT content-type: application/javascript; charset=UTF-8 vary: Origin, Accept-Encoding cache-control: public, max-age=31536000, immutable last-modified: Tue, 28 Jun 2022 10:55:52 GMT etag: W/"26cdb-181a9f40d06" cf-cache-status: HIT age: 377951 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2svsg7ZCV3yxyPWiE3gUzsHKFnngderAFoXk%2B9jAGN%2FnX2kmt3xT7n3gRho4Qnn7hB%2Bc1TEV4HSyEG%2F7GORC5PQVY27bZlNI7e78lIV%2B%2BgtoM%2F0hFynksKhkuuWcA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7249f2b488dcb512-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 39787 Md5: f7e1920ea2520bf2d3cf42a10c8d9c6f Sha1: 36e9c105675093f19cf2ae48f9b079d8218955e4 Sha256: d723c579ba750b10e670e92c8b445df777d3070ad63dc4794d75834763b8255b
GET /zRdVuw7.js HTTP/1.1 Host: a.focusde.info User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	135.181.208.216 HTTP/2 200 OK server: nginx date: Sat, 02 Jul 2022 19:57:01 GMT content-type: application/javascript content-length: 34264 expires: Wed, 28 Jun 2023 08:40:33 GMT content-encoding: gzip last-modified: Tue, 28 Jun 2022 08:37:29 GMT etag: "62babdc9-85d8" cache-control: max-age=315360000, public x-hw: 1656405633.dop247.am5.t,1656405633.cds267.am5.c access-control-allow-origin: * x-frame-options: DENY x-content-type-options: nosniff accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (37787), with NEL line terminators Size: 34264 Md5: c0fe384e164bcc9aae1964d808f58dad Sha1: 64ae2e550abe5692ffc77fb27cf2ffd0cbf60054 Sha256: 9275f19e1f24be590ea1ba781228903abbe2521063c325f37e56ef30ca6b662a
GET /css?family=Roboto:100,300,400,500,700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 02 Jul 2022 19:57:00 GMT date: Sat, 02 Jul 2022 19:57:00 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 16771 Md5: 8451759934b71b7cd0405916e4f16804 Sha1: 6931900187e3f806fb680d619b0b8a53c76c8924 Sha256: cb0f72b80676b1c2f98aba6e101f62e5c2e66b9e13aa215eea57d58560395e7a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638" Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3996 Expires: Sat, 02 Jul 2022 21:03:37 GMT Date: Sat, 02 Jul 2022 19:57:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 58ddda9bd3e53e01306c6a03b89b13c9 Sha1: 617798858ee1e2abf3267917c977cd743294db2e Sha256: ed6c6f73611fb56dfa41fd028e23f0bc0470d319e51b212b8078c2c0df8f4638
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638" Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3996 Expires: Sat, 02 Jul 2022 21:03:37 GMT Date: Sat, 02 Jul 2022 19:57:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 58ddda9bd3e53e01306c6a03b89b13c9 Sha1: 617798858ee1e2abf3267917c977cd743294db2e Sha256: ed6c6f73611fb56dfa41fd028e23f0bc0470d319e51b212b8078c2c0df8f4638
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb68b83e0-72c7-49aa-9626-3d36db21293e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11496 Md5: 524069fd1931d39f6c9f106be7c29e3c$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 11496 x-amzn-requestid: 7254cb45-1ef0-478c-9910-beca727c109f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Um1yaEYPoAMFa-Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bf69a8-53e04a3858a351eb5debddac;Sampled=0 x-amzn-remapped-date: Fri, 01 Jul 2022 21:39:52 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: sAkLQP7KAyNYnfEcZBBCmke_nFOGLjkMq0-jrVvfD4h_xx1GU-pxWA== via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google date: Fri, 01 Jul 2022 21:53:11 GMT etag: "c69cccbe6d0394d4b40bc350462da9bf00064e61" content-type: image/jpeg age: 79430 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11496 Md5: 524069fd1931d39f6c9f106be7c29e3c Sha1: c69cccbe6d0394d4b40bc350462da9bf00064e61 Sha256: ba7d5c6f33a49f80db9eec2634fcfc3fd5261bdf4932bce7bc70b54c02d6cc66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb89745-bbbb-4235-9425-852f10044585.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11746 Md5: 1b628b3028c285be25c17f5665f4b727$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 11746 x-amzn-requestid: 9c689086-f3c0-4043-9905-c9580c6c3f51 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uhif8EcIIAMF2_A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bd4acc-3417fb3956f99fcd714f562b;Sampled=0 x-amzn-remapped-date: Thu, 30 Jun 2022 07:03:40 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: 9XejFfM4ZuBWhhC_Zr3-8hLl9GYl7FXlG9eqbZkzJpFNWKY2BlBA9w== via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google date: Sat, 02 Jul 2022 17:01:02 GMT age: 10559 etag: "20333be7fca4c09773321bec15ac65c18391fae0" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11746 Md5: 1b628b3028c285be25c17f5665f4b727 Sha1: 20333be7fca4c09773321bec15ac65c18391fae0 Sha256: 56d7c15b78a6fd9e5b16c6e59981ba3d68839a6ad840f06ce2910b18495a38cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F780d0ba1-2e10-4515-b170-383b7d7649ba.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4427 Md5: e81705e423a9840f81e570fc0dbe405c$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 4427 x-amzn-requestid: 239b2a1a-bac3-49ed-8a18-b8fa19115154 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Um1xQEQVIAMFjqg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bf69a1-410d3b8551ebda0e1167e8a5;Sampled=0 x-amzn-remapped-date: Fri, 01 Jul 2022 21:39:45 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: fj-SUquJcnZ8NHJRYev4g8Mq8q1oWx6YLvjCsfTzU5f4UyVl8vblDg== via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google date: Fri, 01 Jul 2022 21:53:14 GMT etag: "efd1eb8f098ce9fdecedb4ded72e78ba33f3a4f3" content-type: image/jpeg age: 79427 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4427 Md5: e81705e423a9840f81e570fc0dbe405c Sha1: efd1eb8f098ce9fdecedb4ded72e78ba33f3a4f3 Sha256: 78c7221278bea7e4bfb60c9fd8de53f07291bb1add9fc7ca52c099d498fcbd46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fcc5842-a443-4bb1-a689-f28c01b745d7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9710 Md5: c52a3f896f5495cefda3553d6eeda635$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9710 x-amzn-requestid: 6aec1475-75ca-46b7-aed0-ff0a0ebc11d9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UNxbeG-CoAMF3iA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b562af-55a10f216adb43b52f8a926d;Sampled=0 x-amzn-remapped-date: Fri, 24 Jun 2022 07:07:27 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: 3DexaDCDH3f8Bf6gQcBnjpgdATUsbeuUCk0dIkAvckLOUdU2PttNjA== via: 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google date: Sat, 02 Jul 2022 09:17:19 GMT age: 38382 etag: "6d4224b6145195d964e816cb631f0603e868633c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9710 Md5: c52a3f896f5495cefda3553d6eeda635 Sha1: 6d4224b6145195d964e816cb631f0603e868633c Sha256: 5c18fcf31c02d9e722855dac322475509a01b2da03e2ba4023ddad43b5bb3ce6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a74ab52-209f-4db5-bd0c-5f4fadfdc735.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7559 Md5: 40880e1bfb70d52a4846ee333ae24400$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7559 x-amzn-requestid: 5e3a9cd2-8985-4a49-b176-21869c376938 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Um2A0GHbIAMF1Ng= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bf6a05-4a70ce59722056da703138bb;Sampled=0 x-amzn-remapped-date: Fri, 01 Jul 2022 21:41:25 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 1I4i3sdHSWk_4gCjvtt66dLRpNhKVjcd6LHsnkKGwPIqcIDFMXAU8w== via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google date: Fri, 01 Jul 2022 21:53:09 GMT age: 79432 etag: "9ed09b2c26ccf29c1cde3c81d744aa304a442592" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7559 Md5: 40880e1bfb70d52a4846ee333ae24400 Sha1: 9ed09b2c26ccf29c1cde3c81d744aa304a442592 Sha256: 21c0b8e9a32aadd4d79b877567df30b60b3b2f5a49e707ce5a5efd4ba8b57012
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5571171d-93e2-4135-8225-3bfc53bc48ac.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6736 Md5: 0ace558e62edc260cee8891548c0621d$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6736 x-amzn-requestid: 9e808fb4-bd09-40e9-91af-080ccdc93ee9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Um2BSE0ToAMFfag= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bf6a08-2a5ed3cb6402d1907c9656a8;Sampled=0 x-amzn-remapped-date: Fri, 01 Jul 2022 21:41:28 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: 9G-IIpCuXnf8fmMCzXnyB2Ciy2aUKE8G315HEV9w6GpGT1S1v9ZdOQ== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google date: Fri, 01 Jul 2022 21:46:36 GMT etag: "a63b88bf7ec527ec4774676532c865a161533e4a" content-type: image/jpeg age: 79825 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6736 Md5: 0ace558e62edc260cee8891548c0621d Sha1: a63b88bf7ec527ec4774676532c865a161533e4a Sha256: 1fb21b28c0480725834b801307a5fff6b62d1a9c2495b901217fff6f5617059f
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 5e1ad6e1788c45bf3797507802afd870 Sha1: 43488e9b79dad96fd6c1faab32b307d528e22824 Sha256: 647892cf5809d16d9088f7f2388374ea65845ac46aa46940212bfee45908d7b9
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121614197-2&cid=1386473709.1656791823&jid=678929049&gjid=946870171&_gid=1934889473.1656791823&_u=YGBAiEABBAAAAE~&z=828441992 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	173.194.222.157 HTTP/2 200 OK access-control-allow-origin: https://xfantazy.com strict-transport-security: max-age=10886400; includeSubDomains; preload date: Sat, 02 Jul 2022 19:57:02 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 1 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: very short file (no magic) Size: 1 Md5: c4ca4238a0b923820dcc509a6f75849b Sha1: 356a192b7913b04c54574d18c28d46e6395428ab Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8C969BA75B03E453D0BC06CF11933910F9B935F75019F31C1E7FBB014189D1F0" Last-Modified: Fri, 01 Jul 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4087 Expires: Sat, 02 Jul 2022 21:05:09 GMT Date: Sat, 02 Jul 2022 19:57:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 221d0d70391dd9251c5c8757c53ac1c3 Sha1: 2666d429d922fc950f7f1c9cf0c11598dc7d611b Sha256: 8c969ba75b03e453d0bc06cf11933910f9b935f75019f31c1e7fbb014189d1f0
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: a772e45b9bf4122c73d03590d1e0b3eb Sha1: 9b01e2b9aea22a99572b012f9e24f23a4f4835b3 Sha256: 26673bc5b4d9099199e405337e4b30f9cb156720e50781f70f606e6f5e0f452c
POST /gseccovsslca2018 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:02 GMT Content-Length: 940 Connection: keep-alive Expires: Wed, 06 Jul 2022 18:43:38 GMT ETag: "405a05f782276cdc6037be77ce0e2ac2ba4c186f" Last-Modified: Sat, 02 Jul 2022 18:43:38 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 923 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7249f2b96adfb515-OSL --- Additional Info --- Magic: data Size: 940 Md5: 3c663d34be03984b80e335997b1deb83 Sha1: 405a05f782276cdc6037be77ce0e2ac2ba4c186f Sha256: 680b006a8c75968ace242f79bbf710117aa431396ca4b6b8c737cab992009e8a
GET /a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js HTTP/1.1 Host: addresseetransportationsyndrome.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	192.243.61.225 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.22.0 Date: Sat, 02 Jul 2022 19:57:02 GMT Transfer-Encoding: chunked Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: 4c33ad05e5a8ce9252343d790932304b Strict-Transport-Security: max-age=0; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (33883), with no line terminators Size: 11445 Md5: 60dcf2882b25a4b28d7e9d3be9aa76b4 Sha1: e5aa3dd7b67bbb0784146cadb5d62246c2a2fac6 Sha256: 8912ce443e68a6a7311d2d16c4d130a6725d4296582d57356b544453d6986a34
