Overview

URL xfantazy.com/video/5cf1ab8c6c89ed59483db333
IP104.26.0.188
ASNCLOUDFLARENET
Location United States
Report completed2022-07-02 19:57:15 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-02 2 a.bestcontentfood.top/warp/4787912?r=69542 Phishing
2022-07-02 2 a.bestcontentfood.top/warp/4787914?r=44276 Phishing
2022-07-02 2 a.bestcontentfood.top/warp/4788752?r=19901 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-07-02 2 temporarilyruinconsistent.com Sinkholed
2022-07-02 2 temporarilyruinconsistent.com Sinkholed
2022-07-02 2 temporarilyruinconsistent.com Sinkholed
2022-07-02 2 captivatepestilentstormy.com Sinkholed
2022-07-02 2 addresseepaper.com Sinkholed
2022-07-02 2 temporarilyruinconsistent.com Sinkholed
2022-07-02 2 temporarilyruinconsistent.com Sinkholed
2022-07-02 2 unseenreport.com Sinkholed


Files

URL unseenreport.com/pxf.gif?uuid=7f94f9e2-63a5-44d7-9aef-add9109509a2&eb=f2971 (...)
IP  192.243.61.225
Magic gzip compressed data, max compression\012- data
Size 661
MD5 69f7e5b7a94453990de2b42acd66a683
SHA1 4cc9cf9339dcd1eb21c6c0aab0d0ff51eb12ca25
SHA256 24f2c695e4c4fa7733cac8313595a14625e61af698084e2c58602fa2d00d84bf
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (58)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-02 15:26:32 UTC 34.120.237.76
[Mnemonic Passive DNS] a.adtng.com (1) 15165 2019-01-09 16:12:47 UTC 2021-11-08 18:48:48 UTC 66.254.114.171
[Mnemonic Passive DNS] pt.wmptctl.com (2) 0 No data No data 93.93.51.191 Unknown ranking
[Mnemonic Passive DNS] www.google-analytics.com (1) 40 2017-01-30 05:00:06 UTC 2022-07-02 05:37:32 UTC 142.250.74.174
[Mnemonic Passive DNS] addresseetransportationsyndrome.com (1) 499417 No data No data 192.243.61.225
[Mnemonic Passive DNS] pxl.tsyndicate.com (1) 14763 No data No data 136.243.46.131
[Mnemonic Passive DNS] chatw-1.stream.highwebmedia.com (1) 212434 No data No data 104.19.242.83
[Mnemonic Passive DNS] api-protected.protoawegw.com (1) 52858 No data No data 93.93.51.225
[Mnemonic Passive DNS] xfantazy.com (12) 167260 No data No data 104.26.1.188
[Mnemonic Passive DNS] fonts.googleapis.com (1) 8877 2017-01-30 04:59:43 UTC 2019-10-16 05:12:41 UTC 142.250.74.10
[Mnemonic Passive DNS] temporarilyruinconsistent.com (5) 0 No data No data 192.243.61.227 Unknown ranking
[Mnemonic Passive DNS] e1.o.lencr.org (3) 6159 2021-08-20 07:36:30 UTC 2022-07-02 09:43:56 UTC 23.36.76.226
[Mnemonic Passive DNS] pt-static3.ptlwmstc.com (1) 234386 No data No data 93.93.51.200
[Mnemonic Passive DNS] r3.o.lencr.org (15) 344 2020-12-02 08:52:13 UTC 2022-07-02 05:03:49 UTC 23.36.77.32
[Mnemonic Passive DNS] ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-07-02 17:19:29 UTC 172.64.155.188
[Mnemonic Passive DNS] captivatepestilentstormy.com (1) 0 No data No data 192.243.59.13 Unknown ranking
[Mnemonic Passive DNS] js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-07-02 05:25:24 UTC 151.101.86.137
[Mnemonic Passive DNS] bam.nr-data.net (4) 630 2022-05-18 16:30:58 UTC 2022-07-02 05:16:01 UTC 162.247.241.14
[Mnemonic Passive DNS] realtime.pa.highwebmedia.com (9) 24791 2021-01-21 22:18:59 UTC 2022-07-02 14:28:10 UTC 54.230.111.129
[Mnemonic Passive DNS] galleryn2.awemdia.com (1) 51712 No data No data 93.93.51.190
[Mnemonic Passive DNS] ocsp.sca1b.amazontrust.com (1) 1015 No data No data 54.230.245.110
[Mnemonic Passive DNS] awecre.com (1) 417208 No data No data 93.93.51.191
[Mnemonic Passive DNS] ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-07-02 05:05:05 UTC 142.250.74.3
[Mnemonic Passive DNS] rtbbnr.com (1) 22279 2022-03-29 10:14:49 UTC 2022-06-30 00:34:11 UTC 159.69.163.6
[Mnemonic Passive DNS] ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-07-02 05:50:08 UTC 104.18.21.226
[Mnemonic Passive DNS] pt-static1.ptlwmstc.com (1) 154690 No data No data 93.93.51.200
[Mnemonic Passive DNS] hw-cdn2.ang-content.com (1) 165651 2019-03-25 22:41:04 UTC 2022-07-02 13:30:29 UTC 205.185.208.20
[Mnemonic Passive DNS] static-assets.highwebmedia.com (4) 16059 No data No data 104.16.93.42
[Mnemonic Passive DNS] m1.nsimg.net (1) 15908 2013-05-10 03:24:09 UTC 2021-01-08 23:35:28 UTC 207.178.0.91
[Mnemonic Passive DNS] realtime.pa.highwebmedia.com (9) 24791 2021-01-21 22:18:59 UTC 2022-07-02 14:28:10 UTC 54.230.111.8
[Mnemonic Passive DNS] as.sexad.net (3) 86240 No data No data 216.127.52.241
[Mnemonic Passive DNS] m.sancdn.net (4) 89507 2012-09-29 23:09:57 UTC 2022-07-02 18:27:17 UTC 69.16.175.42
[Mnemonic Passive DNS] cbjpeg.stream.highwebmedia.com (15) 23619 2017-04-28 19:22:25 UTC 2019-04-04 16:04:10 UTC 131.153.88.92
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.7
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] static-cache.k2s.cc (12) 182663 No data No data 188.72.235.185
[Mnemonic Passive DNS] mc.yandex.ru (8) 2672 2017-01-29 05:34:36 UTC 2022-07-02 13:23:48 UTC 93.158.134.119
[Mnemonic Passive DNS] chaturbate.com (1) 6807 2012-10-03 13:53:21 UTC 2022-06-21 21:06:18 UTC 104.18.101.40
[Mnemonic Passive DNS] xfantazy.com (12) 167260 No data No data 172.67.69.220
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-02 05:33:42 UTC 54.230.111.7
[Mnemonic Passive DNS] in16.zog.link (1) 76485 No data No data 62.122.173.146
[Mnemonic Passive DNS] code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-07-02 06:00:42 UTC 69.16.175.42
[Mnemonic Passive DNS] cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-07-02 05:04:04 UTC 151.101.85.229
[Mnemonic Passive DNS] stats.g.doubleclick.net (1) 96 2017-01-30 04:59:59 UTC 2022-07-02 04:57:07 UTC 173.194.222.157
[Mnemonic Passive DNS] addresseepaper.com (1) 18169 No data No data 104.21.235.2
[Mnemonic Passive DNS] cdn.tsyndicate.com (1) 16265 2020-06-24 08:05:11 UTC 2022-07-02 18:12:31 UTC 8.254.252.214
[Mnemonic Passive DNS] rtbrennab.com (1) 0 No data No data 159.69.163.6 Unknown ranking
[Mnemonic Passive DNS] ocsp.digicert.com (2) 86 2012-11-29 12:49:49 UTC 2022-07-02 12:46:10 UTC 93.184.220.29
[Mnemonic Passive DNS] fonts.gstatic.com (2) 0 2017-01-30 04:59:51 UTC 2022-07-02 04:57:04 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] a.bestcontentfood.top (3) 54526 No data No data 172.67.200.139
[Mnemonic Passive DNS] roomimg.stream.highwebmedia.com (1) 23037 No data No data 104.19.241.83
[Mnemonic Passive DNS] a.focusde.info (4) 499386 2022-01-15 21:28:39 UTC 2022-07-01 18:17:29 UTC 135.181.208.216
[Mnemonic Passive DNS] cdn.tubecorp.com (1) 89278 2020-03-02 13:43:37 UTC 2022-07-02 19:39:55 UTC 45.133.44.24
[Mnemonic Passive DNS] galleryn11.awemdia.com (5) 0 No data No data 93.93.51.190 Domain (awemdia.com) ranked at: 26880
[Mnemonic Passive DNS] www.googletagmanager.com (1) 75 2017-01-30 05:00:47 UTC 2022-07-02 04:59:18 UTC 142.250.74.72
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-02 06:56:22 UTC 54.191.251.76
[Mnemonic Passive DNS] unseenreport.com (1) 0 No data No data 192.243.61.225 Unknown ranking
[Mnemonic Passive DNS] pt-static2.ptlwmstc.com (2) 188311 No data No data 93.93.51.200


Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 104.26.0.188

Date UQ / IDS / BL URL IP
2022-08-07 05:26:28 +0000
0 - 0 - 7 xfantazy.com/video/60ceeb19fc8074710cd8d346 104.26.0.188
2022-07-21 02:48:29 +0000
0 - 0 - 15 xfantazy.com/video/62c1006a13dbbc05e42f0fe4?a (...) 104.26.0.188
2022-07-18 07:56:58 +0000
0 - 0 - 11 xfantazy.com/video/6077ed9571522c56cc49527e 104.26.0.188
2022-06-30 21:45:10 +0000
0 - 0 - 13 xfantazy.com/video/61a9022f44a9b903f78ac06c 104.26.0.188
2022-06-30 10:48:51 +0000
0 - 0 - 12 xfantazy.com/video/5faf3f85933a6a4a0dd17289 104.26.0.188
2022-06-09 18:40:53 +0000
0 - 0 - 11 https://xfantazy.com/search/dom%20karin 104.26.0.188

Last 10 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-08-09 11:15:52 +0000
0 - 0 - 2 https://uylab.org/assets/bin.exe 172.67.223.74
2022-08-09 11:11:35 +0000
0 - 0 - 9 ezl.app/c/BOT/ch/login.php 104.21.11.251
2022-08-09 11:09:32 +0000
0 - 0 - 3 demonware.online/AuDemon1/dashboard/programs/ (...) 172.67.222.253
2022-08-09 11:08:42 +0000
0 - 0 - 4 postmailer.onedrive0001.workers.dev/ 104.21.3.84
2022-08-09 11:07:50 +0000
0 - 0 - 1 https://www.mediafire.com/file/ksfd0w3im5lqiq (...) 104.18.182.224
2022-08-09 11:06:21 +0000
0 - 0 - 0 hhtps://posta-rs.id62845.site/71093649597 172.67.182.2
2022-08-09 11:05:06 +0000
0 - 0 - 1 placebonusextra.com/gb/tar/sur3box-650/15 104.26.14.156
2022-08-09 11:04:30 +0000
0 - 0 - 2 shopbacgau.com/ 104.21.80.142
2022-08-09 11:04:27 +0000
0 - 0 - 2 dichvumomo.online/ 104.21.76.139
2022-08-09 11:03:57 +0000
0 - 0 - 0 posta-rs.id62845.site 104.21.59.173

Last 10 reports on domain: xfantazy.com

Date UQ / IDS / BL URL IP
2022-08-07 05:26:28 +0000
0 - 0 - 7 xfantazy.com/video/60ceeb19fc8074710cd8d346 104.26.0.188
2022-08-04 22:26:39 +0000
0 - 0 - 12 xfantazy.com/video/5d2d437e096092717ce5de4d 104.26.1.188
2022-08-02 14:47:40 +0000
0 - 0 - 12 xfantazy.com/video/6241e9cd5dffd01d05ad683f 104.26.1.188
2022-07-21 02:48:29 +0000
0 - 0 - 15 xfantazy.com/video/62c1006a13dbbc05e42f0fe4?a (...) 104.26.0.188
2022-07-18 07:56:58 +0000
0 - 0 - 11 xfantazy.com/video/6077ed9571522c56cc49527e 104.26.0.188
2022-07-11 03:39:28 +0000
0 - 0 - 2 xfantazy.com/video/604d8d64c9215d189dd38dc9 104.26.1.188
2022-07-03 19:42:38 +0000
0 - 0 - 1 xfantazy.com/video/5f8a67a0b10ac0696f76bef4 172.67.69.220
2022-07-03 14:58:28 +0000
0 - 0 - 2 xfantazy.com/video/5fd7f7e0bd2f3b4a261325ef 104.26.1.188
2022-06-30 21:45:10 +0000
0 - 0 - 13 xfantazy.com/video/61a9022f44a9b903f78ac06c 104.26.0.188
2022-06-30 10:48:51 +0000
0 - 0 - 12 xfantazy.com/video/5faf3f85933a6a4a0dd17289 104.26.0.188


JavaScript

Executed Scripts (148)


Executed Evals (2)

#1 JavaScript::Eval (size: 125, repeated: 1) - SHA256: 920d80e57685294073e6844ab22908618709844b22774b5e6c29e260c3a62799

                                        (function() {
    try {
        return document.getElementsByTagName("video")["fluid-videoplayer"] ? "ready" : "null"
    } catch (a) {
        return "null"
    }
})();
                                    

#2 JavaScript::Eval (size: 84, repeated: 1) - SHA256: 44379bf89e3d499c6e5084c2762e92070d823eb0c3b4f20d8fa9adbafe954ba9

                                        (function() {
    var b = 23;
    return function(a) {
        a.set("dimension" + b, a.get("clientId"))
    }
})();
                                    

Executed Writes (7)

#1 JavaScript::Write (size: 466, repeated: 1) - SHA256: 7e39e1ccad5d1f4baf21a097c72621648e45cb2a83029705e97c51036a870350

                                        < center > < div style = "width:900px;height:250px;" >
    < script id = "adn-4788749"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4788749?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div></center >
                                    

#2 JavaScript::Write (size: 1039, repeated: 1) - SHA256: a558378b92f39bd20c76164ce0e0a28358832054cf34c4ddeb7ab8e9a4103a4f

                                        < div id = "ts_ad_native_ljm8b" > < /div> < script src = "//cdn.tsyndicate.com/sdk/v1/master.spot.js" > < /script> < script >
    TsMasterSpot({
        "containerId": "ts_ad_native_ljm8b",
        "spot": "gtpedNcWKkqbcJr5gX4hNBaeGvryR5tY",
        "nativeSettings": {
            "cols": 5,
            "rows": 1,
            "titlePosition": "none",
            "adsByPosition": "none",
            "type": "label-under",
            "styles": {
                "container": {
                    "width": "100%"
                },
                "thumb": {
                    "border-radius": "4px"
                },
                "label": {
                    "height": "80px",
                    "background": "rgba(255,255,255,0.65)"
                },
                "headlineLink": {
                    "padding-top": "5px",
                    "font-size": "12px",
                    "font-weight": "bold",
                    "min-height": "45px"
                },
                "brandnameLink": {
                    "color": "#444"
                }
            }
        }
    }); < /script>
                                    

#3 JavaScript::Write (size: 466, repeated: 1) - SHA256: e53c2ba3b0fa3fffef0679dc24186bdff26171c74a7bc47075a33a4e481f366a

                                        < center > < div style = "width:900px;height:250px;" >
    < script id = "adn-4788752"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4788752?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div></center >
                                    

#4 JavaScript::Write (size: 6251, repeated: 1) - SHA256: 129ad810fa98a02fab444a076275255d4418c535bb9c0068890295eb7665774c

