xfantazy.com/video/629a418633a7ea0600f6d506
104.26.1.188302 Found 0 B URL HTTP/1.1 xfantazy.com/video/629a418633a7ea0600f6d506
IP 104.26.1.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/629a418633a7ea0600f6d506 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 09 Sep 2022 23:28:48 GMT
Content-Length: 0
Connection: keep-alive
location: https://xfantazy.com/video/629a418633a7ea0600f6d506
cache-control: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjV4oBPiaFKp3PFWJ%2FaeCvQxIK%2FzEGUR9tmL%2FidzjwmSEHgeu6UwJZmy%2Fr8sySpbHZ1tKTQELlVHKxFYFj4d7qwA97YPwCgdRvl9XhTDOT9nmtaTPu59UKQEZRNQCg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7483b3ce1fe30b61-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2227
Expires: Sat, 10 Sep 2022 00:05:55 GMT
Date: Fri, 09 Sep 2022 23:28:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 23:06:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1Z8MMm1CUILf1GEJsxclOthR0XGHVRoYqv1spD9kQH1LutHTM65IuQ==
Age: 1364
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u9YH0DS7fRu0PwR68aJhC0tV-e4nqIb8GqQ0VCdRriIL4q_Bpxc9NQ==
age: 70934
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 09 Sep 2022 22:56:07 GMT
Cache-Control: max-age=3600
Expires: Fri, 09 Sep 2022 23:54:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TaBYgpyk4-IR1cLHHGgzd4H8Rug9hcj17YphVcmFroRS7n8Ds8oN-A==
Age: 1961
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2472
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:49 GMT
Last-Modified: Fri, 09 Sep 2022 22:47:38 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
xfantazy.com/_next/static/chunks/16.2fcecc4fbe403da70f1d.js
104.26.1.188200 OK 6.7 kB URL HTTP/2 xfantazy.com/_next/static/chunks/16.2fcecc4fbe403da70f1d.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (20298), with no line terminators
Hash 374cfbc4d63b8400d5add8f3359825c4
5670dbd994466b5f15a0110345cd3161dfefe59c
08a32dd22bef87f9ac4ed2d4d15765f9feafac0b46182edc2c9a96fa3e5da88c
GET /_next/static/chunks/16.2fcecc4fbe403da70f1d.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:18:49 GMT
etag: W/"4f4a-179fb7093d6"
cf-cache-status: HIT
age: 29223197
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SL1AH7EZimeNVkue5qE8PFb9c6lVpQJpEws7bSaYBTyIU3CDD8rbAgmoiRpFielACWNHnBhWbhHZE7PQNvkZXeIhKD7MyqfDLlCEPVIu4uAFJJEe4%2B6RgMHRXYbLeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d55b950b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.35.167.249101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.167.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kJp1IlNwcJrkUbGB4Jyrww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bpSAWvFrOdsvzAh4zRyPGQNNDUk=
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5a0d3346bda5d72a6f86212f3b98820c
ea6855fab4b435a761768217d4c3d785f4e40840
4011f83eec0ade2ad603a0c265a27d9b2b62daeed32b4657714c03ffae8f5243
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:28:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 15:14:19 GMT
Expires: Tue, 13 Sep 2022 15:14:18 GMT
Etag: "ea6855fab4b435a761768217d4c3d785f4e40840"
Cache-Control: max-age=315328,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7483b3d5b8400b69-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5a0d3346bda5d72a6f86212f3b98820c
ea6855fab4b435a761768217d4c3d785f4e40840
4011f83eec0ade2ad603a0c265a27d9b2b62daeed32b4657714c03ffae8f5243
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:28:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 15:14:19 GMT
Expires: Tue, 13 Sep 2022 15:14:18 GMT
Etag: "ea6855fab4b435a761768217d4c3d785f4e40840"
Cache-Control: max-age=315328,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7483b3d5c96cb527-OSL
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap
142.250.74.10200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap
IP 142.250.74.10:0
Hash bf2e1905c1691c57860c22b419db97a1
eb8724d987273be5cd45b9ce2237cc4be8005015
c301938dc830a7d73a47bcdc6973bf52fa5edbfb515bb94b4984ecd4b836553f
GET /css?family=Roboto:100,300,400,500,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 23:28:49 GMT
date: Fri, 09 Sep 2022 23:28:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/cO_H63ekyq3v8Tif-w/w320h240/0.jpeg
188.72.235.186200 OK 1.9 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/cO_H63ekyq3v8Tif-w/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 5d3489d674432fb5518f88da8778fb9e
1eb2282b65a3551f9ba2a99437c033ad17686ca0
a172de09674bc9377e0e5e22c81d52623dfdc12d648034ea0f3d07ca121376cf
GET /thumbnail/cO_H63ekyq3v8Tif-w/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: image/jpeg
content-length: 1888
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/crmS63GjyKbt_W_Cqw/w320h240/0.jpeg
188.72.235.186200 OK 14 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/crmS63GjyKbt_W_Cqw/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 85f9c5d2a5991006fe5cea94f26996e7
de327ae1ff92142e7bf34faa4c04dd9d7aa68c00
cd670ca5aaa4f051f9902e9fa79629638301fe118c60cb3260a33171f8c836f9
GET /thumbnail/crmS63GjyKbt_W_Cqw/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: image/jpeg
content-length: 14093
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/ILvC7ySlmKa6rTqe-A/w320h240/0.jpeg
188.72.235.186200 OK 11 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/ILvC7ySlmKa6rTqe-A/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 476866edfd69fd157331d50234aab9a2
d378dead56e65081695ccef33384eaeacbbfeabe
ada7aa16f7120b9956d5c51ab5b4157567e8fa0ca89e20ec292e5a22cfd7f1bd
GET /thumbnail/ILvC7ySlmKa6rTqe-A/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: image/jpeg
content-length: 11305
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/9.be198c87e436634bf765.js
104.26.1.188200 OK 20 kB URL HTTP/2 xfantazy.com/_next/static/chunks/9.be198c87e436634bf765.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (40085), with no line terminators
Hash fe012788ce93ff7762714ce94f42adf0
bce0cd4818f114827a7be4c6f3e0b919d169ad48
e6ce7a27a32e767c163ff4ae213dcda6aeb497d8de4176ccef7c7b889f675f0d
GET /_next/static/chunks/9.be198c87e436634bf765.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"9c95-181397f9e55"
cf-cache-status: HIT
age: 8206888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blx6Z7DTZ%2BpgV%2BJaBjt5WBbpisyggi%2FI%2BIWwwvH0NsmL39JfHqhmwaw3S%2FiEqkJdMS8ftnfblsIL5GSu7NSuE%2BDW%2FGGuA%2FyUWOoW5F0yoLfkWpsYTKqg4qc8Gh9gEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d55b930b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX
142.250.74.72200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX
IP 142.250.74.72:0
File type ASCII text, with very long lines (15971)
Hash 760498e8021de90582679e4710419414
cee44db6f903835cd47178a5d654d3665d7cc367
9cd82d42f180c85c45bb673d993b23b525aa7140f2defcd18ff9070531e9d1ce
GET /gtm.js?id=GTM-PLKQLTX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Sep 2022 23:28:49 GMT
expires: Fri, 09 Sep 2022 23:28:49 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52801
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5a0d3346bda5d72a6f86212f3b98820c
ea6855fab4b435a761768217d4c3d785f4e40840
4011f83eec0ade2ad603a0c265a27d9b2b62daeed32b4657714c03ffae8f5243
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:28:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 15:14:19 GMT
Expires: Tue, 13 Sep 2022 15:14:18 GMT
Etag: "ea6855fab4b435a761768217d4c3d785f4e40840"
Cache-Control: max-age=315328,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7483b3d5bab0b51e-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xfantazy.com/_next/static/chunks/47.6c9a4510342e4dd3af77.js
104.26.1.188200 OK 1.3 kB URL HTTP/2 xfantazy.com/_next/static/chunks/47.6c9a4510342e4dd3af77.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (1568), with no line terminators
Hash b5a9fe76c99b0879512ce3929f1e734e
4a3964144f5b7144eba28bf4c489e0b4260d64c1
5d779f1f9404fd66dde03b2e40971cd08c619310ed15ac0fd747fc9d848393d3
GET /_next/static/chunks/47.6c9a4510342e4dd3af77.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"620-181397f9e59"
cf-cache-status: HIT
age: 8207290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cF0zBQnkwVRf7CIeSSNHv%2Fhc9zoZvEQw%2FLOQghFY61eM8wXKLGY9ZSH8%2B3xiz%2BjyNjfpSyLMKTkQ%2FGCVkbUiFUYYAq%2F3JwpMcfn3KyrN0IopWer7JBX17kd0DjpxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d55b970b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/59.edff5ae0d8d83054b552.js
104.26.1.188200 OK 26 kB URL HTTP/2 xfantazy.com/_next/static/chunks/59.edff5ae0d8d83054b552.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (3211), with no line terminators
Hash fda55c482f5f9d354ef9b7715c0137a6
3942e4a8d6f90dee63ca711954865c012afe5e53
6c6880d2c398f1ec8e93fba8d086c102fa1075738366ef45681c5baae2714abd
GET /_next/static/chunks/59.edff5ae0d8d83054b552.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:20:14 GMT
etag: W/"c8b-179fb71df0d"
cf-cache-status: HIT
age: 29223197
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rTZYgfk3eldvfXse3fwPW2Ph%2FhD8cGq%2BlCUBceakjc%2FhRsWPk5TuzNZoqFhPlOy6dfHctWgImB7%2BFrm7TmzkAs5mSKiFaUFFmtLt9Ogy6inKdHkEFf6UT4iS87KzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d55b960b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 186881
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
xfantazy.com/_next/static/runtime/webpack-f4d22593ad73f080a168.js
104.26.1.188200 OK 21 kB URL HTTP/2 xfantazy.com/_next/static/runtime/webpack-f4d22593ad73f080a168.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (12210), with no line terminators
Hash 48f89f53659b078ce78451b339a9e275
c25e878cbc44c2c9d3ae88d351ec1ded1eee50ab
5e715e35ce9c5a2875aad5e10a8a7a2d9a9db9db3fa6e962d630f38b80d6a07b
GET /_next/static/runtime/webpack-f4d22593ad73f080a168.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:28 GMT
etag: W/"2fb2-1826d2b92c0"
cf-cache-status: HIT
age: 3077070
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaEzOMCOS5F%2Fv%2Fiknp9yspe%2FGPWh%2B6mKEGUSwL%2BQjKdyZ%2Fl3qsfb0J8B1KdjpZuVCONK1qTw5hCVtQXgXsz42Rg4pJgtIUyX6I1qgkgcmRQkj97fMZdjeAGVNz3p4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d55b9a0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xfantazy.com/static/xf-small.png
104.26.1.188200 OK 1.2 kB URL HTTP/2 xfantazy.com/static/xf-small.png
IP 104.26.1.188:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 73788af337ff4a5e7c8d8ea19dba155f
e0bd72878475603f40ebd05077c626816ed3285c
be4a320fd44fdaaced2a2056ff7a4c0765a6ed0996c9b4c94a0cb2458967e8df
GET /static/xf-small.png HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: image/png
content-length: 1153
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Fri, 05 Aug 2022 08:39:17 GMT
etag: W/"481-1826d28a7db"
cf-cache-status: HIT
age: 2053
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6H5y43vf1ryEECDZ%2Frumq9SZjd8z7S61uqneVTJ9egwsIgFfOuEFTL4iFwpN7yFl7mtfrtEStSi58YppsPDI1x6uNW%2FsAKApTLX%2Fqm6E4URRCCGRhUP9zg91N8Uow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d73c780b65-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 09 Sep 2022 22:41:12 GMT
expires: Sat, 10 Sep 2022 00:41:12 GMT
cache-control: public, max-age=7200
age: 2858
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/video.js
104.26.1.188200 OK 92 kB URL HTTP/2 xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/video.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (22910), with no line terminators
Hash 365507ca3c378c2ecfa97a2ea54222c2
721d47fff7c21ef1b48014c32c380e25c0b96327
e43aebea8f90f9ac8be8f471e1a0f87c4b22bf8c7da893d06c5411a0bd8cda73
GET /_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/video.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:46 GMT
etag: W/"597e-1826d2cc2d4"
cf-cache-status: HIT
age: 3076567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwFwJ%2BRiT8lvBzZ%2BJFVWzRdUKSIVnz31thwab4Dnki%2FmxiZWn%2BOqEsxEU0YpzNt%2BFBYNxLLvRkXN2oa2q2aME08qSQhXH9oCsHr%2FCw9yeMaY4dSBMl%2F8HSYsDheRcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d54b8c0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/_app.js
104.26.1.188200 OK 39 kB URL HTTP/2 xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/_app.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c865f1f38d4f00aebf3e68c1ffc18bd4
1d21f8f8ed08e0fbbaa4c12b1e254dd8886c6e6e
faa54fe2a36dc884af667317cc4a457f7db35485787f4fdf8f9b741b703b73b1
GET /_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/_app.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:45 GMT
etag: W/"20e2f-1826d2cbfb8"
cf-cache-status: HIT
age: 3076988
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCKoNAokqQKN8AAf1wlDPIav1Q9hLs6g8bgicLEFkCWgGCQrfXjyyBc2A0xnguCX3BpOBAIGXaDKODNMOvOnQyexNE2WMXAGgil%2F1gpsVKj5FoExvcW1BmKQBi%2F9PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d55b8d0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/51.21792104df3f91cda445.js
104.26.1.188200 OK 1.6 kB URL HTTP/2 xfantazy.com/_next/static/chunks/51.21792104df3f91cda445.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (3301), with no line terminators