GET /watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afp%3A1406%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791823%3Ac%3A1%3Arn%3A313187411%3Arqn%3A1%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1656791820893%3Ads%3A3%2C27%2C486%2C50%2C349%2C0%2C%2C319%2C3%2C%2C%2C%2C1412%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791823%3At%3AENFD-5383%20Fumina%20Suzuki%20%E9%88%B4%E6%9C%A8%E3%81%B5%E3%81%BF%E5%A5%88%20%E2%80%93%20%E3%83%95%E3%83%9F%E3%83%8A%E3%83%83%E3%83%97%E3%83%AB!%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (330), with no line terminators Size: 330 Md5: f6bb29d333410f534f2f4461d0c4bac0$ 93.158.134.119 HTTP/2 302 Found location: /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afp%3A1406%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791823%3Ac%3A1%3Arn%3A313187411%3Arqn%3A1%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1656791820893%3Ads%3A3%2C27%2C486%2C50%2C349%2C0%2C%2C319%2C3%2C%2C%2C%2C1412%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791823%3At%3AENFD-5383%20Fumina%20Suzuki%20%E9%88%B4%E6%9C%A8%E3%81%B5%E3%81%BF%E5%A5%88%20%E2%80%93%20%E3%83%95%E3%83%9F%E3%83%8A%E3%83%83%E3%83%97%E3%83%AB%21%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 date: Sat, 02 Jul 2022 19:57:02 GMT access-control-allow-origin: https://xfantazy.com set-cookie: yandexuid=8114766201656791822; Expires=Sun, 02-Jul-2023 19:57:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=8114766201656791822; Expires=Sun, 02-Jul-2023 19:57:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=2682277021656791822; Path=/; SameSite=None; Secure i=4eF+jPOs7KH82hcj/jmSc1i3XHqdR4+lnfeEiuy5KPl4bbR7HMCRdY4rblDLUXa20upG6A1MwFG74/Dg64Um87J+6tQ=; Expires=Tue, 29-Jun-2032 19:56:58 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1688327822.yrts.1656791822#1688327822.yrtsi.1656791822; Expires=Sun, 02-Jul-2023 19:57:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Sat, 02-Jul-2022 19:57:02 GMT last-modified: Sat, 02-Jul-2022 19:57:02 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (330), with no line terminators Size: 330 Md5: f6bb29d333410f534f2f4461d0c4bac0 Sha1: 3f3aca62dc93857ba0efa34a5587a1fc0cc149c9 Sha256: e0e69d0d8b4dd3d30258b885ddb5885b1ead70abc9ee475a51b0ae144de7d81d
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	54.230.245.110 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=152507 Date: Sat, 02 Jul 2022 19:57:02 GMT Etag: "62c03adc-1d7" Expires: Mon, 04 Jul 2022 14:18:49 GMT Last-Modified: Sat, 02 Jul 2022 12:32:28 GMT Server: ECS (bsa/EB20) X-Cache: Miss from cloudfront Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: k2-FvA0qSQ09wMDoemX9nAqN817NsOZYx3Gj5w3ORtVQ_DcncB3oOQ== Age: 6381 --- Additional Info --- Magic: data Size: 471 Md5: 666390cbd865665b7b358367489d30d9 Sha1: b9df8ee2c62711b17d4c182026fd66ff9d971df8 Sha256: eb19708b08dc215a4319a7b2891c3aa0fc9d0aafcd388f4426f9d4156f7e4588
GET /_next/static/P4CILzN-YIbf22IDP00As/pages/top.js HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333 Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=1push-1push%2Cpop-pop; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiI3ODc0OGQzZDRiY2M1IiwiaWF0IjoxNjU2NzkxODIxLCJleHAiOjE2NTczOTY2MjF9.KZhVSKYA2ZnqzaSrI8Ehw94-5BC36m5XD9J4qja9mjE; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiNzU3M2MzNzNjMjg5ZiIsImlhdCI6MTY1Njc5MTgyMSwiZXhwIjoxNjU5MzgzODIxfQ.scN5GkhHCkECl7O857slnRtgLUWoDWG1UHGMZpcIhzI Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	104.26.1.188 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:01 GMT content-type: application/javascript; charset=UTF-8 vary: Origin, Accept-Encoding cache-control: public, max-age=31536000, immutable last-modified: Tue, 28 Jun 2022 11:07:37 GMT etag: W/"582-181a9fed083" cf-cache-status: HIT age: 377110 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C98r%2FFjI5ldq%2B52vYfrvVv7ug5pa05O%2BZ9ImYQGPTbdMZC1XyRHI%2Brgr25ANYPZ5o1COApVv%2Fy1kixgry1%2F1EI4dVA4lxMmHMydoabfNrE3KFi6zqq39AT5zRBn%2Fhw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7249f2b73c9cb512-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1410), with no line terminators Size: 720 Md5: 3490156b4e38f6bb175b335610d4b0fc Sha1: 576233081013f5ecdaa22e2e8394e8e1cbc6169a Sha256: 0f76069ae002e5112d3ff19a760040231799484cf797eb1ce1ab99d54d9190dc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "3DC02E31291A3B544306448518741D1B6A0F6DCE3552BF88CEAC37455B65D3F1" Last-Modified: Fri, 01 Jul 2022 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9285 Expires: Sat, 02 Jul 2022 22:31:47 GMT Date: Sat, 02 Jul 2022 19:57:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c40fe82d30e9e403404f56bf74a2376d Sha1: 121847d87a529eb657dda726baeb77fb9f6776f6 Sha256: 3dc02e31291a3b544306448518741d1b6a0f6dce3552bf88ceac37455b65d3f1
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791824%3Ac%3A1%3Arn%3A323431127%3Arqn%3A3%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656791820893%3Anp%3ATGludXggeDg2XzY0%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791824&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2) HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 52 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41$ 93.158.134.119 HTTP/2 200 OK content-length: 43 date: Sat, 02 Jul 2022 19:57:02 GMT access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Sat, 02-Jul-2022 19:57:02 GMT last-modified: Sat, 02-Jul-2022 19:57:02 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 content-type: image/gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791824%3Ac%3A1%3Arn%3A530437399%3Arqn%3A2%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656791820893%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791824&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2) HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 45 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41$ 93.158.134.119 HTTP/2 200 OK content-length: 43 date: Sat, 02 Jul 2022 19:57:02 GMT access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Sat, 02-Jul-2022 19:57:02 GMT last-modified: Sat, 02-Jul-2022 19:57:02 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 content-type: image/gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791824%3Ac%3A1%3Arn%3A470216175%3Arqn%3A5%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656791820893%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791824&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2) HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 98 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41$ 93.158.134.119 HTTP/2 200 OK content-length: 43 date: Sat, 02 Jul 2022 19:57:02 GMT access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Sat, 02-Jul-2022 19:57:02 GMT last-modified: Sat, 02-Jul-2022 19:57:02 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 content-type: image/gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791824%3Ac%3A1%3Arn%3A173107525%3Arqn%3A6%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656791820893%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791824&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2) HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 99 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41$ 93.158.134.119 HTTP/2 200 OK content-length: 43 date: Sat, 02 Jul 2022 19:57:02 GMT access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Sat, 02-Jul-2022 19:57:02 GMT last-modified: Sat, 02-Jul-2022 19:57:02 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 content-type: image/gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791824%3Ac%3A1%3Arn%3A140093291%3Arqn%3A4%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656791820893%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791824&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2) HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 108 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41$ 93.158.134.119 HTTP/2 200 OK content-length: 43 date: Sat, 02 Jul 2022 19:57:02 GMT access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Sat, 02-Jul-2022 19:57:02 GMT last-modified: Sat, 02-Jul-2022 19:57:02 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 content-type: image/gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791824%3Ac%3A1%3Arn%3A372526282%3Arqn%3A7%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656791820893%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791824&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2) HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 98 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41$ 93.158.134.119 HTTP/2 200 OK content-length: 43 date: Sat, 02 Jul 2022 19:57:02 GMT access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Sat, 02-Jul-2022 19:57:02 GMT last-modified: Sat, 02-Jul-2022 19:57:02 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 content-type: image/gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41$ 93.158.134.119 HTTP/2 200 OK content-length: 43 date: Sat, 02 Jul 2022 19:57:03 GMT access-control-allow-origin: * etag: "62b5603e-2b" expires: Sat, 02 Jul 2022 20:57:03 GMT accept-ranges: bytes last-modified: Fri, 24 Jun 2022 09:57:02 GMT cache-control: max-age=3600 content-type: image/gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js HTTP/1.1 Host: temporarilyruinconsistent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	192.243.61.227 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.22.0 Date: Sat, 02 Jul 2022 19:57:02 GMT Transfer-Encoding: chunked Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: 5396c5bd177d864f945abcdb9b2c42b8 Strict-Transport-Security: max-age=0; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 28682 Md5: ed86bf7bd4a58c464f62634c6ceb7843 Sha1: a902ab0c763bdde155dfb342da28f5b811f186f7 Sha256: 6c776e4c122b3e1b9abb878ed34b9ecc144688bd368561cde7832a64d7443691 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "48C615D9E3F9FD0F2ED6C7AFE2C576B4EC1449438021722CCE2A15441ABC07AE" Last-Modified: Thu, 30 Jun 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8906 Expires: Sat, 02 Jul 2022 22:25:29 GMT Date: Sat, 02 Jul 2022 19:57:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 90b2c6150a6390d62e3246c962007efa Sha1: 00aa66df58d528e76f6388ef666e51829ba05b1a Sha256: 48c615d9e3f9fd0f2ed6c7afe2c576b4ec1449438021722cce2a15441abc07ae
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "48C615D9E3F9FD0F2ED6C7AFE2C576B4EC1449438021722CCE2A15441ABC07AE" Last-Modified: Thu, 30 Jun 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8906 Expires: Sat, 02 Jul 2022 22:25:29 GMT Date: Sat, 02 Jul 2022 19:57:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 90b2c6150a6390d62e3246c962007efa Sha1: 00aa66df58d528e76f6388ef666e51829ba05b1a Sha256: 48c615d9e3f9fd0f2ed6c7afe2c576b4ec1449438021722cce2a15441abc07ae