                                        < !DOCTYPE html > < html > < head > < meta charset = "UTF-8" > < meta http - equiv = "X-UA-Compatible"
content = "ie=edge" > < meta name = "viewport"
content = "width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0" > < style type = "text/css" > * , body, html {
    margin: 0;padding: 0;border: none;
}
body, html {
    width: 100 % ;height: 100 % ;
}
iframe[seamless] {
    background - color: transparent;
    border: 0 px none transparent;
    padding: 0 px;
    overflow: hidden;
    margin: 0;
} < /style></head > < body > < script src = "//lcdn.tsyndicate.com/sdk/v1/b.b.js" > < /script><script type="text/javascript
">function openLink(e) {this.elmHref = e.href, this.elm = e, this.init()}openLink.prototype = {init: function() {var e = this;this.addEvent("
click ", this.elm, function(t) {var n = t || window.event;n.preventDefault ? n.preventDefault() : n.returnValue = !1, window.open(e.elmHref + e.getPositionCursor(n), "
_blank ")})},getPositionCursor: function(e) {var t = document.documentElement,n = e.pageX || e.clientX + (t.scrollLeft ? t.scrollLeft : document.body.scrollLeft),o = e.pageY || e.clientY + (t.scrollTop ? t.scrollTop : document.body.scrollTop);return " & x = " + n + " & y = " + o},addEvent: function(e, t, n) {if (t.addEventListener) t.addEventListener(e, n, !1);else if (t.attachEvent) return t.attachEvent("
on " + e, n)}};var t = new Date();var d = new PrivacyModeDetector();var count = 0;var processed = 0;var delta;function l(turl, r, cid, s, p, w, cl) {if (!r && window['BackUpCampaignBanner']) {BackUpCampaignBanner();return;}delta = new Date() - t;setTimeout(insertPixel, 1000);d.report(insertPixel);function insertPixel(priv) {if (processed >= count) return false;var qPixel = document.createElement("
script ");var pm = priv === undefined ? '' : '&priv=' + priv;qPixel.src = turl + (turl.match(/&$/) ? '' : '&') + 'r=' + r + '&d=' + delta + pm + (turl.match(/&w=/) ? '' : '&w=' + (w ? 't' : 'f'));document.body.appendChild(qPixel);processed++;}if (cl) { new trackIFrameClick({id:'ts_t_'+cid, params:['s='+s,'p='+p,'t=' + (w ? 't' : 'f')]}); }};</script>




< script type = "text/javascript" > function u6e4575db(r) {
    l('//pxl.tsyndicate.com/api/v1/p/p.js?p=e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFImyUoVHjRg0yYlqQmZFDRgsaYmDcaGHyBpkWNsaYsXEQRw4yNcrEEPEwTJ0xGTuGMTOGRgwYLWqEkQGTRpmaLWPcOEnjxgwZNmKUuQGjhsmeEMnYWWgjhw0ZD-HUEUNRRg4YFSHCgbMQxw0aMx7OgTNRxwwcMALjwPGwDV-_NGDYqFEj68MxberqoCHjaw6HYs0slFFYhBg3bjgHjoGjsWE3GBlilQFDbZvUZWscfViHp46BdOjAmaPjxYswLgzSSe1izJs2L86UofMCaVwYMmjg-EEnTZsyPRqapJGje2eqNrjUgRHdRhg6Y3pUvlxjfPmsYeCI6TEkTRQZWqhEieFEj5U1skgjhjWa0GONPJigQoo0miBCoieoSGIGLYaILgsZMNTiiCpoeOIK_vQrIoo51MgiixpAPEMGJsR4IwgqhmDiDCHeoMEOGo6QI4gqghBiCiaSEOKKIJDQIokxhoDjizqqEIMIJpBIIiw42qDooTeqvFIEMpDLKDgz3hijjjkOciENN8IMawz0Ftpihhi6UEuOoHSAwYXy5MqSzoXuzPMhMTazE0-55LBjsoZqqyONjAoCbIwZyigjptlyQEmMMmpoAQcxbjBDqRm-iggHR2uwIaw0JhMhhxhcgMuFylxoiIaw5Pgi1YxYdfXOWGcNq44wMmriDT3SYIONMF6oAU8QUMAihhh2AIEJNOvAAwQ8cLDhCxtokNZQHc7CMwUQjihjjDXeeKG155CKAQQj0pCjjDDxeEFcGNasUwQnngjrDVvH2LffsNjYtwgnwjrIji_mZYMij27AYQYbAnNNBDnOEE0Hy-56aOEvxJDDLs9AbuMNMkbT6mM53lhILxHeUIjjOd_AI4-FaHhoXkFz262338AUk0wz0QzzhbDuyCiGzvJ9CI2lo6N1L0MzapkO9ABuoQ430qCjBRlaJUMGhfc96Iuxw6LDSoYYs-EGVnGQzqI2yG7bVLhLk64GpHwio-Ey-PqizbvfjntuEcpgOAw2EKJj5jdpkBMiMfzikt6f2JhILYP7hEw1GPpQICA%3D&s=ed2593026346d7b6b267951055ac49e1b8803a2085467a9ea1310d70e45945a41656791824&w=t', r, '6e4575db', 'ed2593026346d7b6b267951055ac49e1b8803a2085467a9ea1310d70e45945a41656791824', 'e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFImyUoVHjRg0yYlqQmZFDRgsaYmDcaGHyBpkWNsaYsXEQRw4yNcrEEPEwTJ0xGTuGMTOGRgwYLWqEkQGTRpmaLWPcOEnjxgwZNmKUuQGjhsmeEMnYWWgjhw0ZD-HUEUNRRg4YFSHCgbMQxw0aMx7OgTNRxwwcMALjwPGwDV-_NGDYqFEj68MxberqoCHjaw6HYs0slFFYhBg3bjgHjoGjsWE3GBlilQFDbZvUZWscfViHp46BdOjAmaPjxYswLgzSSe1izJs2L86UofMCaVwYMmjg-EEnTZsyPRqapJGje2eqNrjUgRHdRhg6Y3pUvlxjfPmsYeCI6TEkTRQZWqhEieFEj5U1skgjhjWa0GONPJigQoo0miBCoieoSGIGLYaILgsZMNTiiCpoeOIK_vQrIoo51MgiixpAPEMGJsR4IwgqhmDiDCHeoMEOGo6QI4gqghBiCiaSEOKKIJDQIokxhoDjizqqEIMIJpBIIiw42qDooTeqvFIEMpDLKDgz3hijjjkOciENN8IMawz0Ftpihhi6UEuOoHSAwYXy5MqSzoXuzPMhMTazE0-55LBjsoZqqyONjAoCbIwZyigjptlyQEmMMmpoAQcxbjBDqRm-iggHR2uwIaw0JhMhhxhcgMuFylxoiIaw5Pgi1YxYdfXOWGcNq44wMmriDT3SYIONMF6oAU8QUMAihhh2AIEJNOvAAwQ8cLDhCxtokNZQHc7CMwUQjihjjDXeeKG155CKAQQj0pCjjDDxeEFcGNasUwQnngjrDVvH2LffsNjYtwgnwjrIji_mZYMij27AYQYbAnNNBDnOEE0Hy-56aOEvxJDDLs9AbuMNMkbT6mM53lhILxHeUIjjOd_AI4-FaHhoXkFz262338AUk0wz0QzzhbDuyCiGzvJ9CI2lo6N1L0MzapkO9ABuoQ430qCjBRlaJUMGhfc96Iuxw6LDSoYYs-EGVnGQzqI2yG7bVLhLk64GpHwio-Ey-PqizbvfjntuEcpgOAw2EKJj5jdpkBMiMfzikt6f2JhILYP7hEw1GPpQICA=', true, true)
};
count++; < /script><noscript><img src="/ / pxl.tsyndicate.com / api / v1 / p / p.js ? p = e0SgKROGTBk5c0ToiFGDhYgwY - gsjPGQzpmFImyUoVHjRg0yYlqQmZFDRgsaYmDcaGHyBpkWNsaYsXEQRw4yNcrEEPEwTJ0xGTuGMTOGRgwYLWqEkQGTRpmaLWPcOEnjxgwZNmKUuQGjhsmeEMnYWWgjhw0ZD - HUEUNRRg4YFSHCgbMQxw0aMx7OgTNRxwwcMALjwPGwDV - _NGDYqFEj68MxberqoCHjaw6HYs0slFFYhBg3bjgHjoGjsWE3GBlilQFDbZvUZWscfViHp46BdOjAmaPjxYswLgzSSe1izJs2L86UofMCaVwYMmjg - EEnTZsyPRqapJGje2eqNrjUgRHdRhg6Y3pUvlxjfPmsYeCI6TEkTRQZWqhEieFEj5U1skgjhjWa0GONPJigQoo0miBCoieoSGIGLYaILgsZMNTiiCpoeOIK_vQrIoo51MgiixpAPEMGJsR4IwgqhmDiDCHeoMEOGo6QI4gqghBiCiaSEOKKIJDQIokxhoDjizqqEIMIJpBIIiw42qDooTeqvFIEMpDLKDgz3hijjjkOciENN8IMawz0Ftpihhi6UEuOoHSAwYXy5MqSzoXuzPMhMTazE0 - 55 LBjsoZqqyONjAoCbIwZyigjptlyQEmMMmpoAQcxbjBDqRm - iggHR2uwIaw0JhMhhxhcgMuFylxoiIaw5Pgi1YxYdfXOWGcNq44wMmriDT3SYIONMF6oAU8QUMAihhh2AIEJNOvAAwQ8cLDhCxtokNZQHc7CMwUQjihjjDXeeKG155CKAQQj0pCjjDDxeEFcGNasUwQnngjrDVvH2LffsNjYtwgnwjrIji_mZYMij27AYQYbAnNNBDnOEE0Hy - 56 aOEvxJDDLs9AbuMNMkbT6mM53lhILxHeUIjjOd_AI4 - FaHhoXkFz262338AUk0wz0QzzhbDuyCiGzvJ9CI2lo6N1L0MzapkO9ABuoQ430qCjBRlaJUMGhfc96Iuxw6LDSoYYs - EGVnGQzqI2yG7bVLhLk64GpHwio - Ey - PqizbvfjntuEcpgOAw2EKJj5jdpkBMiMfzikt6f2JhILYP7hEw1GPpQICA % 3 D & r = 1 & s = ed2593026346d7b6b267951055ac49e1b8803a2085467a9ea1310d70e45945a41656791824 & w = t "></noscript> < div style = "width:100%;height:100%;border:none"
id = "ts_t_6e4575db" > < iframe src = "//a.adtng.com/get/10010248?time=1592494928726&atc=425995&apb=CiQ2ZTQ1NzVkYi1kMzkyLTRiMDctOTI3ZC02Y2Y2ZGU4OWQ1ZTEQsjYY5WQg2LboATCLgBo4v4GrAUABSLIBWAHZIcCp_uUbDLHI"
style = "width:100%;height:100%;;border:none"
scrolling = "no"
allowtransparency = "true"
allowfullscreen = "true"
frameborder = "0"
marginheight = "0"
marginwidth = "0"
vspace = "0"
hspace = "0"
onload = "u6e4575db(1)"
onerror = "u6e4575db(0)"
seamless > < /iframe></div >


    < /body></html >
                                    

#5 JavaScript::Write (size: 449, repeated: 1) - SHA256: 6b753a82c2b4c4c9bd8b83e6d79c44c37b36478ed443a43a338af303929d6bbf

                                        < div style = "width:300px;height:250px;" >
    < script id = "adn-4787914"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4787914?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div>
                                    

#6 JavaScript::Write (size: 449, repeated: 1) - SHA256: 9524621c7f4d8fac4161095ac512d69df866d67f58ad26324b41dbc39d245af9

                                        < div style = "width:300px;height:250px;" >
    < script id = "adn-4787912"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4787912?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div>
                                    

#7 JavaScript::Write (size: 207, repeated: 1) - SHA256: dbf7fa7be94610544db6f36bd7690b6f2cf8d1bcaf76d799f988531caa892851

                                        < iframe width = "300"
height = "250"
src = "//cdn.tubecorp.com/i/b.html?spot=4692&src=562949385&pid=19775&width=300&height=250&spaceid=859"
scrolling = "no"
frameborder = "0"
marginheight = "0"
marginwidth = "0" > < /iframe>
                                    


HTTP Transactions (169)


Request Response
                                        
                                            GET /video/5cf1ab8c6c89ed59483db333 HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.67.69.220
HTTP/1.1 302 Found
                                        
Date: Sat, 02 Jul 2022 19:56:59 GMT
Content-Length: 0
Connection: keep-alive
location: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333
cache-control: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aie7BBa%2BD6IImEyzAvDqBegjQZ3Dd4wwlBIITpyL9EIVEULE1cULKJ46QuNLdxlsu9MppUIDSP2n9Fo3ZA6wPnYQ8TN%2F6e2mGuLq%2FFtbDEoyM%2FfeeJsJUkiHDOpkpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7249f2aa08c5b4f4-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 02 Jul 2022 19:51:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kUhoMMoIpFq3Cy6mec-lDU1jTJ7qvhJVC2rx4vzJD72iVW0CbZoicg==
Age: 353


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8E263E6763753F5659AC0FC2D11DAF8ECE9720988153C38CB40631AF26C86575"
Last-Modified: Fri, 01 Jul 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3956
Expires: Sat, 02 Jul 2022 21:02:56 GMT
Date: Sat, 02 Jul 2022 19:57:00 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 02 Jul 2022 03:26:42 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TK3EaQXV7Y_czVvZCmpYSNNZlTTCb_6ov1SMjcKvqczVvTuHxbbihA==
age: 59419
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 02 Jul 2022 19:57:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /_next/static/chunks/9.be198c87e436634bf765.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333
Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:00 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"9c95-181397f9e55"
cf-cache-status: HIT
age: 2232579
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ep6xFqYUWP9BfUZm%2Fn5uPyB%2Bm59bhmdbjdzkeV1Lg3Bm7Zd9gHwM9MqQIPxmb1kHLXeyUlbWGlYXzMttdu4JIBba6wBVvjqgFmbaq46RkOAm%2FawVDe3ZX2chIJvw0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7249f2b06a91b512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40085), with no line terminators
Size:   11315
Md5:    5f8b8be7679a0d7c02a1488426868d7e
Sha1:   f698d3a54c69ba4f0d6ea34b3926cd2ccbb7304e
Sha256: 164b256feaa20513c074ef28e9d5cd1a3c8c195a715a5167a8a1957a0923aace
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1656777600 HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333
Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:00 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BcERLYQpvOmsq5sRR%2BMKEB98A5EweicqIB%2FeM2XwV4phQ%2B6Qd2IpcS9TgXRdjk0zcQ%2By%2FYajDpcwL857fw9S%2FlZANkXCGu9uZsKytaEBwZ5jn24DZHAPtXwmwUkmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7249f2b07aa7b512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43654), with no line terminators
Size:   15706
Md5:    9b5b26f4fcaa31faa04da870efac9bd7
Sha1:   60570e975406302526db2ae3af8bb8027daa9c77
Sha256: 321e31e8e3e22750a7e3e0f805b2d03aabbafb22da0af5421a5ecec236126298
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:01 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 01 Jul 2022 06:36:56 GMT
Expires: Fri, 08 Jul 2022 06:36:56 GMT
ETag: A822F5F0A6F91311B96116998B7D21B95164E8B5
Cache-Control: max-age=469794,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp9
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7249f2b0f829b505-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:01 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 01 Jul 2022 06:36:56 GMT
Expires: Fri, 08 Jul 2022 06:36:56 GMT
ETag: A822F5F0A6F91311B96116998B7D21B95164E8B5
Cache-Control: max-age=469794,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp5
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7249f2b0f8fe0b65-OSL