Hash 4973591acd0442614083d61ad71de2f6
a050ff8c14f9ab93bc380d45ed83fd5ca9203d39
dd568b1a5d115abf90f2daa5b4652d5ace1048c64033529e882a4268ac1b426f
GET /_next/static/chunks/51.21792104df3f91cda445.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"ce5-181397f9e59"
cf-cache-status: HIT
age: 8212379
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3oAUlnD%2BFJ8GwvarS3DXBtKXAt220CmmthOw0B6wk2gZlok9jgKD7%2FGmKn%2BA9b53fesDQ%2B72NyvZhtDkqex8rvP%2FCUzP4k%2FVyTUT71UbBTJPf2WqsqumbgM%2F2KEng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d98e0e0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/api/auth/login
104.26.1.188200 OK 2 B URL HTTP/2 xfantazy.com/api/auth/login
IP 104.26.1.188:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /api/auth/login HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Content-Type: application/x-www-form-urlencoded
Origin: https://xfantazy.com
Connection: keep-alive
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:50 GMT
content-type: text/plain; charset=utf-8
content-length: 2
vary: Origin
access-control-allow-origin: https://b.xfantazy.com
access-control-allow-credentials: true
set-cookie: k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiIxMzgzZWM2MDJjYjVkIiwiaWF0IjoxNjYyNzY2MTMwLCJleHAiOjE2NjMzNzA5MzB9.kyj4gI35DUWIgg6K4UzFmlGsV_bXBdT0I_IKKHCgJv4; path=/; expires=Fri, 16 Sep 2022 23:28:50 GMT; domain=xfantazy.com; httponly
k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiMTAyMWM4YzA1NWQyMiIsImlhdCI6MTY2Mjc2NjEzMCwiZXhwIjoxNjY1MzU4MTMwfQ.RZcihPLphEF7uCuGfgSLuukr5F8SgEoEF25ALjahmqc; path=/; expires=Sun, 09 Oct 2022 23:28:50 GMT; domain=xfantazy.com; httponly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k023gJXmZkAAkaLPGgEtspvzq3TawcWDKVA7brzzrwb6dE8nzJdzze0wCo43W6P%2FAepc%2FPAQuj37v9vYXKEcHJMm8MTUdub50G0I%2FehdadBl%2BUhNR86LkQquAn55nA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d9ce2d0b65-OSL
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/70.aeba4e9e28ccf1bae13a.js
104.26.1.188200 OK 35 kB URL HTTP/2 xfantazy.com/_next/static/chunks/70.aeba4e9e28ccf1bae13a.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (1389), with no line terminators
Hash 4b8c681bf136f7ff2c8b4b253abe1950
353eb7499d1215d984bbc800ed26fde414e55910
8dc878a67971cde19f4fd6d098b8b508b72fce7b656ef9e972740802f359e1c7
GET /_next/static/chunks/70.aeba4e9e28ccf1bae13a.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"56d-181397f9e5d"
cf-cache-status: HIT
age: 8212393
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Su3tKeH7cb1h%2FwyIjjgHOcGvrz%2BSy9fste1vEhVGR8WHdMAi9I8OedeM6c5Kp2KYuUMqm0k4ZnJ5GR%2Bx2ZDn8UvH9ViuHHVUdsts%2BVjRzlFU5iCwJDMXRAKRh32J1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d98e0f0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/242.e6062ff562716b6e41db.js
104.26.1.188200 OK 72 kB URL HTTP/2 xfantazy.com/_next/static/chunks/242.e6062ff562716b6e41db.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash eb0ddbe56dccb64c7d6ac8dc02227c4f
015c08dee0dbfa8cee9b50c91a547d9796518e25
402a67035e51cddc0c1212e2cdab9110f83d2723467679c44aecee48c6d094d9
GET /_next/static/chunks/242.e6062ff562716b6e41db.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 28 Jun 2022 10:55:52 GMT
etag: W/"26cdb-181a9f40d06"
cf-cache-status: HIT
age: 6352260
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIxDDMlWUt4p5hsZmS9P0FOX%2BpjTS94rRQ96H5Tddg%2BrNu8GcOf7LMcBYxnrgDf8C5wdcPslYPeGfE07SEgxcWQ%2BjKm%2FEAwggBIKUAxo9Qt7N5iu60b%2BlSuwco5OJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d8ddb80b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/signup.js
104.26.1.188200 OK 2.1 kB URL HTTP/2 xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/signup.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (2988), with no line terminators
Hash 877025bdf9a50fe74d838034f1b1444e
d3c128e62264e32e0853c1e7a5d8864781a25f10
22af1b9c186ee371122d3f6c413e4b8a308310c6c981b51c61d14d47643d5863
GET /_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/signup.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiIxMzgzZWM2MDJjYjVkIiwiaWF0IjoxNjYyNzY2MTMwLCJleHAiOjE2NjMzNzA5MzB9.kyj4gI35DUWIgg6K4UzFmlGsV_bXBdT0I_IKKHCgJv4; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiMTAyMWM4YzA1NWQyMiIsImlhdCI6MTY2Mjc2NjEzMCwiZXhwIjoxNjY1MzU4MTMwfQ.RZcihPLphEF7uCuGfgSLuukr5F8SgEoEF25ALjahmqc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:45 GMT
etag: W/"bac-1826d2cbfb8"
cf-cache-status: HIT
age: 3076159
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjshD7Rxl7Mzeea%2B8CI8WglK4lm6hHpDdd1cou%2FQOMo3Fl9FGv4wi8AjTO4sqdpR762ts1Sjzd0wT8SVEBYTM6WyGSzurPfr8M%2Bltan0%2BIaqw8FldzpK2lrOCy85Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3db0ecd0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 97e5566c275b9fe27464690811145846
fa8973c8004db59d9a8fd46e9743fb6c9a8d3efd
e77cd1a4510c736e628aa10719f7694d7c7fef15adf1a449d800f90cde76fb88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/tags.js
104.26.1.188200 OK 1.8 kB URL HTTP/2 xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/tags.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (3872), with no line terminators
Hash c18b67fe79af466ff8b9d44f651590be
74f3079a37a9c18e52b688643dd1393a900a40b1
b3aaeaf7be378ec00a687bede5c81cacce0752e71baf9e24b8befa2512d96e8b
GET /_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/tags.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiIxMzgzZWM2MDJjYjVkIiwiaWF0IjoxNjYyNzY2MTMwLCJleHAiOjE2NjMzNzA5MzB9.kyj4gI35DUWIgg6K4UzFmlGsV_bXBdT0I_IKKHCgJv4; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiMTAyMWM4YzA1NWQyMiIsImlhdCI6MTY2Mjc2NjEzMCwiZXhwIjoxNjY1MzU4MTMwfQ.RZcihPLphEF7uCuGfgSLuukr5F8SgEoEF25ALjahmqc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:45 GMT
etag: W/"f20-1826d2cbfbc"
cf-cache-status: HIT
age: 3076567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBIZI7QbKdP2IKHGbc3thIM7%2BxUs0N7QUmonNjhp66W0tE7p62GfvCZor6cuaynJGrYpChhWGyOs7brS7Li%2F6nLOuaEL99zIjfBksBPaGX%2BUiV5SSs4kts4W3M1qbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3db1ed00b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c6e160e23388ea3304ccf608e905fc6
bb4c9d87a4b86150bcfaecaeb01b3c8dead8738b
2e1b1aaaf49e6d4ebe69fb61dff4636a38af15c6848b76edf9f17737e3618bf4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E1B1AAAF49E6D4EBE69FB61DFF4636A38AF15C6848B76EDF9F17737E3618BF4"
Last-Modified: Fri, 09 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3229
Expires: Sat, 10 Sep 2022 00:22:39 GMT
Date: Fri, 09 Sep 2022 23:28:50 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 97e5566c275b9fe27464690811145846
fa8973c8004db59d9a8fd46e9743fb6c9a8d3efd
e77cd1a4510c736e628aa10719f7694d7c7fef15adf1a449d800f90cde76fb88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11545
Expires: Sat, 10 Sep 2022 02:41:15 GMT
Date: Fri, 09 Sep 2022 23:28:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11545
Expires: Sat, 10 Sep 2022 02:41:15 GMT
Date: Fri, 09 Sep 2022 23:28:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11545
Expires: Sat, 10 Sep 2022 02:41:15 GMT
Date: Fri, 09 Sep 2022 23:28:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fa03262bb3728f24a4c7a8177ec788
09dcbdc6043f01dd56920cca3ce3920d0d07b795
e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: bb6a7928-9bdc-44e7-8478-b415bc504343
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJu0bGYdoAMF5jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2b4f-208339fd72e62dff4a2ba339;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:50:07 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: UaU9GK4lcCuAN2WghBDa7f-21dRTA4Fh1tlAmGFMKh4wQOGZlKdmOw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:46:20 GMT
age: 6150
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084d9cc4-53b3-451a-b338-2150cda2f06c.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084d9cc4-53b3-451a-b338-2150cda2f06c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfadcca0fbc9780f8975c53481914c0d
bb613c04bdeab6ea13249d1cd48bb3268a830018
72f1c42b60eb8fa3893db6c226fe5a2dff41b45d8786d5c8095bdf31abff35ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084d9cc4-53b3-451a-b338-2150cda2f06c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9633
x-amzn-requestid: 85fa9747-6edf-45ae-b15e-85482c1dbf6c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkC-GrIoAMFueg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb3ac-7ea5f2ef3d9478e530f0f888;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:44:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Tsmb4LofjcXS6wnblUm8fEHrZcbblznnR1DZwo_jbbGIUV7Mp_qXqA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:14:57 GMT
age: 4433
etag: "bb613c04bdeab6ea13249d1cd48bb3268a830018"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 3481fcb7aa673ab47692fb98baadc856
935f46f1c5d555c47760f0c2d18ee4cc8eaf0c2f
a12bb432ba78910a0b7a1c56b7931afd370780f4027e080432c047cc09d62caf
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:28:50 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Tue, 13 Sep 2022 20:57:45 GMT
ETag: "935f46f1c5d555c47760f0c2d18ee4cc8eaf0c2f"
Last-Modified: Fri, 09 Sep 2022 20:57:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1695
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7483b3dcfd210b3d-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2402aa1c-c5d5-475b-abd9-db6b8ca99270.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2402aa1c-c5d5-475b-abd9-db6b8ca99270.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 572d8ed935df86fde22138e8bfddfd9f
3b25ffe66a762ea032c05b149a29fe0d6faa3687
866c2b16919ab311f906c4e8a074fd93b46f74408c9e2c9a4c30310afa08f047
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2402aa1c-c5d5-475b-abd9-db6b8ca99270.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9981
x-amzn-requestid: 1a34423c-b2d9-4ae3-a437-eb5717334372
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkiSGjloAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb474-00c79a927f7f7d5d70791b68;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:47:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jwkD86lz1SUQE__IGBv9RINc-LON017wkTpW7g0ePcMtssqd_POtpQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:57:12 GMT
age: 5498
etag: "3b25ffe66a762ea032c05b149a29fe0d6faa3687"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a798806-4378-4646-89ee-e50837809910.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a798806-4378-4646-89ee-e50837809910.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1abac18a85802f38f08561ac64020b55
afbc7666fa0b2093ef0c5d9a955d54d139c09b30
eae7f28dd178293939ecd81082ab68ae6098bb3cb1f1fe9411c38314ddb0f944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a798806-4378-4646-89ee-e50837809910.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9610
x-amzn-requestid: 34102145-abda-4987-a68d-9069496366ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNj0oF7loAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb350-52aee64214c814812c03262e;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 91AsC8-zVFCOPHFb2qnlTev2aXzdCEDYtc68JtYYsQSKS7OFF4QzgQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:00:27 GMT
age: 5303
etag: "afbc7666fa0b2093ef0c5d9a955d54d139c09b30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4e8861b-4d5e-4f2e-8b1c-e85d23f02c52.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4e8861b-4d5e-4f2e-8b1c-e85d23f02c52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b83fa95ed30533299bc754adaced672
27eda8377e1c00c53fb66b4e2fa4f0dd6c7020af
bc59e5ba6abafd8e7b10d6f8ae2269cbf739a4b28f9cbbf3adfc29a9195e6985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4e8861b-4d5e-4f2e-8b1c-e85d23f02c52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8626
x-amzn-requestid: af5e61ab-4f7b-4b03-8413-5d750b17e0df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLj9TH7vIAMFVMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae6bb-309144fb6e02564c4fcdb966;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 07:09:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: bFBgfMdRkPk-B4mnyk3sgdTEXhGAlHAaMl1MBVtlxzAE8iMtqVwdiA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 07:18:37 GMT
age: 58213
etag: "27eda8377e1c00c53fb66b4e2fa4f0dd6c7020af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8924b46b-4731-4526-b3b6-de366eb0e889.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8924b46b-4731-4526-b3b6-de366eb0e889.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aebe3c28455bc6c3da231ec6d873fb37
daf3fe4b0f004bc1bbd3b1acbc4f61d70ffcf2ff
efc51c27b859193ad35b279946c482784fff7429539c4b8bc35f09170fc0a904
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8924b46b-4731-4526-b3b6-de366eb0e889.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5284