GET /sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2&uuid=7f94f9e2-63a5-44d7-9aef-add9109509a2%3A2%3A1 HTTP/1.1 Host: temporarilyruinconsistent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (6202), with no line terminators Size: 4304 Md5: 2d369e974684cf877530f2d85cdf3360$ 192.243.61.227 HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Server: nginx/1.22.0 Date: Sat, 02 Jul 2022 19:57:03 GMT Transfer-Encoding: chunked Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Custom-Referer: https://xfantazy.com Access-Control-Allow-Origin: https://xfantazy.com Access-Control-Allow-Credentials: true Set-Cookie: u_pl=15600826; expires=Sun, 03 Jul 2022 19:57:03 GMT; secure; SameSite=None uid_id2=7f94f9e2-63a5-44d7-9aef-add9109509a2:2:1; expires=Sat, 09 Jul 2022 19:57:03 GMT; secure; SameSite=None pdhtkv=true; expires=Sun, 03 Jul 2022 19:57:03 GMT; secure; SameSite=None uncs=1; expires=Sun, 03 Jul 2022 19:57:03 GMT; secure; SameSite=None pdhtkv29=true; expires=Sun, 03 Jul 2022 19:57:03 GMT; secure; SameSite=None uncs29=1; expires=Sun, 03 Jul 2022 19:57:03 GMT; secure; SameSite=None sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]; expires=Sat, 02 Jul 2022 19:57:08 GMT; secure; SameSite=None Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: 814d44fd218c85ef789b93a5d3803f5b Strict-Transport-Security: max-age=0; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (6202), with no line terminators Size: 4304 Md5: 2d369e974684cf877530f2d85cdf3360 Sha1: 5f8ab9342a4957737c1638e9144d0157a0299a69 Sha256: 3a2d72e6c5df24c30810d394182b5b892ad6adc075c1e884d30bb16c11f55685 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0724BEBBAD32A008FA888677983119B725CFADF9BA30A7FDD1F8D012681DEABF" Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13856 Expires: Sat, 02 Jul 2022 23:47:59 GMT Date: Sat, 02 Jul 2022 19:57:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 84ecbe1ed7067f86d349e131096d2246 Sha1: 1efe24b76ae57b07e5eafc4e78573abe3c364ed7 Sha256: 0724bebbad32a008fa888677983119b725cfadf9ba30a7fdd1f8d012681deabf
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skVRd9NV%2B%2BhSj4KxsJSi9EFEynqrq7KuUgwRijwTgzzIzoTl6996rzzOt6xXtVXZ0GITggs2z%2Fg8rpZIIaRLfChKEzoJBVWjdZmIWLgBs3gkuV7gkTvJt7zz13ce6594ud4oy4KOjpyge6L5WiC626W3v1Y8%2B7WluXadGr9RaDT4Lm1ZrpvhEFdfe12ruCbeoF3%2FVc13O92qo0ItG9hQkJmR1EXj1y602%2F7rWa6Jn%2FYls4sNQB756R5yD5eOahMwvJRkg7360Iu5nr7PV3OoWiuTbo8v0P081Ulyk6l2ViHCTp%2FsU0tD1ZPYRO96ZyobuPB2M5Js6Ph4jT%2FQuRiLu7U52xgkgR8ydRdkcQagRJR2D6DiQ%2FIQDjuHYdaefeNW1KuvWIpRN2TGb%2B%2BhOyHJOZX2eRdr5dVrJXu6VVkUudWvSSCrI3gmyPkBVHyPtXIMsjsPxzSE6QdipIfvpymETNJBL%2BfNCgrflmk4fzERXJPOU88tyo5UbUnxoj5QgyGUGJAai9gsI6KKSDInFQZA46%2FLTGPM8LXc6ouxgx1uChiAPuejRMPOq5wSIKNtE%2BQJ4NwNQAzGwjM9vYlAOY4gHsRgXLHdicoMsrlIKgtAQlJSglQZkTlN1qjyvr2%2BoeV7aIvYvsX%2BRGNdR5e4fu6bwtUrKTnZFnp4b98dQP2BSnNeonUeQmntsMAzfwWOhF3GMepQ3qC8Z9WFlB2iug1kFfjsns3G%2FIJkf87B%2FE9AhWHYHJZ0CLF0HLYei7oBvD5qKLfnrQS2ia0%2F5WnekOuK6Q5TPIt5wddUZemOpozWsIdrx0%2F82TufPz22CmQmYqfCofErTV3eFNXZLdm7q05PvrWS47sk8nR72V01z8%2F%2Bv3xVapDV9bsYOv3mITYlIe3BY2X6cpl2nbkm%2BWJefCrGrDBLm%2FZj8S8Y3CbiwXJi2y9Rtvr651MiOslTodgU5We%2F49MDkmTyyL6b%2FOHZ5DmhFMUaFTHJOLgNRHYNk2bHbZs5rAqEscZw7KohoaP75sKkmgxCWmcQUrjpd%2B8l75vffL34jFY0N27F20zUug%2BZ3pm3ZNha6qQNUAtvjfMM%2FM8dLPjWkgVs4wVsbZjZVRXz4y18rTWthouDSIWl4YUhHGTX8xCTxOqd8M%2FCCgDeR2HD8YPv0vAAAA%2F%2F8BAAD%2F%2F4SuQu96BAAA HTTP/1.1 Host: temporarilyruinconsistent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Cookie: u_pl=15600826; uid_id2=7f94f9e2-63a5-44d7-9aef-add9109509a2:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039] Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	192.243.61.227 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx/1.22.0 Date: Sat, 02 Jul 2022 19:57:03 GMT Content-Length: 7 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: 36de79ed9a6d24cda94089138ddf412b Strict-Transport-Security: max-age=0; includeSubdomains --- Additional Info --- Magic: ASCII text, with no line terminators Size: 7 Md5: 132d6af1b46048b45cf86cdee7991d31 Sha1: eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c Alerts: Blocklists: - quad9: Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3378&rd=3378&fd=561&bv=22.4.v.2&tmpl=136 HTTP/1.1 Host: captivatepestilentstormy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	192.243.59.13 HTTP/1.1 200 OK Server: nginx/1.17.6 Date: Sat, 02 Jul 2022 19:57:03 GMT Content-Length: 0 Connection: keep-alive Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Access-Control-Expose-Headers: Content-Length,Content-Range --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /thumbnail/cOSW6yegzvq5qjXF_Q/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 8745 Md5: 050329119c97f007a0b72ae138b97a83$ 188.72.235.185 HTTP/2 200 OK server: openresty date: Sat, 02 Jul 2022 19:57:03 GMT content-type: image/jpeg content-length: 8745 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 8745 Md5: 050329119c97f007a0b72ae138b97a83 Sha1: 637ed4350e0e8e3cc93ef7a48c2387ef98c26f95 Sha256: c101740f18b9eb433c84430a8fe08b6c94a6600ddcfc8e798f98729446669677
GET /thumbnail/cbmWtHaumf_lrW2R_g/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 10685 Md5: e5bac96d9a82f6cf3d0189d1bba8cd0c$ 188.72.235.185 HTTP/2 200 OK server: openresty date: Sat, 02 Jul 2022 19:57:03 GMT content-type: image/jpeg content-length: 10685 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 10685 Md5: e5bac96d9a82f6cf3d0189d1bba8cd0c Sha1: 61d3d5569fe12443f444252d3120ec97a699a9a4 Sha256: 7f88a71f8e6411f3974c702970d81057ee6830c8d6862ebd84c613d0ee096d40
GET /thumbnail/LO6SunGuzPrl_23FrQ/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 11603 Md5: 375c7cfcb2c1265cb93ab417232d9e0d$ 188.72.235.185 HTTP/2 200 OK server: openresty date: Sat, 02 Jul 2022 19:57:03 GMT content-type: image/jpeg content-length: 11603 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 11603 Md5: 375c7cfcb2c1265cb93ab417232d9e0d Sha1: 81063dd04ed6fe7214247514a1926a8430cb891f Sha256: 23fd1bd75be9124179f70c14896cbe4e39ff82647fc87c46c0222294bf970a7f
GET /thumbnail/Jr6XvHL3z63s_zyT_g/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 17215 Md5: 405786366602345801c885faeaf47f8f$ 188.72.235.185 HTTP/2 200 OK server: openresty date: Sat, 02 Jul 2022 19:57:03 GMT content-type: image/jpeg content-length: 17215 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 17215 Md5: 405786366602345801c885faeaf47f8f Sha1: aa44e4f14f12a9f7aa9801410875d56b66262821 Sha256: ead2f13fdb0d38c66e1e583b07679256d5926b6dc7334b471d8e55c3d738fab9
GET /thumbnail/Ju6WtSOuz_vkqTrDrg/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 12539 Md5: 34ede2d42a7dd04659dd34b64de5966b$ 188.72.235.185 HTTP/2 200 OK server: openresty date: Sat, 02 Jul 2022 19:57:03 GMT content-type: image/jpeg content-length: 12539 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 12539 Md5: 34ede2d42a7dd04659dd34b64de5966b Sha1: 4d615ba14a5235c38d76217dc01b5aaca3861f7d Sha256: 669bfb067c7f772e7bb2d2a138019aa09a3b2a87fccfbf1f45339da5474df82f
POST /cdn-cgi/challenge-platform/h/b/cv/result/7249f2abdc9cb512 HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 12384 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333 Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=1push-1push%2Cpop-pop; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiI3ODc0OGQzZDRiY2M1IiwiaWF0IjoxNjU2NzkxODIxLCJleHAiOjE2NTczOTY2MjF9.KZhVSKYA2ZnqzaSrI8Ehw94-5BC36m5XD9J4qja9mjE; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiNzU3M2MzNzNjMjg5ZiIsImlhdCI6MTY1Njc5MTgyMSwiZXhwIjoxNjU5MzgzODIxfQ.scN5GkhHCkECl7O857slnRtgLUWoDWG1UHGMZpcIhzI; _ga=GA1.2.1386473709.1656791823; _gid=GA1.2.1934889473.1656791823; _dc_gtm_UA-121614197-2=1; _ym_uid=16567918231003172034; _ym_d=1656791823; visitorGetPop=no Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	104.26.1.188 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:02 GMT content-type: text/plain; charset=UTF-8 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" set-cookie: __cf_bm=2ld_iQCBRJbG10ok5LM7VN9x6y8XJgoJ.PtGrE9ZY4I-1656791822-0-ASeLwO5+jip4HXLtSn86AtSRpkkJPAhLOn6l444XQTHAuKfLTUoP7sWnHCxAg/aCImGFpyhx87SqTn6JzKBD7Y3IMKWb7cIHl7enrQheeaDp9WhH+J/hGBRJdlrtJ9DhRA==; path=/; expires=Sat, 02-Jul-22 20:27:02 GMT; domain=.xfantazy.com; HttpOnly; Secure; SameSite=None report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXgk3IBtmC2Ew1B0esN6avdvr2PGfTtDn0TdNMisCAxgPz%2BmtrtGwaCsOfzTTSl3KW4SRXSB3fuOVreA0ZKer5Yzd9fFtMp8LXhdhe2gsJpDTXSx%2FYtFQEQJ439NzQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7249f2bb0a36b512-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 11288 Md5: fdc5c7857efb0b673208a9421b563a71 Sha1: e186f73f36fba37dfcc1e2e7ac68f64236e54da4 Sha256: f092d6b907bafd1a6d99d91ecce892d97b1d38b38d50207146098dc7b2836b8c
GET /thumbnail/IOiTvnLymf-6-jiXrA/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 11285 Md5: 8f631e5660897607241b781260f72d9f$ 188.72.235.185 HTTP/2 200 OK server: openresty date: Sat, 02 Jul 2022 19:57:03 GMT content-type: image/jpeg content-length: 11285 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 11285 Md5: 8f631e5660897607241b781260f72d9f Sha1: 6bdb5f40bed83fb9a20c30db312337d11f9a365c Sha256: 57c79d8e617bdf7d4f97ad1bf4e908d417c7353d5f5da176ed3a8b5b9611475a
GET /thumbnail/IbySvSClwqnrqjzDqQ/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 8693 Md5: e6ad188a5d4a192c80c7f6692cd24ee3$ 188.72.235.185 HTTP/2 200 OK server: openresty date: Sat, 02 Jul 2022 19:57:03 GMT content-type: image/jpeg content-length: 8693 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 8693 Md5: e6ad188a5d4a192c80c7f6692cd24ee3 Sha1: 922d296e1bab7aeeb6a1b283980a9ca929b88665 Sha256: a3cec64f2cda6deacd838c60051a9c5a42283b33c07022fbb83133de01fab64f
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "3B67A75DBFACE14E1940383AC5186AE05DEB1EEE1A5A8D4987F6B7C27F8C771A" Last-Modified: Thu, 30 Jun 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5586 Expires: Sat, 02 Jul 2022 21:30:09 GMT Date: Sat, 02 Jul 2022 19:57:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: 7d3083eff29fd5b8bec1c349d0fe871f Sha1: 90b721044a04a9c8f0ba6f32efc61903c8cacb46 Sha256: 3b67a75dbface14e1940383ac5186ae05deb1eee1a5a8d4987f6b7c27f8c771a
GET /api/spots/380873?host=xfantazy.com&ev=192&wh=1024&ww=1280 HTTP/1.1 Host: a.focusde.info User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Cookie: nauid=EwVhYZ0M1muOB6CFMAyV Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	135.181.208.216 HTTP/2 200 OK server: nginx date: Sat, 02 Jul 2022 19:57:03 GMT content-type: text/javascript; charset=utf-8 vary: Accept-Encoding cache-control: private content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 852 Md5: 638e5941e44c35f34670669a1114bf91 Sha1: eeb8bab2f03822fce55a164fb038549e074ed8fd Sha256: 712809636d95cb1a963270a96fa7d03fbe5fdeae0a36022a64ce889f2e93b031
GET /api/spots/289411?host=xfantazy.com&ev=192&wh=1024&ww=1280 HTTP/1.1 Host: a.focusde.info User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Cookie: nauid=EwVhYZ0M1muOB6CFMAyV Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	135.181.208.216 HTTP/2 200 OK server: nginx date: Sat, 02 Jul 2022 19:57:03 GMT content-type: text/javascript; charset=utf-8 vary: Accept-Encoding cache-control: private content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 854 Md5: 1f7fc71f4f2a198e3ba1de5c33bc28bd Sha1: bb4e08ed8851f4685b1af9a530ab3d0c5674d0d8 Sha256: b73cea6974ee1ad22d80598a3801ebd2de4208585796693bd193456d0339c8b0