                                        
                                            GET /static/logo-tv-light.svg HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333
Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:00 GMT
content-type: image/svg+xml
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Tue, 28 Jun 2022 11:04:24 GMT
etag: W/"101b-181a9fbdc75"
cf-cache-status: EXPIRED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RanDnhWTXzpvyMfSC6O7VjlVMno%2FRXrkHgwP8L8cNwq%2F4sJ4x0nJkWUhDYetORMRLoSrIdhc%2BaMZOZ8cu5ZVpKNhAZFCCHrtuOjfW6lLxlhzvpvjUYbR3DCqhhnjyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7249f2b07aaab512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1395)
Size:   1771
Md5:    c7ff0143fa8cbad72a6e9e9fa991972f
Sha1:   ab9823042d2fc6106e4d77907869bac8cb28a177
Sha256: ad1121c23b9d9ba151c7e42a24e41c35008f235f97a3825da96b6ce4ddec7c73
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /thumbnail/J-ibvnD1m6zqq2iQ_g/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
                                        
server: openresty
date: Sat, 02 Jul 2022 19:57:01 GMT
content-type: image/jpeg
content-length: 12291
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   12291
Md5:    44dda25ede482ff89be22ef60e59d5f8
Sha1:   0d18faffada7eeef728ce387282d29b432b41fd0
Sha256: fbd04c2536abfd09b0a4cabbd309207cf919a3ffeafd3fb9a4e4a6cea43907b3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2725
Cache-Control: 'max-age=158059'
Date: Sat, 02 Jul 2022 19:57:01 GMT
Last-Modified: Sat, 02 Jul 2022 19:11:36 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /thumbnail/IO7AtH_0n63o-D3B-Q/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
                                        
server: openresty
date: Sat, 02 Jul 2022 19:57:01 GMT
content-type: image/jpeg
content-length: 12028
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   12028
Md5:    a177496d4fc05a3945a0388c467a42e3
Sha1:   0585ae7565cedb41c60970e3a3b942f7ff6b983c
Sha256: c411265cacd5375c9e168c25a982e958a96e0261e8d4b86e097101673fc2137c
                                        
                                            GET /gtm.js?id=GTM-PLKQLTX HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 02 Jul 2022 19:57:01 GMT
expires: Sat, 02 Jul 2022 19:57:01 GMT
cache-control: private, max-age=900
last-modified: Sat, 02 Jul 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 49700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15971)
Size:   49700
Md5:    3dbc4767fbb1bf1e302b48faa7ae3547
Sha1:   51050b4fbc1dc5b395a78feb88888630228939a4
Sha256: a22629f9bbc84b42b1e9085e0f161e71f7ab9fcf704de600ff480ee54c4e1b4f
                                        
                                            GET /thumbnail/J--WviL1m6vl8TrB-w/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
                                        
server: openresty
date: Sat, 02 Jul 2022 19:57:01 GMT
content-type: image/jpeg
content-length: 6048
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   6048
Md5:    7bcb92e6ed1cfe2f099f1c0f57f6eb9f
Sha1:   306c1ccaa98caf98667a1fac0d079a6414ad3649
Sha256: d51bd4d14ab9272722e3073acba035534177d0b89d51d74f323c9eadbd9e1b77
                                        
                                            GET /thumbnail/IeTBunL3nvq9rjqRrQ/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
                                        
server: openresty
date: Sat, 02 Jul 2022 19:57:01 GMT
content-type: image/jpeg
content-length: 16992
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   16992
Md5:    0ed4a15d01d6f1137580e846ef609b9e
Sha1:   5d54b3e3e1119b2cd90026569b1afcff0cdf41b8
Sha256: 0d7a2e9324ba143af7ebae2b3c9ffc9d42e322b306b45f117a22fd82762423e4
                                        
                                            GET /thumbnail/3909ea9fc017e/main/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
                                        
server: openresty
date: Sat, 02 Jul 2022 19:57:01 GMT
content-type: image/jpeg
content-length: 17883
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 40x33, segment length 16, comment: "Lavc57.107.100", baseline, precision 8, 720x480, components 3\012- data
Size:   17883
Md5:    b3da3461b5d080865b0c3654d1d92b30
Sha1:   5f3b59f9d2aed7815f84960ac057b40ec7c184d2
Sha256: 68b73bcbb7e9a620ae6be6bcc81edd6835b5a671f827fed7956593a5dff1fcc2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 02 Jul 2022 19:38:50 GMT
Cache-Control: max-age=3600
Expires: Sat, 02 Jul 2022 19:46:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ro4hsffZQZYMD6vaFLZ761M34eglFXfx794Oq_036FifIpshSjuTAQ==
Age: 1093


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Jun 2022 19:34:08 GMT
expires: Thu, 29 Jun 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 260573
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Jun 2022 19:34:08 GMT
expires: Thu, 29 Jun 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 260573
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /_next/static/chunks/commons.c6be2f5ddce0c474c306.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333
Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:00 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:18:38 GMT
etag: W/"152f30-179fb706939"
cf-cache-status: HIT
age: 23248888
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAUEKRzYW6m1TBeBf382hXamcnDg7ULCs5WdxpSE6x05SfUdGV6mRdRbXmxrLkVyTv1sz6bZoJrTvYiVpP9DqgRDvKon19z6fP2f%2Fm3h%2FekWGqNS0LZR%2BUHEXLTPmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7249f2b06a8cb512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   415824
Md5:    4cdd4a80072f075d24c86d5e3f0886f4
Sha1:   e0cacf2c9034f162ba1b290d539e97ee61ea5f51
Sha256: 332e500ddc0890fcce451938165422a7bb8c19fd5771fa291bdbcc04af42a0b7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/xf-small.png HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333
Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:01 GMT
content-type: image/png
content-length: 1153
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Tue, 28 Jun 2022 11:04:25 GMT
etag: W/"481-181a9fbe16c"
cf-cache-status: HIT
age: 559
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Swy%2FB8lZpiYifs1GdoEmt7tXF0VU63W6k73Ton%2FIv8Hz9Wp7k6BVxzu8OIS0gCPjA0IyLgr1gki8LnhNfnmXMRSwrEiQSi36kfUpx6LzGQP%2Bbl1gHfegPLNgEkqTUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7249f2b2de65b512-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1153
Md5:    73788af337ff4a5e7c8d8ea19dba155f
Sha1:   e0bd72878475603f40ebd05077c626816ed3285c
Sha256: be4a320fd44fdaaced2a2056ff7a4c0765a6ed0996c9b4c94a0cb2458967e8df
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XAgg5cREBjOgGJYTdI2FNA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.191.251.76
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RvgJMMs2vw0/6wuieKoltvVTCxU=

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 02 Jul 2022 18:41:12 GMT
expires: Sat, 02 Jul 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 4549
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /npm/yandex-metrica-watch/tag.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.236.0
x-jsd-version-type: version
etag: W/"33399-sRq4vuUrHDiwktfyAT2Spsy5N90"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 02 Jul 2022 19:57:01 GMT
age: 38856
x-served-by: cache-fra19135-FRA, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 82808
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (724)
Size:   82808
Md5:    62b15f388db12424df7edbe4e644ff8b
Sha1:   c0b3c0c7de15648e3f257341b61fe0a8599b1218
Sha256: e5649a8f48bb65b57442543270fed0606825529b196758428cf0c812cafed01f
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "E774F3A3317C3547371453DCB7892563F8B3B02D"
Expires: Sun, 03 Jul 2022 07:00:00 GMT
Last-Modified: Sat, 02 Jul 2022 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 948
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7249f2b4fcbdb515-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    d9bb997a6244ea04e44e43dbbd360060
Sha1:   f405eb608aeea8d963797ded1fdbcaed45fd1230
Sha256: 7b899ef93a6e26143998b1300a00a3cef1cc6eeef192ed4de056afb5a2c59720
                                        
                                            GET /_next/static/chunks/70.aeba4e9e28ccf1bae13a.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333
Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"56d-181397f9e5d"
cf-cache-status: HIT
age: 2238084
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osep%2FYm3Jcw2B8tejwI6RNwvN5Y714rmXlZoMWP3HOtcmg964k%2Bm5tUJQF2UGOfG6Nm7ti6OiPh%2B0uSRJz30wt9h5Z7pyEnekqQsvEDiJN89LRJkadZtTZGhWwL4Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7249f2b5aa8db512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1389), with no line terminators
Size:   805
Md5:    be30d94d7cf869f40fcbc95643655ca5
Sha1:   a8a77fd5b1ed8ce33781a4e44d760064ab030ded
Sha256: 34e7865137d7296801630cf66bac4b4483f30b654e20440723b8106aa4a3d963
                                        
                                            GET /_next/static/chunks/242.e6062ff562716b6e41db.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333
Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 28 Jun 2022 10:55:52 GMT
etag: W/"26cdb-181a9f40d06"
cf-cache-status: HIT
age: 377951
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2svsg7ZCV3yxyPWiE3gUzsHKFnngderAFoXk%2B9jAGN%2FnX2kmt3xT7n3gRho4Qnn7hB%2Bc1TEV4HSyEG%2F7GORC5PQVY27bZlNI7e78lIV%2B%2BgtoM%2F0hFynksKhkuuWcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7249f2b488dcb512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   39787
Md5:    f7e1920ea2520bf2d3cf42a10c8d9c6f
Sha1:   36e9c105675093f19cf2ae48f9b079d8218955e4
Sha256: d723c579ba750b10e670e92c8b445df777d3070ad63dc4794d75834763b8255b
                                        
                                            GET /zRdVuw7.js HTTP/1.1 
Host: a.focusde.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         135.181.208.216
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 02 Jul 2022 19:57:01 GMT
content-type: application/javascript
content-length: 34264
expires: Wed, 28 Jun 2023 08:40:33 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 08:37:29 GMT
etag: "62babdc9-85d8"
cache-control: max-age=315360000, public
x-hw: 1656405633.dop247.am5.t,1656405633.cds267.am5.c
access-control-allow-origin: *
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (37787), with NEL line terminators
Size:   34264
Md5:    c0fe384e164bcc9aae1964d808f58dad
Sha1:   64ae2e550abe5692ffc77fb27cf2ffd0cbf60054
Sha256: 9275f19e1f24be590ea1ba781228903abbe2521063c325f37e56ef30ca6b662a
                                        
                                            GET /css?family=Roboto:100,300,400,500,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
                                        
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 02 Jul 2022 19:57:00 GMT
date: Sat, 02 Jul 2022 19:57:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16771
Md5:    8451759934b71b7cd0405916e4f16804
Sha1:   6931900187e3f806fb680d619b0b8a53c76c8924
Sha256: cb0f72b80676b1c2f98aba6e101f62e5c2e66b9e13aa215eea57d58560395e7a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638"
Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3996
Expires: Sat, 02 Jul 2022 21:03:37 GMT
Date: Sat, 02 Jul 2022 19:57:01 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638"
Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3996
Expires: Sat, 02 Jul 2022 21:03:37 GMT
Date: Sat, 02 Jul 2022 19:57:01 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb68b83e0-72c7-49aa-9626-3d36db21293e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11496
x-amzn-requestid: 7254cb45-1ef0-478c-9910-beca727c109f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Um1yaEYPoAMFa-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bf69a8-53e04a3858a351eb5debddac;Sampled=0
x-amzn-remapped-date: Fri, 01 Jul 2022 21:39:52 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sAkLQP7KAyNYnfEcZBBCmke_nFOGLjkMq0-jrVvfD4h_xx1GU-pxWA==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 01 Jul 2022 21:53:11 GMT
etag: "c69cccbe6d0394d4b40bc350462da9bf00064e61"
content-type: image/jpeg
age: 79430
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11496
Md5:    524069fd1931d39f6c9f106be7c29e3c
Sha1:   c69cccbe6d0394d4b40bc350462da9bf00064e61
Sha256: ba7d5c6f33a49f80db9eec2634fcfc3fd5261bdf4932bce7bc70b54c02d6cc66
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb89745-bbbb-4235-9425-852f10044585.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11746
x-amzn-requestid: 9c689086-f3c0-4043-9905-c9580c6c3f51
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Uhif8EcIIAMF2_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bd4acc-3417fb3956f99fcd714f562b;Sampled=0
x-amzn-remapped-date: Thu, 30 Jun 2022 07:03:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9XejFfM4ZuBWhhC_Zr3-8hLl9GYl7FXlG9eqbZkzJpFNWKY2BlBA9w==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 02 Jul 2022 17:01:02 GMT
age: 10559
etag: "20333be7fca4c09773321bec15ac65c18391fae0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11746
Md5:    1b628b3028c285be25c17f5665f4b727
Sha1:   20333be7fca4c09773321bec15ac65c18391fae0
Sha256: 56d7c15b78a6fd9e5b16c6e59981ba3d68839a6ad840f06ce2910b18495a38cd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F780d0ba1-2e10-4515-b170-383b7d7649ba.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4427
x-amzn-requestid: 239b2a1a-bac3-49ed-8a18-b8fa19115154
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Um1xQEQVIAMFjqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bf69a1-410d3b8551ebda0e1167e8a5;Sampled=0
x-amzn-remapped-date: Fri, 01 Jul 2022 21:39:45 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fj-SUquJcnZ8NHJRYev4g8Mq8q1oWx6YLvjCsfTzU5f4UyVl8vblDg==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Fri, 01 Jul 2022 21:53:14 GMT
etag: "efd1eb8f098ce9fdecedb4ded72e78ba33f3a4f3"
content-type: image/jpeg
age: 79427
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4427
Md5:    e81705e423a9840f81e570fc0dbe405c
Sha1:   efd1eb8f098ce9fdecedb4ded72e78ba33f3a4f3
Sha256: 78c7221278bea7e4bfb60c9fd8de53f07291bb1add9fc7ca52c099d498fcbd46
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fcc5842-a443-4bb1-a689-f28c01b745d7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9710
x-amzn-requestid: 6aec1475-75ca-46b7-aed0-ff0a0ebc11d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UNxbeG-CoAMF3iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b562af-55a10f216adb43b52f8a926d;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 07:07:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3DexaDCDH3f8Bf6gQcBnjpgdATUsbeuUCk0dIkAvckLOUdU2PttNjA==
via: 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 02 Jul 2022 09:17:19 GMT
age: 38382
etag: "6d4224b6145195d964e816cb631f0603e868633c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9710
Md5:    c52a3f896f5495cefda3553d6eeda635
Sha1:   6d4224b6145195d964e816cb631f0603e868633c
Sha256: 5c18fcf31c02d9e722855dac322475509a01b2da03e2ba4023ddad43b5bb3ce6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a74ab52-209f-4db5-bd0c-5f4fadfdc735.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7559
x-amzn-requestid: 5e3a9cd2-8985-4a49-b176-21869c376938
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Um2A0GHbIAMF1Ng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bf6a05-4a70ce59722056da703138bb;Sampled=0
x-amzn-remapped-date: Fri, 01 Jul 2022 21:41:25 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1I4i3sdHSWk_4gCjvtt66dLRpNhKVjcd6LHsnkKGwPIqcIDFMXAU8w==
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 01 Jul 2022 21:53:09 GMT
age: 79432
etag: "9ed09b2c26ccf29c1cde3c81d744aa304a442592"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7559
Md5:    40880e1bfb70d52a4846ee333ae24400
Sha1:   9ed09b2c26ccf29c1cde3c81d744aa304a442592
Sha256: 21c0b8e9a32aadd4d79b877567df30b60b3b2f5a49e707ce5a5efd4ba8b57012
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5571171d-93e2-4135-8225-3bfc53bc48ac.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6736
x-amzn-requestid: 9e808fb4-bd09-40e9-91af-080ccdc93ee9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Um2BSE0ToAMFfag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bf6a08-2a5ed3cb6402d1907c9656a8;Sampled=0
x-amzn-remapped-date: Fri, 01 Jul 2022 21:41:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9G-IIpCuXnf8fmMCzXnyB2Ciy2aUKE8G315HEV9w6GpGT1S1v9ZdOQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 01 Jul 2022 21:46:36 GMT
etag: "a63b88bf7ec527ec4774676532c865a161533e4a"
content-type: image/jpeg
age: 79825
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6736
Md5:    0ace558e62edc260cee8891548c0621d
Sha1:   a63b88bf7ec527ec4774676532c865a161533e4a
Sha256: 1fb21b28c0480725834b801307a5fff6b62d1a9c2495b901217fff6f5617059f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121614197-2&cid=1386473709.1656791823&jid=678929049&gjid=946870171&_gid=1934889473.1656791823&_u=YGBAiEABBAAAAE~&z=828441992 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         173.194.222.157
HTTP/2 200 OK
                                        
access-control-allow-origin: https://xfantazy.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 02 Jul 2022 19:57:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8C969BA75B03E453D0BC06CF11933910F9B935F75019F31C1E7FBB014189D1F0"
Last-Modified: Fri, 01 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4087
Expires: Sat, 02 Jul 2022 21:05:09 GMT
Date: Sat, 02 Jul 2022 19:57:02 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:02 GMT
Content-Length: 940
Connection: keep-alive
Expires: Wed, 06 Jul 2022 18:43:38 GMT
ETag: "405a05f782276cdc6037be77ce0e2ac2ba4c186f"
Last-Modified: Sat, 02 Jul 2022 18:43:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 923
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7249f2b96adfb515-OSL