x-amzn-requestid: c7255083-dd50-40ae-82c8-fef8617930b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkC0EF4IAMFe8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb3ab-28a11c9e09716207223f3eef;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:44:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: h8CF2LpA5oD8Q0__8Co4YygY44o5oYFprZ_LFyUFElJPc1U8Nyk2vg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:11 GMT
age: 4539
etag: "daf3fe4b0f004bc1bbd3b1acbc4f61d70ffcf2ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/top.js
104.26.1.188200 OK 112 kB URL HTTP/2 xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/top.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (1410), with no line terminators
Size 112 kB (112535 bytes)
Hash c116ba0bd0e19a6434b391873c54de9f
845204fea581705af20da70124399d83102a7d4a
007bc35aaa3597cd35f3adcabf7d2afde8d2738e281be7a77d9e6a778ba72a8e
GET /_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/top.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiIxMzgzZWM2MDJjYjVkIiwiaWF0IjoxNjYyNzY2MTMwLCJleHAiOjE2NjMzNzA5MzB9.kyj4gI35DUWIgg6K4UzFmlGsV_bXBdT0I_IKKHCgJv4; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiMTAyMWM4YzA1NWQyMiIsImlhdCI6MTY2Mjc2NjEzMCwiZXhwIjoxNjY1MzU4MTMwfQ.RZcihPLphEF7uCuGfgSLuukr5F8SgEoEF25ALjahmqc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:46 GMT
etag: W/"582-1826d2cc2d4"
cf-cache-status: HIT
age: 3076430
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wHSGZsw7SqfRxhl69c2gqklJxilAo5261afaXHDamk9qPfBWGiimyuBlk0GZksMGM%2FLcCTDJF7Lb4Wm0wCEEAOzi%2FOA3w7kauCSy6YE1EtqYifZZBLYhC6XPTZ06Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3db0ece0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
addresseetransportationsyndrome.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 addresseetransportationsyndrome.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37148), with no line terminators
Hash 46985832bb973ef414cda74466d3cc85
fcefdee09af9666ec63548e69b46d3e6021db85e
84543204e6299ba764421b6cd5a61723fc76bbb45a6d69e4c0f12db24c60986c
GET /a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js HTTP/1.1
Host: addresseetransportationsyndrome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 23:28:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: db9b2ba53e16162fe12a40c44e9f1dd9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1500%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766121%3Ac%3A1%3Arn%3A1028279843%3Arqn%3A1%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Ads%3A2%2C23%2C787%2C0%2C361%2C0%2C%2C184%2C7%2C%2C%2C%2C1524%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766121%3At%3Afree%20xxx%20video%2034%20Goddess%20Brooke%20Marie%20Feed%20Me%20Daddy%20JOI%20%7C%20goddess%20brooke%20%7C%20femdom%20porn%20free%20cfnm%20femdom%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
93.158.134.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1500%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766121%3Ac%3A1%3Arn%3A1028279843%3Arqn%3A1%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Ads%3A2%2C23%2C787%2C0%2C361%2C0%2C%2C184%2C7%2C%2C%2C%2C1524%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766121%3At%3Afree%20xxx%20video%2034%20Goddess%20Brooke%20Marie%20Feed%20Me%20Daddy%20JOI%20%7C%20goddess%20brooke%20%7C%20femdom%20porn%20free%20cfnm%20femdom%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash c2c986dc306857657b726ae4f363fc39
c86e9b42fbca35820cb131d4a25f85ecfa01cad9
4ee45c4f532448b3edb62fa89419001d51ca689c3893459742040e90f2b26fb9
GET /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1500%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766121%3Ac%3A1%3Arn%3A1028279843%3Arqn%3A1%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Ads%3A2%2C23%2C787%2C0%2C361%2C0%2C%2C184%2C7%2C%2C%2C%2C1524%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766121%3At%3Afree%20xxx%20video%2034%20Goddess%20Brooke%20Marie%20Feed%20Me%20Daddy%20JOI%20%7C%20goddess%20brooke%20%7C%20femdom%20porn%20free%20cfnm%20femdom%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Fri, 09 Sep 2022 23:28:50 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 23:28:50 GMT
last-modified: Fri, 09-Sep-2022 23:28:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1035ca30d5330a5d814361b7d59be719
50871f2f0dd600cc9f3ab10fe913f6dae3c7ec74
77389a008c6eb7151248708cad54c2b485b4067b5263ff89b342d6c89f63278d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "77389A008C6EB7151248708CAD54C2B485B4067B5263FF89B342D6C89F63278D"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14141
Expires: Sat, 10 Sep 2022 03:24:32 GMT
Date: Fri, 09 Sep 2022 23:28:51 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1035ca30d5330a5d814361b7d59be719
50871f2f0dd600cc9f3ab10fe913f6dae3c7ec74
77389a008c6eb7151248708cad54c2b485b4067b5263ff89b342d6c89f63278d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "77389A008C6EB7151248708CAD54C2B485B4067B5263FF89B342D6C89F63278D"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14141
Expires: Sat, 10 Sep 2022 03:24:32 GMT
Date: Fri, 09 Sep 2022 23:28:51 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1035ca30d5330a5d814361b7d59be719
50871f2f0dd600cc9f3ab10fe913f6dae3c7ec74
77389a008c6eb7151248708cad54c2b485b4067b5263ff89b342d6c89f63278d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "77389A008C6EB7151248708CAD54C2B485B4067B5263FF89B342D6C89F63278D"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14141
Expires: Sat, 10 Sep 2022 03:24:32 GMT
Date: Fri, 09 Sep 2022 23:28:51 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1035ca30d5330a5d814361b7d59be719
50871f2f0dd600cc9f3ab10fe913f6dae3c7ec74
77389a008c6eb7151248708cad54c2b485b4067b5263ff89b342d6c89f63278d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "77389A008C6EB7151248708CAD54C2B485B4067B5263FF89B342D6C89F63278D"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14141
Expires: Sat, 10 Sep 2022 03:24:32 GMT
Date: Fri, 09 Sep 2022 23:28:51 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 180750f63aa7b3ca11be257a1837e7a4
2bdea9b6f133b088143fd6fdcd5eccb4c29a1e53
1c44497894377a85da8493a8da6b8ec59f02ebf9408c0b2a6d6e72b5d7637519
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 23:28:51 GMT
Last-Modified: Fri, 09 Sep 2022 23:05:56 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iHXVhomVh5iSU3tr2N9cv1yr95GIIT4HrAR7w6jNB4S2NdxAtTNl5A==
Age: 1375
esopertyva.shop/dzF6YVIWUxkMbRYMGEcnBV1HRGAxFEgnNkYISBNnGwlCFiAZVk1PMRteDwU0BV4UFXwZVA5EYDFfHws5R1BKVQghXRUvMSYEKzQULQIuIDU5aRQJMSIBGSQbNl4/OBEmZjU5GzZwOxIdL2RKIjM2BD40FC0USCMKMWcsIwEbeTJQFzF9LwIbMlYVEBU2YDs1Bhh6LA1rIH4CMzYiYEoPFDFJKzUGBFM4JzkyfzgvBCBwChMBPwk4MwpCVzkWADN/ERIbMmcdLAoAQj8jKxRkLiQqOFc/ERAzd0ozBjYBKDYTD1c5FgMtfjxZGRNnMFUENloeNTwPeiINfzJ4MDMHFHMTUGokVh0kBUQIMSIQMWscCSomYx1VPTFkPzMFJlk+JSoHUxsgajJzK0c4BF4UEW8jfiIiGUNaPxU2Dlg
54.230.111.4200 OK 1.2 kB URL HTTP/2 esopertyva.shop/dzF6YVIWUxkMbRYMGEcnBV1HRGAxFEgnNkYISBNnGwlCFiAZVk1PMRteDwU0BV4UFXwZVA5EYDFfHws5R1BKVQghXRUvMSYEKzQULQIuIDU5aRQJMSIBGSQbNl4/OBEmZjU5GzZwOxIdL2RKIjM2BD40FC0USCMKMWcsIwEbeTJQFzF9LwIbMlYVEBU2YDs1Bhh6LA1rIH4CMzYiYEoPFDFJKzUGBFM4JzkyfzgvBCBwChMBPwk4MwpCVzkWADN/ERIbMmcdLAoAQj8jKxRkLiQqOFc/ERAzd0ozBjYBKDYTD1c5FgMtfjxZGRNnMFUENloeNTwPeiINfzJ4MDMHFHMTUGokVh0kBUQIMSIQMWscCSomYx1VPTFkPzMFJlk+JSoHUxsgajJzK0c4BF4UEW8jfiIiGUNaPxU2Dlg
IP 54.230.111.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3017), with no line terminators
Hash 83502d2ccd416e8aaea2896202606f5c
de42cb88acb472a6dc66bb88dccc7bd7bc7763a6
a91069908b846d8553a5b379247318f60f3ff49dbf005f6e5ceace69ffb37c80
GET /dzF6YVIWUxkMbRYMGEcnBV1HRGAxFEgnNkYISBNnGwlCFiAZVk1PMRteDwU0BV4UFXwZVA5EYDFfHws5R1BKVQghXRUvMSYEKzQULQIuIDU5aRQJMSIBGSQbNl4/OBEmZjU5GzZwOxIdL2RKIjM2BD40FC0USCMKMWcsIwEbeTJQFzF9LwIbMlYVEBU2YDs1Bhh6LA1rIH4CMzYiYEoPFDFJKzUGBFM4JzkyfzgvBCBwChMBPwk4MwpCVzkWADN/ERIbMmcdLAoAQj8jKxRkLiQqOFc/ERAzd0ozBjYBKDYTD1c5FgMtfjxZGRNnMFUENloeNTwPeiINfzJ4MDMHFHMTUGokVh0kBUQIMSIQMWscCSomYx1VPTFkPzMFJlk+JSoHUxsgajJzK0c4BF4UEW8jfiIiGUNaPxU2Dlg HTTP/1.1
Host: esopertyva.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1171
date: Fri, 09 Sep 2022 23:28:51 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rEkYt0Pl1BMcagAaaF9wXC-LeOENqzgeFVxLWnusv_2w5r9miPy2uw==
X-Firefox-Spdy: h2
esopertyva.shop/YjJrREUDUAgpegMPCWIwEF5WYXckF1kCIVMLWTZwDgpTMzcMVVxqJg5dHiAjEF0FMGsMVx9hdyRCJRMtKHxbMBIgSw8WISd3KQgUEksqdTVXcAUvESNYGx0PN2Q9BSkRXTN1KiZWAygfJ3MiFhVSCiYgBAZGPBUuDGcjHREmYQ8RIQVgJA8DL0IoAj0UYwIrDCBhMQoMDlkuDwcoBwh1dAxwWXANNXUtFCAFYCUhKzRHKXUiDmoCEgQndRwCIFIDOiJ3CgsqEXRUVjxwDTV2HwYnBWsbJwQkXikRAxFwMzAWJmEbJw8gcAoAMjQFKQItV3AFNwA2akY3DS5kHCUJJHcAEBBTBQgcDCZgBS8XMlUDHmMIQQQqNV95BycvUHgqFikaeQ
54.230.111.4200 OK 1.2 kB URL HTTP/2 esopertyva.shop/YjJrREUDUAgpegMPCWIwEF5WYXckF1kCIVMLWTZwDgpTMzcMVVxqJg5dHiAjEF0FMGsMVx9hdyRCJRMtKHxbMBIgSw8WISd3KQgUEksqdTVXcAUvESNYGx0PN2Q9BSkRXTN1KiZWAygfJ3MiFhVSCiYgBAZGPBUuDGcjHREmYQ8RIQVgJA8DL0IoAj0UYwIrDCBhMQoMDlkuDwcoBwh1dAxwWXANNXUtFCAFYCUhKzRHKXUiDmoCEgQndRwCIFIDOiJ3CgsqEXRUVjxwDTV2HwYnBWsbJwQkXikRAxFwMzAWJmEbJw8gcAoAMjQFKQItV3AFNwA2akY3DS5kHCUJJHcAEBBTBQgcDCZgBS8XMlUDHmMIQQQqNV95BycvUHgqFikaeQ
IP 54.230.111.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2994), with no line terminators
Hash 58f1300f9b3b768148fa30b1446a32c1
4827608469ddff21c341a2ffcf9923f62483d246
62aae11510ec99fcee9646475be1dcde5a74ebf9624f9257855905b711cac829
GET /YjJrREUDUAgpegMPCWIwEF5WYXckF1kCIVMLWTZwDgpTMzcMVVxqJg5dHiAjEF0FMGsMVx9hdyRCJRMtKHxbMBIgSw8WISd3KQgUEksqdTVXcAUvESNYGx0PN2Q9BSkRXTN1KiZWAygfJ3MiFhVSCiYgBAZGPBUuDGcjHREmYQ8RIQVgJA8DL0IoAj0UYwIrDCBhMQoMDlkuDwcoBwh1dAxwWXANNXUtFCAFYCUhKzRHKXUiDmoCEgQndRwCIFIDOiJ3CgsqEXRUVjxwDTV2HwYnBWsbJwQkXikRAxFwMzAWJmEbJw8gcAoAMjQFKQItV3AFNwA2akY3DS5kHCUJJHcAEBBTBQgcDCZgBS8XMlUDHmMIQQQqNV95BycvUHgqFikaeQ HTTP/1.1
Host: esopertyva.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1151
date: Fri, 09 Sep 2022 23:28:51 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jc6dr8gagk4UY3q3truXaV8cLXmEoDmymH0b8qiZ3REj-gt_PoYlMQ==
X-Firefox-Spdy: h2
esopertyva.shop/VWx5RTI0DhooDTRRG2NHJwBEYAATSUsDVmRVSzcHOVRBMkA7C05rUTkDDCFUJwMXMRw7CQ1gABM+HQIHAzkxLmoUOAp3YDItMQhlZC0oKUo5NSx0YRcvIGAAEyoOF2YXBg41fS8ICgNYIigqBnckJCwpVzYWDhx1MgAWIVoiDT0SWj00ARB5G15IC2c9AxUVSh8mOBF7OSgocXccKCAHdT4LHghnBDY4FgpgKisiYjYrMGAAEz0sB14xOQ0AYDxdERZ0Ewg/dmQZPjgMCgULDghhZwgeBGctNTooaBs5L3VqMTkNAHoWIkgWWAM0IHYHHzQsMVwMLk0XdgFBTWAAEzQ8HF0PXjsMYBNZEhx3PT4hAmdnKTgcfhgWQQdnAxstJGdsDSErfzk+PBAUPx8WK0JoPxUVfQxVPwBF
54.230.111.4200 OK 1.2 kB URL HTTP/2 esopertyva.shop/VWx5RTI0DhooDTRRG2NHJwBEYAATSUsDVmRVSzcHOVRBMkA7C05rUTkDDCFUJwMXMRw7CQ1gABM+HQIHAzkxLmoUOAp3YDItMQhlZC0oKUo5NSx0YRcvIGAAEyoOF2YXBg41fS8ICgNYIigqBnckJCwpVzYWDhx1MgAWIVoiDT0SWj00ARB5G15IC2c9AxUVSh8mOBF7OSgocXccKCAHdT4LHghnBDY4FgpgKisiYjYrMGAAEz0sB14xOQ0AYDxdERZ0Ewg/dmQZPjgMCgULDghhZwgeBGctNTooaBs5L3VqMTkNAHoWIkgWWAM0IHYHHzQsMVwMLk0XdgFBTWAAEzQ8HF0PXjsMYBNZEhx3PT4hAmdnKTgcfhgWQQdnAxstJGdsDSErfzk+PBAUPx8WK0JoPxUVfQxVPwBF
IP 54.230.111.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3011), with no line terminators
Hash a7e2cbe928de8a21380b10e2ce8af42d
ff793b594c4f5e71f785ac1a0c457cbe84017afa
dc6b193876331a4ade1e027a6abc00cafe51ad963559e85c80f87f5ed24a1db1
GET /VWx5RTI0DhooDTRRG2NHJwBEYAATSUsDVmRVSzcHOVRBMkA7C05rUTkDDCFUJwMXMRw7CQ1gABM+HQIHAzkxLmoUOAp3YDItMQhlZC0oKUo5NSx0YRcvIGAAEyoOF2YXBg41fS8ICgNYIigqBnckJCwpVzYWDhx1MgAWIVoiDT0SWj00ARB5G15IC2c9AxUVSh8mOBF7OSgocXccKCAHdT4LHghnBDY4FgpgKisiYjYrMGAAEz0sB14xOQ0AYDxdERZ0Ewg/dmQZPjgMCgULDghhZwgeBGctNTooaBs5L3VqMTkNAHoWIkgWWAM0IHYHHzQsMVwMLk0XdgFBTWAAEzQ8HF0PXjsMYBNZEhx3PT4hAmdnKTgcfhgWQQdnAxstJGdsDSErfzk+PBAUPx8WK0JoPxUVfQxVPwBF HTTP/1.1
Host: esopertyva.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1169
date: Fri, 09 Sep 2022 23:28:51 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2eX7niw1UMLK5wUI5Gzni_TcydxGYDsUW0VoRUmDTyHIsPAMdiEpKQ==
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.59.153.168200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.59.153.168:0
File type ASCII text, with no line terminators
Hash 88ece8537e0dbe1387ee74a6cb6ba291
6af5cf070d71ee23bd15be1054324bdcb3e0663f
a3875d87a07bc350c8a9620ddb5f0c7f6ad8982e6297ecd1e7c34dbae810f3d9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
set-cookie: uid_id2=3f80ff17-6cb3-4821-a032-37aef40db4d0:2:1; expires=Mon, 06 Sep 2032 23:28:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
pymondardin.xyz/UXhYZkx+RzsVcQc9aTAVBzIyACFgLwILCnRKGjwKGxY6PjgiLw8vaiURPFt1Z0poV353CDECcWBAfhU4MAwtFXFgXjEIKj5FfhBxYFZoSH1/S34TcWBeLBYtNkVpQDwlDDRbfWdOalF6Z0lqV3tkTQ
172.67.214.162204 No Content 0 B URL HTTP/2 pymondardin.xyz/UXhYZkx+RzsVcQc9aTAVBzIyACFgLwILCnRKGjwKGxY6PjgiLw8vaiURPFt1Z0poV353CDECcWBAfhU4MAwtFXFgXjEIKj5FfhBxYFZoSH1/S34TcWBeLBYtNkVpQDwlDDRbfWdOalF6Z0lqV3tkTQ
IP 172.67.214.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UXhYZkx+RzsVcQc9aTAVBzIyACFgLwILCnRKGjwKGxY6PjgiLw8vaiURPFt1Z0poV353CDECcWBAfhU4MAwtFXFgXjEIKj5FfhBxYFZoSH1/S34TcWBeLBYtNkVpQDwlDDRbfWdOalF6Z0lqV3tkTQ HTTP/1.1