GET /sfp.js HTTP/1.1 Host: addresseepaper.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	104.21.235.2 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:03 GMT content-type: application/javascript; charset=utf-8 p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin: * expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: max-age=14400 x-request-id: cf8c1fb6936fd22d447256018fb48b3d strict-transport-security: max-age=0; includeSubdomains cf-cache-status: EXPIRED last-modified: Sat, 02 Jul 2022 19:57:03 GMT expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2Lx5iO48M9TauP0EUZAO%2FuZlZWbvWRgQqxYAZAf6r7SOXDDfYKCZHYHhSCm4iRrWoDJIPtnrQZ3VW4Qs%2FtBpEVEBBx%2F%2BUkybR86v4lsC7S2CV1%2FBYHclN4viB5BmlEt2kbOzxI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7249f2bf3fedf3ef-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (49470), with no line terminators Size: 18307 Md5: d84b7d9d70f2d0313355b4ba73461291 Sha1: d490261debe53643de39d63e25a76cd5233d878e Sha256: ef6a240d0b4d9a9d614a02bbbe60b9f110f911ab4cd15d3bda0b40afe0d52e4d Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:04 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Fri, 01 Jul 2022 05:56:27 GMT Expires: Fri, 08 Jul 2022 05:56:27 GMT ETag: 7E073D17FEF01A8B6BD062CD6A138AE30EE3A46F Cache-Control: max-age=467362,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp2 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7249f2c4fdc71c12-OSL --- Additional Info --- Magic: data Size: 471 Md5: b4e236d5f223f452419486fca7df12a6 Sha1: 7e073d17fef01a8b6bd062cd6a138ae30ee3a46f Sha256: d74275cbb228d3ac2320f02db09b6a7d8764774d572cc7fd4023711f34238273
GET /sdk/v1/master.spot.js HTTP/1.1 Host: cdn.tsyndicate.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://a.focusde.info/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	8.254.252.214 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:04 GMT content-type: application/javascript content-length: 12716 last-modified: Wed, 22 Jun 2022 09:27:35 GMT server: nginx x-robots-tag: noindex, nofollow content-encoding: gzip vary: Accept-Encoding etag: W/"62b2e087-887d" age: 901040 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (28232) Size: 12716 Md5: 0c8b6eeb7d60d4b1d9e08dd23db4d5f4 Sha1: 927910ab3a0164fcaa92c0562b4e6702e7373e43 Sha256: b2629798ea334f73e5d414232c45f3fe41cdd22907dfa1ffd7156a5f58f520e9
GET /warp/4787912?r=69542 HTTP/1.1 Host: a.bestcontentfood.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://a.focusde.info/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	172.67.200.139 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:04 GMT content-type: application/javascript; charset=UTF-8 referer: b.bestcontentfood.top cache-control: public, max-age=900 etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f" cf-cache-status: DYNAMIC expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhCerbdhTgz6FPq06exKrq5zQMlPBNQd4ovlR9xZSdpR1Wk1yl4%2FS9qO4%2BsV1WtSyF26zEk6X1KaD1kqNNOfrEZ%2FdkW2TvjiBb%2BYAe99C9%2FTlHqFpJb9vNI69GCgZKkmRgCzGBuI%2BXk%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7249f2c4d8641c16-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (4180), with no line terminators Size: 2301 Md5: a7d6328fa6be22604de1211c0bdbf367 Sha1: 340d37951420fae974ea81f51770025f9f30714b Sha256: 6651cd691851e006e65ee320a3363c0cc6ab85d7aa7aef7a9367c0e957cd6c09 Alerts: Blocklists: - fortinet: Phishing
GET /warp/4787914?r=44276 HTTP/1.1 Host: a.bestcontentfood.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://a.focusde.info/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	172.67.200.139 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:04 GMT content-type: application/javascript; charset=UTF-8 referer: b.bestcontentfood.top cache-control: public, max-age=900 etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f" cf-cache-status: DYNAMIC expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4KRCCxSRddlwwX8bKoyVnXn8UQgYmpctqQAOzgo%2BWJIJtbCf%2Bfamr8yuTQeIx2WNevAPhLmEoEw%2Bj0TGHYLXzCZm2UIZ2zeQJATlOm78OjUA%2BOdvJPSmUgOgjGyHtSY9ti%2FrBaN%2BEY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7249f2c4c8571c16-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (4180), with no line terminators Size: 2301 Md5: 11afb435216c6d928e5b952d23f11aac Sha1: 838dc17a6811b11dc60c1d17e17e172417876606 Sha256: a7b1e87666ef9c4549d29d40704450026bf977396b8cf423bbafcb4aa8f547bd Alerts: Blocklists: - fortinet: Phishing
GET /api/spots/312874?p=1&s1=%subid1%&kw= HTTP/1.1 Host: a.focusde.info User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers	135.181.208.216 HTTP/2 200 OK server: nginx date: Sat, 02 Jul 2022 19:57:03 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding set-cookie: nauid=YhfENY9s2oUjzYjt2vN3; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None cache-control: private content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 14671 Md5: eabd705d9aaee70a8ce62a3db82f526e Sha1: 4c27f3abc40b9328f557ae4735338b6318ee567b Sha256: addd71ed90419f802ce125704dca6ff7406ad355fdf9c5906864fbb2ab980195
GET /assets/fdm/red.jpg HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333 Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=1push-1push%2Cpop-pop; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiI3ODc0OGQzZDRiY2M1IiwiaWF0IjoxNjU2NzkxODIxLCJleHAiOjE2NTczOTY2MjF9.KZhVSKYA2ZnqzaSrI8Ehw94-5BC36m5XD9J4qja9mjE; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiNzU3M2MzNzNjMjg5ZiIsImlhdCI6MTY1Njc5MTgyMSwiZXhwIjoxNjU5MzgzODIxfQ.scN5GkhHCkECl7O857slnRtgLUWoDWG1UHGMZpcIhzI; _ga=GA1.2.1386473709.1656791823; _gid=GA1.2.1934889473.1656791823; _dc_gtm_UA-121614197-2=1; _ym_uid=16567918231003172034; _ym_d=1656791823; visitorGetPop=no; __cf_bm=2ld_iQCBRJbG10ok5LM7VN9x6y8XJgoJ.PtGrE9ZY4I-1656791822-0-ASeLwO5+jip4HXLtSn86AtSRpkkJPAhLOn6l444XQTHAuKfLTUoP7sWnHCxAg/aCImGFpyhx87SqTn6JzKBD7Y3IMKWb7cIHl7enrQheeaDp9WhH+J/hGBRJdlrtJ9DhRA==; _ym_visorc=b; dom3ic8zudi28v8lr6fgphwffqoz0j6c=7f94f9e2-63a5-44d7-9aef-add9109509a2%3A2%3A1; sb_page_a2f990f10476061c719d1c1aa3a2ecd2=1; sb_onpage_a2f990f10476061c719d1c1aa3a2ecd2=1; sb_main_a2f990f10476061c719d1c1aa3a2ecd2=1; sb_count_a2f990f10476061c719d1c1aa3a2ecd2=1; _ym_isad=2; pbpr0tpuw4isk85t8yg3jb2lj5vqf=temporarilyruinconsistent.com; ppu_idelay_4d0afc2425eea6b0cd5a468c9f8a69ed=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=3, software=paint.net 4.3.11], baseline, precision 8, 950x150, components 3\012- data Size: 58205 Md5: 275d41ad931cf00d8b7e08c1b4dcda1c$ 104.26.1.188 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:03 GMT content-type: image/jpeg cf-bgj: h2pri vary: Origin, Accept-Encoding cache-control: max-age=14400 cf-cache-status: HIT age: 2643 last-modified: Sat, 02 Jul 2022 19:13:00 GMT expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zwdWpPucBS1ajX2M7kurl0Wk457n22xVRLP7cJjlrDJtu0W3gCrz4%2F3wY80X0zi2NKczekbFsoZDcptBGsCP%2Fn1cBnNIUCW%2BkRwgpH2cJXrX77CK9P73S9vutNYoQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7249f2c2fd14b512-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=3, software=paint.net 4.3.11], baseline, precision 8, 950x150, components 3\012- data Size: 58205 Md5: 275d41ad931cf00d8b7e08c1b4dcda1c Sha1: 0f6dbd9f48abe256ff52a637c38405266034ef5c Sha256: 9f04b95dcf83ec6b8c9a15b396414aec0074a92c478d709e4210b390e0a4db4e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "ACC91E7B5535EA1AF789C1F9F14822DD685067C91DBC6445568D7042E2B45987" Last-Modified: Sat, 02 Jul 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9698 Expires: Sat, 02 Jul 2022 22:38:42 GMT Date: Sat, 02 Jul 2022 19:57:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ff8dfdedec1f70687fa5a43b532a5573 Sha1: 88e596d94b011324740df711799d77c521e5ede3 Sha256: acc91e7b5535ea1af789c1f9f14822dd685067c91dbc6445568d7042e2b45987
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "ACC91E7B5535EA1AF789C1F9F14822DD685067C91DBC6445568D7042E2B45987" Last-Modified: Sat, 02 Jul 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9698 Expires: Sat, 02 Jul 2022 22:38:42 GMT Date: Sat, 02 Jul 2022 19:57:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ff8dfdedec1f70687fa5a43b532a5573 Sha1: 88e596d94b011324740df711799d77c521e5ede3 Sha256: acc91e7b5535ea1af789c1f9f14822dd685067c91dbc6445568d7042e2b45987
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujvEgCv7KRYIyBxEFM%2Bme3%2B0iwRijwbi77K7oTaqrqidlarqaqq7pyYAQXJA9jv9B55tkgxpEr8KGZbKgkFNGLzmYg4eAFy%2BCR5WZDRv2Xd773vcO3%2Fve%2B2rHnREfjp6ufKT7Uim6WC%2F7pdc%2FDYIrpXWZuF6p12p81qhdKZnuW2Gj7L9Rel%2BwTb1Y8QPfD%2FygtCqNiHVvcUJCpgdhUA79cq1SDuo19Mzj2DoPlnrg3TPyAiQfzz7w5iDZCEnnhxVhNzOdvvlexymaaYMu3%2F842Ux0nqBzWcbGQ5zsX0xD25PVQ%2BhkbyoXuvtoMJJj4v18iCjZvxCJqLs71RkpiAQRfxp5dwShRpB0BKZvQ%2FITAjCOq9eQdO5e1SanWw9ZOmHHZPafvyHzMZn9fQ5J5%2FtlJXulm1q5TOrEohcXkL0RZHuE1B0h689A5kdg2ZeQnCDpFJD89NVmHNbiUFQWGlVaX6jVeHMhpCJeoJyHgR%2FW%2FZBWpsZIOYKMR1BiAGpn4KwHJz242INLPXT4aYkFQdD0OaN%2BK2SsypsianA%2FoM04oIHfaMGxifYBsnQApgZgZhup2camHMC4%2B7AbBSz3YDOCLi%2BQC4LcEuSUIJcEeUaQd4s9rmzFFne5si4KLnLlIleLoc7aO3RPZ22RkJ30jDw%2FNeyvZ37Cpjgt0Uochn4c%2BLVmw28ErBmEPGABpVVaEYxXYGUBaWdArYe%2BHJO5%2BT%2BQTo74xX%2BI6BGsOgKTz4G6l0HzYbPig24May0f%2FeSgF9Mko%2F2tMtMdcF0gzWaRbXk76oy8NNVRX9AQ7Hjp3tsn8%2Bfnt8BMgdQU%2BFw%2BIGirO8MbOie7N3RuyY%2FX0kx2ZJ9Ojnozo5l48tsPxVauDV9bsYNv3mETYlIe3BI2W6cJl0nbku%2BWJefCrGrDBLm3Zj8R0XVnN5adSVy6fv3d1bVOaoS1Uicj0MlqL34AJsfkqWUx%2Fdf5w3NIM4JxBTrumFwEpD4CS7dh08ue1QRGXeIo9ZC7Ymgq0WVTSQIlLjGNClhxvPRL8Nqfvd%2F%2BRSQeGbJj76BtXgHNbk%2FftGsKdFUBqgaw7olhlprjpV%2Br00CkvGGkjLcbKaO%2Bfmiulaelqs%2BbkYhFMxK1ei0WjEf1euSzmEVV3moxZHYc3R8%2B%2Bz8AAAD%2F%2FwEAAP%2F%2FBHqXB3oEAAA%3D HTTP/1.1 Host: temporarilyruinconsistent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Cookie: u_pl=15600826; uid_id2=7f94f9e2-63a5-44d7-9aef-add9109509a2:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039] Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	192.243.61.227 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx/1.22.0 Date: Sat, 02 Jul 2022 19:57:04 GMT Content-Length: 7 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: d4360cc77f94fd54c209ea560fa9f192 Strict-Transport-Security: max-age=0; includeSubdomains --- Additional Info --- Magic: ASCII text, with no line terminators Size: 7 Md5: 132d6af1b46048b45cf86cdee7991d31 Sha1: eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c Alerts: Blocklists: - quad9: Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1 Host: temporarilyruinconsistent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Cookie: u_pl=15600826; uid_id2=7f94f9e2-63a5-44d7-9aef-add9109509a2:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039] Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	192.243.61.227 HTTP/1.1 200 OK Server: nginx/1.22.0 Date: Sat, 02 Jul 2022 19:57:04 GMT Content-Length: 0 Connection: keep-alive Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Access-Control-Expose-Headers: Content-Length,Content-Range --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /warp/4788752?r=19901 HTTP/1.1 Host: a.bestcontentfood.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://a.focusde.info/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	172.67.200.139 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:04 GMT content-type: application/javascript; charset=UTF-8 referer: b.bestcontentfood.top cache-control: public, max-age=900 etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f" cf-cache-status: DYNAMIC expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJuwF6ah4dCMBYWZPc9FZenerz5Qyr0f5AYL45FZxenreIfUAjQI8W%2Bm%2F9if8PlfatV5si7Op1Q94XxOaw8byIcy8lTZxoT4HRyYbzR683AyfrX7lwipAmuPfpjIiliUclgWw6MJjIE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7249f2c4e8671c16-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (4181), with no line terminators Size: 2851 Md5: dffa0181ac28ade09b0c84e9ebdee6f4 Sha1: e42ca29481a85bef102edd71213cc4fd45a3955c Sha256: 4ed3c01644609bcffbb5e920278c25ff44171d3cbda607df887fb1d295cf0a2c Alerts: Blocklists: - fortinet: Phishing