                                        
                                            GET /a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js HTTP/1.1 
Host: addresseetransportationsyndrome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Sat, 02 Jul 2022 19:57:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4c33ad05e5a8ce9252343d790932304b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (33883), with no line terminators
Size:   11445
Md5:    60dcf2882b25a4b28d7e9d3be9aa76b4
Sha1:   e5aa3dd7b67bbb0784146cadb5d62246c2a2fac6
Sha256: 8912ce443e68a6a7311d2d16c4d130a6725d4296582d57356b544453d6986a34
                                        
                                            GET /watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afp%3A1406%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791823%3Ac%3A1%3Arn%3A313187411%3Arqn%3A1%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1656791820893%3Ads%3A3%2C27%2C486%2C50%2C349%2C0%2C%2C319%2C3%2C%2C%2C%2C1412%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791823%3At%3AENFD-5383%20Fumina%20Suzuki%20%E9%88%B4%E6%9C%A8%E3%81%B5%E3%81%BF%E5%A5%88%20%E2%80%93%20%E3%83%95%E3%83%9F%E3%83%8A%E3%83%83%E3%83%97%E3%83%AB!%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         93.158.134.119
HTTP/2 302 Found
                                        
location: /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afp%3A1406%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791823%3Ac%3A1%3Arn%3A313187411%3Arqn%3A1%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1656791820893%3Ads%3A3%2C27%2C486%2C50%2C349%2C0%2C%2C319%2C3%2C%2C%2C%2C1412%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791823%3At%3AENFD-5383%20Fumina%20Suzuki%20%E9%88%B4%E6%9C%A8%E3%81%B5%E3%81%BF%E5%A5%88%20%E2%80%93%20%E3%83%95%E3%83%9F%E3%83%8A%E3%83%83%E3%83%97%E3%83%AB%21%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Sat, 02 Jul 2022 19:57:02 GMT
access-control-allow-origin: https://xfantazy.com
set-cookie: yandexuid=8114766201656791822; Expires=Sun, 02-Jul-2023 19:57:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=8114766201656791822; Expires=Sun, 02-Jul-2023 19:57:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=2682277021656791822; Path=/; SameSite=None; Secure i=4eF+jPOs7KH82hcj/jmSc1i3XHqdR4+lnfeEiuy5KPl4bbR7HMCRdY4rblDLUXa20upG6A1MwFG74/Dg64Um87J+6tQ=; Expires=Tue, 29-Jun-2032 19:56:58 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1688327822.yrts.1656791822#1688327822.yrtsi.1656791822; Expires=Sun, 02-Jul-2023 19:57:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 02-Jul-2022 19:57:02 GMT
last-modified: Sat, 02-Jul-2022 19:57:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (330), with no line terminators
Size:   330
Md5:    f6bb29d333410f534f2f4461d0c4bac0
Sha1:   3f3aca62dc93857ba0efa34a5587a1fc0cc149c9
Sha256: e0e69d0d8b4dd3d30258b885ddb5885b1ead70abc9ee475a51b0ae144de7d81d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152507
Date: Sat, 02 Jul 2022 19:57:02 GMT
Etag: "62c03adc-1d7"
Expires: Mon, 04 Jul 2022 14:18:49 GMT
Last-Modified: Sat, 02 Jul 2022 12:32:28 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: k2-FvA0qSQ09wMDoemX9nAqN817NsOZYx3Gj5w3ORtVQ_DcncB3oOQ==
Age: 6381

                                        
                                            GET /_next/static/P4CILzN-YIbf22IDP00As/pages/top.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333
Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=1push-1push%2Cpop-pop; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiI3ODc0OGQzZDRiY2M1IiwiaWF0IjoxNjU2NzkxODIxLCJleHAiOjE2NTczOTY2MjF9.KZhVSKYA2ZnqzaSrI8Ehw94-5BC36m5XD9J4qja9mjE; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiNzU3M2MzNzNjMjg5ZiIsImlhdCI6MTY1Njc5MTgyMSwiZXhwIjoxNjU5MzgzODIxfQ.scN5GkhHCkECl7O857slnRtgLUWoDWG1UHGMZpcIhzI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 28 Jun 2022 11:07:37 GMT
etag: W/"582-181a9fed083"
cf-cache-status: HIT
age: 377110
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C98r%2FFjI5ldq%2B52vYfrvVv7ug5pa05O%2BZ9ImYQGPTbdMZC1XyRHI%2Brgr25ANYPZ5o1COApVv%2Fy1kixgry1%2F1EI4dVA4lxMmHMydoabfNrE3KFi6zqq39AT5zRBn%2Fhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7249f2b73c9cb512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1410), with no line terminators
Size:   720
Md5:    3490156b4e38f6bb175b335610d4b0fc
Sha1:   576233081013f5ecdaa22e2e8394e8e1cbc6169a
Sha256: 0f76069ae002e5112d3ff19a760040231799484cf797eb1ce1ab99d54d9190dc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3DC02E31291A3B544306448518741D1B6A0F6DCE3552BF88CEAC37455B65D3F1"
Last-Modified: Fri, 01 Jul 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9285
Expires: Sat, 02 Jul 2022 22:31:47 GMT
Date: Sat, 02 Jul 2022 19:57:02 GMT
Connection: keep-alive

                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791824%3Ac%3A1%3Arn%3A323431127%3Arqn%3A3%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656791820893%3Anp%3ATGludXggeDg2XzY0%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791824&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.158.134.119
HTTP/2 200 OK
                                        
content-length: 43
date: Sat, 02 Jul 2022 19:57:02 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 02-Jul-2022 19:57:02 GMT
last-modified: Sat, 02-Jul-2022 19:57:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791824%3Ac%3A1%3Arn%3A530437399%3Arqn%3A2%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656791820893%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791824&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 45
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.158.134.119
HTTP/2 200 OK
                                        
content-length: 43
date: Sat, 02 Jul 2022 19:57:02 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 02-Jul-2022 19:57:02 GMT
last-modified: Sat, 02-Jul-2022 19:57:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791824%3Ac%3A1%3Arn%3A470216175%3Arqn%3A5%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656791820893%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791824&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.158.134.119
HTTP/2 200 OK
                                        
content-length: 43
date: Sat, 02 Jul 2022 19:57:02 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 02-Jul-2022 19:57:02 GMT
last-modified: Sat, 02-Jul-2022 19:57:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791824%3Ac%3A1%3Arn%3A173107525%3Arqn%3A6%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656791820893%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791824&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 99
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.158.134.119
HTTP/2 200 OK
                                        
content-length: 43
date: Sat, 02 Jul 2022 19:57:02 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 02-Jul-2022 19:57:02 GMT
last-modified: Sat, 02-Jul-2022 19:57:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791824%3Ac%3A1%3Arn%3A140093291%3Arqn%3A4%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656791820893%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791824&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 108
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.158.134.119
HTTP/2 200 OK
                                        
content-length: 43
date: Sat, 02 Jul 2022 19:57:02 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 02-Jul-2022 19:57:02 GMT
last-modified: Sat, 02-Jul-2022 19:57:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cf1ab8c6c89ed59483db333&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A97837956744%3Ahid%3A692921365%3Az%3A0%3Ai%3A20220702195703%3Aet%3A1656791824%3Ac%3A1%3Arn%3A372526282%3Arqn%3A7%3Au%3A16567918231003172034%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656791820893%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656791824&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.158.134.119
HTTP/2 200 OK
                                        
content-length: 43
date: Sat, 02 Jul 2022 19:57:02 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 02-Jul-2022 19:57:02 GMT
last-modified: Sat, 02-Jul-2022 19:57:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.158.134.119
HTTP/2 200 OK
                                        
content-length: 43
date: Sat, 02 Jul 2022 19:57:03 GMT
access-control-allow-origin: *
etag: "62b5603e-2b"
expires: Sat, 02 Jul 2022 20:57:03 GMT
accept-ranges: bytes
last-modified: Fri, 24 Jun 2022 09:57:02 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js HTTP/1.1 
Host: temporarilyruinconsistent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Sat, 02 Jul 2022 19:57:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5396c5bd177d864f945abcdb9b2c42b8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   28682
Md5:    ed86bf7bd4a58c464f62634c6ceb7843
Sha1:   a902ab0c763bdde155dfb342da28f5b811f186f7
Sha256: 6c776e4c122b3e1b9abb878ed34b9ecc144688bd368561cde7832a64d7443691

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "48C615D9E3F9FD0F2ED6C7AFE2C576B4EC1449438021722CCE2A15441ABC07AE"
Last-Modified: Thu, 30 Jun 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8906
Expires: Sat, 02 Jul 2022 22:25:29 GMT
Date: Sat, 02 Jul 2022 19:57:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "48C615D9E3F9FD0F2ED6C7AFE2C576B4EC1449438021722CCE2A15441ABC07AE"
Last-Modified: Thu, 30 Jun 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8906
Expires: Sat, 02 Jul 2022 22:25:29 GMT
Date: Sat, 02 Jul 2022 19:57:03 GMT
Connection: keep-alive

                                        
                                            GET /sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2&uuid=7f94f9e2-63a5-44d7-9aef-add9109509a2%3A2%3A1 HTTP/1.1 
Host: temporarilyruinconsistent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.22.0
Date: Sat, 02 Jul 2022 19:57:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://xfantazy.com
Access-Control-Allow-Origin: https://xfantazy.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15600826; expires=Sun, 03 Jul 2022 19:57:03 GMT; secure; SameSite=None uid_id2=7f94f9e2-63a5-44d7-9aef-add9109509a2:2:1; expires=Sat, 09 Jul 2022 19:57:03 GMT; secure; SameSite=None pdhtkv=true; expires=Sun, 03 Jul 2022 19:57:03 GMT; secure; SameSite=None uncs=1; expires=Sun, 03 Jul 2022 19:57:03 GMT; secure; SameSite=None pdhtkv29=true; expires=Sun, 03 Jul 2022 19:57:03 GMT; secure; SameSite=None uncs29=1; expires=Sun, 03 Jul 2022 19:57:03 GMT; secure; SameSite=None sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]; expires=Sat, 02 Jul 2022 19:57:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 814d44fd218c85ef789b93a5d3803f5b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (6202), with no line terminators
Size:   4304
Md5:    2d369e974684cf877530f2d85cdf3360
Sha1:   5f8ab9342a4957737c1638e9144d0157a0299a69
Sha256: 3a2d72e6c5df24c30810d394182b5b892ad6adc075c1e884d30bb16c11f55685

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0724BEBBAD32A008FA888677983119B725CFADF9BA30A7FDD1F8D012681DEABF"
Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13856
Expires: Sat, 02 Jul 2022 23:47:59 GMT
Date: Sat, 02 Jul 2022 19:57:03 GMT
Connection: keep-alive

                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skVRd9NV%2B%2BhSj4KxsJSi9EFEynqrq7KuUgwRijwTgzzIzoTl6996rzzOt6xXtVXZ0GITggs2z%2Fg8rpZIIaRLfChKEzoJBVWjdZmIWLgBs3gkuV7gkTvJt7zz13ce6594ud4oy4KOjpyge6L5WiC626W3v1Y8%2B7WluXadGr9RaDT4Lm1ZrpvhEFdfe12ruCbeoF3%2FVc13O92qo0ItG9hQkJmR1EXj1y602%2F7rWa6Jn%2FYls4sNQB756R5yD5eOahMwvJRkg7360Iu5nr7PV3OoWiuTbo8v0P081Ulyk6l2ViHCTp%2FsU0tD1ZPYRO96ZyobuPB2M5Js6Ph4jT%2FQuRiLu7U52xgkgR8ydRdkcQagRJR2D6DiQ%2FIQDjuHYdaefeNW1KuvWIpRN2TGb%2B%2BhOyHJOZX2eRdr5dVrJXu6VVkUudWvSSCrI3gmyPkBVHyPtXIMsjsPxzSE6QdipIfvpymETNJBL%2BfNCgrflmk4fzERXJPOU88tyo5UbUnxoj5QgyGUGJAai9gsI6KKSDInFQZA46%2FLTGPM8LXc6ouxgx1uChiAPuejRMPOq5wSIKNtE%2BQJ4NwNQAzGwjM9vYlAOY4gHsRgXLHdicoMsrlIKgtAQlJSglQZkTlN1qjyvr2%2BoeV7aIvYvsX%2BRGNdR5e4fu6bwtUrKTnZFnp4b98dQP2BSnNeonUeQmntsMAzfwWOhF3GMepQ3qC8Z9WFlB2iug1kFfjsns3G%2FIJkf87B%2FE9AhWHYHJZ0CLF0HLYei7oBvD5qKLfnrQS2ia0%2F5WnekOuK6Q5TPIt5wddUZemOpozWsIdrx0%2F82TufPz22CmQmYqfCofErTV3eFNXZLdm7q05PvrWS47sk8nR72V01z8%2F%2Bv3xVapDV9bsYOv3mITYlIe3BY2X6cpl2nbkm%2BWJefCrGrDBLm%2FZj8S8Y3CbiwXJi2y9Rtvr651MiOslTodgU5We%2F49MDkmTyyL6b%2FOHZ5DmhFMUaFTHJOLgNRHYNk2bHbZs5rAqEscZw7KohoaP75sKkmgxCWmcQUrjpd%2B8l75vffL34jFY0N27F20zUug%2BZ3pm3ZNha6qQNUAtvjfMM%2FM8dLPjWkgVs4wVsbZjZVRXz4y18rTWthouDSIWl4YUhHGTX8xCTxOqd8M%2FCCgDeR2HD8YPv0vAAAA%2F%2F8BAAD%2F%2F4SuQu96BAAA HTTP/1.1 
Host: temporarilyruinconsistent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=7f94f9e2-63a5-44d7-9aef-add9109509a2:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Sat, 02 Jul 2022 19:57:03 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 36de79ed9a6d24cda94089138ddf412b
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/purst?dl=0&th=0&sc=0&rs=3378&rd=3378&fd=561&bv=22.4.v.2&tmpl=136 HTTP/1.1 
Host: captivatepestilentstormy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.13
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.6
Date: Sat, 02 Jul 2022 19:57:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /thumbnail/cOSW6yegzvq5qjXF_Q/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
                                        
server: openresty
date: Sat, 02 Jul 2022 19:57:03 GMT
content-type: image/jpeg
content-length: 8745
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   8745
Md5:    050329119c97f007a0b72ae138b97a83
Sha1:   637ed4350e0e8e3cc93ef7a48c2387ef98c26f95
Sha256: c101740f18b9eb433c84430a8fe08b6c94a6600ddcfc8e798f98729446669677
                                        
                                            GET /thumbnail/cbmWtHaumf_lrW2R_g/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
                                        
server: openresty
date: Sat, 02 Jul 2022 19:57:03 GMT
content-type: image/jpeg
content-length: 10685
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   10685
Md5:    e5bac96d9a82f6cf3d0189d1bba8cd0c
Sha1:   61d3d5569fe12443f444252d3120ec97a699a9a4
Sha256: 7f88a71f8e6411f3974c702970d81057ee6830c8d6862ebd84c613d0ee096d40
                                        