Host: pymondardin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Aul%2FRzWa9b7HJjbyOkMnzH8RXETIreOq%2B6Bk3OL3Fx0baUh3mbC0KnaVlgfOuQZ%2Fx13dGbs9vsSxAV1mCxGsCgdPfIKhUmFs8EawCldSjWNrhiXUAGzb0ngTlXy6ZB1850%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3df1865b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A835399178%3Arqn%3A3%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A835399178%3Arqn%3A3%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A835399178%3Arqn%3A3%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 23:28:51 GMT
last-modified: Fri, 09-Sep-2022 23:28:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A516214266%3Arqn%3A5%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A516214266%3Arqn%3A5%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A516214266%3Arqn%3A5%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 23:28:51 GMT
last-modified: Fri, 09-Sep-2022 23:28:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1035ca30d5330a5d814361b7d59be719
50871f2f0dd600cc9f3ab10fe913f6dae3c7ec74
77389a008c6eb7151248708cad54c2b485b4067b5263ff89b342d6c89f63278d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "77389A008C6EB7151248708CAD54C2B485B4067B5263FF89B342D6C89F63278D"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14141
Expires: Sat, 10 Sep 2022 03:24:32 GMT
Date: Fri, 09 Sep 2022 23:28:51 GMT
Connection: keep-alive
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A779393564%3Arqn%3A4%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A779393564%3Arqn%3A4%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A779393564%3Arqn%3A4%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 122
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 23:28:51 GMT
last-modified: Fri, 09-Sep-2022 23:28:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A62623653%3Arqn%3A2%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A62623653%3Arqn%3A2%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A62623653%3Arqn%3A2%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 45
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 23:28:51 GMT
last-modified: Fri, 09-Sep-2022 23:28:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A274805234%3Arqn%3A6%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A274805234%3Arqn%3A6%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A274805234%3Arqn%3A6%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 99
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 23:28:51 GMT
last-modified: Fri, 09-Sep-2022 23:28:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A382348320%3Arqn%3A9%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A382348320%3Arqn%3A9%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A382348320%3Arqn%3A9%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 39
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 23:28:51 GMT
last-modified: Fri, 09-Sep-2022 23:28:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A470372963%3Arqn%3A7%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A470372963%3Arqn%3A7%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A470372963%3Arqn%3A7%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 23:28:51 GMT
last-modified: Fri, 09-Sep-2022 23:28:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
pymondardin.xyz/UWw2WDZ+U1UrCx80XjdjYSV3DAcpAlIvfB40YSgBEDlwO2wJLRAsXzVRD24HaFkAfkY4CAtrBHcfQjlCJB8LaRA4AlA3C3caC2gYaUIPdgd3GQtpECUcVz8LYEpGLEI9UQduAGNbAG4HY10BbAY
172.67.214.162204 No Content 0 B URL HTTP/2 pymondardin.xyz/UWw2WDZ+U1UrCx80XjdjYSV3DAcpAlIvfB40YSgBEDlwO2wJLRAsXzVRD24HaFkAfkY4CAtrBHcfQjlCJB8LaRA4AlA3C3caC2gYaUIPdgd3GQtpECUcVz8LYEpGLEI9UQduAGNbAG4HY10BbAY
IP 172.67.214.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UWw2WDZ+U1UrCx80XjdjYSV3DAcpAlIvfB40YSgBEDlwO2wJLRAsXzVRD24HaFkAfkY4CAtrBHcfQjlCJB8LaRA4AlA3C3caC2gYaUIPdgd3GQtpECUcVz8LYEpGLEI9UQduAGNbAG4HY10BbAY HTTP/1.1
Host: pymondardin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYobn8w%2FyuH3Fxh2fu3Rprd6Wq%2BtIFnCE%2BMZTSgTcpzJFmBzyMFhJQ97pFCSg8EGpYPZ9MbSR%2BYjo8kL4nolf2SMUQwvfdp1Udb6DT%2BxFvS7Ppyy8jl5QN0SY%2BXsbWP6%2BQE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3df186eb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pymondardin.xyz/cGJ5eUJfXRoKfxE2KyoTGxYYOAUUGB9IAzQDFw07JzM3EiZDFV8NKxRfQE9wQFNNXzIZBkRIZAMWGA03A19IXyseBBZEZAZfSFdxRExLQWxBRAxEc1YWCRglTVNfCTYEDkRIdEZQTk90QVBITnpC
172.67.214.162204 No Content 0 B URL HTTP/2 pymondardin.xyz/cGJ5eUJfXRoKfxE2KyoTGxYYOAUUGB9IAzQDFw07JzM3EiZDFV8NKxRfQE9wQFNNXzIZBkRIZAMWGA03A19IXyseBBZEZAZfSFdxRExLQWxBRAxEc1YWCRglTVNfCTYEDkRIdEZQTk90QVBITnpC
IP 172.67.214.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cGJ5eUJfXRoKfxE2KyoTGxYYOAUUGB9IAzQDFw07JzM3EiZDFV8NKxRfQE9wQFNNXzIZBkRIZAMWGA03A19IXyseBBZEZAZfSFdxRExLQWxBRAxEc1YWCRglTVNfCTYEDkRIdEZQTk90QVBITnpC HTTP/1.1
Host: pymondardin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kBWXpddSLWxqZ241h3ZEVjPnFXdxdGMypnjG6AAW5i5I2wKOTyhwKS7im4PYJIexykW5FUlI35MMFA%2FpC2dc8qnoQhVk23l1fY6BlQkvWFS95dnpbE7Fw2iNKvTzx8VeK0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3df2881b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0cd96678ba3d6ee5a3b1172b255a0162
0fcaa72104654a2fbb71f16b7f3a34085770b4af
309144df4689845251ec74697a11f78eb0da9bafc8fa23e2243df24213cf7829
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "309144DF4689845251EC74697A11F78EB0DA9BAFC8FA23E2243DF24213CF7829"
Last-Modified: Thu, 08 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2287
Expires: Sat, 10 Sep 2022 00:06:58 GMT
Date: Fri, 09 Sep 2022 23:28:51 GMT
Connection: keep-alive
pymondardin.xyz/V1U2ckJ4alUBfzQCWQobABtzKhMBA2AZGDQXcBojBQN7NBRmEBAGKzNoD0RzbmAAVDI+MQtBcHEmQhM2IiYLQHJnYhAbLDE6C0NkIWgGXHp5bBhDZCJoB1Q2JzRRT3NxJUIGLmpkAERwYGMAQ3BmYgJB
172.67.214.162204 No Content 0 B URL HTTP/2 pymondardin.xyz/V1U2ckJ4alUBfzQCWQobABtzKhMBA2AZGDQXcBojBQN7NBRmEBAGKzNoD0RzbmAAVDI+MQtBcHEmQhM2IiYLQHJnYhAbLDE6C0NkIWgGXHp5bBhDZCJoB1Q2JzRRT3NxJUIGLmpkAERwYGMAQ3BmYgJB
IP 172.67.214.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /V1U2ckJ4alUBfzQCWQobABtzKhMBA2AZGDQXcBojBQN7NBRmEBAGKzNoD0RzbmAAVDI+MQtBcHEmQhM2IiYLQHJnYhAbLDE6C0NkIWgGXHp5bBhDZCJoB1Q2JzRRT3NxJUIGLmpkAERwYGMAQ3BmYgJB HTTP/1.1
Host: pymondardin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hue1W1t5K3kf430GgG90rMEUU4IPaCPHjs%2FSQLa%2B7%2BOemBGyBCC9vSwGTX0cJwyzfzB4l5fMcuV6lyIcX6wVSNBWS1GCwzLiq%2FqFs13zFn%2F%2BxhrHMjQt2ctnns8Yut4NKFE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3df287eb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/nejk0a04ZVloNcQ5QUFZ3TAgNXnhcU0cEIAoEYCQWOXIAAAsOXU0CaA5DUFZ+XFVVBSlHH1EFLUcIEgoqGAQATToKVl9WOxRdUQ0nFFxQTTsbBFkENBNVWAprSH8BRX5fCwRDNksIEVgMXwsEBycUTExOfEpBDF0RTA0RWAxfCwQZOF8KdVJ4VAkdTnxKXl-EIJRUcBi18SggEW39KCBFZfhxQRg4oFUERWQhDDxpbaA8EBQ
54.230.245.4200 OK 324 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/nejk0a04ZVloNcQ5QUFZ3TAgNXnhcU0cEIAoEYCQWOXIAAAsOXU0CaA5DUFZ+XFVVBSlHH1EFLUcIEgoqGAQATToKVl9WOxRdUQ0nFFxQTTsbBFkENBNVWAprSH8BRX5fCwRDNksIEVgMXwsEBycUTExOfEpBDF0RTA0RWAxfCwQZOF8KdVJ4VAkdTnxKXl-EIJRUcBi18SggEW39KCBFZfhxQRg4oFUERWQhDDxpbaA8EBQ
IP 54.230.245.4:0
File type ASCII text, with very long lines (404), with no line terminators
Hash af15b0124bb0ab1cb410e7d1c8230b5a
7636dbcbd924465c5ef53e66bf4057caae16c35d
e57d6ddf2982fa7c20af2e8e24faddef65c27e1dd8538d7802c550d0f81a4b4a
GET /nejk0a04ZVloNcQ5QUFZ3TAgNXnhcU0cEIAoEYCQWOXIAAAsOXU0CaA5DUFZ+XFVVBSlHH1EFLUcIEgoqGAQATToKVl9WOxRdUQ0nFFxQTTsbBFkENBNVWAprSH8BRX5fCwRDNksIEVgMXwsEBycUTExOfEpBDF0RTA0RWAxfCwQZOF8KdVJ4VAkdTnxKXl-EIJRUcBi18SggEW39KCBFZfhxQRg4oFUERWQhDDxpbaA8EBQ HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://esopertyva.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 324
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: l_BAMDdhEvPg6nxeQsS-IgRDUG3R-NXTQnFIdddCjT5Bk0lY1G74bg==
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/RdG5VUHkXATs2RgAHMW1AQlxlYU1SBCY/FwRTBjwpOzdsFjwDSCEqHUleczwYGglodhwaDWhhXxUKN21NUholPxJJATIlDQ4EIDYBGkggMUQZAS85FRgPcGI/QUBldUtERi1hSFFdF3VLRAI8PgwMS2dgAUxYCmZNUV0XdUtEHCN1SjVXY35JXUtnYB4RDT-4/XEYoZ2BIRF5kYEhRXGU2EAYLMz8BUVwTaU9aXnMlREU
54.230.245.4200 OK 581 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/RdG5VUHkXATs2RgAHMW1AQlxlYU1SBCY/FwRTBjwpOzdsFjwDSCEqHUleczwYGglodhwaDWhhXxUKN21NUholPxJJATIlDQ4EIDYBGkggMUQZAS85FRgPcGI/QUBldUtERi1hSFFdF3VLRAI8PgwMS2dgAUxYCmZNUV0XdUtEHCN1SjVXY35JXUtnYB4RDT-4/XEYoZ2BIRF5kYEhRXGU2EAYLMz8BUVwTaU9aXnMlREU
IP 54.230.245.4:0
File type ASCII text, with very long lines (829), with no line terminators
Hash 171b1d14d86749c50d3a9bd98a401886
171d8416e7100b9a6ea99ffeabce55a9b96700d6
753eae39436258be6009d0ba5962b17c61255f25419415d387b31ade965999c2
GET /RdG5VUHkXATs2RgAHMW1AQlxlYU1SBCY/FwRTBjwpOzdsFjwDSCEqHUleczwYGglodhwaDWhhXxUKN21NUholPxJJATIlDQ4EIDYBGkggMUQZAS85FRgPcGI/QUBldUtERi1hSFFdF3VLRAI8PgwMS2dgAUxYCmZNUV0XdUtEHCN1SjVXY35JXUtnYB4RDT-4/XEYoZ2BIRF5kYEhRXGU2EAYLMz8BUVwTaU9aXnMlREU HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://esopertyva.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 581
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fF2aYd0-RjeWshJCEDpegfFNy6yrK9lPkGvWbiZaP2VKXKn0TJ4mUA==
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/pNWhJN0tWBydRdEEBLQpyA1p5BnkTAjpYJUVVAlsoX1oDdhlZEAIRP08MdAdtWQknUHYTDSdUdgROKFMpCFxvQioIBSZNIlkEKBJ5c11nB24HWGFPegRNenVuB1glXiVAEGwFe01Qf2h9AU16dW4HWDtBbgYpcAFlBUFsBXtSDSpcJBBaDwV7BFh5BnsETX-sHLVwaLFEkTU17cXIDRnkRPghZ
54.230.245.4200 OK 186 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/pNWhJN0tWBydRdEEBLQpyA1p5BnkTAjpYJUVVAlsoX1oDdhlZEAIRP08MdAdtWQknUHYTDSdUdgROKFMpCFxvQioIBSZNIlkEKBJ5c11nB24HWGFPegRNenVuB1glXiVAEGwFe01Qf2h9AU16dW4HWDtBbgYpcAFlBUFsBXtSDSpcJBBaDwV7BFh5BnsETX-sHLVwaLFEkTU17cXIDRnkRPghZ
IP 54.230.245.4:0
File type ASCII text, with no line terminators
Hash 50b48b36408857135eb6b069170b6eaa
939d686c368e14f2e7addecb0048d4a021b53a19
dad1de368b49d92889d6827ebd58e3a0e4a5305d5513a7f56df17fe8d7ccea66
GET /pNWhJN0tWBydRdEEBLQpyA1p5BnkTAjpYJUVVAlsoX1oDdhlZEAIRP08MdAdtWQknUHYTDSdUdgROKFMpCFxvQioIBSZNIlkEKBJ5c11nB24HWGFPegRNenVuB1glXiVAEGwFe01Qf2h9AU16dW4HWDtBbgYpcAFlBUFsBXtSDSpcJBBaDwV7BFh5BnsETX-sHLVwaLFEkTU17cXIDRnkRPghZ HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://esopertyva.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 186
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jTOwesIqjQSKQGURgW4jGhpwkaRFYDbt2KOay1IZanriBtsFG237WQ==
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A378857331%3Arqn%3A8%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122%3At%3Afree%20xxx%20video%2034%20Goddess%20Brooke%20Marie%20Feed%20Me%20Daddy%20JOI%20%7C%20goddess%20brooke%20%7C%20femdom%20porn%20free%20cfnm%20femdom%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%288%29fip%281%29rqnl%281%29ti%282%29
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A378857331%3Arqn%3A8%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122%3At%3Afree%20xxx%20video%2034%20Goddess%20Brooke%20Marie%20Feed%20Me%20Daddy%20JOI%20%7C%20goddess%20brooke%20%7C%20femdom%20porn%20free%20cfnm%20femdom%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%288%29fip%281%29rqnl%281%29ti%282%29
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A378857331%3Arqn%3A8%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122%3At%3Afree%20xxx%20video%2034%20Goddess%20Brooke%20Marie%20Feed%20Me%20Daddy%20JOI%20%7C%20goddess%20brooke%20%7C%20femdom%20porn%20free%20cfnm%20femdom%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%288%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 23:28:51 GMT
last-modified: Fri, 09-Sep-2022 23:28:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
siegepolitical.com/4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js
192.243.59.12200 OK 29 kB URL HTTP/1.1 siegepolitical.com/4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 9d4de4055c7774f2b4595e54ad5ed287
86abc1bffa18aafd35ee8f1debde844c42ba9316
6ff41f76eba44172264cb8608661807d813a782eb49a705d1a5395262e6d771f
Analyzer Verdict Alert quad9 Sinkholed
GET /4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js HTTP/1.1
Host: siegepolitical.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 23:28:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9e83ca752d0d2fdc2837bb075f2edb51
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb260f695580f58c6e36d3b8079c85cd
2f38fcf0b1ce3460a59fa60f3d458f71397db491
512582d966d42131bc95e57e129eb31306f3d198f9bce10ccd46e34fd9afb88b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "512582D966D42131BC95E57E129EB31306F3D198F9BCE10CCD46E34FD9AFB88B"
Last-Modified: Wed, 07 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12661
Expires: Sat, 10 Sep 2022 02:59:52 GMT
Date: Fri, 09 Sep 2022 23:28:51 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb260f695580f58c6e36d3b8079c85cd
2f38fcf0b1ce3460a59fa60f3d458f71397db491
512582d966d42131bc95e57e129eb31306f3d198f9bce10ccd46e34fd9afb88b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "512582D966D42131BC95E57E129EB31306F3D198F9BCE10CCD46E34FD9AFB88B"
Last-Modified: Wed, 07 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12661
Expires: Sat, 10 Sep 2022 02:59:52 GMT
Date: Fri, 09 Sep 2022 23:28:51 GMT
Connection: keep-alive