GET /pxf.gif?uuid=7f94f9e2-63a5-44d7-9aef-add9109509a2&eb=f2971074fea048c017123c068028f7b0&te=b8a4e026d9f6325fba5277f9c4602d23&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1 Host: unseenreport.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: gzip compressed data, max compression\012- data Size: 661 Md5: 69f7e5b7a94453990de2b42acd66a683$ 192.243.61.225 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx/1.22.0 Date: Sat, 02 Jul 2022 19:57:04 GMT Content-Length: 1 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: 1bc3b13ade813d50a17148794104ae01 Strict-Transport-Security: max-age=0; includeSubdomains --- Additional Info --- Magic: gzip compressed data, max compression\012- data Size: 661 Md5: 69f7e5b7a94453990de2b42acd66a683 Sha1: 4cc9cf9339dcd1eb21c6c0aab0d0ff51eb12ca25 Sha256: 24f2c695e4c4fa7733cac8313595a14625e61af698084e2c58602fa2d00d84bf Alerts: Blocklists: - quad9: Sinkholed File Analyzers: - virustotal: 0/0
GET /i/b.html?spot=4692&src=562949385&pid=19775&width=300&height=250&spaceid=859 HTTP/1.1 Host: cdn.tubecorp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://a.focusde.info/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	45.133.44.24 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:04 GMT content-type: text/html; charset=UTF-8 server: nginx/1.20.1 last-modified: Sat, 20 Nov 2021 06:50:54 GMT etag: W/"df-5d132d02c9e77" x-request-id: be3ce9ef9935cab4107d6a0f01f25520 content-encoding: gzip expires: Sat, 02 Jul 2022 20:57:04 GMT cache-control: max-age=3600 x-proxy-cache: HIT access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 182 Md5: e22b6bdd1c428d0692394e20565de01d Sha1: 94f59414c1e6396e0b2d42f314a9841f0663c5ad Sha256: fbae815b8762db906692cd030ab5868252fd20b63968e65c28d1ffd13d711697
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 02 Jul 2022 19:57:04 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Sat, 02 Jul 2022 15:56:19 GMT Expires: Sat, 09 Jul 2022 15:56:19 GMT ETag: 445ACAEE748C1D3FBB7BCA4DCA5D57E30F96E98B Cache-Control: max-age=589754,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp8 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7249f2c7ff17b505-OSL --- Additional Info --- Magic: data Size: 472 Md5: d391748ffd472759488c93bcf6b16a51 Sha1: 445acaee748c1d3fbb7bca4dca5d57e30f96e98b Sha256: 6e463ed85eb03432e0ca6ce2c84af0cacd5f46d0a339f5f978f55b3958a047c2
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjQ2OTIsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjQ2OTIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI1NjI5NDkzODUiLCJ1dG0xIjoidGNiYW5faSIsInV0bTIiOiI0NjkyIiwidXRtMyI6IjE5Nzc1IiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiI0NjkyIiwicGFnZSI6Imh0dHBzOi8vYS5mb2N1c2RlLmluZm8vIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjJiM2E1N2EyMjEyNjViZmRmN2ZhN2FkZTNiZTIzM2ViIn0sImV4dCI6eyJkdCI6MTY1Njc5MTgyNTY0MH19 HTTP/1.1 Host: rtbbnr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cdn.tubecorp.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	159.69.163.6 HTTP/2 200 OK server: nginx/1.18.0 date: Sat, 02 Jul 2022 19:57:04 GMT content-type: text/html vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 2989 Md5: 33f73e665fe386b5fee2286e61d8c0f8 Sha1: 497ad45b14bea17c4d6fad4c46d07212993fbb11 Sha256: 71e5e34c3140b146c4b383f2dff2594820c0c5f8acbca77ea4651cefa6ddce91
GET /_next/static/P4CILzN-YIbf22IDP00As/pages/index.js HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333 Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=1push-1push%2Cpop-pop; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiI3ODc0OGQzZDRiY2M1IiwiaWF0IjoxNjU2NzkxODIxLCJleHAiOjE2NTczOTY2MjF9.KZhVSKYA2ZnqzaSrI8Ehw94-5BC36m5XD9J4qja9mjE; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiNzU3M2MzNzNjMjg5ZiIsImlhdCI6MTY1Njc5MTgyMSwiZXhwIjoxNjU5MzgzODIxfQ.scN5GkhHCkECl7O857slnRtgLUWoDWG1UHGMZpcIhzI Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	104.26.1.188 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:01 GMT content-type: application/javascript; charset=UTF-8 vary: Origin, Accept-Encoding cache-control: public, max-age=31536000, immutable last-modified: Tue, 28 Jun 2022 11:07:37 GMT etag: W/"2b7-181a9fed07f" cf-cache-status: HIT age: 377259 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRODqxan%2FeirD2SW3QwaSiaTxkpcZt%2FU0gfRPWHBasVuS0H%2Fp%2BsvpCvPzztyg%2ByKUmvJm6HyNphLlu2BjO42dIvMu1s8zR%2F2g04U%2FWUMjRCgZz02FbxfLP3CIri7tg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7249f2b71c6fb512-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (695), with no line terminators Size: 37707 Md5: 55f29b09920c076f1107715bdc40e317 Sha1: 8d92f2f177dbcb2d609616c3ba5b32cf8d719a86 Sha256: a82a7cdc640cb528c32a98590c4825f0fe187687ec7c6ced0e0306a4da601f8e
GET /banner/in/show/?mid=329261893&pid=0&site=4692&sc=NO&usage_type=DCH&subid=562949385&sid=0&cid=13202&price=0&is_cpm=1&cpm=0.005&ecpm=0.005&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=a.focusde.info&hostname=auc-banner-hz-0&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=4692&utm_campaign=19775&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=&min_cpm=0.0001&placement_type_id=-1&skin_test=&verify_hash=&score=0&ml=&ttl=&space_id=859&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=&url=%2F%2Fin16.zog.link%2Fin%2Ftishow%2F%3Fkatds_ep%3DGjVklV1x6ZTbIpgqKIPcRtTsPcolPhL0Fhwbh_JpZaDaMIKgSpGdzhy_oajnLm55I2Kg25oiWRyz-Eb9D3ywX0DASiGKee5luvBkG2HWL4dFTHQx4NfWYMd6e9tVXNx6hJbXXlZ2Du5p1o6aKZ5aLcHwpk6RA0yDF9Lgdq3NsTmAa50vcP6486xa5e3L4UZ_9U4aKNY-_D14URmdZLrXP0LsjToB1pH-r0e7oxL6R-DYlT_43BdPyhroeyoZ4673uSpx8nHsSO4zZflP52GF94SLIP9pteA2xqXt7c_us0djh4Br0EPAqgH1mlc5feVXsFBu_16Fo26yu30Sm33hxpmVRYzzldwIaL4GLBVsPLzqDlVONEk9dmUYF4p8esj24nxyiYvphY6n5aB6j9V9C9AmUXvxnu8DtY_BhiJGLsYZgYb8MqRr8TKcyMDzp_PHK_PlC8NLkW5z-J82IBf_T23RcXgfFrJMaH79JCPwTl8CIqjMt--eLqW4gIimtcmjBlcdtZEubpBzj9HLXLGmLsUk0ZVtdXeamL4THaQw_KOdIZ9DU4VzntzBHAnFo6uAhHRsHlC4XMM1KkFwCT-9jS9nHZnHkn2Lcu4ft5uEa4VdtwrD5nT_p1lVanzABlKrgRU9fq1cl1PPMTAjWo0WMu7DBd0Em4nCksG8JQ22ff404sLrxlOpx8HTlvpZ56-pNuv7BkPTVjFceeNboicRY9w-59ADcWucUmK73OIRbSOa8bpG7KZwYV79Y50zAaq9TgCH5BZmHy1ajOclAXZQ8WKxJT6DCsFGL0EubyXpXoczTLXeQwonSmCOMT63l2yxcbEWKumJnFCOl7b8wvm5VERPhfteBqrRzS_9Xw4gyivenUp-te-DN_0vcCTsxGoecn20fCl8mQ-vrrAm1HTjar9Y6AI5_NdyQz45xrfK3a8xbtC1QcoHPXNnEC19bD59d2qUN4ZV3XGOZ-63r-Wf5j85zZ-4wkUy9NSy0Phxgbq1vkOftHCGsbb0zeUQ9uUV0P-ciPX64wqYzc0EdmhRlN8ikX5j1UcdA19GdG-BFbg8bRO5K1jh7ZqOPOT_dqQQtOVT_zE1M0_MvAxBjj24eACb-VuhuPBGq0Zwp7ABrd_ZOFgDFumoSbnI3nL37u6vRWRmBuzKn0sDHb2ysZ_ZDAqVAhmKiO5NASCt285qJuTemzzbDC31DGm8wZ4MUOVZNWHZh_9W5-k1zhxd4MhN_iXhWZvogaDE51zccQbKqSI4Sv2dw6F6AiuvQzsdT2aUwjdYeyV2lygOWXMRrEYbDb9eqoGW2gtjeMfOUIyCUHC3x1EjMIw2V5XS0_7IhlNQEPgu8qSFJEbQ-O1RRrQVKrTxwCUNJL2c3pGV8RrBMIyujOBCzbmSo0SBHF6OmQ_YRh0ozNse7PxH3tUkenXqgMFMnuHldffega-2t2hzAsvIj563WMmz34cFB4TuMO7vNpbDhG7GOX8RBMcNPvzlFA-Dejhtkm-cl3eDwY_3HddAXPUZmjUFtuSJd9bR2XlNCmnB8wIz0BdFMF2y2AnyeiYrmlptDjd1qT51tJ2zjGSK6fw7eOaU2Zlp5VWza2SyyU_c0yWANmYqe2MYcrcikZEcDKC5dSr7b8Fa6t8LuhGNVoUaFHYwdCNcAnhDW9RZ9N40Ii9wRSYzQApiV8Jyu5oq0KrRdq1WBQD38Ajo9m6gp1Aw4L6chcIqu1dLOh8wxKYZG9XfL1gMwKRg_rjvOWhB4UDSi_tj-OsEEsw_4gz0A7UoQPFWfAT5mX7Wa2XRCkLIhm9StPIEdsf437YiOaZpU_V3Q3TELkK7DHuSmFQgx2ulLr7-w3USLF_gL_16aL-ITe7DpzQXjSvkriFat1yWj0UDYhaSgpQc4pWPFASBpYAC_0OaGeeyHajHqcCGUw%26sp%3D0.005&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem= HTTP/1.1 Host: rtbrennab.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtbbnr.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers	159.69.163.6 HTTP/2 302 Found server: nginx/1.18.0 date: Sat, 02 Jul 2022 19:57:04 GMT content-length: 0 vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * location: //in16.zog.link/in/tishow/?katds_ep=GjVklV1x6ZTbIpgqKIPcRtTsPcolPhL0Fhwbh_JpZaDaMIKgSpGdzhy_oajnLm55I2Kg25oiWRyz-Eb9D3ywX0DASiGKee5luvBkG2HWL4dFTHQx4NfWYMd6e9tVXNx6hJbXXlZ2Du5p1o6aKZ5aLcHwpk6RA0yDF9Lgdq3NsTmAa50vcP6486xa5e3L4UZ_9U4aKNY-_D14URmdZLrXP0LsjToB1pH-r0e7oxL6R-DYlT_43BdPyhroeyoZ4673uSpx8nHsSO4zZflP52GF94SLIP9pteA2xqXt7c_us0djh4Br0EPAqgH1mlc5feVXsFBu_16Fo26yu30Sm33hxpmVRYzzldwIaL4GLBVsPLzqDlVONEk9dmUYF4p8esj24nxyiYvphY6n5aB6j9V9C9AmUXvxnu8DtY_BhiJGLsYZgYb8MqRr8TKcyMDzp_PHK_PlC8NLkW5z-J82IBf_T23RcXgfFrJMaH79JCPwTl8CIqjMt--eLqW4gIimtcmjBlcdtZEubpBzj9HLXLGmLsUk0ZVtdXeamL4THaQw_KOdIZ9DU4VzntzBHAnFo6uAhHRsHlC4XMM1KkFwCT-9jS9nHZnHkn2Lcu4ft5uEa4VdtwrD5nT_p1lVanzABlKrgRU9fq1cl1PPMTAjWo0WMu7DBd0Em4nCksG8JQ22ff404sLrxlOpx8HTlvpZ56-pNuv7BkPTVjFceeNboicRY9w-59ADcWucUmK73OIRbSOa8bpG7KZwYV79Y50zAaq9TgCH5BZmHy1ajOclAXZQ8WKxJT6DCsFGL0EubyXpXoczTLXeQwonSmCOMT63l2yxcbEWKumJnFCOl7b8wvm5VERPhfteBqrRzS_9Xw4gyivenUp-te-DN_0vcCTsxGoecn20fCl8mQ-vrrAm1HTjar9Y6AI5_NdyQz45xrfK3a8xbtC1QcoHPXNnEC19bD59d2qUN4ZV3XGOZ-63r-Wf5j85zZ-4wkUy9NSy0Phxgbq1vkOftHCGsbb0zeUQ9uUV0P-ciPX64wqYzc0EdmhRlN8ikX5j1UcdA19GdG-BFbg8bRO5K1jh7ZqOPOT_dqQQtOVT_zE1M0_MvAxBjj24eACb-VuhuPBGq0Zwp7ABrd_ZOFgDFumoSbnI3nL37u6vRWRmBuzKn0sDHb2ysZ_ZDAqVAhmKiO5NASCt285qJuTemzzbDC31DGm8wZ4MUOVZNWHZh_9W5-k1zhxd4MhN_iXhWZvogaDE51zccQbKqSI4Sv2dw6F6AiuvQzsdT2aUwjdYeyV2lygOWXMRrEYbDb9eqoGW2gtjeMfOUIyCUHC3x1EjMIw2V5XS0_7IhlNQEPgu8qSFJEbQ-O1RRrQVKrTxwCUNJL2c3pGV8RrBMIyujOBCzbmSo0SBHF6OmQ_YRh0ozNse7PxH3tUkenXqgMFMnuHldffega-2t2hzAsvIj563WMmz34cFB4TuMO7vNpbDhG7GOX8RBMcNPvzlFA-Dejhtkm-cl3eDwY_3HddAXPUZmjUFtuSJd9bR2XlNCmnB8wIz0BdFMF2y2AnyeiYrmlptDjd1qT51tJ2zjGSK6fw7eOaU2Zlp5VWza2SyyU_c0yWANmYqe2MYcrcikZEcDKC5dSr7b8Fa6t8LuhGNVoUaFHYwdCNcAnhDW9RZ9N40Ii9wRSYzQApiV8Jyu5oq0KrRdq1WBQD38Ajo9m6gp1Aw4L6chcIqu1dLOh8wxKYZG9XfL1gMwKRg_rjvOWhB4UDSi_tj-OsEEsw_4gz0A7UoQPFWfAT5mX7Wa2XRCkLIhm9StPIEdsf437YiOaZpU_V3Q3TELkK7DHuSmFQgx2ulLr7-w3USLF_gL_16aL-ITe7DpzQXjSvkriFat1yWj0UDYhaSgpQc4pWPFASBpYAC_0OaGeeyHajHqcCGUw&sp=0.005 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 799 Cache-Control: max-age=159438 Date: Sat, 02 Jul 2022 19:57:04 GMT Etag: "62c06bbf-13a" Expires: Mon, 04 Jul 2022 16:14:22 GMT Last-Modified: Sat, 02 Jul 2022 16:01:03 GMT Server: ECS (ska/F6FE) X-Cache: HIT Content-Length: 314 --- Additional Info --- Magic: data Size: 314 Md5: 5fac8925d5aecec251ffaa0c5273e752 Sha1: 6423498bc22b64251302e4b1614fa67048543845 Sha256: 2068e0aba49b90407cc3f480f9da5d1d1422f83400de2dab8d74fab02a391c63
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4EE99872BACD90F87F41CDFF41BB4B8AD4E6F47E2735882186BDFDF09DCD1651" Last-Modified: Sat, 02 Jul 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5388 Expires: Sat, 02 Jul 2022 21:26:52 GMT Date: Sat, 02 Jul 2022 19:57:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 40d6a7477b7e38e89ae9b99d7d1d0db2 Sha1: 9ae4d62748cd130e498e0f4494301c8443d13f34 Sha256: 4ee99872bacd90f87f41cdff41bb4b8ad4e6f47e2735882186bdfdf09dcd1651