                                            GET /thumbnail/LO6SunGuzPrl_23FrQ/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
                                        
server: openresty
date: Sat, 02 Jul 2022 19:57:03 GMT
content-type: image/jpeg
content-length: 11603
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   11603
Md5:    375c7cfcb2c1265cb93ab417232d9e0d
Sha1:   81063dd04ed6fe7214247514a1926a8430cb891f
Sha256: 23fd1bd75be9124179f70c14896cbe4e39ff82647fc87c46c0222294bf970a7f
                                        
                                            GET /thumbnail/Jr6XvHL3z63s_zyT_g/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
                                        
server: openresty
date: Sat, 02 Jul 2022 19:57:03 GMT
content-type: image/jpeg
content-length: 17215
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   17215
Md5:    405786366602345801c885faeaf47f8f
Sha1:   aa44e4f14f12a9f7aa9801410875d56b66262821
Sha256: ead2f13fdb0d38c66e1e583b07679256d5926b6dc7334b471d8e55c3d738fab9
                                        
                                            GET /thumbnail/Ju6WtSOuz_vkqTrDrg/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
                                        
server: openresty
date: Sat, 02 Jul 2022 19:57:03 GMT
content-type: image/jpeg
content-length: 12539
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   12539
Md5:    34ede2d42a7dd04659dd34b64de5966b
Sha1:   4d615ba14a5235c38d76217dc01b5aaca3861f7d
Sha256: 669bfb067c7f772e7bb2d2a138019aa09a3b2a87fccfbf1f45339da5474df82f
                                        
                                            POST /cdn-cgi/challenge-platform/h/b/cv/result/7249f2abdc9cb512 HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12384
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333
Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=1push-1push%2Cpop-pop; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiI3ODc0OGQzZDRiY2M1IiwiaWF0IjoxNjU2NzkxODIxLCJleHAiOjE2NTczOTY2MjF9.KZhVSKYA2ZnqzaSrI8Ehw94-5BC36m5XD9J4qja9mjE; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiNzU3M2MzNzNjMjg5ZiIsImlhdCI6MTY1Njc5MTgyMSwiZXhwIjoxNjU5MzgzODIxfQ.scN5GkhHCkECl7O857slnRtgLUWoDWG1UHGMZpcIhzI; _ga=GA1.2.1386473709.1656791823; _gid=GA1.2.1934889473.1656791823; _dc_gtm_UA-121614197-2=1; _ym_uid=16567918231003172034; _ym_d=1656791823; visitorGetPop=no
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:02 GMT
content-type: text/plain; charset=UTF-8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie: __cf_bm=2ld_iQCBRJbG10ok5LM7VN9x6y8XJgoJ.PtGrE9ZY4I-1656791822-0-ASeLwO5+jip4HXLtSn86AtSRpkkJPAhLOn6l444XQTHAuKfLTUoP7sWnHCxAg/aCImGFpyhx87SqTn6JzKBD7Y3IMKWb7cIHl7enrQheeaDp9WhH+J/hGBRJdlrtJ9DhRA==; path=/; expires=Sat, 02-Jul-22 20:27:02 GMT; domain=.xfantazy.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXgk3IBtmC2Ew1B0esN6avdvr2PGfTtDn0TdNMisCAxgPz%2BmtrtGwaCsOfzTTSl3KW4SRXSB3fuOVreA0ZKer5Yzd9fFtMp8LXhdhe2gsJpDTXSx%2FYtFQEQJ439NzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7249f2bb0a36b512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11288
Md5:    fdc5c7857efb0b673208a9421b563a71
Sha1:   e186f73f36fba37dfcc1e2e7ac68f64236e54da4
Sha256: f092d6b907bafd1a6d99d91ecce892d97b1d38b38d50207146098dc7b2836b8c
                                        
                                            GET /thumbnail/IOiTvnLymf-6-jiXrA/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
                                        
server: openresty
date: Sat, 02 Jul 2022 19:57:03 GMT
content-type: image/jpeg
content-length: 11285
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   11285
Md5:    8f631e5660897607241b781260f72d9f
Sha1:   6bdb5f40bed83fb9a20c30db312337d11f9a365c
Sha256: 57c79d8e617bdf7d4f97ad1bf4e908d417c7353d5f5da176ed3a8b5b9611475a
                                        
                                            GET /thumbnail/IbySvSClwqnrqjzDqQ/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
                                        
server: openresty
date: Sat, 02 Jul 2022 19:57:03 GMT
content-type: image/jpeg
content-length: 8693
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   8693
Md5:    e6ad188a5d4a192c80c7f6692cd24ee3
Sha1:   922d296e1bab7aeeb6a1b283980a9ca929b88665
Sha256: a3cec64f2cda6deacd838c60051a9c5a42283b33c07022fbb83133de01fab64f
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "3B67A75DBFACE14E1940383AC5186AE05DEB1EEE1A5A8D4987F6B7C27F8C771A"
Last-Modified: Thu, 30 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5586
Expires: Sat, 02 Jul 2022 21:30:09 GMT
Date: Sat, 02 Jul 2022 19:57:03 GMT
Connection: keep-alive

                                        
                                            GET /api/spots/380873?host=xfantazy.com&ev=192&wh=1024&ww=1280 HTTP/1.1 
Host: a.focusde.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=EwVhYZ0M1muOB6CFMAyV
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         135.181.208.216
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 02 Jul 2022 19:57:03 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /api/spots/289411?host=xfantazy.com&ev=192&wh=1024&ww=1280 HTTP/1.1 
Host: a.focusde.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=EwVhYZ0M1muOB6CFMAyV
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         135.181.208.216
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 02 Jul 2022 19:57:03 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /sfp.js HTTP/1.1 
Host: addresseepaper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.2
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:03 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: cf8c1fb6936fd22d447256018fb48b3d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 02 Jul 2022 19:57:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2Lx5iO48M9TauP0EUZAO%2FuZlZWbvWRgQqxYAZAf6r7SOXDDfYKCZHYHhSCm4iRrWoDJIPtnrQZ3VW4Qs%2FtBpEVEBBx%2F%2BUkybR86v4lsC7S2CV1%2FBYHclN4viB5BmlEt2kbOzxI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7249f2bf3fedf3ef-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (49470), with no line terminators
Size:   18307
Md5:    d84b7d9d70f2d0313355b4ba73461291
Sha1:   d490261debe53643de39d63e25a76cd5233d878e
Sha256: ef6a240d0b4d9a9d614a02bbbe60b9f110f911ab4cd15d3bda0b40afe0d52e4d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:04 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 01 Jul 2022 05:56:27 GMT
Expires: Fri, 08 Jul 2022 05:56:27 GMT
ETag: 7E073D17FEF01A8B6BD062CD6A138AE30EE3A46F
Cache-Control: max-age=467362,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp2
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7249f2c4fdc71c12-OSL

                                        
                                            GET /sdk/v1/master.spot.js HTTP/1.1 
Host: cdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.254.252.214
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:04 GMT
content-type: application/javascript
content-length: 12716
last-modified: Wed, 22 Jun 2022 09:27:35 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"62b2e087-887d"
age: 901040
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (28232)
Size:   12716
Md5:    0c8b6eeb7d60d4b1d9e08dd23db4d5f4
Sha1:   927910ab3a0164fcaa92c0562b4e6702e7373e43
Sha256: b2629798ea334f73e5d414232c45f3fe41cdd22907dfa1ffd7156a5f58f520e9
                                        
                                            GET /warp/4787912?r=69542 HTTP/1.1 
Host: a.bestcontentfood.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.200.139
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:04 GMT
content-type: application/javascript; charset=UTF-8
referer: b.bestcontentfood.top
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhCerbdhTgz6FPq06exKrq5zQMlPBNQd4ovlR9xZSdpR1Wk1yl4%2FS9qO4%2BsV1WtSyF26zEk6X1KaD1kqNNOfrEZ%2FdkW2TvjiBb%2BYAe99C9%2FTlHqFpJb9vNI69GCgZKkmRgCzGBuI%2BXk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7249f2c4d8641c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4180), with no line terminators
Size:   2301
Md5:    a7d6328fa6be22604de1211c0bdbf367
Sha1:   340d37951420fae974ea81f51770025f9f30714b
Sha256: 6651cd691851e006e65ee320a3363c0cc6ab85d7aa7aef7a9367c0e957cd6c09

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /warp/4787914?r=44276 HTTP/1.1 
Host: a.bestcontentfood.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.200.139
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:04 GMT
content-type: application/javascript; charset=UTF-8
referer: b.bestcontentfood.top
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4KRCCxSRddlwwX8bKoyVnXn8UQgYmpctqQAOzgo%2BWJIJtbCf%2Bfamr8yuTQeIx2WNevAPhLmEoEw%2Bj0TGHYLXzCZm2UIZ2zeQJATlOm78OjUA%2BOdvJPSmUgOgjGyHtSY9ti%2FrBaN%2BEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7249f2c4c8571c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4180), with no line terminators
Size:   2301
Md5:    11afb435216c6d928e5b952d23f11aac
Sha1:   838dc17a6811b11dc60c1d17e17e172417876606
Sha256: a7b1e87666ef9c4549d29d40704450026bf977396b8cf423bbafcb4aa8f547bd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /api/spots/312874?p=1&s1=%subid1%&kw= HTTP/1.1 
Host: a.focusde.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         135.181.208.216
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 02 Jul 2022 19:57:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=YhfENY9s2oUjzYjt2vN3; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   14671
Md5:    eabd705d9aaee70a8ce62a3db82f526e
Sha1:   4c27f3abc40b9328f557ae4735338b6318ee567b
Sha256: addd71ed90419f802ce125704dca6ff7406ad355fdf9c5906864fbb2ab980195
                                        
                                            GET /assets/fdm/red.jpg HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333
Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=1push-1push%2Cpop-pop; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiI3ODc0OGQzZDRiY2M1IiwiaWF0IjoxNjU2NzkxODIxLCJleHAiOjE2NTczOTY2MjF9.KZhVSKYA2ZnqzaSrI8Ehw94-5BC36m5XD9J4qja9mjE; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiNzU3M2MzNzNjMjg5ZiIsImlhdCI6MTY1Njc5MTgyMSwiZXhwIjoxNjU5MzgzODIxfQ.scN5GkhHCkECl7O857slnRtgLUWoDWG1UHGMZpcIhzI; _ga=GA1.2.1386473709.1656791823; _gid=GA1.2.1934889473.1656791823; _dc_gtm_UA-121614197-2=1; _ym_uid=16567918231003172034; _ym_d=1656791823; visitorGetPop=no; __cf_bm=2ld_iQCBRJbG10ok5LM7VN9x6y8XJgoJ.PtGrE9ZY4I-1656791822-0-ASeLwO5+jip4HXLtSn86AtSRpkkJPAhLOn6l444XQTHAuKfLTUoP7sWnHCxAg/aCImGFpyhx87SqTn6JzKBD7Y3IMKWb7cIHl7enrQheeaDp9WhH+J/hGBRJdlrtJ9DhRA==; _ym_visorc=b; dom3ic8zudi28v8lr6fgphwffqoz0j6c=7f94f9e2-63a5-44d7-9aef-add9109509a2%3A2%3A1; sb_page_a2f990f10476061c719d1c1aa3a2ecd2=1; sb_onpage_a2f990f10476061c719d1c1aa3a2ecd2=1; sb_main_a2f990f10476061c719d1c1aa3a2ecd2=1; sb_count_a2f990f10476061c719d1c1aa3a2ecd2=1; _ym_isad=2; pbpr0tpuw4isk85t8yg3jb2lj5vqf=temporarilyruinconsistent.com; ppu_idelay_4d0afc2425eea6b0cd5a468c9f8a69ed=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:03 GMT
content-type: image/jpeg
cf-bgj: h2pri
vary: Origin, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2643
last-modified: Sat, 02 Jul 2022 19:13:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zwdWpPucBS1ajX2M7kurl0Wk457n22xVRLP7cJjlrDJtu0W3gCrz4%2F3wY80X0zi2NKczekbFsoZDcptBGsCP%2Fn1cBnNIUCW%2BkRwgpH2cJXrX77CK9P73S9vutNYoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7249f2c2fd14b512-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=3, software=paint.net 4.3.11], baseline, precision 8, 950x150, components 3\012- data
Size:   58205
Md5:    275d41ad931cf00d8b7e08c1b4dcda1c
Sha1:   0f6dbd9f48abe256ff52a637c38405266034ef5c
Sha256: 9f04b95dcf83ec6b8c9a15b396414aec0074a92c478d709e4210b390e0a4db4e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ACC91E7B5535EA1AF789C1F9F14822DD685067C91DBC6445568D7042E2B45987"
Last-Modified: Sat, 02 Jul 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9698
Expires: Sat, 02 Jul 2022 22:38:42 GMT
Date: Sat, 02 Jul 2022 19:57:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ACC91E7B5535EA1AF789C1F9F14822DD685067C91DBC6445568D7042E2B45987"
Last-Modified: Sat, 02 Jul 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9698
Expires: Sat, 02 Jul 2022 22:38:42 GMT
Date: Sat, 02 Jul 2022 19:57:04 GMT
Connection: keep-alive

                                        
                                            GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujvEgCv7KRYIyBxEFM%2Bme3%2B0iwRijwbi77K7oTaqrqidlarqaqq7pyYAQXJA9jv9B55tkgxpEr8KGZbKgkFNGLzmYg4eAFy%2BCR5WZDRv2Xd773vcO3%2Fve%2B2rHnREfjp6ufKT7Uim6WC%2F7pdc%2FDYIrpXWZuF6p12p81qhdKZnuW2Gj7L9Rel%2BwTb1Y8QPfD%2FygtCqNiHVvcUJCpgdhUA79cq1SDuo19Mzj2DoPlnrg3TPyAiQfzz7w5iDZCEnnhxVhNzOdvvlexymaaYMu3%2F842Ux0nqBzWcbGQ5zsX0xD25PVQ%2BhkbyoXuvtoMJJj4v18iCjZvxCJqLs71RkpiAQRfxp5dwShRpB0BKZvQ%2FITAjCOq9eQdO5e1SanWw9ZOmHHZPafvyHzMZn9fQ5J5%2FtlJXulm1q5TOrEohcXkL0RZHuE1B0h689A5kdg2ZeQnCDpFJD89NVmHNbiUFQWGlVaX6jVeHMhpCJeoJyHgR%2FW%2FZBWpsZIOYKMR1BiAGpn4KwHJz242INLPXT4aYkFQdD0OaN%2BK2SsypsianA%2FoM04oIHfaMGxifYBsnQApgZgZhup2camHMC4%2B7AbBSz3YDOCLi%2BQC4LcEuSUIJcEeUaQd4s9rmzFFne5si4KLnLlIleLoc7aO3RPZ22RkJ30jDw%2FNeyvZ37Cpjgt0Uochn4c%2BLVmw28ErBmEPGABpVVaEYxXYGUBaWdArYe%2BHJO5%2BT%2BQTo74xX%2BI6BGsOgKTz4G6l0HzYbPig24May0f%2FeSgF9Mko%2F2tMtMdcF0gzWaRbXk76oy8NNVRX9AQ7Hjp3tsn8%2Bfnt8BMgdQU%2BFw%2BIGirO8MbOie7N3RuyY%2FX0kx2ZJ9Ojnozo5l48tsPxVauDV9bsYNv3mETYlIe3BI2W6cJl0nbku%2BWJefCrGrDBLm3Zj8R0XVnN5adSVy6fv3d1bVOaoS1Uicj0MlqL34AJsfkqWUx%2Fdf5w3NIM4JxBTrumFwEpD4CS7dh08ue1QRGXeIo9ZC7Ymgq0WVTSQIlLjGNClhxvPRL8Nqfvd%2F%2BRSQeGbJj76BtXgHNbk%2FftGsKdFUBqgaw7olhlprjpV%2Br00CkvGGkjLcbKaO%2Bfmiulaelqs%2BbkYhFMxK1ei0WjEf1euSzmEVV3moxZHYc3R8%2B%2Bz8AAAD%2F%2FwEAAP%2F%2FBHqXB3oEAAA%3D HTTP/1.1 
Host: temporarilyruinconsistent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=7f94f9e2-63a5-44d7-9aef-add9109509a2:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Sat, 02 Jul 2022 19:57:04 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d4360cc77f94fd54c209ea560fa9f192
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/sbs?c=1 HTTP/1.1 
Host: temporarilyruinconsistent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=7f94f9e2-63a5-44d7-9aef-add9109509a2:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Sat, 02 Jul 2022 19:57:04 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /warp/4788752?r=19901 HTTP/1.1 
Host: a.bestcontentfood.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.200.139
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:04 GMT
content-type: application/javascript; charset=UTF-8
referer: b.bestcontentfood.top
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJuwF6ah4dCMBYWZPc9FZenerz5Qyr0f5AYL45FZxenreIfUAjQI8W%2Bm%2F9if8PlfatV5si7Op1Q94XxOaw8byIcy8lTZxoT4HRyYbzR683AyfrX7lwipAmuPfpjIiliUclgWw6MJjIE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7249f2c4e8671c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4181), with no line terminators
Size:   2851
Md5:    dffa0181ac28ade09b0c84e9ebdee6f4
Sha1:   e42ca29481a85bef102edd71213cc4fd45a3955c
Sha256: 4ed3c01644609bcffbb5e920278c25ff44171d3cbda607df887fb1d295cf0a2c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /pxf.gif?uuid=7f94f9e2-63a5-44d7-9aef-add9109509a2&eb=f2971074fea048c017123c068028f7b0&te=b8a4e026d9f6325fba5277f9c4602d23&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Sat, 02 Jul 2022 19:57:04 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1bc3b13ade813d50a17148794104ae01
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   661
Md5:    69f7e5b7a94453990de2b42acd66a683
Sha1:   4cc9cf9339dcd1eb21c6c0aab0d0ff51eb12ca25
Sha256: 24f2c695e4c4fa7733cac8313595a14625e61af698084e2c58602fa2d00d84bf