creepingbrings.com/sfp.js
104.21.234.233200 OK 24 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.233:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 76aedb0656d0c7c8556108d40beb908c
688428596aaff507d02e880a44e2ddab1948587e
6c9eb444704a9a44ff79ef66041386ecd25dbde08350d102552aa826edb5b16a
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:51 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c82ca76a813034d2fbb7ca855da0f47a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 09 Sep 2022 23:28:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eo9DBRoOGtDV73CsKWlZjJUn%2FEhMnW1TV9oB40p%2BZMilpxA6GdL%2FkAAsLaW7D1jTruBW7sDuT6KCxoB%2FApIzI6WPgxOFJdPdf4SW0Mve2kjHzqjYfaOsOdj4uDLB1GjVlHsKp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7483b3de5a46dc8f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
siegepolitical.com/sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2&uuid=3f80ff17-6cb3-4821-a032-37aef40db4d0%3A2%3A1
192.243.59.12200 OK 4.5 kB URL HTTP/1.1 siegepolitical.com/sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2&uuid=3f80ff17-6cb3-4821-a032-37aef40db4d0%3A2%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6166), with no line terminators
Hash 480db1b3329bd6cac7c971914a529a96
6c0dcc236e48a1565fefb783baad8ddd69c83b90
eca541fa42c6d4f96ce7d3e0744aca110dfcee699284888975f2e1dc084d75d3
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2&uuid=3f80ff17-6cb3-4821-a032-37aef40db4d0%3A2%3A1 HTTP/1.1
Host: siegepolitical.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 23:28:52 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://xfantazy.com
Access-Control-Allow-Origin: https://xfantazy.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15600826; expires=Sat, 10 Sep 2022 23:28:51 GMT; secure; SameSite=None
uid_id2=3f80ff17-6cb3-4821-a032-37aef40db4d0:2:1; expires=Fri, 16 Sep 2022 23:28:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Sep 2022 23:28:52 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Sep 2022 23:28:52 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 10 Sep 2022 23:28:52 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 10 Sep 2022 23:28:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1d98273fe75001523ec10a1b0d3281dc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 49bb506fd2087ce606cf1207c22cd7d9
3e41f996bb72070c81dca4833b5b44bff563059d
1edfaa3998425120e4165dfbde171296fae51afe0e1420b9cc1cd68aa638f751
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4779
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:52 GMT
Last-Modified: Fri, 09 Sep 2022 22:09:13 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc4218e586f6bff1e9cbca4bf8c6209
5ec1fa5620128855dc4e726f9def56ffa1828f96
2fdcdee1f9aec4d22528d984312b40199c757c169c8d1368ee5f9792ae739357
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc4218e586f6bff1e9cbca4bf8c6209
5ec1fa5620128855dc4e726f9def56ffa1828f96
2fdcdee1f9aec4d22528d984312b40199c757c169c8d1368ee5f9792ae739357
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c0465ff9b3ac1a41eb8497485bc27fe
d4442d741e8d2278901ff9565b895790b7b7acfb
c8db2779b77f006e79da5fbac511fd2e3978dac73c6533a307742ac09585278a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8DB2779B77F006E79DA5FBAC511FD2E3978DAC73C6533A307742AC09585278A"
Last-Modified: Wed, 07 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2300
Expires: Sat, 10 Sep 2022 00:07:12 GMT
Date: Fri, 09 Sep 2022 23:28:52 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c0465ff9b3ac1a41eb8497485bc27fe
d4442d741e8d2278901ff9565b895790b7b7acfb
c8db2779b77f006e79da5fbac511fd2e3978dac73c6533a307742ac09585278a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8DB2779B77F006E79DA5FBAC511FD2E3978DAC73C6533A307742AC09585278A"
Last-Modified: Wed, 07 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2300
Expires: Sat, 10 Sep 2022 00:07:12 GMT
Date: Fri, 09 Sep 2022 23:28:52 GMT
Connection: keep-alive
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 23:28:52 GMT
access-control-allow-origin: *
etag: "63186565-2b"
expires: Sat, 10 Sep 2022 00:28:52 GMT
accept-ranges: bytes
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
esopertyva.shop/utx?cb=GnFTdNkE32D6&top=xfantazy.com&tid=961956
54.230.111.4204 No Content 0 B URL HTTP/2 esopertyva.shop/utx?cb=GnFTdNkE32D6&top=xfantazy.com&tid=961956
IP 54.230.111.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=GnFTdNkE32D6&top=xfantazy.com&tid=961956 HTTP/1.1
Host: esopertyva.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 09 Sep 2022 23:28:52 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://xfantazy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 09 Sep 2022 23:29:52 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uYwicTpPcol7GBcX3CA5wx2BMnez2Pv82oLAKobTl98SwAAxotzLpQ==
X-Firefox-Spdy: h2
esopertyva.shop/utx?cb=QL73njFjrbX8&top=xfantazy.com&tid=962014
54.230.111.4204 No Content 0 B URL HTTP/2 esopertyva.shop/utx?cb=QL73njFjrbX8&top=xfantazy.com&tid=962014
IP 54.230.111.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=QL73njFjrbX8&top=xfantazy.com&tid=962014 HTTP/1.1
Host: esopertyva.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 09 Sep 2022 23:28:52 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://xfantazy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 09 Sep 2022 23:29:52 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x9yRWwaneotzAKZUSZqs7tE3UQaGXoago-UQ_7KekebsR9VswHizhQ==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 392 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (377)
Hash 7e9d4c8573aea60d409e6d73efd6c645
416c88ede5e4ad8b06f9c256c2bc115b6e37119c
f9b4bdcb80b78856deb7d796131c5dd0cd3c0dfb275b4e5c058d2e3deb13f28d
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Sep 2022 23:28:52 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S453873596%3A1662766132129034&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpTzrV5kitmwrMUhoe1cZ0u4ZZOLtub895ELW77m8YaOalhCDWKzoWH7MDRkwmQJbk__9Fs
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-YRRYjBaHKnlcz54XJRoJVA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:iAwX7kXsqZDtLc4T4_w8PS1LhN8-5A:oE4s8Zss_qioF30R;Path=/;Expires=Sun, 08-Sep-2024 23:28:52 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash 18c77b8be08500f06af06389b30c91b8
6e21f14cfc820047a99506185ed329acc4b2a49b
c8afd66497b65a91cc12ae0a2ff73d9988dc83f516b18b29f123d1877d4afe8c
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Sep 2022 23:28:52 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1894831008%3A1662766132135966&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqse_V-1glDsuWJvwL6Ya_iHt_p0cfa_kdjiWYgdOxXeOop4kts7u26d98NkI1j6EsBHPIf
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-he6-5Zt-Q4CqfHDkOl1crw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:N-udoOOn_gvKt5g_whvPg0vrApSyEg:FvlWhnIibj5YRNmE;Path=/;Expires=Sun, 08-Sep-2024 23:28:52 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c0465ff9b3ac1a41eb8497485bc27fe
d4442d741e8d2278901ff9565b895790b7b7acfb
c8db2779b77f006e79da5fbac511fd2e3978dac73c6533a307742ac09585278a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8DB2779B77F006E79DA5FBAC511FD2E3978DAC73C6533A307742AC09585278A"
Last-Modified: Wed, 07 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2300
Expires: Sat, 10 Sep 2022 00:07:12 GMT
Date: Fri, 09 Sep 2022 23:28:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 90af7f9fc306540e02535db3d00dca64
9e05b003b35ed57277b6b295adde93add7c41b0b
64abd990305ef3f25ffb3fb2ccae04b76e178375752ecb2020411df8f7974fcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.200.35200 OK 28 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.200.35:0
Hash 8a39059cb411d4f1d63495b865fd1bfc
e0de6553db8b93b923eaa53c33603ddc3c73a50f
b4ee5647e1649a943077026e0ead30b42c1af77eae657cc43251942b2eeab4a8
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: De7jg7NrGgXUZ37utMdmJ+CwxtuCraAgRddy54xib4KSe1rDFBSc8/FjvMPgYO5MS5Sy46S1YXz9g0hDJSeqKA==
date: Fri, 09 Sep 2022 23:28:52 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
esopertyva.shop/floater?cs=dXpWbDlATWJYDEJMY1UAQUNiWgs&abt=0&red=1&sm=83&k=xfantazy%20marie%20feed%20daddy%20video%20porn%20cfnm%20free%20goddess%20brooke%20femdom&v=0.8.9.1&sts=0&prn=1&emb=0&tid=961956&fs=1&t=600&m=1&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&jst=4&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi3_&_Aeqz=1662766122397&crc=1
54.230.111.4200 OK 2.9 kB URL HTTP/2 esopertyva.shop/floater?cs=dXpWbDlATWJYDEJMY1UAQUNiWgs&abt=0&red=1&sm=83&k=xfantazy%20marie%20feed%20daddy%20video%20porn%20cfnm%20free%20goddess%20brooke%20femdom&v=0.8.9.1&sts=0&prn=1&emb=0&tid=961956&fs=1&t=600&m=1&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&jst=4&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi3_&_Aeqz=1662766122397&crc=1
IP 54.230.111.4:0
File type ASCII text, with very long lines (4099), with no line terminators
Hash 179d073997d122a6395821da96b5e287
561129044e1f27b4c0c237c6cc62ba4d6734efe5
16abdacaee584b73d5d715f6af8c5b2a30e19a4f56e0a7eb80bcb5ba2df7bb7f
GET /floater?cs=dXpWbDlATWJYDEJMY1UAQUNiWgs&abt=0&red=1&sm=83&k=xfantazy%20marie%20feed%20daddy%20video%20porn%20cfnm%20free%20goddess%20brooke%20femdom&v=0.8.9.1&sts=0&prn=1&emb=0&tid=961956&fs=1&t=600&m=1&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&jst=4&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi3_&_Aeqz=1662766122397&crc=1 HTTP/1.1
Host: esopertyva.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 2892
date: Fri, 09 Sep 2022 23:28:52 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://xfantazy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=2fd031a4-fd38-459e-9057-1837d46bef99
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Uy8_d1Rzl6N4L6oPoo9guA7eYZVXYc3C4t46uLt59YUgKJQTx-K_DA==
X-Firefox-Spdy: h2
obituaryfuneral.com/pixel/purst?dl=0&th=0&sc=0&rs=3392&rd=3392&fd=754&bv=22.8.v.2&tmpl=136
192.243.61.225200 OK 0 B URL HTTP/1.1 obituaryfuneral.com/pixel/purst?dl=0&th=0&sc=0&rs=3392&rd=3392&fd=754&bv=22.8.v.2&tmpl=136
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3392&rd=3392&fd=754&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: obituaryfuneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 23:28:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
a.focusde.info/api/spots/391866?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 505 B URL HTTP/2 a.focusde.info/api/spots/391866?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (655)
Hash 9df6346d7704f8ea33d76c731bb4ed5b
9d7f5ff54b64a23e39930f74181a35a32fb2de6d
6f44926331be89f24f1af87772ceb03a93f3e5aa99ebef4785d5c3dc6f04a5e5
GET /api/spots/391866?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=5zK3uG8uV2gZF9SoSB3K; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
siegepolitical.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuuTvY7fOhBZS8SIoN4UHBnu3sm3TPmsBjjhuDmB4lBD4JUV1VPyq3uaqq6p2dHhCURyXHyF9j7zG7W6LLoRUEwyGzAw4iw42kPLqh3QYScBGUmSxbfy%2Fu%2B9TyHp57n%2FWSjOCQuCnpw%2FpLuS6Xo4pm6W3v5Xc87W1uRadGr9VrB%2B0HzbM10X2sHdfeV2gXBVvWi73qu67lebVkaEeve4hSEzHbaXr3t1pt%2B3TvTRM%2F8d7eFA0sd8O4heQ6ST%2BYeOvOQbIQ0%2BfK8sKu5zl59MykUzbVBl2%2FfSFdTXaZIjsfYOIjT7SM2tN1ffgCdbs3kQnefECM5Ic4PDxCl20ciEXU3ZzojBZEi4k%2Bh7I4g1AiSjsD0bUi%2BTwDGcfkK0uTeZW1KuvYYpVN0QuYe%2FQVZTsjcL%2FNIk91zSvZq17UqcqlTi15cQfZGkJ0RsmIPef8EZLkHlt%2BC5D%2BRxUcrSJPNK1ZpSH7wUiNuuXHshQsBixoLzZbvLVC34S80QiripsujJndnBkk5goxHUGIAak%2BgsA4K6aCIHRSZg4Qf1JjneaHLGXVbbcYaPBRRwF2PhrFHPTdooWDTPwyQZwMwNQAz68jMOlbl3QkhtzZhiu9hb1aw3IHNCbq8QikISktQUoJSEpQ5Qdmttriyvq3ucWWLyDvq%2FlFvVEOddzbols47IiUb2SF5dubeH09%2Fi1VxUKN%2B3G67sec2w8ANPBZ6be4xj9IG9QXjPqysIO0JUOugLydk%2FtRvyKaJfvQPIroHq%2FbA5DOgxWnQchj6LujNYbPlop%2Fu9GKa5rS%2FVmc6AdcVsnwO%2BZqzoQ7J8zMd4fh3CDZe%2BubrF%2BP3bigwUyEzFT6QDwk66s7wmi7J5jVdWvLVlSyXiezTacLXc5qL%2F33%2BllgrteEXz9vB%2FdfZFJiOO28Lm6%2FQlMu0Y8kX5yTnwixrwwT57qJ9R0RXC3vzXGHSIlu5%2BsbyxSQzwlqp0xGo3F%2F6DExOyP8PP52d7uneLqQZwRQVkmJMjgpSj8CyddhsvPRx%2F9cLu%2FMfwuqTMOqYE2UOyqIaGj86flSSQInjnUYVrBgvrUeXJn%2Fe%2FxuReGLHhr2DjnkBNL%2BNNKnQNRW6qgJVA9ji5DDPzHjp58asEClnGCnjbEbKqLuPrbXyoBY2Gi4N2me8MKQijJp%2BKw48TqnfDPwgoA3kdsJO%2Fdj8FwAA%2F%2F8BAAD%2F%2F0c8gcmFBAAA
192.243.59.12200 OK 7 B URL HTTP/1.1 siegepolitical.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuuTvY7fOhBZS8SIoN4UHBnu3sm3TPmsBjjhuDmB4lBD4JUV1VPyq3uaqq6p2dHhCURyXHyF9j7zG7W6LLoRUEwyGzAw4iw42kPLqh3QYScBGUmSxbfy%2Fu%2B9TyHp57n%2FWSjOCQuCnpw%2FpLuS6Xo4pm6W3v5Xc87W1uRadGr9VrB%2B0HzbM10X2sHdfeV2gXBVvWi73qu67lebVkaEeve4hSEzHbaXr3t1pt%2B3TvTRM%2F8d7eFA0sd8O4heQ6ST%2BYeOvOQbIQ0%2BfK8sKu5zl59MykUzbVBl2%2FfSFdTXaZIjsfYOIjT7SM2tN1ffgCdbs3kQnefECM5Ic4PDxCl20ciEXU3ZzojBZEi4k%2Bh7I4g1AiSjsD0bUi%2BTwDGcfkK0uTeZW1KuvYYpVN0QuYe%2FQVZTsjcL%2FNIk91zSvZq17UqcqlTi15cQfZGkJ0RsmIPef8EZLkHlt%2BC5D%2BRxUcrSJPNK1ZpSH7wUiNuuXHshQsBixoLzZbvLVC34S80QiripsujJndnBkk5goxHUGIAak%2BgsA4K6aCIHRSZg4Qf1JjneaHLGXVbbcYaPBRRwF2PhrFHPTdooWDTPwyQZwMwNQAz68jMOlbl3QkhtzZhiu9hb1aw3IHNCbq8QikISktQUoJSEpQ5Qdmttriyvq3ucWWLyDvq%2FlFvVEOddzbols47IiUb2SF5dubeH09%2Fi1VxUKN%2B3G67sec2w8ANPBZ6be4xj9IG9QXjPqysIO0JUOugLydk%2FtRvyKaJfvQPIroHq%2FbA5DOgxWnQchj6LujNYbPlop%2Fu9GKa5rS%2FVmc6AdcVsnwO%2BZqzoQ7J8zMd4fh3CDZe%2BubrF%2BP3bigwUyEzFT6QDwk66s7wmi7J5jVdWvLVlSyXiezTacLXc5qL%2F33%2BllgrteEXz9vB%2FdfZFJiOO28Lm6%2FQlMu0Y8kX5yTnwixrwwT57qJ9R0RXC3vzXGHSIlu5%2BsbyxSQzwlqp0xGo3F%2F6DExOyP8PP52d7uneLqQZwRQVkmJMjgpSj8CyddhsvPRx%2F9cLu%2FMfwuqTMOqYE2UOyqIaGj86flSSQInjnUYVrBgvrUeXJn%2Fe%2FxuReGLHhr2DjnkBNL%2BNNKnQNRW6qgJVA9ji5DDPzHjp58asEClnGCnjbEbKqLuPrbXyoBY2Gi4N2me8MKQijJp%2BKw48TqnfDPwgoA3kdsJO%2Fdj8FwAA%2F%2F8BAAD%2F%2F0c8gcmFBAAA