GET /in/tishow/?katds_ep=GjVklV1x6ZTbIpgqKIPcRtTsPcolPhL0Fhwbh_JpZaDaMIKgSpGdzhy_oajnLm55I2Kg25oiWRyz-Eb9D3ywX0DASiGKee5luvBkG2HWL4dFTHQx4NfWYMd6e9tVXNx6hJbXXlZ2Du5p1o6aKZ5aLcHwpk6RA0yDF9Lgdq3NsTmAa50vcP6486xa5e3L4UZ_9U4aKNY-_D14URmdZLrXP0LsjToB1pH-r0e7oxL6R-DYlT_43BdPyhroeyoZ4673uSpx8nHsSO4zZflP52GF94SLIP9pteA2xqXt7c_us0djh4Br0EPAqgH1mlc5feVXsFBu_16Fo26yu30Sm33hxpmVRYzzldwIaL4GLBVsPLzqDlVONEk9dmUYF4p8esj24nxyiYvphY6n5aB6j9V9C9AmUXvxnu8DtY_BhiJGLsYZgYb8MqRr8TKcyMDzp_PHK_PlC8NLkW5z-J82IBf_T23RcXgfFrJMaH79JCPwTl8CIqjMt--eLqW4gIimtcmjBlcdtZEubpBzj9HLXLGmLsUk0ZVtdXeamL4THaQw_KOdIZ9DU4VzntzBHAnFo6uAhHRsHlC4XMM1KkFwCT-9jS9nHZnHkn2Lcu4ft5uEa4VdtwrD5nT_p1lVanzABlKrgRU9fq1cl1PPMTAjWo0WMu7DBd0Em4nCksG8JQ22ff404sLrxlOpx8HTlvpZ56-pNuv7BkPTVjFceeNboicRY9w-59ADcWucUmK73OIRbSOa8bpG7KZwYV79Y50zAaq9TgCH5BZmHy1ajOclAXZQ8WKxJT6DCsFGL0EubyXpXoczTLXeQwonSmCOMT63l2yxcbEWKumJnFCOl7b8wvm5VERPhfteBqrRzS_9Xw4gyivenUp-te-DN_0vcCTsxGoecn20fCl8mQ-vrrAm1HTjar9Y6AI5_NdyQz45xrfK3a8xbtC1QcoHPXNnEC19bD59d2qUN4ZV3XGOZ-63r-Wf5j85zZ-4wkUy9NSy0Phxgbq1vkOftHCGsbb0zeUQ9uUV0P-ciPX64wqYzc0EdmhRlN8ikX5j1UcdA19GdG-BFbg8bRO5K1jh7ZqOPOT_dqQQtOVT_zE1M0_MvAxBjj24eACb-VuhuPBGq0Zwp7ABrd_ZOFgDFumoSbnI3nL37u6vRWRmBuzKn0sDHb2ysZ_ZDAqVAhmKiO5NASCt285qJuTemzzbDC31DGm8wZ4MUOVZNWHZh_9W5-k1zhxd4MhN_iXhWZvogaDE51zccQbKqSI4Sv2dw6F6AiuvQzsdT2aUwjdYeyV2lygOWXMRrEYbDb9eqoGW2gtjeMfOUIyCUHC3x1EjMIw2V5XS0_7IhlNQEPgu8qSFJEbQ-O1RRrQVKrTxwCUNJL2c3pGV8RrBMIyujOBCzbmSo0SBHF6OmQ_YRh0ozNse7PxH3tUkenXqgMFMnuHldffega-2t2hzAsvIj563WMmz34cFB4TuMO7vNpbDhG7GOX8RBMcNPvzlFA-Dejhtkm-cl3eDwY_3HddAXPUZmjUFtuSJd9bR2XlNCmnB8wIz0BdFMF2y2AnyeiYrmlptDjd1qT51tJ2zjGSK6fw7eOaU2Zlp5VWza2SyyU_c0yWANmYqe2MYcrcikZEcDKC5dSr7b8Fa6t8LuhGNVoUaFHYwdCNcAnhDW9RZ9N40Ii9wRSYzQApiV8Jyu5oq0KrRdq1WBQD38Ajo9m6gp1Aw4L6chcIqu1dLOh8wxKYZG9XfL1gMwKRg_rjvOWhB4UDSi_tj-OsEEsw_4gz0A7UoQPFWfAT5mX7Wa2XRCkLIhm9StPIEdsf437YiOaZpU_V3Q3TELkK7DHuSmFQgx2ulLr7-w3USLF_gL_16aL-ITe7DpzQXjSvkriFat1yWj0UDYhaSgpQc4pWPFASBpYAC_0OaGeeyHajHqcCGUw&sp=0.005 HTTP/1.1 Host: in16.zog.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rtbbnr.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	62.122.173.146 HTTP/2 302 Found server: nginx/1.20.1 date: Sat, 02 Jul 2022 19:57:05 GMT content-length: 0 location: https://12112336.pix-cdn.org/m/p/0/11/11508/yPndOg0m.html?__OS_FAMILY__={{ __OS_FAMILY__ }}&__OS_TYPE__={{ __OS_TYPE__ }}&__GEOIP_COUNTRY_SHORT__={{ __GEOIP_COUNTRY_SHORT__ }}&__IP2L_MOBILE__={{ __IP2L_MOBILE__ }}&__BROWSER_FAMILY__={{ __BROWSER_FAMILY__ }}&OS_FAMILY=[OS_FAMILY]&OS_TYPE=[OS_TYPE]&COUNTRY_ISO_CODE=[COUNTRY_ISO_CODE]&MOBILE_BRAND=[MOBILE_BRAND]&BROWSER_FAMILY=[BROWSER_FAMILY]&DOMAIN=a.focusde.info&PRICE=0.0050&PRICING_MODEL=[PRICING_MODEL]&CAMPAIGN_ID=6435&CLICK_ID=c075b6ed-b562-4bc9-87fa-ef7be595765a&id_zone=[idzone]&site={{ site }}&out_name=37319%7C4317%7Ccpm%7C0.0020%7C%24%200.0050&campaign_id=37319&price=0.0050&pricebox_price=0.0020&pricing_model=cpm&click_id=c075b6ed-b562-4bc9-87fa-ef7be595765a&priority=[PRIORITY]&ad_sub=173501021&utm1=tcb&utm2=878669509-100&utm3=249-6435-14933&utm4=0-10346131-0 cache-control: no-cache, no-store, must-revalidate pragma: no-cache vary: * set-cookie: 2325.0=1; expires=Sun, 03 Jul 2022 19:57:05 GMT; path=/; secure; SameSite=None X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank HTTP/1.1 Host: chaturbate.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://b.bestcontentfood.top/ Connection: keep-alive Cookie: __cf_bm=Kb5DF4jt.dgCS08ncRkioQjzfMeVS8gzu48OG1LeKT4-1656791824-0-AatHTMhua6RPNvoEFUKaVmMD8ZReEIU9Kv0yY+OowU1SqHmYPoioWyUfSI40j8xiUP3aqHFW7HT4FmFd68lzF4Q= Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers	104.18.101.40 HTTP/2 302 Found date: Sat, 02 Jul 2022 19:57:04 GMT content-type: text/html; charset=utf-8 location: /embed/ruby_lynx/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" vary: Accept-Language, Cookie content-language: en content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.mmcdn.com https://.highwebmedia.com https://.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js; style-src 'self' data: 'unsafe-inline' https://.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://.mmcdn.com https://.highwebmedia.com https://.stream.highwebmedia.com https://.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com; font-src 'self' data: https://.mmcdn.com https://.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://.mmcdn.com wss://.mmcdn.com wss://.mmcdn.com:8443 https://.highwebmedia.com wss://.highwebmedia.com wss://.highwebmedia.com:8443 https://.nr-data.net https://.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io ; media-src 'self' https://.mmcdn.com https://.highwebmedia.com https://.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://.mmcdn.com https://.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://.mmcdn.com https://.chaturbate.com https://chaturbate.com https://.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://.girogate.de https://player.vimeo.com; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://.chaturbate.com https://chaturbate.com https://.stream.highwebmedia.com https://www.coinpayments.net https://.wnu.com https://wnu.com https://devportal.cb.dev https://.web.amer-1.jumio.ai ; manifest-src 'self' https://.mmcdn.com https://.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce; report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true} nel: {"report_to":"default","max_age":2592000,"include_subdomains":true} x-frame-options: DENY cache-control: no-cache set-cookie: stcki="pOtSwZ=0\054FqPd9a=0\0546pduSG=0\054aDBbcK=1"; expires=Mon, 01-Aug-2022 19:57:04 GMT; Max-Age=2592000; Path=/ affkey="eJyrVipSslJQyigpKSi20tdP0ktKLS5Jzs8rSc0rScvPT9EryS/QV6oFAARSDak="; Domain=.chaturbate.com; expires=Mon, 01-Aug-2022 19:57:04 GMT; Max-Age=2592000; Path=/ sbr=sec:sbr1bc341b2-7497-48d5-ba75-30910752b31e:1o7jEm:qkxFpKOfpWjdUtykHAL83wMl3_k; Domain=.chaturbate.com; expires=Thu, 27-Mar-2025 19:57:04 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure x-content-type-options: nosniff x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce referrer-policy: strict-origin-when-cross-origin via: 1.1 google alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status: DYNAMIC expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7249f2c8cfd11c02-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (5027), with no line terminators Size: 5027 Md5: 5e5817bcf4c82c7c85d1d88636d221ce Sha1: b5c32cc6c931c33c1297884016e13d3b9a5bf261 Sha256: 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /get/10010248?time=1592494928726&atc=425995&apb=CiQ2ZTQ1NzVkYi1kMzkyLTRiMDctOTI3ZC02Y2Y2ZGU4OWQ1ZTEQsjYY5WQg2LboATCLgBo4v4GrAUABSLIBWAHZIcCp_uUbDLHI HTTP/1.1 Host: a.adtng.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://a.focusde.info/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	66.254.114.171 HTTP/2 200 OK server: openresty date: Sat, 02 Jul 2022 19:57:04 GMT content-type: text/html access-control-allow-credentials: true access-control-allow-methods: GET access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With content-encoding: gzip set-cookie: adtool_guid=Ch5KImLAoxBtgmqyv7sDAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None; RNLBSERVERID=ded7079; path=/; HttpOnly; Secure; SameSite=None x-request-id: 62C0A310-42FE72AB01BB69F6-F6CC02B X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 25770 Md5: 6c3b31eec5edeb3dc48ec0f2ab135aa6 Sha1: f3ea25408a94b979c93a4d84d89a9adc6e3a52f9 Sha256: bd01f4a6ce87205d708f7f56b4bcc79742f32943f627adcce122b2ac10ed92d0
GET /a7/creatives/1/1322/814271/1028051/1028051_logo.png HTTP/1.1 Host: hw-cdn2.ang-content.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://a.adtng.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PNG image data, 900 x 250, 8-bit colormap, non-interlaced\012- data Size: 61941 Md5: ebcac7407da9e155302da2b91f4553fa$ 205.185.208.20 HTTP/1.1 200 OK Content-Type: image/png Date: Sat, 02 Jul 2022 19:57:05 GMT Connection: Keep-Alive ETag: "1648748302" Content-Length: 61941 Last-Modified: Thu, 31 Mar 2022 17:38:22 GMT Accept-Ranges: bytes Cache-Control: max-age=10757791 X-HW: 1656791824.dop215.sk1.t,1656791825.cds211.sk1.shn,1656791825.dop215.sk1.t,1656791825.cds024.sk1.c Access-Control-Allow-Origin: * --- Additional Info --- Magic: PNG image data, 900 x 250, 8-bit colormap, non-interlaced\012- data Size: 61941 Md5: ebcac7407da9e155302da2b91f4553fa Sha1: 6e7b2ac10f618dfa219c2cf1334e4319e2be0cbc Sha256: 784092a284f36151de8169050ef3e25db944e48f6852092e1a6da74001e3ae9c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "438739FEB2858CD203516C71FD2FE7FF30684BF8FAF636AEFB75432D9B95B4B8" Last-Modified: Fri, 01 Jul 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5544 Expires: Sat, 02 Jul 2022 21:29:29 GMT Date: Sat, 02 Jul 2022 19:57:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: bacd5a41780bf763d23aafad480f9e84 Sha1: 28d3f79db944c123c706429e787b32e2d210263c Sha256: 438739feb2858cd203516c71fd2fe7ff30684bf8faf636aefb75432d9b95b4b8
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C69E6674D38F619C4D7C4F893ECE739F05882761EC1A74738EAFA2AB4E6E1644" Last-Modified: Fri, 01 Jul 2022 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3000 Expires: Sat, 02 Jul 2022 20:47:05 GMT Date: Sat, 02 Jul 2022 19:57:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: e8b58f9ae1167a3c7d8eac9d848767d9 Sha1: 1ccb351cb8fc7d45374a6f52396be6ebe0d6a1d9 Sha256: c69e6674d38f619c4d7c4f893ece739f05882761ec1a74738eafa2ab4e6e1644
GET /api/v1/p/p.js?p=e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFImyUoVHjRg0yYlqQmZFDRgsaYmDcaGHyBpkWNsaYsXEQRw4yNcrEEPEwTJ0xGTuGMTOGRgwYLWqEkQGTRpmaLWPcOEnjxgwZNmKUuQGjhsmeEMnYWWgjhw0ZD-HUEUNRRg4YFSHCgbMQxw0aMx7OgTNRxwwcMALjwPGwDV-_NGDYqFEj68MxberqoCHjaw6HYs0slFFYhBg3bjgHjoGjsWE3GBlilQFDbZvUZWscfViHp46BdOjAmaPjxYswLgzSSe1izJs2L86UofMCaVwYMmjg-EEnTZsyPRqapJGje2eqNrjUgRHdRhg6Y3pUvlxjfPmsYeCI6TEkTRQZWqhEieFEj5U1skgjhjWa0GONPJigQoo0miBCoieoSGIGLYaILgsZMNTiiCpoeOIK_vQrIoo51MgiixpAPEMGJsR4IwgqhmDiDCHeoMEOGo6QI4gqghBiCiaSEOKKIJDQIokxhoDjizqqEIMIJpBIIiw42qDooTeqvFIEMpDLKDgz3hijjjkOciENN8IMawz0Ftpihhi6UEuOoHSAwYXy5MqSzoXuzPMhMTazE0-55LBjsoZqqyONjAoCbIwZyigjptlyQEmMMmpoAQcxbjBDqRm-iggHR2uwIaw0JhMhhxhcgMuFylxoiIaw5Pgi1YxYdfXOWGcNq44wMmriDT3SYIONMF6oAU8QUMAihhh2AIEJNOvAAwQ8cLDhCxtokNZQHc7CMwUQjihjjDXeeKG155CKAQQj0pCjjDDxeEFcGNasUwQnngjrDVvH2LffsNjYtwgnwjrIji_mZYMij27AYQYbAnNNBDnOEE0Hy-56aOEvxJDDLs9AbuMNMkbT6mM53lhILxHeUIjjOd_AI4-FaHhoXkFz262338AUk0wz0QzzhbDuyCiGzvJ9CI2lo6N1L0MzapkO9ABuoQ430qCjBRlaJUMGhfc96Iuxw6LDSoYYs-EGVnGQzqI2yG7bVLhLk64GpHwio-Ey-PqizbvfjntuEcpgOAw2EKJj5jdpkBMiMfzikt6f2JhILYP7hEw1GPpQICA%3D&s=ed2593026346d7b6b267951055ac49e1b8803a2085467a9ea1310d70e45945a41656791824&w=t&r=1&d=273&priv=false HTTP/1.1 Host: pxl.tsyndicate.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://a.focusde.info/ Cookie: ts_uid=ea38c3ee-6549-4be5-8b7f-5359ac8ea356; bfq=e0SIEaFjiwwcMGLgqFGjCwsRYwpuifFQRJmJMWzUsIHjBg4ZMmh06aMg Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	136.243.46.131 HTTP/2 200 OK server: nginx date: Sat, 02 Jul 2022 19:57:05 GMT content-type: text/javascript; charset=utf-8 content-length: 24 x-robots-tag: noindex, nofollow X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 24 Md5: 0959ba36d476b6dc1994ba3c678b07c4 Sha1: d30b94da72daa02766965206a85b7e0356375f5e Sha256: 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "50370CCD1860982A6897B16A98085D6B8B5D5C60E6DF35C6647C65909D020202" Last-Modified: Thu, 30 Jun 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7079 Expires: Sat, 02 Jul 2022 21:55:04 GMT Date: Sat, 02 Jul 2022 19:57:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c78a36c7e37d30fe48aa8c3eaf1c73eb Sha1: 2a5ab8c8f5cf62dc69ed4094aabc8c151ac2ee35 Sha256: 50370ccd1860982a6897b16a98085d6b8b5d5c60e6df35c6647c65909d020202