Alerts:
  Blocklists:
    - quad9: Sinkholed
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /i/b.html?spot=4692&src=562949385&pid=19775&width=300&height=250&spaceid=859 HTTP/1.1 
Host: cdn.tubecorp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.24
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:04 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.20.1
last-modified: Sat, 20 Nov 2021 06:50:54 GMT
etag: W/"df-5d132d02c9e77"
x-request-id: be3ce9ef9935cab4107d6a0f01f25520
content-encoding: gzip
expires: Sat, 02 Jul 2022 20:57:04 GMT
cache-control: max-age=3600
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 02 Jul 2022 19:57:04 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 02 Jul 2022 15:56:19 GMT
Expires: Sat, 09 Jul 2022 15:56:19 GMT
ETag: 445ACAEE748C1D3FBB7BCA4DCA5D57E30F96E98B
Cache-Control: max-age=589754,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp8
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7249f2c7ff17b505-OSL

                                        
                                            GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjQ2OTIsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjQ2OTIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI1NjI5NDkzODUiLCJ1dG0xIjoidGNiYW5faSIsInV0bTIiOiI0NjkyIiwidXRtMyI6IjE5Nzc1IiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiI0NjkyIiwicGFnZSI6Imh0dHBzOi8vYS5mb2N1c2RlLmluZm8vIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjJiM2E1N2EyMjEyNjViZmRmN2ZhN2FkZTNiZTIzM2ViIn0sImV4dCI6eyJkdCI6MTY1Njc5MTgyNTY0MH19 HTTP/1.1 
Host: rtbbnr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.tubecorp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         159.69.163.6
HTTP/2 200 OK
                                        
server: nginx/1.18.0
date: Sat, 02 Jul 2022 19:57:04 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2989
Md5:    33f73e665fe386b5fee2286e61d8c0f8
Sha1:   497ad45b14bea17c4d6fad4c46d07212993fbb11
Sha256: 71e5e34c3140b146c4b383f2dff2594820c0c5f8acbca77ea4651cefa6ddce91
                                        
                                            GET /_next/static/P4CILzN-YIbf22IDP00As/pages/index.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5cf1ab8c6c89ed59483db333
Cookie: visitorId=mx83se4u2nhr67vwe473i8; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=1push-1push%2Cpop-pop; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiI3ODc0OGQzZDRiY2M1IiwiaWF0IjoxNjU2NzkxODIxLCJleHAiOjE2NTczOTY2MjF9.KZhVSKYA2ZnqzaSrI8Ehw94-5BC36m5XD9J4qja9mjE; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiNzU3M2MzNzNjMjg5ZiIsImlhdCI6MTY1Njc5MTgyMSwiZXhwIjoxNjU5MzgzODIxfQ.scN5GkhHCkECl7O857slnRtgLUWoDWG1UHGMZpcIhzI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 28 Jun 2022 11:07:37 GMT
etag: W/"2b7-181a9fed07f"
cf-cache-status: HIT
age: 377259
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRODqxan%2FeirD2SW3QwaSiaTxkpcZt%2FU0gfRPWHBasVuS0H%2Fp%2BsvpCvPzztyg%2ByKUmvJm6HyNphLlu2BjO42dIvMu1s8zR%2F2g04U%2FWUMjRCgZz02FbxfLP3CIri7tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7249f2b71c6fb512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (695), with no line terminators
Size:   37707
Md5:    55f29b09920c076f1107715bdc40e317
Sha1:   8d92f2f177dbcb2d609616c3ba5b32cf8d719a86
Sha256: a82a7cdc640cb528c32a98590c4825f0fe187687ec7c6ced0e0306a4da601f8e
                                        
                                            GET /banner/in/show/?mid=329261893&pid=0&site=4692&sc=NO&usage_type=DCH&subid=562949385&sid=0&cid=13202&price=0&is_cpm=1&cpm=0.005&ecpm=0.005&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=a.focusde.info&hostname=auc-banner-hz-0&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=4692&utm_campaign=19775&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=&min_cpm=0.0001&placement_type_id=-1&skin_test=&verify_hash=&score=0&ml=&ttl=&space_id=859&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=&url=%2F%2Fin16.zog.link%2Fin%2Ftishow%2F%3Fkatds_ep%3DGjVklV1x6ZTbIpgqKIPcRtTsPcolPhL0Fhwbh_JpZaDaMIKgSpGdzhy_oajnLm55I2Kg25oiWRyz-Eb9D3ywX0DASiGKee5luvBkG2HWL4dFTHQx4NfWYMd6e9tVXNx6hJbXXlZ2Du5p1o6aKZ5aLcHwpk6RA0yDF9Lgdq3NsTmAa50vcP6486xa5e3L4UZ_9U4aKNY-_D14URmdZLrXP0LsjToB1pH-r0e7oxL6R-DYlT_43BdPyhroeyoZ4673uSpx8nHsSO4zZflP52GF94SLIP9pteA2xqXt7c_us0djh4Br0EPAqgH1mlc5feVXsFBu_16Fo26yu30Sm33hxpmVRYzzldwIaL4GLBVsPLzqDlVONEk9dmUYF4p8esj24nxyiYvphY6n5aB6j9V9C9AmUXvxnu8DtY_BhiJGLsYZgYb8MqRr8TKcyMDzp_PHK_PlC8NLkW5z-J82IBf_T23RcXgfFrJMaH79JCPwTl8CIqjMt--eLqW4gIimtcmjBlcdtZEubpBzj9HLXLGmLsUk0ZVtdXeamL4THaQw_KOdIZ9DU4VzntzBHAnFo6uAhHRsHlC4XMM1KkFwCT-9jS9nHZnHkn2Lcu4ft5uEa4VdtwrD5nT_p1lVanzABlKrgRU9fq1cl1PPMTAjWo0WMu7DBd0Em4nCksG8JQ22ff404sLrxlOpx8HTlvpZ56-pNuv7BkPTVjFceeNboicRY9w-59ADcWucUmK73OIRbSOa8bpG7KZwYV79Y50zAaq9TgCH5BZmHy1ajOclAXZQ8WKxJT6DCsFGL0EubyXpXoczTLXeQwonSmCOMT63l2yxcbEWKumJnFCOl7b8wvm5VERPhfteBqrRzS_9Xw4gyivenUp-te-DN_0vcCTsxGoecn20fCl8mQ-vrrAm1HTjar9Y6AI5_NdyQz45xrfK3a8xbtC1QcoHPXNnEC19bD59d2qUN4ZV3XGOZ-63r-Wf5j85zZ-4wkUy9NSy0Phxgbq1vkOftHCGsbb0zeUQ9uUV0P-ciPX64wqYzc0EdmhRlN8ikX5j1UcdA19GdG-BFbg8bRO5K1jh7ZqOPOT_dqQQtOVT_zE1M0_MvAxBjj24eACb-VuhuPBGq0Zwp7ABrd_ZOFgDFumoSbnI3nL37u6vRWRmBuzKn0sDHb2ysZ_ZDAqVAhmKiO5NASCt285qJuTemzzbDC31DGm8wZ4MUOVZNWHZh_9W5-k1zhxd4MhN_iXhWZvogaDE51zccQbKqSI4Sv2dw6F6AiuvQzsdT2aUwjdYeyV2lygOWXMRrEYbDb9eqoGW2gtjeMfOUIyCUHC3x1EjMIw2V5XS0_7IhlNQEPgu8qSFJEbQ-O1RRrQVKrTxwCUNJL2c3pGV8RrBMIyujOBCzbmSo0SBHF6OmQ_YRh0ozNse7PxH3tUkenXqgMFMnuHldffega-2t2hzAsvIj563WMmz34cFB4TuMO7vNpbDhG7GOX8RBMcNPvzlFA-Dejhtkm-cl3eDwY_3HddAXPUZmjUFtuSJd9bR2XlNCmnB8wIz0BdFMF2y2AnyeiYrmlptDjd1qT51tJ2zjGSK6fw7eOaU2Zlp5VWza2SyyU_c0yWANmYqe2MYcrcikZEcDKC5dSr7b8Fa6t8LuhGNVoUaFHYwdCNcAnhDW9RZ9N40Ii9wRSYzQApiV8Jyu5oq0KrRdq1WBQD38Ajo9m6gp1Aw4L6chcIqu1dLOh8wxKYZG9XfL1gMwKRg_rjvOWhB4UDSi_tj-OsEEsw_4gz0A7UoQPFWfAT5mX7Wa2XRCkLIhm9StPIEdsf437YiOaZpU_V3Q3TELkK7DHuSmFQgx2ulLr7-w3USLF_gL_16aL-ITe7DpzQXjSvkriFat1yWj0UDYhaSgpQc4pWPFASBpYAC_0OaGeeyHajHqcCGUw%26sp%3D0.005&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem= HTTP/1.1 
Host: rtbrennab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbbnr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Sat, 02 Jul 2022 19:57:04 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: //in16.zog.link/in/tishow/?katds_ep=GjVklV1x6ZTbIpgqKIPcRtTsPcolPhL0Fhwbh_JpZaDaMIKgSpGdzhy_oajnLm55I2Kg25oiWRyz-Eb9D3ywX0DASiGKee5luvBkG2HWL4dFTHQx4NfWYMd6e9tVXNx6hJbXXlZ2Du5p1o6aKZ5aLcHwpk6RA0yDF9Lgdq3NsTmAa50vcP6486xa5e3L4UZ_9U4aKNY-_D14URmdZLrXP0LsjToB1pH-r0e7oxL6R-DYlT_43BdPyhroeyoZ4673uSpx8nHsSO4zZflP52GF94SLIP9pteA2xqXt7c_us0djh4Br0EPAqgH1mlc5feVXsFBu_16Fo26yu30Sm33hxpmVRYzzldwIaL4GLBVsPLzqDlVONEk9dmUYF4p8esj24nxyiYvphY6n5aB6j9V9C9AmUXvxnu8DtY_BhiJGLsYZgYb8MqRr8TKcyMDzp_PHK_PlC8NLkW5z-J82IBf_T23RcXgfFrJMaH79JCPwTl8CIqjMt--eLqW4gIimtcmjBlcdtZEubpBzj9HLXLGmLsUk0ZVtdXeamL4THaQw_KOdIZ9DU4VzntzBHAnFo6uAhHRsHlC4XMM1KkFwCT-9jS9nHZnHkn2Lcu4ft5uEa4VdtwrD5nT_p1lVanzABlKrgRU9fq1cl1PPMTAjWo0WMu7DBd0Em4nCksG8JQ22ff404sLrxlOpx8HTlvpZ56-pNuv7BkPTVjFceeNboicRY9w-59ADcWucUmK73OIRbSOa8bpG7KZwYV79Y50zAaq9TgCH5BZmHy1ajOclAXZQ8WKxJT6DCsFGL0EubyXpXoczTLXeQwonSmCOMT63l2yxcbEWKumJnFCOl7b8wvm5VERPhfteBqrRzS_9Xw4gyivenUp-te-DN_0vcCTsxGoecn20fCl8mQ-vrrAm1HTjar9Y6AI5_NdyQz45xrfK3a8xbtC1QcoHPXNnEC19bD59d2qUN4ZV3XGOZ-63r-Wf5j85zZ-4wkUy9NSy0Phxgbq1vkOftHCGsbb0zeUQ9uUV0P-ciPX64wqYzc0EdmhRlN8ikX5j1UcdA19GdG-BFbg8bRO5K1jh7ZqOPOT_dqQQtOVT_zE1M0_MvAxBjj24eACb-VuhuPBGq0Zwp7ABrd_ZOFgDFumoSbnI3nL37u6vRWRmBuzKn0sDHb2ysZ_ZDAqVAhmKiO5NASCt285qJuTemzzbDC31DGm8wZ4MUOVZNWHZh_9W5-k1zhxd4MhN_iXhWZvogaDE51zccQbKqSI4Sv2dw6F6AiuvQzsdT2aUwjdYeyV2lygOWXMRrEYbDb9eqoGW2gtjeMfOUIyCUHC3x1EjMIw2V5XS0_7IhlNQEPgu8qSFJEbQ-O1RRrQVKrTxwCUNJL2c3pGV8RrBMIyujOBCzbmSo0SBHF6OmQ_YRh0ozNse7PxH3tUkenXqgMFMnuHldffega-2t2hzAsvIj563WMmz34cFB4TuMO7vNpbDhG7GOX8RBMcNPvzlFA-Dejhtkm-cl3eDwY_3HddAXPUZmjUFtuSJd9bR2XlNCmnB8wIz0BdFMF2y2AnyeiYrmlptDjd1qT51tJ2zjGSK6fw7eOaU2Zlp5VWza2SyyU_c0yWANmYqe2MYcrcikZEcDKC5dSr7b8Fa6t8LuhGNVoUaFHYwdCNcAnhDW9RZ9N40Ii9wRSYzQApiV8Jyu5oq0KrRdq1WBQD38Ajo9m6gp1Aw4L6chcIqu1dLOh8wxKYZG9XfL1gMwKRg_rjvOWhB4UDSi_tj-OsEEsw_4gz0A7UoQPFWfAT5mX7Wa2XRCkLIhm9StPIEdsf437YiOaZpU_V3Q3TELkK7DHuSmFQgx2ulLr7-w3USLF_gL_16aL-ITe7DpzQXjSvkriFat1yWj0UDYhaSgpQc4pWPFASBpYAC_0OaGeeyHajHqcCGUw&sp=0.005
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 799
Cache-Control: max-age=159438
Date: Sat, 02 Jul 2022 19:57:04 GMT
Etag: "62c06bbf-13a"
Expires: Mon, 04 Jul 2022 16:14:22 GMT
Last-Modified: Sat, 02 Jul 2022 16:01:03 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 314

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4EE99872BACD90F87F41CDFF41BB4B8AD4E6F47E2735882186BDFDF09DCD1651"
Last-Modified: Sat, 02 Jul 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5388
Expires: Sat, 02 Jul 2022 21:26:52 GMT
Date: Sat, 02 Jul 2022 19:57:04 GMT
Connection: keep-alive