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuuTvY7fOhBZS8SIoN4UHBnu3sm3TPmsBjjhuDmB4lBD4JUV1VPyq3uaqq6p2dHhCURyXHyF9j7zG7W6LLoRUEwyGzAw4iw42kPLqh3QYScBGUmSxbfy%2Fu%2B9TyHp57n%2FWSjOCQuCnpw%2FpLuS6Xo4pm6W3v5Xc87W1uRadGr9VrB%2B0HzbM10X2sHdfeV2gXBVvWi73qu67lebVkaEeve4hSEzHbaXr3t1pt%2B3TvTRM%2F8d7eFA0sd8O4heQ6ST%2BYeOvOQbIQ0%2BfK8sKu5zl59MykUzbVBl2%2FfSFdTXaZIjsfYOIjT7SM2tN1ffgCdbs3kQnefECM5Ic4PDxCl20ciEXU3ZzojBZEi4k%2Bh7I4g1AiSjsD0bUi%2BTwDGcfkK0uTeZW1KuvYYpVN0QuYe%2FQVZTsjcL%2FNIk91zSvZq17UqcqlTi15cQfZGkJ0RsmIPef8EZLkHlt%2BC5D%2BRxUcrSJPNK1ZpSH7wUiNuuXHshQsBixoLzZbvLVC34S80QiripsujJndnBkk5goxHUGIAak%2BgsA4K6aCIHRSZg4Qf1JjneaHLGXVbbcYaPBRRwF2PhrFHPTdooWDTPwyQZwMwNQAz68jMOlbl3QkhtzZhiu9hb1aw3IHNCbq8QikISktQUoJSEpQ5Qdmttriyvq3ucWWLyDvq%2FlFvVEOddzbols47IiUb2SF5dubeH09%2Fi1VxUKN%2B3G67sec2w8ANPBZ6be4xj9IG9QXjPqysIO0JUOugLydk%2FtRvyKaJfvQPIroHq%2FbA5DOgxWnQchj6LujNYbPlop%2Fu9GKa5rS%2FVmc6AdcVsnwO%2BZqzoQ7J8zMd4fh3CDZe%2BubrF%2BP3bigwUyEzFT6QDwk66s7wmi7J5jVdWvLVlSyXiezTacLXc5qL%2F33%2BllgrteEXz9vB%2FdfZFJiOO28Lm6%2FQlMu0Y8kX5yTnwixrwwT57qJ9R0RXC3vzXGHSIlu5%2BsbyxSQzwlqp0xGo3F%2F6DExOyP8PP52d7uneLqQZwRQVkmJMjgpSj8CyddhsvPRx%2F9cLu%2FMfwuqTMOqYE2UOyqIaGj86flSSQInjnUYVrBgvrUeXJn%2Fe%2FxuReGLHhr2DjnkBNL%2BNNKnQNRW6qgJVA9ji5DDPzHjp58asEClnGCnjbEbKqLuPrbXyoBY2Gi4N2me8MKQijJp%2BKw48TqnfDPwgoA3kdsJO%2Fdj8FwAA%2F%2F8BAAD%2F%2F0c8gcmFBAAA HTTP/1.1
Host: siegepolitical.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=3f80ff17-6cb3-4821-a032-37aef40db4d0:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 23:28:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1d888620f2235d2480b54c6b930cb049
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 1.3 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 52869d37849549b9ac477e1a818838b5
c8d0e516ea5573f9d6c5835b12a0b89ce5695a7c
45df906b2de91b58a1601f885858e3863b081557c351ea5d292a263db6000c8c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88035F17212D931FF1C5C6CD817FE72ABA0BB4B25F5B9C7592CBB78FE4E4AB3F"
Last-Modified: Thu, 08 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12244
Expires: Sat, 10 Sep 2022 02:52:56 GMT
Date: Fri, 09 Sep 2022 23:28:52 GMT
Connection: keep-alive
static-cache.k2s.cc/thumbnail/cbnBvnKgmPy4rj2R-Q/w320h240/0.jpeg
188.72.235.186200 OK 12 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/cbnBvnKgmPy4rj2R-Q/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash b06473e6fc9452e5daefbaf0ab0e179e
7b6ba340933a61d79049484029ed955bdf4a9f8d
d8d1dbbad75b8db5d5522d3ace0fd586caaefd9c26d4873b53a37378a7a91d60
GET /thumbnail/cbnBvnKgmPy4rj2R-Q/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: image/jpeg
content-length: 11585
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/IbuStST0zf_u_WnGrQ/w320h240/0.jpeg
188.72.235.186200 OK 10 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/IbuStST0zf_u_WnGrQ/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 633be5ab4189abb48381bede3b8dfc80
2dff99432d6f0ecefc8bcae6309f11277aab94c1
01c981af7627e59af72321e131df8e678409b53788b7ea4bb8b5b47b78537312
GET /thumbnail/IbuStST0zf_u_WnGrQ/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: image/jpeg
content-length: 10208
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/J-jAv3X0nPu_qjmQ-A/w320h240/0.jpeg
188.72.235.186200 OK 10 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/J-jAv3X0nPu_qjmQ-A/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 47611df8b2812fa900988d5765508534
fa7df8431ec69f402b0bb8dd487d348eb0e27dc9
a80a6a41094abaf91e329d701571ec9e22281b00aa5e4f16996bb609a1232304
GET /thumbnail/J-jAv3X0nPu_qjmQ-A/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: image/jpeg
content-length: 10221
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/IbmQ7nP1zqi6rD6V9w/w320h240/0.jpeg
188.72.235.186200 OK 12 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/IbmQ7nP1zqi6rD6V9w/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 0aed3352f64237a7f2385afc45dc38cb
cd58b92573d5d45c465dba31f55634d52b79f7e3
857b78f45ead76e85f255f052d1ba5bcc2f8f9cee523f4be0ca255efa07e95c3
GET /thumbnail/IbmQ7nP1zqi6rD6V9w/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: image/jpeg
content-length: 11827
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/JOzFtHDwzvro_DSe-A/w320h240/0.jpeg
188.72.235.186200 OK 15 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/JOzFtHDwzvro_DSe-A/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash a7a58133b6e0e935a7ffa25aa46bdca7
95944c9561e111f56cfec40fd5e552747f6d40eb
87701f947fc4b60dc17a072d00d7dc3c97b3a873c6a1a89a3adc7e2f319b705e
GET /thumbnail/JOzFtHDwzvro_DSe-A/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: image/jpeg
content-length: 14646
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/LOzCvCWgyajp-WqX_g/w320h240/0.jpeg
188.72.235.186200 OK 15 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/LOzCvCWgyajp-WqX_g/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 55bdcfe6902ebfb8d4b4286e11b2596e
1d5a4f0ba3400b7cf325acae1c2b28e90213fc56
8dbf56cbe9cad7a397df535c214c0a93725179f5c7af7a09e29a6e0f4abe7e48
GET /thumbnail/LOzCvCWgyajp-WqX_g/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: image/jpeg
content-length: 15141
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js
104.26.1.188200 OK 11 kB URL HTTP/2 xfantazy.com/_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (1564), with no line terminators
Hash 70de6ba8fa065e03f0edbd0e5135ae1e
32deb13e083e2c097e152cdecf55fb83eef7e4a0
2c41c16ec018f3cf78db0c7cab8c328ce8b052483c271989c72388515ba9aa7e
GET /_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:19:48 GMT
etag: W/"61c-179fb7179e1"
cf-cache-status: HIT
age: 29223197
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEd08JS0%2FR%2BiG5anA9gHpm6BrL3FyGhb7utZOv%2BQ2Nv%2FSA59eW5VnX3qa5bf6w9z1CchqjpQ7ZXrJ0NVCQYz5ZHRT3Slu4yMhQbZM1%2BP8T8q0pSPv%2BjnGLuUuw8PGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d55b990b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/IbuX7HOgzKjuqW2frg/w320h240/0.jpeg
188.72.235.186200 OK 9.5 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/IbuX7HOgzKjuqW2frg/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 7c00d1cf39c95e6b2d80f9116befe699
28500a8aff0d5a6a0991429d254cad9f99ed3aee
1af7928ce8e401d56074b0d728e1e1880046de570cde49b4153638e7900fada7
GET /thumbnail/IbuX7HOgzKjuqW2frg/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: image/jpeg
content-length: 9468
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/cr6XvCL3m63v_22Xqw/w320h240/0.jpeg
188.72.235.186200 OK 10 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/cr6XvCL3m63v_22Xqw/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash b185d165b41f610e9614fb10ffed8207
d99fdce8a0aaeaa61540c06b23c3cf51455c4fd7
2913ae17253ce547bb17aa69fe05059528c54cb456ce16f2caa39f91c07e815e
GET /thumbnail/cr6XvCL3m63v_22Xqw/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: image/jpeg
content-length: 10033
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 533306124b203d0545b4fbe1543b56c6
c20224d8aaa718437c6ce58ce1e7bb8ed3b375ef
61719ed0e30b3748a36693ce37b1fdd0094eca1c38f015cb3ad3039ac4629f0f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "61719ED0E30B3748A36693CE37B1FDD0094ECA1C38F015CB3AD3039AC4629F0F"
Last-Modified: Thu, 08 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3630
Expires: Sat, 10 Sep 2022 00:29:22 GMT
Date: Fri, 09 Sep 2022 23:28:52 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 533306124b203d0545b4fbe1543b56c6
c20224d8aaa718437c6ce58ce1e7bb8ed3b375ef
61719ed0e30b3748a36693ce37b1fdd0094eca1c38f015cb3ad3039ac4629f0f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "61719ED0E30B3748A36693CE37B1FDD0094ECA1C38F015CB3AD3039AC4629F0F"
Last-Modified: Thu, 08 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3630
Expires: Sat, 10 Sep 2022 00:29:22 GMT
Date: Fri, 09 Sep 2022 23:28:52 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/ssp/notifications/text_bubble/3/css/animate.css
104.21.51.177200 OK 5.3 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/notifications/text_bubble/3/css/animate.css
IP 104.21.51.177:0
Hash 4bed5ec4945f637d429241a8d92c0d0a
52b36175eae1dc432e4bcc74fe475191a94f22b7
ecf93cc449cee35c912b56bb869612536079609d147300febb52d4caf18f3d8b
GET /sb/ssp/notifications/text_bubble/3/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/css
last-modified: Tue, 19 Jul 2022 14:06:27 GMT
etag: W/"62d6ba63-15223"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 114473
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoY%2BBjAhzGRrV7%2B1WtN4zFEcLPGAWILeMN9g22YYmA%2F9pGOq67Webis%2BzusXkE%2FO4nR8wH2FRElO%2FfueBYfv%2BDI83wQmvh627zoMRC3uSgiCLMXZPQgD3SA0ckZovQz1LQY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7483b3e9c87db4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
siegepolitical.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fec%2F00%2F1d%2Fec001dc29e91541d24566db06ea9a7fd%2F1660813615.html&l=1438&fd=316
192.243.59.12200 OK 0 B URL HTTP/1.1 siegepolitical.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fec%2F00%2F1d%2Fec001dc29e91541d24566db06ea9a7fd%2F1660813615.html&l=1438&fd=316
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fec%2F00%2F1d%2Fec001dc29e91541d24566db06ea9a7fd%2F1660813615.html&l=1438&fd=316 HTTP/1.1
Host: siegepolitical.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=3f80ff17-6cb3-4821-a032-37aef40db4d0:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 23:28:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
a.focusde.info/api/click/16075835487173165095?c=90
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/click/16075835487173165095?c=90
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/16075835487173165095?c=90 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw=
Cookie: nauid=jy5ZxIUqujXs7XIELbof
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:52 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
siegepolitical.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Fnotifications%2Ftext_bubble%2F3%2Fcss%2Fanimate.css&l=86563&fd=103
192.243.59.12200 OK 0 B URL HTTP/1.1 siegepolitical.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Fnotifications%2Ftext_bubble%2F3%2Fcss%2Fanimate.css&l=86563&fd=103
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Fnotifications%2Ftext_bubble%2F3%2Fcss%2Fanimate.css&l=86563&fd=103 HTTP/1.1
Host: siegepolitical.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=3f80ff17-6cb3-4821-a032-37aef40db4d0:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 23:28:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
a.focusde.info/api/spots/382499?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 5.2 kB URL HTTP/2 a.focusde.info/api/spots/382499?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d51aa201b6e7daba3cffe5c5ab72ddeb
be61876503f61b2188d30274cedc0a3dfa6c5e72
73ea95304a480baebaf5b85d15ffeeaf962b26101f5de120419c9434bcb400de
GET /api/spots/382499?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=YBM4AlGZvVK2h9Tz158z; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
media.aso1.net/js/ifr.html
104.21.234.155200 OK 1.2 kB URL HTTP/2 media.aso1.net/js/ifr.html
IP 104.21.234.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0f10d6e81d206dbda2ae96d76a416196
4e9ab1e2d159f6478bb811777a10808224be04d5
511fd90fbf388114413789b5d6f49fbc84b41db97158e98faf28068fb752c024
GET /js/ifr.html HTTP/1.1
Host: media.aso1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/html
last-modified: Mon, 29 Aug 2022 13:18:49 GMT
etag: W/"630cbcb9-6ea"
expires: Fri, 02 Sep 2022 06:53:13 GMT
cache-control: max-age=259200
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-cache-status: HIT
age: 848179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGbXGT79pb6N%2BwJySpVzhsOEOhZPaVHauu6fMq1EVFyT64YZUMyDyRmUphxhNGhYfstu4mGuXV24v%2FDPOx0Mk0NwiXNwWXMtxey7LcGPiQCvcLXq0xxK8UkGUygyvUGNcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7483b3e94c3adceb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
siegepolitical.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Fnotifications%2Ftext_bubble%2F3%2Fcss%2Fstyle.css&l=9166&fd=111
192.243.59.12200 OK 0 B URL HTTP/1.1 siegepolitical.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Fnotifications%2Ftext_bubble%2F3%2Fcss%2Fstyle.css&l=9166&fd=111
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Fnotifications%2Ftext_bubble%2F3%2Fcss%2Fstyle.css&l=9166&fd=111 HTTP/1.1