GET /riw/katdreams.jpg?1656791820 HTTP/1.1 Host: roomimg.stream.highwebmedia.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://chaturbate.com/ Connection: keep-alive Cookie: _cfuvid=XdQSheo.y1NYEkjM.i0pP_VW8y12VynNJ64nn7IcO1M-1656791825370-0-604800000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 480x270, components 3\012- data Size: 3731 Md5: d7f39e3ff273e5b46376cdc29a840b7e$ 104.19.241.83 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:05 GMT content-type: image/jpeg content-length: 3731 access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: * cache-control: public, max-age=30 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline' referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=31536000; includeSubDomains x-content-type-options: nosniff x-frame-options: DENY x-xss-protection: 1; mode=block cf-cache-status: HIT age: 2 last-modified: Sat, 02 Jul 2022 19:57:03 GMT expires: Sat, 02 Jul 2022 19:57:35 GMT accept-ranges: bytes expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScGa%2Bgbswzyz4JC4H7RpR2hA%2FIAmB3ZLJ8U2YZwCR6iQKADBLXvY4M79z1IqquuociN%2Bv%2FQ0H3hajNSpvRB80evAKuHOcUFSJyDriCxHl0ShplJKccCAyv%2F%2FkHbbYqfE6%2FtZXCGcG%2BPfVn5bjKlFAII%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7249f2cd3888b52d-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 480x270, components 3\012- data Size: 3731 Md5: d7f39e3ff273e5b46376cdc29a840b7e Sha1: 8c1a14d31e570753ceddb695609edc9964638874 Sha256: a41c29ca8d9c001d8c8b33c98df9c0d1fd704bf0eae6fd8dc45956dac32bbaba
GET /as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=900&adHeight=75&niche=female&fontSize=15&font_color=%23fff&background_color=%23000000&hn=fap247.com&AFNO=1-286 HTTP/1.1 Host: as.sexad.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://camschat.net/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 3470 Md5: 33dbb4c0ae62b5fa4c97fadc21bd78be$ 216.127.52.241 HTTP/1.1 200 Content-Type: text/html;charset=UTF-8 Server: nginx/1.10.3 Date: Sat, 02 Jul 2022 19:57:05 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store Access-Control-Allow-Origin: * Set-Cookie: at11656791825937_0_5106_4398=0001000; expires=Mon, 01-Aug-2022 19:57:05 GMT; Max-Age=2592000; path=/as; samesite=None; secure iid=2162-1656791825; expires=Tue, 29-Jun-2032 19:57:05 GMT; Max-Age=315360000; path=/; samesite=None; secure P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html" Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 3470 Md5: 33dbb4c0ae62b5fa4c97fadc21bd78be Sha1: cc309efef837d60de347f6954e7c3cf8fa7cf614 Sha256: 0c65841791ea728993a58a72ec053c351dc3cf2ddf5c6849c12fa27ecec9c702
GET /as/if?p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286 HTTP/1.1 Host: as.sexad.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://camschat.net/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	216.127.52.241 HTTP/1.1 200 Content-Type: text/html;charset=UTF-8 Server: nginx/1.10.3 Date: Sat, 02 Jul 2022 19:57:05 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store Access-Control-Allow-Origin: * Set-Cookie: at11656791825937_0_5104_5672=0001000; expires=Mon, 01-Aug-2022 19:57:05 GMT; Max-Age=2592000; path=/as; samesite=None; secure iid=6056-1656791825; expires=Tue, 29-Jun-2032 19:57:05 GMT; Max-Age=315360000; path=/; samesite=None; secure P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html" Content-Encoding: gzip --- Additional Info --- Magic: data Size: 5901 Md5: c86257cceb7da6755ae4103faa133f8f Sha1: f07981ea1e1a1c84a98b4d5ac944e8d2e9650a94 Sha256: 515299b3e25e5c796940a3791f4451601ccfbe6e482d5d4192c01d117d8b07db
GET /jquery-2.1.3.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://as.sexad.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	69.16.175.42 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:05 GMT content-encoding: gzip content-length: 29507 content-type: application/javascript; charset=utf-8 last-modified: Wed, 16 Feb 2022 10:50:39 GMT accept-ranges: bytes server: nginx etag: W/"620cd6ff-14960" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1656791825.dop210.sk1.t,1656791825.cds227.sk1.hn,1656791825.cds215.sk1.c X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (32180) Size: 29507 Md5: de4fdb8e2e5d9b9624bad7ed2b726525 Sha1: 053a31e8e83b261e3863c4f9e652caba910a2b89 Sha256: f44c9556d0ecebc0716a7fce2899c0b40ed96394bebafb2937f4305bf3b118f3
GET /nr-spa-1216.min.js HTTP/1.1 Host: js-agent.newrelic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://chaturbate.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	151.101.86.137 HTTP/2 200 OK x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM= x-amz-request-id: SYTECJR5CMD8NJ8E last-modified: Thu, 14 Apr 2022 16:45:57 GMT etag: "63e2df852d15ab21d7ff8fc4363222e8" x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU content-type: application/javascript server: AmazonS3 cache-control: public, max-age=7200, stale-if-error=604800 content-encoding: gzip accept-ranges: bytes date: Sat, 02 Jul 2022 19:57:05 GMT via: 1.1 varnish x-served-by: cache-bma1627-BMA x-cache: HIT x-cache-hits: 962 x-timer: S1656791826.892620,VS0,VE0 vary: Accept-Encoding cross-origin-resource-policy: cross-origin content-length: 18216 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (32010) Size: 18216 Md5: 6561a2403142205f966207d61576f1a6 Sha1: 1310e72f494e12ab63a4280fc1600a2c89dc9bb8 Sha256: 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "937962770FC75EFD82C864F4C5B17BD5EED7CF62FD70505A642F4B9297C7534C" Last-Modified: Fri, 01 Jul 2022 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5323 Expires: Sat, 02 Jul 2022 21:25:48 GMT Date: Sat, 02 Jul 2022 19:57:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 463008fd1b351ab4dd000c6d77166ac2 Sha1: 6019a4b3b076aeb2f9919a87f71bd6d1fc8528a7 Sha256: 937962770fc75efd82c864f4c5b17bd5eed7cf62fd70505a642f4b9297c7534c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "937962770FC75EFD82C864F4C5B17BD5EED7CF62FD70505A642F4B9297C7534C" Last-Modified: Fri, 01 Jul 2022 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5323 Expires: Sat, 02 Jul 2022 21:25:48 GMT Date: Sat, 02 Jul 2022 19:57:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 463008fd1b351ab4dd000c6d77166ac2 Sha1: 6019a4b3b076aeb2f9919a87f71bd6d1fc8528a7 Sha256: 937962770fc75efd82c864f4c5b17bd5eed7cf62fd70505a642f4b9297c7534c
GET /npe/_common/script/adblock/advertisement-v161802.js HTTP/1.1 Host: pt-static3.ptlwmstc.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pt.wmptctl.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	93.93.51.200 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:05 GMT content-type: application/javascript content-length: 21 last-modified: Thu, 30 Jun 2022 14:25:11 GMT etag: "62bdb247-15" access-control-allow-origin: * server: unknown x-cdn-node: sesto x-cache-status: R-HIT accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 21 Md5: 01c6e7ecb819ef28b0c9b962513a1596 Sha1: 1a49f493db7b91ed34a7040d36732352b9a5dc39 Sha256: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
GET /npe/ba/fklf/script/fk.lf-v161802.js HTTP/1.1 Host: pt-static2.ptlwmstc.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pt.wmptctl.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	93.93.51.200 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:05 GMT content-type: application/javascript last-modified: Thu, 30 Jun 2022 14:25:11 GMT vary: Accept-Encoding, Accept-Encoding etag: W/"62bdb247-4f39d" access-control-allow-origin: * server: unknown x-cdn-node: sesto x-cache-status: R-HIT content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 173880 Md5: ecb8c3976f5b04305bb0fa75c077a4a0 Sha1: 1b48b0e8acf07ea4aae280692b32c51a572231a9 Sha256: a377f2b8c6c0072fb70c670042e601aa1a5358c1cfe2ea17e2cbc0684d6aba61
GET /jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js HTTP/1.1 Host: m.sancdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://as.sexad.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	69.16.175.42 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sat, 02 Jul 2022 19:57:06 GMT Connection: Keep-Alive ETag: "1367368554" Cache-Control: max-age=86400 Content-Length: 19484 Last-Modified: Wed, 01 May 2013 00:35:54 GMT Accept-Ranges: bytes Access-Control-Allow-Origin: * X-HW: 1656791826.dop219.sk1.t,1656791826.cds243.sk1.shn,1656791826.dop219.sk1.t,1656791826.cds026.sk1.c --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (14756) Size: 19484 Md5: 70d492eca4141bdd1452977dd893dd63 Sha1: 9cd9504b3afdeca86a03251591e1afab36ae2c57 Sha256: ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260
GET /common/videojs/videojs.min-original-v2.css HTTP/1.1 Host: m.sancdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://as.sexad.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	69.16.175.42 HTTP/1.1 200 OK Content-Type: text/css Date: Sat, 02 Jul 2022 19:57:06 GMT Connection: Keep-Alive ETag: "1385146323" Cache-Control: max-age=86400 Content-Length: 11451 Last-Modified: Fri, 22 Nov 2013 18:52:03 GMT Accept-Ranges: bytes Access-Control-Allow-Origin: * X-HW: 1656791826.dop203.sk1.t,1656791826.cds018.sk1.shn,1656791826.cds018.sk1.c --- Additional Info --- Magic: ASCII text, with very long lines (11336) Size: 11451 Md5: 4b6813504d31e3b11655aafacf165db4 Sha1: 96517f0033bd59f277cd2eefa7d088ae6ff82dad Sha256: 063b4a568733054fea7f238a10b384170ce29c136d3194feed44d8c8b451f55d
GET /common/videojs/videojs-411.js HTTP/1.1 Host: m.sancdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://as.sexad.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	69.16.175.42 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sat, 02 Jul 2022 19:57:06 GMT Connection: Keep-Alive ETag: "1448403647" Cache-Control: max-age=86400 Content-Length: 71023 Last-Modified: Tue, 24 Nov 2015 22:20:47 GMT Accept-Ranges: bytes Access-Control-Allow-Origin: * X-HW: 1656791826.dop012.sk1.t,1656791826.cds043.sk1.shn,1656791826.cds043.sk1.c --- Additional Info --- Magic: ASCII text, with very long lines (691) Size: 71023 Md5: 532c3b3953d350e917649027f2c2accc Sha1: ffa74d9d511742bcf131580f71475dda94b962bc Sha256: 16d0f10631780e6f883d0ec99240c59cc9836c76121d31111331732aac932fe0
GET /px.gif?stno=3-937-fap247.com-0-5104-0-0-3001-5672-3&p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286&cam=0&adv=0&ctry=NO&lang=en&dev=Other HTTP/1.1 Host: as.sexad.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://as.sexad.net/as/if?p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286 Cookie: iid=6056-1656791825 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: GIF image data, version 87a, 1 x 1\012- data Size: 35 Md5: 729c3007a8ed0597531b0c76d54a94bb$ 216.127.52.241 HTTP/1.1 200 Content-Type: image/gif Server: nginx/1.10.3 Date: Sat, 02 Jul 2022 19:57:06 GMT Content-Length: 35 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0 Access-Control-Allow-Origin: * Set-Cookie: ust=1656791826; expires=Tue, 29-Jun-2032 19:57:06 GMT; Max-Age=315360000; path=/; samesite=None; secure P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html" --- Additional Info --- Magic: GIF image data, version 87a, 1 x 1\012- data Size: 35 Md5: 729c3007a8ed0597531b0c76d54a94bb Sha1: 90fe9b8a8142548fdfab29f59cb0a164a0eaef81 Sha256: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