                                        
                                            GET /in/tishow/?katds_ep=GjVklV1x6ZTbIpgqKIPcRtTsPcolPhL0Fhwbh_JpZaDaMIKgSpGdzhy_oajnLm55I2Kg25oiWRyz-Eb9D3ywX0DASiGKee5luvBkG2HWL4dFTHQx4NfWYMd6e9tVXNx6hJbXXlZ2Du5p1o6aKZ5aLcHwpk6RA0yDF9Lgdq3NsTmAa50vcP6486xa5e3L4UZ_9U4aKNY-_D14URmdZLrXP0LsjToB1pH-r0e7oxL6R-DYlT_43BdPyhroeyoZ4673uSpx8nHsSO4zZflP52GF94SLIP9pteA2xqXt7c_us0djh4Br0EPAqgH1mlc5feVXsFBu_16Fo26yu30Sm33hxpmVRYzzldwIaL4GLBVsPLzqDlVONEk9dmUYF4p8esj24nxyiYvphY6n5aB6j9V9C9AmUXvxnu8DtY_BhiJGLsYZgYb8MqRr8TKcyMDzp_PHK_PlC8NLkW5z-J82IBf_T23RcXgfFrJMaH79JCPwTl8CIqjMt--eLqW4gIimtcmjBlcdtZEubpBzj9HLXLGmLsUk0ZVtdXeamL4THaQw_KOdIZ9DU4VzntzBHAnFo6uAhHRsHlC4XMM1KkFwCT-9jS9nHZnHkn2Lcu4ft5uEa4VdtwrD5nT_p1lVanzABlKrgRU9fq1cl1PPMTAjWo0WMu7DBd0Em4nCksG8JQ22ff404sLrxlOpx8HTlvpZ56-pNuv7BkPTVjFceeNboicRY9w-59ADcWucUmK73OIRbSOa8bpG7KZwYV79Y50zAaq9TgCH5BZmHy1ajOclAXZQ8WKxJT6DCsFGL0EubyXpXoczTLXeQwonSmCOMT63l2yxcbEWKumJnFCOl7b8wvm5VERPhfteBqrRzS_9Xw4gyivenUp-te-DN_0vcCTsxGoecn20fCl8mQ-vrrAm1HTjar9Y6AI5_NdyQz45xrfK3a8xbtC1QcoHPXNnEC19bD59d2qUN4ZV3XGOZ-63r-Wf5j85zZ-4wkUy9NSy0Phxgbq1vkOftHCGsbb0zeUQ9uUV0P-ciPX64wqYzc0EdmhRlN8ikX5j1UcdA19GdG-BFbg8bRO5K1jh7ZqOPOT_dqQQtOVT_zE1M0_MvAxBjj24eACb-VuhuPBGq0Zwp7ABrd_ZOFgDFumoSbnI3nL37u6vRWRmBuzKn0sDHb2ysZ_ZDAqVAhmKiO5NASCt285qJuTemzzbDC31DGm8wZ4MUOVZNWHZh_9W5-k1zhxd4MhN_iXhWZvogaDE51zccQbKqSI4Sv2dw6F6AiuvQzsdT2aUwjdYeyV2lygOWXMRrEYbDb9eqoGW2gtjeMfOUIyCUHC3x1EjMIw2V5XS0_7IhlNQEPgu8qSFJEbQ-O1RRrQVKrTxwCUNJL2c3pGV8RrBMIyujOBCzbmSo0SBHF6OmQ_YRh0ozNse7PxH3tUkenXqgMFMnuHldffega-2t2hzAsvIj563WMmz34cFB4TuMO7vNpbDhG7GOX8RBMcNPvzlFA-Dejhtkm-cl3eDwY_3HddAXPUZmjUFtuSJd9bR2XlNCmnB8wIz0BdFMF2y2AnyeiYrmlptDjd1qT51tJ2zjGSK6fw7eOaU2Zlp5VWza2SyyU_c0yWANmYqe2MYcrcikZEcDKC5dSr7b8Fa6t8LuhGNVoUaFHYwdCNcAnhDW9RZ9N40Ii9wRSYzQApiV8Jyu5oq0KrRdq1WBQD38Ajo9m6gp1Aw4L6chcIqu1dLOh8wxKYZG9XfL1gMwKRg_rjvOWhB4UDSi_tj-OsEEsw_4gz0A7UoQPFWfAT5mX7Wa2XRCkLIhm9StPIEdsf437YiOaZpU_V3Q3TELkK7DHuSmFQgx2ulLr7-w3USLF_gL_16aL-ITe7DpzQXjSvkriFat1yWj0UDYhaSgpQc4pWPFASBpYAC_0OaGeeyHajHqcCGUw&sp=0.005 HTTP/1.1 
Host: in16.zog.link
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbbnr.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         62.122.173.146
HTTP/2 302 Found
                                        
server: nginx/1.20.1
date: Sat, 02 Jul 2022 19:57:05 GMT
content-length: 0
location: https://12112336.pix-cdn.org/m/p/0/11/11508/yPndOg0m.html?__OS_FAMILY__={{ __OS_FAMILY__ }}&__OS_TYPE__={{ __OS_TYPE__ }}&__GEOIP_COUNTRY_SHORT__={{ __GEOIP_COUNTRY_SHORT__ }}&__IP2L_MOBILE__={{ __IP2L_MOBILE__ }}&__BROWSER_FAMILY__={{ __BROWSER_FAMILY__ }}&OS_FAMILY=[OS_FAMILY]&OS_TYPE=[OS_TYPE]&COUNTRY_ISO_CODE=[COUNTRY_ISO_CODE]&MOBILE_BRAND=[MOBILE_BRAND]&BROWSER_FAMILY=[BROWSER_FAMILY]&DOMAIN=a.focusde.info&PRICE=0.0050&PRICING_MODEL=[PRICING_MODEL]&CAMPAIGN_ID=6435&CLICK_ID=c075b6ed-b562-4bc9-87fa-ef7be595765a&id_zone=[idzone]&site={{ site }}&out_name=37319%7C4317%7Ccpm%7C0.0020%7C%24%200.0050&campaign_id=37319&price=0.0050&pricebox_price=0.0020&pricing_model=cpm&click_id=c075b6ed-b562-4bc9-87fa-ef7be595765a&priority=[PRIORITY]&ad_sub=173501021&utm1=tcb&utm2=878669509-100&utm3=249-6435-14933&utm4=0-10346131-0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 2325.0=1; expires=Sun, 03 Jul 2022 19:57:05 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank HTTP/1.1 
Host: chaturbate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.bestcontentfood.top/
Connection: keep-alive
Cookie: __cf_bm=Kb5DF4jt.dgCS08ncRkioQjzfMeVS8gzu48OG1LeKT4-1656791824-0-AatHTMhua6RPNvoEFUKaVmMD8ZReEIU9Kv0yY+OowU1SqHmYPoioWyUfSI40j8xiUP3aqHFW7HT4FmFd68lzF4Q=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.101.40
HTTP/2 302 Found
                                        
date: Sat, 02 Jul 2022 19:57:04 GMT
content-type: text/html; charset=utf-8
location: /embed/ruby_lynx/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
set-cookie: stcki="pOtSwZ=0\054FqPd9a=0\0546pduSG=0\054aDBbcK=1"; expires=Mon, 01-Aug-2022 19:57:04 GMT; Max-Age=2592000; Path=/ affkey="eJyrVipSslJQyigpKSi20tdP0ktKLS5Jzs8rSc0rScvPT9EryS/QV6oFAARSDak="; Domain=.chaturbate.com; expires=Mon, 01-Aug-2022 19:57:04 GMT; Max-Age=2592000; Path=/ sbr=sec:sbr1bc341b2-7497-48d5-ba75-30910752b31e:1o7jEm:qkxFpKOfpWjdUtykHAL83wMl3_k; Domain=.chaturbate.com; expires=Thu, 27-Mar-2025 19:57:04 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7249f2c8cfd11c02-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5027), with no line terminators
Size:   5027
Md5:    5e5817bcf4c82c7c85d1d88636d221ce
Sha1:   b5c32cc6c931c33c1297884016e13d3b9a5bf261
Sha256: 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
                                        
                                            GET /get/10010248?time=1592494928726&atc=425995&apb=CiQ2ZTQ1NzVkYi1kMzkyLTRiMDctOTI3ZC02Y2Y2ZGU4OWQ1ZTEQsjYY5WQg2LboATCLgBo4v4GrAUABSLIBWAHZIcCp_uUbDLHI HTTP/1.1 
Host: a.adtng.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         66.254.114.171
HTTP/2 200 OK
                                        
server: openresty
date: Sat, 02 Jul 2022 19:57:04 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KImLAoxBtgmqyv7sDAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None; RNLBSERVERID=ded7079; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 62C0A310-42FE72AB01BB69F6-F6CC02B
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25770
Md5:    6c3b31eec5edeb3dc48ec0f2ab135aa6
Sha1:   f3ea25408a94b979c93a4d84d89a9adc6e3a52f9
Sha256: bd01f4a6ce87205d708f7f56b4bcc79742f32943f627adcce122b2ac10ed92d0
                                        
                                            GET /a7/creatives/1/1322/814271/1028051/1028051_logo.png HTTP/1.1 
Host: hw-cdn2.ang-content.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.20
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 02 Jul 2022 19:57:05 GMT
Connection: Keep-Alive
ETag: "1648748302"
Content-Length: 61941
Last-Modified: Thu, 31 Mar 2022 17:38:22 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10757791
X-HW: 1656791824.dop215.sk1.t,1656791825.cds211.sk1.shn,1656791825.dop215.sk1.t,1656791825.cds024.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  PNG image data, 900 x 250, 8-bit colormap, non-interlaced\012- data
Size:   61941
Md5:    ebcac7407da9e155302da2b91f4553fa
Sha1:   6e7b2ac10f618dfa219c2cf1334e4319e2be0cbc
Sha256: 784092a284f36151de8169050ef3e25db944e48f6852092e1a6da74001e3ae9c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "438739FEB2858CD203516C71FD2FE7FF30684BF8FAF636AEFB75432D9B95B4B8"
Last-Modified: Fri, 01 Jul 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5544
Expires: Sat, 02 Jul 2022 21:29:29 GMT
Date: Sat, 02 Jul 2022 19:57:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C69E6674D38F619C4D7C4F893ECE739F05882761EC1A74738EAFA2AB4E6E1644"
Last-Modified: Fri, 01 Jul 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3000
Expires: Sat, 02 Jul 2022 20:47:05 GMT
Date: Sat, 02 Jul 2022 19:57:05 GMT
Connection: keep-alive

                                        
                                            GET /api/v1/p/p.js?p=e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFImyUoVHjRg0yYlqQmZFDRgsaYmDcaGHyBpkWNsaYsXEQRw4yNcrEEPEwTJ0xGTuGMTOGRgwYLWqEkQGTRpmaLWPcOEnjxgwZNmKUuQGjhsmeEMnYWWgjhw0ZD-HUEUNRRg4YFSHCgbMQxw0aMx7OgTNRxwwcMALjwPGwDV-_NGDYqFEj68MxberqoCHjaw6HYs0slFFYhBg3bjgHjoGjsWE3GBlilQFDbZvUZWscfViHp46BdOjAmaPjxYswLgzSSe1izJs2L86UofMCaVwYMmjg-EEnTZsyPRqapJGje2eqNrjUgRHdRhg6Y3pUvlxjfPmsYeCI6TEkTRQZWqhEieFEj5U1skgjhjWa0GONPJigQoo0miBCoieoSGIGLYaILgsZMNTiiCpoeOIK_vQrIoo51MgiixpAPEMGJsR4IwgqhmDiDCHeoMEOGo6QI4gqghBiCiaSEOKKIJDQIokxhoDjizqqEIMIJpBIIiw42qDooTeqvFIEMpDLKDgz3hijjjkOciENN8IMawz0Ftpihhi6UEuOoHSAwYXy5MqSzoXuzPMhMTazE0-55LBjsoZqqyONjAoCbIwZyigjptlyQEmMMmpoAQcxbjBDqRm-iggHR2uwIaw0JhMhhxhcgMuFylxoiIaw5Pgi1YxYdfXOWGcNq44wMmriDT3SYIONMF6oAU8QUMAihhh2AIEJNOvAAwQ8cLDhCxtokNZQHc7CMwUQjihjjDXeeKG155CKAQQj0pCjjDDxeEFcGNasUwQnngjrDVvH2LffsNjYtwgnwjrIji_mZYMij27AYQYbAnNNBDnOEE0Hy-56aOEvxJDDLs9AbuMNMkbT6mM53lhILxHeUIjjOd_AI4-FaHhoXkFz262338AUk0wz0QzzhbDuyCiGzvJ9CI2lo6N1L0MzapkO9ABuoQ430qCjBRlaJUMGhfc96Iuxw6LDSoYYs-EGVnGQzqI2yG7bVLhLk64GpHwio-Ey-PqizbvfjntuEcpgOAw2EKJj5jdpkBMiMfzikt6f2JhILYP7hEw1GPpQICA%3D&s=ed2593026346d7b6b267951055ac49e1b8803a2085467a9ea1310d70e45945a41656791824&w=t&r=1&d=273&priv=false HTTP/1.1 
Host: pxl.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: ts_uid=ea38c3ee-6549-4be5-8b7f-5359ac8ea356; bfq=e0SIEaFjiwwcMGLgqFGjCwsRYwpuifFQRJmJMWzUsIHjBg4ZMmh06aMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         136.243.46.131
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 02 Jul 2022 19:57:05 GMT
content-type: text/javascript; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   24
Md5:    0959ba36d476b6dc1994ba3c678b07c4
Sha1:   d30b94da72daa02766965206a85b7e0356375f5e
Sha256: 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "50370CCD1860982A6897B16A98085D6B8B5D5C60E6DF35C6647C65909D020202"
Last-Modified: Thu, 30 Jun 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7079
Expires: Sat, 02 Jul 2022 21:55:04 GMT
Date: Sat, 02 Jul 2022 19:57:05 GMT
Connection: keep-alive

                                        
                                            GET /riw/katdreams.jpg?1656791820 HTTP/1.1 
Host: roomimg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=XdQSheo.y1NYEkjM.i0pP_VW8y12VynNJ64nn7IcO1M-1656791825370-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.19.241.83
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:05 GMT
content-type: image/jpeg
content-length: 3731
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2
last-modified: Sat, 02 Jul 2022 19:57:03 GMT
expires: Sat, 02 Jul 2022 19:57:35 GMT
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScGa%2Bgbswzyz4JC4H7RpR2hA%2FIAmB3ZLJ8U2YZwCR6iQKADBLXvY4M79z1IqquuociN%2Bv%2FQ0H3hajNSpvRB80evAKuHOcUFSJyDriCxHl0ShplJKccCAyv%2F%2FkHbbYqfE6%2FtZXCGcG%2BPfVn5bjKlFAII%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7249f2cd3888b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 480x270, components 3\012- data
Size:   3731
Md5:    d7f39e3ff273e5b46376cdc29a840b7e
Sha1:   8c1a14d31e570753ceddb695609edc9964638874
Sha256: a41c29ca8d9c001d8c8b33c98df9c0d1fd704bf0eae6fd8dc45956dac32bbaba
                                        
                                            GET /as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=900&adHeight=75&niche=female&fontSize=15&font_color=%23fff&background_color=%23000000&hn=fap247.com&AFNO=1-286 HTTP/1.1 
Host: as.sexad.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         216.127.52.241
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx/1.10.3
Date: Sat, 02 Jul 2022 19:57:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Access-Control-Allow-Origin: *
Set-Cookie: at11656791825937_0_5106_4398=0001000; expires=Mon, 01-Aug-2022 19:57:05 GMT; Max-Age=2592000; path=/as; samesite=None; secure iid=2162-1656791825; expires=Tue, 29-Jun-2032 19:57:05 GMT; Max-Age=315360000; path=/; samesite=None; secure
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   3470
Md5:    33dbb4c0ae62b5fa4c97fadc21bd78be
Sha1:   cc309efef837d60de347f6954e7c3cf8fa7cf614
Sha256: 0c65841791ea728993a58a72ec053c351dc3cf2ddf5c6849c12fa27ecec9c702
                                        