Host: siegepolitical.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=3f80ff17-6cb3-4821-a032-37aef40db4d0:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 23:28:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.cloudimagesb.com/si/79/30/31/7930317ab1e16f0a005c59c373412698/1662715720.jpg
45.133.44.9200 OK 17 kB URL HTTP/2 cdn.cloudimagesb.com/si/79/30/31/7930317ab1e16f0a005c59c373412698/1662715720.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 9e3f5dda7e8c52d683156288538811ae
067b6ceb7f3085c8c6f80aec83b383444d3e6565
a20b042902465d4432d974bf1e387d177fdb32cacb0417cd916b965728c770d8
GET /si/79/30/31/7930317ab1e16f0a005c59c373412698/1662715720.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:53 GMT
content-type: image/jpeg
content-length: 17070
server: nginx/1.17.6
last-modified: Fri, 09 Sep 2022 09:28:49 GMT
etag: "631b0751-42ae"
expires: Sun, 11 Sep 2022 23:28:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
a.bestcontentfood.top/warp/4787908?r=68210
172.67.200.139200 OK 2.3 kB URL HTTP/2 a.bestcontentfood.top/warp/4787908?r=68210
IP 172.67.200.139:0
File type ASCII text, with very long lines (4178), with no line terminators
Hash 528c0151cef009b6425154746c775cd5
77b198688cbb869ae6dcf1409e88908b14f3eb07
9287ba1bc25afe1515897172a5a46e9908a878beebc739bd7a328e38a713821f
Analyzer Verdict Alert fortinet Phishing
GET /warp/4787908?r=68210 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:53 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpeZ%2FGZXkia0zpkUoAnpTmtuLrj35mAMiCqyCMg5jW2wWgAozfXfkG5ao3sH8csLPyfCg5atImsxYtkbKb3U4c%2BndXRiJvgP5Ac92%2F2DNeJvs8Qqp20lqi269w667t0U9v1m0fGtVBM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3eafa511bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 917e4dedc68b15046f2f4e7f0f0a68f6
00016da1d795112a7786e4ab7a0e06dec34e5e61
300bdcc7739db38c8faa97883f29d26979631d3dba735254bae9ee7e0162996a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "300BDCC7739DB38C8FAA97883F29D26979631D3DBA735254BAE9EE7E0162996A"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3932
Expires: Sat, 10 Sep 2022 00:34:25 GMT
Date: Fri, 09 Sep 2022 23:28:53 GMT
Connection: keep-alive
xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/index.js
104.26.1.188200 OK 2.2 kB URL HTTP/2 xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/index.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (695), with no line terminators
Hash 3d4e8285de9fdbfc2aa3442fb95ab2d0
7b6dd6dfde03c64adf88a506f294f83660589515
f1b58518432f27b08f765aa5dcf63badd745cbdf4ecc369a4565ef7c82d2805c
GET /_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/index.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiIxMzgzZWM2MDJjYjVkIiwiaWF0IjoxNjYyNzY2MTMwLCJleHAiOjE2NjMzNzA5MzB9.kyj4gI35DUWIgg6K4UzFmlGsV_bXBdT0I_IKKHCgJv4; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiMTAyMWM4YzA1NWQyMiIsImlhdCI6MTY2Mjc2NjEzMCwiZXhwIjoxNjY1MzU4MTMwfQ.RZcihPLphEF7uCuGfgSLuukr5F8SgEoEF25ALjahmqc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:45 GMT
etag: W/"2b7-1826d2cbfb8"
cf-cache-status: HIT
age: 3076596
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obBbY%2FAjDxAjxRmEtGwyibP7EQX4U100IxYbsV%2BqMkS3jqyMWvNA6u0n3cwV5BjTZ7O1%2B6Ovp4JTk8aXqud6wgwgSrMfSTkdmVxcg%2BndMnf9FiySVP3rYPLRCaAZDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3db0eca0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.bestcontentfood.top/warp/4787912?r=78587
172.67.200.139200 OK 1.8 kB URL HTTP/2 a.bestcontentfood.top/warp/4787912?r=78587
IP 172.67.200.139:0
File type ASCII text, with very long lines (4178), with no line terminators
Hash 70ba1d2a1e53b7b78433d04315f53d3e
e4a0f6e96e5c060b40a31a3d7dc6bd64b58bed18
740acf05d19608c94075ddcebe9ee3da34db724be6bc392cce143e34a2eaf269
Analyzer Verdict Alert fortinet Phishing
GET /warp/4787912?r=78587 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:53 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m771B%2FaJ6fw0VQT8nt7aj1GRFTDPVJptgsgwwgMu76bdco5Y8j%2BajvGGwKhatcosRNFNIGAhbpCjd9Ane5ZT9yLNuy5qd2WBwNqobLzxlEk6B5mPgaghBk4CiZl%2B4fhjywsRJj8Kf4s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3eaea4a1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
siegepolitical.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Bt81v8UMXKtlIqQziQsFM7p2ZzIddBGtNCaZNaS26EOR83ckx595zOefeuZMRIbQiXU7%2FAm%2BeSRqrIehGQbDIpOBiRMi4ysKAuhdE6EpQZhoafDfv%2B57nWTzned5PtrJj4iOjR5eumJ7Sms4vlP3Sy%2B8GwYXSioqzbqnbrL9fr10o2c5rrXrZf6V0WfJ1M1%2FxA98P%2FKC0pKwMTXd%2BAkIle62g3PLLtUo5WKiha%2F%2B7u8yDox5E55g8ByXGMw%2B9WSg%2BRBx9eUm69dQkr74ZZZqmxqIjdm%2FG67HJY0SnY2g9hPHuCRvGHS49gIl3pnJhOk%2BITI2J98MDsHj3RCRYZ3uqk2nIGEw8hbwzhNRDKDoEN7ehxCEBuMDVVcTRvavG5nTjMUon6JjMPPoLKh%2BTmV9mEUf7F7Xqlm4YnaXKxA7dsIDqDqHaQyTZAdLeGaj8ADy9BSV%2BIvOPVhBH26tOGyhx9FI1bPphGDTm6pxV52rNSjBH%2FWplrtqgMqz5gtWEPzVIqSFUOISWfVB3BpnzkCkPWeghSzxE4qjEgyBo%2BIJTv9nivCoaktWFH9BGGNDArzeR8ckf%2BkiTPrjug9tNJHYT6%2BrumJBb27DZ93BrBZzw4FKCjiiQS4LcEeSUIFcEeUqQd4odoV3FFfeEdhkLTnrlpFeLgUnbW3THpG0Zk63kmDw7de%2BPp7%2FFujwq0UrYavlh4Ncadb8e8EbQEgEPKK3SiuSiAqcKKHcG1HnoqTGZPfcbkkmiH%2F0DRg%2Fg9AG4egY0Ow%2BaDxoVH3RtUGv66MV73ZDGKe1tlLmJIEyBJJ1BuuFt6WPy%2FFRHY%2FQ7JB8tfvP1i%2BF7NzW4LZDYAh%2BohwRtfWdw3eRk%2B7rJHflqNUlVpHp0kvCNlKbyf5%2B%2FJTdyY8XyJde%2F%2FzqfAJNx723p0hUaCxW3HfniohJC2iVjuSTfLbt3JLuWubWLmY2zZOXaG0vLUWKlc8rEQ1B1uPgZuBqT%2Fx9%2FOj3d8919KDuEzQpE2YicFJQZgiebcMlo8ePer5f3Zz%2BEM2dh9SmHJR7yrBjYCjt91IpAy9OdsgJOjhY32ZXxn%2Ff%2FBpNP7Nhyd9C2L4CmtxFHBTq2QEcXoLoPl50dpIkdLf5cnRaY9gZMW2%2BbaavvPrbWqaNS1RcNJkPZYLK2UAslF2xhgfk85Kwqmk2O1I35uR9r%2FwIAAP%2F%2FAQAA%2F%2F%2FH6FQhhQQAAA%3D%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 siegepolitical.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Bt81v8UMXKtlIqQziQsFM7p2ZzIddBGtNCaZNaS26EOR83ckx595zOefeuZMRIbQiXU7%2FAm%2BeSRqrIehGQbDIpOBiRMi4ysKAuhdE6EpQZhoafDfv%2B57nWTzned5PtrJj4iOjR5eumJ7Sms4vlP3Sy%2B8GwYXSioqzbqnbrL9fr10o2c5rrXrZf6V0WfJ1M1%2FxA98P%2FKC0pKwMTXd%2BAkIle62g3PLLtUo5WKiha%2F%2B7u8yDox5E55g8ByXGMw%2B9WSg%2BRBx9eUm69dQkr74ZZZqmxqIjdm%2FG67HJY0SnY2g9hPHuCRvGHS49gIl3pnJhOk%2BITI2J98MDsHj3RCRYZ3uqk2nIGEw8hbwzhNRDKDoEN7ehxCEBuMDVVcTRvavG5nTjMUon6JjMPPoLKh%2BTmV9mEUf7F7Xqlm4YnaXKxA7dsIDqDqHaQyTZAdLeGaj8ADy9BSV%2BIvOPVhBH26tOGyhx9FI1bPphGDTm6pxV52rNSjBH%2FWplrtqgMqz5gtWEPzVIqSFUOISWfVB3BpnzkCkPWeghSzxE4qjEgyBo%2BIJTv9nivCoaktWFH9BGGNDArzeR8ckf%2BkiTPrjug9tNJHYT6%2BrumJBb27DZ93BrBZzw4FKCjiiQS4LcEeSUIFcEeUqQd4odoV3FFfeEdhkLTnrlpFeLgUnbW3THpG0Zk63kmDw7de%2BPp7%2FFujwq0UrYavlh4Ncadb8e8EbQEgEPKK3SiuSiAqcKKHcG1HnoqTGZPfcbkkmiH%2F0DRg%2Fg9AG4egY0Ow%2BaDxoVH3RtUGv66MV73ZDGKe1tlLmJIEyBJJ1BuuFt6WPy%2FFRHY%2FQ7JB8tfvP1i%2BF7NzW4LZDYAh%2BohwRtfWdw3eRk%2B7rJHflqNUlVpHp0kvCNlKbyf5%2B%2FJTdyY8XyJde%2F%2FzqfAJNx723p0hUaCxW3HfniohJC2iVjuSTfLbt3JLuWubWLmY2zZOXaG0vLUWKlc8rEQ1B1uPgZuBqT%2Fx9%2FOj3d8919KDuEzQpE2YicFJQZgiebcMlo8ePer5f3Zz%2BEM2dh9SmHJR7yrBjYCjt91IpAy9OdsgJOjhY32ZXxn%2Ff%2FBpNP7Nhyd9C2L4CmtxFHBTq2QEcXoLoPl50dpIkdLf5cnRaY9gZMW2%2BbaavvPrbWqaNS1RcNJkPZYLK2UAslF2xhgfk85Kwqmk2O1I35uR9r%2FwIAAP%2F%2FAQAA%2F%2F%2FH6FQhhQQAAA%3D%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Bt81v8UMXKtlIqQziQsFM7p2ZzIddBGtNCaZNaS26EOR83ckx595zOefeuZMRIbQiXU7%2FAm%2BeSRqrIehGQbDIpOBiRMi4ysKAuhdE6EpQZhoafDfv%2B57nWTzned5PtrJj4iOjR5eumJ7Sms4vlP3Sy%2B8GwYXSioqzbqnbrL9fr10o2c5rrXrZf6V0WfJ1M1%2FxA98P%2FKC0pKwMTXd%2BAkIle62g3PLLtUo5WKiha%2F%2B7u8yDox5E55g8ByXGMw%2B9WSg%2BRBx9eUm69dQkr74ZZZqmxqIjdm%2FG67HJY0SnY2g9hPHuCRvGHS49gIl3pnJhOk%2BITI2J98MDsHj3RCRYZ3uqk2nIGEw8hbwzhNRDKDoEN7ehxCEBuMDVVcTRvavG5nTjMUon6JjMPPoLKh%2BTmV9mEUf7F7Xqlm4YnaXKxA7dsIDqDqHaQyTZAdLeGaj8ADy9BSV%2BIvOPVhBH26tOGyhx9FI1bPphGDTm6pxV52rNSjBH%2FWplrtqgMqz5gtWEPzVIqSFUOISWfVB3BpnzkCkPWeghSzxE4qjEgyBo%2BIJTv9nivCoaktWFH9BGGNDArzeR8ckf%2BkiTPrjug9tNJHYT6%2BrumJBb27DZ93BrBZzw4FKCjiiQS4LcEeSUIFcEeUqQd4odoV3FFfeEdhkLTnrlpFeLgUnbW3THpG0Zk63kmDw7de%2BPp7%2FFujwq0UrYavlh4Ncadb8e8EbQEgEPKK3SiuSiAqcKKHcG1HnoqTGZPfcbkkmiH%2F0DRg%2Fg9AG4egY0Ow%2BaDxoVH3RtUGv66MV73ZDGKe1tlLmJIEyBJJ1BuuFt6WPy%2FFRHY%2FQ7JB8tfvP1i%2BF7NzW4LZDYAh%2BohwRtfWdw3eRk%2B7rJHflqNUlVpHp0kvCNlKbyf5%2B%2FJTdyY8XyJde%2F%2FzqfAJNx723p0hUaCxW3HfniohJC2iVjuSTfLbt3JLuWubWLmY2zZOXaG0vLUWKlc8rEQ1B1uPgZuBqT%2Fx9%2FOj3d8919KDuEzQpE2YicFJQZgiebcMlo8ePer5f3Zz%2BEM2dh9SmHJR7yrBjYCjt91IpAy9OdsgJOjhY32ZXxn%2Ff%2FBpNP7Nhyd9C2L4CmtxFHBTq2QEcXoLoPl50dpIkdLf5cnRaY9gZMW2%2BbaavvPrbWqaNS1RcNJkPZYLK2UAslF2xhgfk85Kwqmk2O1I35uR9r%2FwIAAP%2F%2FAQAA%2F%2F%2FH6FQhhQQAAA%3D%3D HTTP/1.1
Host: siegepolitical.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=3f80ff17-6cb3-4821-a032-37aef40db4d0:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 23:28:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5468aae335f2f984e7b2cfdba6c4f9c5
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 917e4dedc68b15046f2f4e7f0f0a68f6
00016da1d795112a7786e4ab7a0e06dec34e5e61
300bdcc7739db38c8faa97883f29d26979631d3dba735254bae9ee7e0162996a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "300BDCC7739DB38C8FAA97883F29D26979631D3DBA735254BAE9EE7E0162996A"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3932
Expires: Sat, 10 Sep 2022 00:34:25 GMT
Date: Fri, 09 Sep 2022 23:28:53 GMT
Connection: keep-alive
siegepolitical.com/pixel/sbs?c=1
192.243.59.12200 OK 0 B URL HTTP/1.1 siegepolitical.com/pixel/sbs?c=1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: siegepolitical.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=3f80ff17-6cb3-4821-a032-37aef40db4d0:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 23:28:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 222e25980d1e0dbc8c33cd913b8b8a8b
49f8d85c05f7f22ebf57d0383e2dacd62bc1233a
4f306494d03b929c7c3fe3c9acbae666141e954b0b5505a0b6dc52ed1d042628
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:28:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 20:27:04 GMT
Expires: Fri, 16 Sep 2022 20:27:03 GMT
Etag: "49f8d85c05f7f22ebf57d0383e2dacd62bc1233a"
Cache-Control: max-age=593289,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7483b3ed4c2c0b69-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 222e25980d1e0dbc8c33cd913b8b8a8b
49f8d85c05f7f22ebf57d0383e2dacd62bc1233a
4f306494d03b929c7c3fe3c9acbae666141e954b0b5505a0b6dc52ed1d042628
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:28:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 20:27:04 GMT
Expires: Fri, 16 Sep 2022 20:27:03 GMT
Etag: "49f8d85c05f7f22ebf57d0383e2dacd62bc1233a"
Cache-Control: max-age=593289,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7483b3ed59f9b527-OSL
poweredby.jads.co/js/jads.js
185.94.236.247301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Sep 2022 23:28:53 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
a.medfoodsafety.com/loader?a=4787908&v=2&t=1&s=4776911&p=8575&if=true
172.67.136.170200 OK 294 kB URL HTTP/2 a.medfoodsafety.com/loader?a=4787908&v=2&t=1&s=4776911&p=8575&if=true
IP 172.67.136.170:0
Size 294 kB (293972 bytes)
Hash f9c3a4f143bea1a3fea14a9c8c59480c
ba3c8b597d3136b6df88bb16ce36dd15cc229493
9316418a9e2ff248799b3919923552205d30e5ae35a57509c9e2150797f77922
GET /loader?a=4787908&v=2&t=1&s=4776911&p=8575&if=true HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:53 GMT
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MK%2Fvj9zyeW85Q1rNNQoZ2LXiF%2FpyTALClANhLLlgbTomu1SRP%2BK%2Bkp0v%2ByBQitGYxiPQNTdD9Gz0n8gV96HRNXOmq%2F6KjOH8aZWUT9fOr9HNCqW6FgIuGLXtfqSTRD29BON9az3b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3ec5913b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.bestcontentfood.top/warp/4788749?r=39519
172.67.200.139200 OK 3.5 kB URL HTTP/2 a.bestcontentfood.top/warp/4788749?r=39519
IP 172.67.200.139:0
File type ASCII text, with very long lines (4179), with no line terminators
Hash 7c21bb29eadde7013086ed49fe166a19
74394082c89f685bb59446bddf9de56bc81dcc92
f462071f9a8db929567db6e6e2302d5ea52c44895bdc2b7c179dab397daaf49c
Analyzer Verdict Alert fortinet Phishing
GET /warp/4788749?r=39519 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:53 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMpVii4pe5arw3vO0QHwZmWOzCZsnm2kg1DdnVhjAQ%2B%2BCYBHjNRdqGbqHLkG84919R0bduidvsUT%2Bx4sGrlUtXSGB3ElsQcIBlcICxIKpGBy4saiDwVclwe%2FP1FEJ8rionaxqBaM4vk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3eaea471bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.tubecorp.com/b/tcbanner.js?v=21
45.133.44.25200 OK 19 kB URL HTTP/2 cdn.tubecorp.com/b/tcbanner.js?v=21
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash 3b078b7f6307792657768c6ffe30ce15
f49fb630a81ad543e525fc109db6370aa02f62f4
6b29f065e48bcdb298a7713f917d2c7232e561771dbaa80bc4ab85a1d5783f88
GET /b/tcbanner.js?v=21 HTTP/1.1
Host: cdn.tubecorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.tubecorp.com/i/b.html?spot=6435&src=885895434&pid=19775&width=900&height=250&spaceid=1018
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:53 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.20.1
last-modified: Sat, 20 Nov 2021 06:50:35 GMT
etag: W/"61989abb-c604"
cache-control: max-age=3600