GET /css/twemoji-sprite-1.css?c4df0605225e HTTP/1.1 Host: static-assets.highwebmedia.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://static-assets.highwebmedia.com/CACHE/css/output.0ea9680f7f95.css Cookie: _cfuvid=EnlzLluz8edItU2YUt6.Y3kRb9L7Yl21w4WRK5oG6Tc-1656791825368-0-604800000 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	104.16.93.42 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:05 GMT content-type: text/css cache-control: public, max-age=2592000 cf-bgj: minify cf-polished: origSize=376950 etag: W/"9c39c66b7dfac90cd90aaa51712201a3" last-modified: Tue, 06 Apr 2021 16:32:47 GMT x-amz-id-2: KmxF5Xd+Hl+kCHR7ztVH4cMTTpKaYhBCqmB775okde60URUFykMxNAmJtwjNnH2Iz6pE+vJfNYE= x-amz-meta-s3cmd-attrs: md5:9c39c66b7dfac90cd90aaa51712201a3 x-amz-request-id: B7R6HC27YJN3W8BK cf-cache-status: HIT age: 150146 expires: Mon, 01 Aug 2022 19:57:05 GMT expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfSG4JgfK%2BHmjERGgniCoklPiTu98kO7WN9UcXdSeJ%2FlRT49mojFxv6Nq%2F6qwDzlWu%2F2Kt5AAkN9VR%2FKTIt2RZFGs0KlKb5WYvQFw0ZVRoVal7K7Ehn52wp4JTPhCo7wDwyiHoAUDz9vlM0irMw1YA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7249f2cce946b4e8-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 41336 Md5: ab9f1bda711d1c580c84383bdc7cb24f Sha1: 66f2d5bea33985e24c1cfc890c3620045584cf67 Sha256: 4dcb8cc9ab1fe2c20daaedea1c25d073e5aedd075437ebff5b8b4587df1b0629
GET /embed/lf?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&category=girl&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=false&vp[showPerformerStatus]=false&filters=&ms_notrack=1&subAffId={SUBAFFID} HTTP/1.1 Host: awecre.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://camschat.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	93.93.51.191 HTTP/2 200 OK content-type: application/javascript cache-control: no-cache date: Sat, 02 Jul 2022 19:57:05 GMT server: unknown set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 01-Aug-22 19:57:05 GMT; SameSite=None; Secure X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 10498 Md5: 7c741fe5ceee8e94e4388de5056486a5 Sha1: 8f9f7023b132b881b6f8cce4b013ac03c0383de2 Sha256: 9674631c0f8754e6a79ee33e3b7182421689dfa300c18009a066b3746b2c3da5
GET /CACHE/js/output.caee332d326d.js HTTP/1.1 Host: static-assets.highwebmedia.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://chaturbate.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	104.16.93.42 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:05 GMT content-type: application/javascript cache-control: public, max-age=2592000 cf-bgj: minify etag: W/"b61e15511bf0db70d0d422e98c465403" last-modified: Thu, 24 Jun 2021 21:24:08 GMT x-amz-id-2: gAJe87IyJM0OkbaBgua73HTcoEANURYYk4wpsNNClr414DBIRL/v+K+9hxRFHrgcwnw38qlmXmM= x-amz-meta-s3cmd-attrs: md5:b61e15511bf0db70d0d422e98c465403 x-amz-request-id: 2D5TZ021KE4200HB cf-cache-status: HIT age: 1117787 expires: Mon, 01 Aug 2022 19:57:05 GMT expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UhHQCVa%2BNBtFFouDt1coIL4alKXXKWUpo6n%2FcEIVv1EYE15b4OUSfuiC0pmR3fpHoDVmtkOOtFRdst1fO%2BejUZpRJnbJHqbfPUqBhIKvd0BjbruViLl9bZIjf0xCMmLeFAuuGfUOXMx4WffuQlxK5g%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding set-cookie: _cfuvid=uPCvKlhJi70wXbywzl70dAK4xyNgcdZgZ2nWzSBmDTk-1656791825417-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 7249f2ccd923b4e8-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1105) Size: 988 Md5: 2602ba38b12875055ab2a0cad20fab5f Sha1: 82281be21079ee7cd896d4f9e964f8d4583e22a7 Sha256: cc2cf29107b4c42cc1bb73fcefed4062e8b9a6b1edea221f18baa6ae872aeb8a
GET /eG0Rs/TaS.gif?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net HTTP/1.1 Host: pt.wmptctl.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pt.wmptctl.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3$ 93.93.51.191 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:06 GMT content-type: image/gif content-length: 43 last-modified: Mon, 28 Sep 1970 06:00:00 GMT server: unknown set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 01-Aug-22 19:57:06 GMT; SameSite=None; Secure expires: Sat, 02 Jul 2022 19:57:05 GMT cache-control: no-cache access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /npe/image/smilies_ex.png HTTP/1.1 Host: pt-static1.ptlwmstc.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pt.wmptctl.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: PNG image data, 536 x 138, 8-bit colormap, non-interlaced\012- data Size: 8533 Md5: 53fc00ebf44066190d5faea2a7931e7c$ 93.93.51.200 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:06 GMT content-type: image/png content-length: 8533 last-modified: Tue, 07 Jun 2022 10:29:59 GMT etag: "629f28a7-2155" access-control-allow-origin: * server: unknown x-cdn-node: sesto x-cache-status: R-HIT accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 536 x 138, 8-bit colormap, non-interlaced\012- data Size: 8533 Md5: 53fc00ebf44066190d5faea2a7931e7c Sha1: 21178ac1ffb10f958d26d17a0fe49d5d31a00720 Sha256: 63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c
GET /common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1 Host: m.sancdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://as.sexad.net Connection: keep-alive Referer: https://m.sancdn.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data Size: 56780 Md5: 97493d3f11c0a3bd5cbd959f5d19b699$ 69.16.175.42 HTTP/1.1 200 OK Content-Type: application/octet-stream Date: Sat, 02 Jul 2022 19:57:06 GMT Connection: Keep-Alive ETag: "1422564509" Cache-Control: max-age=86400 Content-Length: 56780 Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT Accept-Ranges: bytes Access-Control-Allow-Origin: * X-HW: 1656791826.dop202.sk1.t,1656791826.cds232.sk1.shn,1656791826.cds232.sk1.c --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data Size: 56780 Md5: 97493d3f11c0a3bd5cbd959f5d19b699 Sha1: 1075231650f579955905bb2f6527148a8e2b4b16 Sha256: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /stream?room=ruby_lynx&f=0.4158940736603902 HTTP/1.1 Host: cbjpeg.stream.highwebmedia.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://chaturbate.com/ Connection: keep-alive Cookie: _cfuvid=81a9uMeROG7RXeauv2QyQbAzWBlK7phc3DidjT13Px8-1656791825405-0-604800000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data Size: 24281 Md5: edb0a6fd5c9af2ca35adeee609bcb2df$ 131.153.88.92 HTTP/2 200 OK server: nginx date: Sat, 02 Jul 2022 19:57:06 GMT content-type: image/jpeg content-length: 24281 access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-content-type-options: nosniff x-xss-protection: 1; mode=block referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline' cache-tag: cbjpeg x-frame-options: DENY X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data Size: 24281 Md5: edb0a6fd5c9af2ca35adeee609bcb2df Sha1: 7ff997fc4d3d790e1f5a840901b59c1e9a86f949 Sha256: 91147c848f9bd177d6b40a92a5aced08346d828d225b934e14bb645f32e4c101
GET /ff268cab8d9fbae1ed7506f97496274f18/84245260d4364004160bd7e4aa1f2f24_glamour_896x504.jpg HTTP/1.1 Host: galleryn11.awemdia.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pt.wmptctl.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data Size: 60896 Md5: 2908165849ca13838bdcddd32484b8b1$ 93.93.51.190 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:06 GMT content-type: image/jpeg content-length: 60896 last-modified: Wed, 25 May 2022 02:38:16 GMT etag: "2908165849ca13838bdcddd32484b8b1" access-control-allow-origin: * x-content-type-options: nosniff x-cache-source: Origin x-cache-status: R-HIT expires: Sat, 16 Jul 2022 19:57:06 GMT server: unknown x-cdn-node: sesto cache-control: max-age=1209600 x-real-source: - accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data Size: 60896 Md5: 2908165849ca13838bdcddd32484b8b1 Sha1: 0a60e567210b73d82ac21c9a3f17e475ac598ce5 Sha256: cf615dfca8cf9b380ab2990b0f4860a72c407688cc13621f5fc34461d950797e
GET //media/1/2/7/12742994.jpg HTTP/1.1 Host: m1.nsimg.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://as.sexad.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 320x240, components 3\012- data Size: 24882 Md5: 4ab4c8b0c649c0e9e4a726d43c8601e2$ 207.178.0.91 HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Sat, 02 Jul 2022 19:57:06 GMT Content-Length: 24882 Connection: keep-alive Last-Modified: Thu, 26 May 2022 17:18:43 GMT ETag: "628fb673-6132" Expires: Sat, 01 Jul 2023 14:22:49 GMT Cache-Control: max-age=31536000 X-Varnish: 5905968 1892670 Age: 86413 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 320x240, components 3\012- data Size: 24882 Md5: 4ab4c8b0c649c0e9e4a726d43c8601e2 Sha1: 68628799022baa18826b8b0c76d6bde8fa80b4d0 Sha256: 7ad5b9a9a5fe8c102582e6c25651d13f8b21e1915746cdb2a43b4fc3c13c5191
GET /stream?room=ruby_lynx&f=0.4532293456829293 HTTP/1.1 Host: cbjpeg.stream.highwebmedia.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://chaturbate.com/ Connection: keep-alive Cookie: _cfuvid=81a9uMeROG7RXeauv2QyQbAzWBlK7phc3DidjT13Px8-1656791825405-0-604800000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	131.153.88.92 HTTP/2 200 OK server: nginx date: Sat, 02 Jul 2022 19:57:06 GMT content-type: image/jpeg content-length: 25226 access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-content-type-options: nosniff x-xss-protection: 1; mode=block referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline' cache-tag: cbjpeg x-frame-options: DENY X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 46626 Md5: f43c488945bd40d7ae2d62b098ddb7b3 Sha1: ac69e6fdd294874c105fbc75e0e162622740a3d0 Sha256: 9905aa914ecd7ea67f5836ee6f5a28b436fe3f633c119855e9cf94d18bf8b763
GET /ff268cab8d9fbae1ed7506f97496274f15/5727614a0a53cc254c6fd2692c83680c_glamour_896x504.jpg HTTP/1.1 Host: galleryn11.awemdia.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pt.wmptctl.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data Size: 94191 Md5: f00f1a1831001f109d48c1bed2cd9eed$ 93.93.51.190 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:07 GMT content-type: image/jpeg content-length: 94191 last-modified: Mon, 06 Jun 2022 17:24:18 GMT etag: "f00f1a1831001f109d48c1bed2cd9eed" access-control-allow-origin: * x-content-type-options: nosniff x-cache-source: Origin x-cache-status: R-HIT expires: Sat, 16 Jul 2022 19:57:07 GMT server: unknown x-cdn-node: sesto cache-control: max-age=1209600 x-real-source: - accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data Size: 94191 Md5: f00f1a1831001f109d48c1bed2cd9eed Sha1: 83d88219a055293b91810448752e5f0ea83529ce Sha256: 759351085c807a814531d0649c607760e36b18fc35fac072fe4f4dbae34ead6e
GET /ff268cab8d9fbae1ed7506f97496274f1f/f57edbc9457999eb9bcf73f9b285d263_glamour_896x504.jpg HTTP/1.1 Host: galleryn11.awemdia.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pt.wmptctl.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data Size: 86584 Md5: 2917e184992896557b84b8ac4fcf6cc4$ 93.93.51.190 HTTP/2 200 OK date: Sat, 02 Jul 2022 19:57:07 GMT content-type: image/jpeg content-length: 86584 last-modified: Wed, 25 May 2022 03:56:14 GMT etag: "2917e184992896557b84b8ac4fcf6cc4" access-control-allow-origin: * x-content-type-options: nosniff x-cache-source: Origin x-cache-status: R-HIT expires: Sat, 16 Jul 2022 19:57:07 GMT server: unknown x-cdn-node: sesto cache-control: max-age=1209600 x-real-source: - accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data Size: 865