                                            GET /as/if?p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286 HTTP/1.1 
Host: as.sexad.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         216.127.52.241
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx/1.10.3
Date: Sat, 02 Jul 2022 19:57:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Access-Control-Allow-Origin: *
Set-Cookie: at11656791825937_0_5104_5672=0001000; expires=Mon, 01-Aug-2022 19:57:05 GMT; Max-Age=2592000; path=/as; samesite=None; secure iid=6056-1656791825; expires=Tue, 29-Jun-2032 19:57:05 GMT; Max-Age=315360000; path=/; samesite=None; secure
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   5901
Md5:    c86257cceb7da6755ae4103faa133f8f
Sha1:   f07981ea1e1a1c84a98b4d5ac944e8d2e9650a94
Sha256: 515299b3e25e5c796940a3791f4451601ccfbe6e482d5d4192c01d117d8b07db
                                        
                                            GET /jquery-2.1.3.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:05 GMT
content-encoding: gzip
content-length: 29507
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-14960"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1656791825.dop210.sk1.t,1656791825.cds227.sk1.hn,1656791825.cds215.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32180)
Size:   29507
Md5:    de4fdb8e2e5d9b9624bad7ed2b726525
Sha1:   053a31e8e83b261e3863c4f9e652caba910a2b89
Sha256: f44c9556d0ecebc0716a7fce2899c0b40ed96394bebafb2937f4305bf3b118f3
                                        
                                            GET /nr-spa-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
                                        
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 02 Jul 2022 19:57:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 962
x-timer: S1656791826.892620,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32010)
Size:   18216
Md5:    6561a2403142205f966207d61576f1a6
Sha1:   1310e72f494e12ab63a4280fc1600a2c89dc9bb8
Sha256: 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "937962770FC75EFD82C864F4C5B17BD5EED7CF62FD70505A642F4B9297C7534C"
Last-Modified: Fri, 01 Jul 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5323
Expires: Sat, 02 Jul 2022 21:25:48 GMT
Date: Sat, 02 Jul 2022 19:57:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "937962770FC75EFD82C864F4C5B17BD5EED7CF62FD70505A642F4B9297C7534C"
Last-Modified: Fri, 01 Jul 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5323
Expires: Sat, 02 Jul 2022 21:25:48 GMT
Date: Sat, 02 Jul 2022 19:57:05 GMT
Connection: keep-alive

                                        
                                            GET /npe/_common/script/adblock/advertisement-v161802.js HTTP/1.1 
Host: pt-static3.ptlwmstc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.200
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:05 GMT
content-type: application/javascript
content-length: 21
last-modified: Thu, 30 Jun 2022 14:25:11 GMT
etag: "62bdb247-15"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   21
Md5:    01c6e7ecb819ef28b0c9b962513a1596
Sha1:   1a49f493db7b91ed34a7040d36732352b9a5dc39
Sha256: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
                                        
                                            GET /npe/ba/fklf/script/fk.lf-v161802.js HTTP/1.1 
Host: pt-static2.ptlwmstc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.200
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:05 GMT
content-type: application/javascript
last-modified: Thu, 30 Jun 2022 14:25:11 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"62bdb247-4f39d"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   173880
Md5:    ecb8c3976f5b04305bb0fa75c077a4a0
Sha1:   1b48b0e8acf07ea4aae280692b32c51a572231a9
Sha256: a377f2b8c6c0072fb70c670042e601aa1a5358c1cfe2ea17e2cbc0684d6aba61
                                        
                                            GET /jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js HTTP/1.1 
Host: m.sancdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 02 Jul 2022 19:57:06 GMT
Connection: Keep-Alive
ETag: "1367368554"
Cache-Control: max-age=86400
Content-Length: 19484
Last-Modified: Wed, 01 May 2013 00:35:54 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1656791826.dop219.sk1.t,1656791826.cds243.sk1.shn,1656791826.dop219.sk1.t,1656791826.cds026.sk1.c


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (14756)
Size:   19484
Md5:    70d492eca4141bdd1452977dd893dd63
Sha1:   9cd9504b3afdeca86a03251591e1afab36ae2c57
Sha256: ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260
                                        
                                            GET /common/videojs/videojs.min-original-v2.css HTTP/1.1 
Host: m.sancdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 02 Jul 2022 19:57:06 GMT
Connection: Keep-Alive
ETag: "1385146323"
Cache-Control: max-age=86400
Content-Length: 11451
Last-Modified: Fri, 22 Nov 2013 18:52:03 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1656791826.dop203.sk1.t,1656791826.cds018.sk1.shn,1656791826.cds018.sk1.c


--- Additional Info ---
Magic:  ASCII text, with very long lines (11336)
Size:   11451
Md5:    4b6813504d31e3b11655aafacf165db4
Sha1:   96517f0033bd59f277cd2eefa7d088ae6ff82dad
Sha256: 063b4a568733054fea7f238a10b384170ce29c136d3194feed44d8c8b451f55d
                                        
                                            GET /common/videojs/videojs-411.js HTTP/1.1 
Host: m.sancdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 02 Jul 2022 19:57:06 GMT
Connection: Keep-Alive
ETag: "1448403647"
Cache-Control: max-age=86400
Content-Length: 71023
Last-Modified: Tue, 24 Nov 2015 22:20:47 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1656791826.dop012.sk1.t,1656791826.cds043.sk1.shn,1656791826.cds043.sk1.c


--- Additional Info ---
Magic:  ASCII text, with very long lines (691)
Size:   71023
Md5:    532c3b3953d350e917649027f2c2accc
Sha1:   ffa74d9d511742bcf131580f71475dda94b962bc
Sha256: 16d0f10631780e6f883d0ec99240c59cc9836c76121d31111331732aac932fe0
                                        
                                            GET /px.gif?stno=3-937-fap247.com-0-5104-0-0-3001-5672-3&p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286&cam=0&adv=0&ctry=NO&lang=en&dev=Other HTTP/1.1 
Host: as.sexad.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/as/if?p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286
Cookie: iid=6056-1656791825
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.127.52.241
HTTP/1.1 200
Content-Type: image/gif
                                        
Server: nginx/1.10.3
Date: Sat, 02 Jul 2022 19:57:06 GMT
Content-Length: 35
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Access-Control-Allow-Origin: *
Set-Cookie: ust=1656791826; expires=Tue, 29-Jun-2032 19:57:06 GMT; Max-Age=315360000; path=/; samesite=None; secure
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1\012- data
Size:   35
Md5:    729c3007a8ed0597531b0c76d54a94bb
Sha1:   90fe9b8a8142548fdfab29f59cb0a164a0eaef81
Sha256: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
                                        
                                            GET /css/twemoji-sprite-1.css?c4df0605225e HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.0ea9680f7f95.css
Cookie: _cfuvid=EnlzLluz8edItU2YUt6.Y3kRb9L7Yl21w4WRK5oG6Tc-1656791825368-0-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.93.42
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:05 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=376950
etag: W/"9c39c66b7dfac90cd90aaa51712201a3"
last-modified: Tue, 06 Apr 2021 16:32:47 GMT
x-amz-id-2: KmxF5Xd+Hl+kCHR7ztVH4cMTTpKaYhBCqmB775okde60URUFykMxNAmJtwjNnH2Iz6pE+vJfNYE=
x-amz-meta-s3cmd-attrs: md5:9c39c66b7dfac90cd90aaa51712201a3
x-amz-request-id: B7R6HC27YJN3W8BK
cf-cache-status: HIT
age: 150146
expires: Mon, 01 Aug 2022 19:57:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfSG4JgfK%2BHmjERGgniCoklPiTu98kO7WN9UcXdSeJ%2FlRT49mojFxv6Nq%2F6qwDzlWu%2F2Kt5AAkN9VR%2FKTIt2RZFGs0KlKb5WYvQFw0ZVRoVal7K7Ehn52wp4JTPhCo7wDwyiHoAUDz9vlM0irMw1YA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7249f2cce946b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   41336
Md5:    ab9f1bda711d1c580c84383bdc7cb24f
Sha1:   66f2d5bea33985e24c1cfc890c3620045584cf67
Sha256: 4dcb8cc9ab1fe2c20daaedea1c25d073e5aedd075437ebff5b8b4587df1b0629
                                        
                                            GET /embed/lf?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&category=girl&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=false&vp[showPerformerStatus]=false&filters=&ms_notrack=1&subAffId={SUBAFFID} HTTP/1.1 
Host: awecre.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.191
HTTP/2 200 OK
                                        
content-type: application/javascript
cache-control: no-cache
date: Sat, 02 Jul 2022 19:57:05 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 01-Aug-22 19:57:05 GMT; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10498
Md5:    7c741fe5ceee8e94e4388de5056486a5
Sha1:   8f9f7023b132b881b6f8cce4b013ac03c0383de2
Sha256: 9674631c0f8754e6a79ee33e3b7182421689dfa300c18009a066b3746b2c3da5
                                        
                                            GET /CACHE/js/output.caee332d326d.js HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.93.42
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:05 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"b61e15511bf0db70d0d422e98c465403"
last-modified: Thu, 24 Jun 2021 21:24:08 GMT
x-amz-id-2: gAJe87IyJM0OkbaBgua73HTcoEANURYYk4wpsNNClr414DBIRL/v+K+9hxRFHrgcwnw38qlmXmM=
x-amz-meta-s3cmd-attrs: md5:b61e15511bf0db70d0d422e98c465403
x-amz-request-id: 2D5TZ021KE4200HB
cf-cache-status: HIT
age: 1117787
expires: Mon, 01 Aug 2022 19:57:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UhHQCVa%2BNBtFFouDt1coIL4alKXXKWUpo6n%2FcEIVv1EYE15b4OUSfuiC0pmR3fpHoDVmtkOOtFRdst1fO%2BejUZpRJnbJHqbfPUqBhIKvd0BjbruViLl9bZIjf0xCMmLeFAuuGfUOXMx4WffuQlxK5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=uPCvKlhJi70wXbywzl70dAK4xyNgcdZgZ2nWzSBmDTk-1656791825417-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7249f2ccd923b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1105)
Size:   988
Md5:    2602ba38b12875055ab2a0cad20fab5f
Sha1:   82281be21079ee7cd896d4f9e964f8d4583e22a7
Sha256: cc2cf29107b4c42cc1bb73fcefed4062e8b9a6b1edea221f18baa6ae872aeb8a
                                        
                                            GET /eG0Rs/TaS.gif?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net HTTP/1.1 
Host: pt.wmptctl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         93.93.51.191
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 01-Aug-22 19:57:06 GMT; SameSite=None; Secure
expires: Sat, 02 Jul 2022 19:57:05 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /npe/image/smilies_ex.png HTTP/1.1 
Host: pt-static1.ptlwmstc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.93.51.200
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:06 GMT
content-type: image/png
content-length: 8533
last-modified: Tue, 07 Jun 2022 10:29:59 GMT
etag: "629f28a7-2155"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 536 x 138, 8-bit colormap, non-interlaced\012- data
Size:   8533
Md5:    53fc00ebf44066190d5faea2a7931e7c
Sha1:   21178ac1ffb10f958d26d17a0fe49d5d31a00720
Sha256: 63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c
                                        
                                            GET /common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1 
Host: m.sancdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://as.sexad.net
Connection: keep-alive
Referer: https://m.sancdn.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Date: Sat, 02 Jul 2022 19:57:06 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 56780
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1656791826.dop202.sk1.t,1656791826.cds232.sk1.shn,1656791826.cds232.sk1.c


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Size:   56780
Md5:    97493d3f11c0a3bd5cbd959f5d19b699
Sha1:   1075231650f579955905bb2f6527148a8e2b4b16
Sha256: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
                                        
                                            GET /stream?room=ruby_lynx&f=0.4158940736603902 HTTP/1.1 
Host: cbjpeg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=81a9uMeROG7RXeauv2QyQbAzWBlK7phc3DidjT13Px8-1656791825405-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         131.153.88.92
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 02 Jul 2022 19:57:06 GMT
content-type: image/jpeg
content-length: 24281
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Size:   24281
Md5:    edb0a6fd5c9af2ca35adeee609bcb2df
Sha1:   7ff997fc4d3d790e1f5a840901b59c1e9a86f949
Sha256: 91147c848f9bd177d6b40a92a5aced08346d828d225b934e14bb645f32e4c101
                                        
                                            GET /ff268cab8d9fbae1ed7506f97496274f18/84245260d4364004160bd7e4aa1f2f24_glamour_896x504.jpg HTTP/1.1 
Host: galleryn11.awemdia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.190
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:06 GMT
content-type: image/jpeg
content-length: 60896
last-modified: Wed, 25 May 2022 02:38:16 GMT
etag: "2908165849ca13838bdcddd32484b8b1"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 16 Jul 2022 19:57:06 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Size:   60896
Md5:    2908165849ca13838bdcddd32484b8b1
Sha1:   0a60e567210b73d82ac21c9a3f17e475ac598ce5
Sha256: cf615dfca8cf9b380ab2990b0f4860a72c407688cc13621f5fc34461d950797e
                                        
                                            GET //media/1/2/7/12742994.jpg HTTP/1.1 
Host: m1.nsimg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         207.178.0.91
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sat, 02 Jul 2022 19:57:06 GMT
Content-Length: 24882
Connection: keep-alive
Last-Modified: Thu, 26 May 2022 17:18:43 GMT
ETag: "628fb673-6132"
Expires: Sat, 01 Jul 2023 14:22:49 GMT
Cache-Control: max-age=31536000
X-Varnish: 5905968 1892670
Age: 86413
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 320x240, components 3\012- data
Size:   24882
Md5:    4ab4c8b0c649c0e9e4a726d43c8601e2
Sha1:   68628799022baa18826b8b0c76d6bde8fa80b4d0
Sha256: 7ad5b9a9a5fe8c102582e6c25651d13f8b21e1915746cdb2a43b4fc3c13c5191
                                        
                                            GET /stream?room=ruby_lynx&f=0.4532293456829293 HTTP/1.1 
Host: cbjpeg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=81a9uMeROG7RXeauv2QyQbAzWBlK7phc3DidjT13Px8-1656791825405-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         131.153.88.92
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 02 Jul 2022 19:57:06 GMT
content-type: image/jpeg
content-length: 25226
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   46626
Md5:    f43c488945bd40d7ae2d62b098ddb7b3
Sha1:   ac69e6fdd294874c105fbc75e0e162622740a3d0
Sha256: 9905aa914ecd7ea67f5836ee6f5a28b436fe3f633c119855e9cf94d18bf8b763
                                        
                                            GET /ff268cab8d9fbae1ed7506f97496274f15/5727614a0a53cc254c6fd2692c83680c_glamour_896x504.jpg HTTP/1.1 
Host: galleryn11.awemdia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.93.51.190
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:07 GMT
content-type: image/jpeg
content-length: 94191
last-modified: Mon, 06 Jun 2022 17:24:18 GMT
etag: "f00f1a1831001f109d48c1bed2cd9eed"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 16 Jul 2022 19:57:07 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Size:   94191
Md5:    f00f1a1831001f109d48c1bed2cd9eed
Sha1:   83d88219a055293b91810448752e5f0ea83529ce
Sha256: 759351085c807a814531d0649c607760e36b18fc35fac072fe4f4dbae34ead6e
                                        
                                            GET /ff268cab8d9fbae1ed7506f97496274f1f/f57edbc9457999eb9bcf73f9b285d263_glamour_896x504.jpg HTTP/1.1 
Host: galleryn11.awemdia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.93.51.190
HTTP/2 200 OK
                                        
date: Sat, 02 Jul 2022 19:57:07 GMT
content-type: image/jpeg
content-length: 86584
last-modified: Wed, 25 May 2022 03:56:14 GMT
etag: "2917e184992896557b84b8ac4fcf6cc4"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 16 Jul 2022 19:57:07 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Size:   865