x-request-id: eb03ce2295c7cf6145769d1f48d5ab66
content-encoding: gzip
expires: Sat, 10 Sep 2022 00:28:53 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1fe0327a01f21c54fc9bfc3efc87c68c
11e6ecf4707288032f021916e04ed93a46434da1
6fcc309bb04b920a7f738685e528507aeb74a0d37b935caf4c387d665c40b6de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FCC309BB04B920A7F738685E528507AEB74A0D37B935CAF4C387D665C40B6DE"
Last-Modified: Thu, 08 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21050
Expires: Sat, 10 Sep 2022 05:19:43 GMT
Date: Fri, 09 Sep 2022 23:28:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1fe0327a01f21c54fc9bfc3efc87c68c
11e6ecf4707288032f021916e04ed93a46434da1
6fcc309bb04b920a7f738685e528507aeb74a0d37b935caf4c387d665c40b6de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FCC309BB04B920A7F738685E528507AEB74A0D37B935CAF4C387D665C40B6DE"
Last-Modified: Thu, 08 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21050
Expires: Sat, 10 Sep 2022 05:19:43 GMT
Date: Fri, 09 Sep 2022 23:28:53 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5ba86cbbb1a7f6e160cd2d1489171d91
18613fb482dd610e34781bcb9692c52161ca0d3a
0083cc7845868f10309e6f716e2065c6f1620559c3987a6abd3d9de807524e30
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:28:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 05:56:29 GMT
Expires: Fri, 16 Sep 2022 05:56:28 GMT
Etag: "18613fb482dd610e34781bcb9692c52161ca0d3a"
Cache-Control: max-age=541054,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7483b3ef2d0eb51e-OSL
cdn.tsyndicate.com/sdk/v1/video.instant.message.js
8.247.218.249200 OK 3.5 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/video.instant.message.js
IP 8.247.218.249:0
File type ASCII text, with very long lines (539)
Hash b4ccf5d14fbe6be7a62784f96fbed92e
9d3391b4a10cc28bb455ebfbe1caccb3db1c4efd
e3f294d4f9f7227ebaaeb508792345e6bda148885c2d6335e8595338312b67e1
GET /sdk/v1/video.instant.message.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:53 GMT
content-type: application/javascript
content-length: 3512
last-modified: Thu, 21 Jul 2022 11:18:31 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"62d93607-21d4"
age: 4362742
accept-ranges: bytes
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=1826002765&pid=0&site=6435&sc=NO&usage_type=DCH&subid=885895434&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=a.focusde.info&hostname=auc-banner-hz-9&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=6435&utm_campaign=19775&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=-61&ml=&ttl=&space_id=1018&banner_width=900&banner_height=250&accel=0&gyr=0&iabcat=&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D885895434%26idzone%3D3902668%26w%3D900%26h%3D250%26mo%3D%26ve%3D%26site_id%3D6435%26utm1%3Dtcban_i%26utm2%3D6435%26utm3%3D19775%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Fa.focusde.info%252F%26katds_labels%3D%26btype%3D0%26score%3D-61&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=
159.69.163.6302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=1826002765&pid=0&site=6435&sc=NO&usage_type=DCH&subid=885895434&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=a.focusde.info&hostname=auc-banner-hz-9&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=6435&utm_campaign=19775&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=-61&ml=&ttl=&space_id=1018&banner_width=900&banner_height=250&accel=0&gyr=0&iabcat=&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D885895434%26idzone%3D3902668%26w%3D900%26h%3D250%26mo%3D%26ve%3D%26site_id%3D6435%26utm1%3Dtcban_i%26utm2%3D6435%26utm3%3D19775%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Fa.focusde.info%252F%26katds_labels%3D%26btype%3D0%26score%3D-61&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=1826002765&pid=0&site=6435&sc=NO&usage_type=DCH&subid=885895434&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=a.focusde.info&hostname=auc-banner-hz-9&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=6435&utm_campaign=19775&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=-61&ml=&ttl=&space_id=1018&banner_width=900&banner_height=250&accel=0&gyr=0&iabcat=&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D885895434%26idzone%3D3902668%26w%3D900%26h%3D250%26mo%3D%26ve%3D%26site_id%3D6435%26utm1%3Dtcban_i%26utm2%3D6435%26utm3%3D19775%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Fa.focusde.info%252F%26katds_labels%3D%26btype%3D0%26score%3D-61&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem= HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbbnr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Fri, 09 Sep 2022 23:28:53 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=0&source=885895434&idzone=3902668&w=900&h=250&mo=&ve=&site_id=6435&utm1=tcban_i&utm2=6435&utm3=19775&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Fa.focusde.info%2F&katds_labels=&btype=0&score=-61
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=3f80ff17-6cb3-4821-a032-37aef40db4d0&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=3f80ff17-6cb3-4821-a032-37aef40db4d0&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=3f80ff17-6cb3-4821-a032-37aef40db4d0&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 23:28:53 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ccf0ac613c00df4344a28eb6f6a06def
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=3f80ff17-6cb3-4821-a032-37aef40db4d0&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=3f80ff17-6cb3-4821-a032-37aef40db4d0&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=3f80ff17-6cb3-4821-a032-37aef40db4d0&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 23:28:53 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 089dbf9767dfbd842b9ec8bf5c72ae0e
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a14cec2825b9bcb3df9709fcd0426b4b
461758a5e3b80e82d3df84e6d382482d63de0c5f
136cdcd6b251b8a84799bb7e6168d90cc9e88e3410b24ded72e34a31e757c2e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "136CDCD6B251B8A84799BB7E6168D90CC9E88E3410B24DED72E34A31E757C2E0"
Last-Modified: Fri, 09 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2013
Expires: Sat, 10 Sep 2022 00:02:26 GMT
Date: Fri, 09 Sep 2022 23:28:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a62311fcfaa17d8f8d3124744b53b8e3
884602d27672340ffb43b8c418c8fdb13fd200fa
b729796292b5eb4aa9d83ff032206a1caeb5d02b92df9a833ba2a010580d4291
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B729796292B5EB4AA9D83FF032206A1CAEB5D02B92DF9A833BA2A010580D4291"
Last-Modified: Thu, 08 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2748
Expires: Sat, 10 Sep 2022 00:14:41 GMT
Date: Fri, 09 Sep 2022 23:28:53 GMT
Connection: keep-alive
btds.zog.link/in/912/?sid=0&source=885895434&idzone=3902668&w=900&h=250&mo=&ve=&site_id=6435&utm1=tcban_i&utm2=6435&utm3=19775&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Fa.focusde.info%2F&katds_labels=&btype=0&score=-61
109.206.161.16302 Found 0 B URL HTTP/2 btds.zog.link/in/912/?sid=0&source=885895434&idzone=3902668&w=900&h=250&mo=&ve=&site_id=6435&utm1=tcban_i&utm2=6435&utm3=19775&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Fa.focusde.info%2F&katds_labels=&btype=0&score=-61
IP 109.206.161.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/912/?sid=0&source=885895434&idzone=3902668&w=900&h=250&mo=&ve=&site_id=6435&utm1=tcban_i&utm2=6435&utm3=19775&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Fa.focusde.info%2F&katds_labels=&btype=0&score=-61 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbbnr.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Fri, 09 Sep 2022 23:28:53 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://12007250.pix-cdn.org/a/pjexo.html?idzone=3902668&w=900&h=250&ad_sub=&ad_tags=
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 912.0=1; expires=Sat, 10 Sep 2022 23:28:54 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=969388
185.94.236.247200 OK 1.4 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=969388
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 12652f1fed36d1d9e3b171f604d72dcb
999432a1f65a3cc8d43f1f6002af60193eec9cfb
d3c0ec37d1d25a8b5e4512d3ae3c634fb5293154c5267227568ecf8de1a0faad
GET /adshow.php?adzone=969388 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Sep 2022 23:28:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=a70ef62d13757326f054a185d0f1bf19; expires=Sat, 09-Sep-2023 23:28:53 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Mon, 12-Sep-2022 23:28:53 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 12-Sep-2022 23:28:53 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cff1d8ebdab3f54c402a3d6baeaf8b54
7c63ac221de16c2c6d2f2199bbc4a8032b81952d
8812c89c0b7e76e5583dd0e700bc62b638f443654181f6fde410dc6821b3b509
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8812C89C0B7E76E5583DD0E700BC62B638F443654181F6FDE410DC6821B3B509"
Last-Modified: Wed, 07 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2347
Expires: Sat, 10 Sep 2022 00:08:01 GMT
Date: Fri, 09 Sep 2022 23:28:54 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash bb7ed03674a0fea94263bd4fb5706283
12a82f2c23ff610d8b57a394dacb5fdd7c233d08
26302a9c4971da6b32f44242114d76c77ee4f0b2ebc417a76105bbb6d733810f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:28:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 03:56:19 GMT
Expires: Wed, 14 Sep 2022 03:56:18 GMT
Etag: "12a82f2c23ff610d8b57a394dacb5fdd7c233d08"
Cache-Control: max-age=361043,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7483b3f18d2a0b49-OSL
lcdn.tsyndicate.com/sdk/v1/b.b.js
8.254.252.211200 OK 2.8 kB URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP 8.254.252.211:0
File type ASCII text, with very long lines (2590)
Hash 01c3ce239d639853ba1e41661c115938
704741ca41e890a26eef6190c2d61131ff294f56
9aabcddb7b91826c4b8bf721d77fa448ceba501616a38c6fe0d6c4f11091ed47
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=3d91284a-539d-4047-bc0d-9b7d78f92139; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsCEDRw0ZNRp26aMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: application/javascript
content-length: 2808
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 16031871
accept-ranges: bytes
X-Firefox-Spdy: h2
casualproof.com/winnotice?sid=H4sIAAAAAAAC%2F1RTz2skRRSu0b0sXvyx4sXFOSrIpHsm0%2BlxD8EYI8HsZtl10dtSXVWdPNPT1VR1TU9yCgriSQb8Bypfsgnq4o%2BDN43SWfAQEDK3gObiweuisGeZMSb4oHiv3vcO36vvq0923BlrwfHTxZt6i7KMz3RbQfPVD8LwRnOFcjdsDuPofjR7o2kGb%2FSiVvBa8x0lNvRMOwiDIAzC5hIZlerhzAQEFQ97YasXtGbbrbA7i6HxsK4ByxuQgzP2PEiOrzxqXAOJGnn%2F20VlN0pdvP5232W81AYDeXAv38h1laN%2FWaamgTQ%2FOJ%2BGtidLh9D5gylF6MHFYEJj1vjlEEl%2BcE4MyWBvyi3JoHIk8hlUgxoqq0G8htAfg%2BQJA4TErVXk%2Ff1b2lR881%2BUT9Axu%2FLkb1A1Zld%2Bv4a8%2F%2FVCRsPmXZ25knRuMUw9aFiD1moU7gjlFgNVRxDlRyD5K5t5soK8v7dqMw2Sfro7UQ1Ka2RqBG4Z3OQQg0sbcEUDfXnaFGEYzgVS8CDuCdGRcyqJZBDyuTTkYRDFcGJCb4SyGEFkIwizjcJsY4NGMO4zkK3huAcVHoXd70VhrxtBieP5PzrTAKfT5hyPIz4bp0k3iBMRyThpB6obpaHodiSPUiR0PP%2BKe%2FbmveuEjBgUP%2F7pMZsGbO6RO7%2BbG%2FIw6pidx66R5fH8xdS6h5UMtmQYSI9KMVSWoeIMFTFUJUM18A9kZtvW78vMuiQ8z%2B3z3PE7xRl7bqrHX%2BI%2BNtRpsxPysBNHgYrjjozjbhirWLVVGMymYVf22rD039ZknwK3DWzRmL3422MUE6fIz5HwI9jsCIKa4O5l8MqDr3ts5R5SfyO4dTwrjNZpS%2Bg%2BivIqys3GTnbGXppSmesc%2Fu9FhfEojMeH9IhhLft0946u2N4dXVn23WpRUp%2B2%2BMQ2d0teqqe%2FfFdtVtrI5UU7%2BuJNMQEm5cP3lC1XeC4pX7PsqwWSUpklbYRiPy7b91Vy29n1BWdyV6zcfmtpuV8YZS3pvAank%2BIHCBqzq9%2FvT%2F%2FD9Rf%2BBJkaxnn03YVCIF1DFNuwxWXPagaTXd6TgqFyfte0k8vmxAPZpdTgid%2BxP8OSR2nZPwAAAP%2F%2FAQAA%2F%2F9t%2FqdSVAQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3617726&sub3=1662766132&pid=91283&sub2=icon&auid=7a86a48fb508bc6d8b20e56f1c53da6f&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
213.174.151.98307 Temporary Redirect 0 B URL HTTP/1.1 casualproof.com/winnotice?sid=H4sIAAAAAAAC%2F1RTz2skRRSu0b0sXvyx4sXFOSrIpHsm0%2BlxD8EYI8HsZtl10dtSXVWdPNPT1VR1TU9yCgriSQb8Bypfsgnq4o%2BDN43SWfAQEDK3gObiweuisGeZMSb4oHiv3vcO36vvq0923BlrwfHTxZt6i7KMz3RbQfPVD8LwRnOFcjdsDuPofjR7o2kGb%2FSiVvBa8x0lNvRMOwiDIAzC5hIZlerhzAQEFQ97YasXtGbbrbA7i6HxsK4ByxuQgzP2PEiOrzxqXAOJGnn%2F20VlN0pdvP5232W81AYDeXAv38h1laN%2FWaamgTQ%2FOJ%2BGtidLh9D5gylF6MHFYEJj1vjlEEl%2BcE4MyWBvyi3JoHIk8hlUgxoqq0G8htAfg%2BQJA4TErVXk%2Ff1b2lR881%2BUT9Axu%2FLkb1A1Zld%2Bv4a8%2F%2FVCRsPmXZ25knRuMUw9aFiD1moU7gjlFgNVRxDlRyD5K5t5soK8v7dqMw2Sfro7UQ1Ka2RqBG4Z3OQQg0sbcEUDfXnaFGEYzgVS8CDuCdGRcyqJZBDyuTTkYRDFcGJCb4SyGEFkIwizjcJsY4NGMO4zkK3huAcVHoXd70VhrxtBieP5PzrTAKfT5hyPIz4bp0k3iBMRyThpB6obpaHodiSPUiR0PP%2BKe%2FbmveuEjBgUP%2F7pMZsGbO6RO7%2BbG%2FIw6pidx66R5fH8xdS6h5UMtmQYSI9KMVSWoeIMFTFUJUM18A9kZtvW78vMuiQ8z%2B3z3PE7xRl7bqrHX%2BI%2BNtRpsxPysBNHgYrjjozjbhirWLVVGMymYVf22rD039ZknwK3DWzRmL3422MUE6fIz5HwI9jsCIKa4O5l8MqDr3ts5R5SfyO4dTwrjNZpS%2Bg%2BivIqys3GTnbGXppSmesc%2Fu9FhfEojMeH9IhhLft0946u2N4dXVn23WpRUp%2B2%2BMQ2d0teqqe%2FfFdtVtrI5UU7%2BuJNMQEm5cP3lC1XeC4pX7PsqwWSUpklbYRiPy7b91Vy29n1BWdyV6zcfmtpuV8YZS3pvAank%2BIHCBqzq9%2FvT%2F%2FD9Rf%2BBJkaxnn03YVCIF1DFNuwxWXPagaTXd6TgqFyfte0k8vmxAPZpdTgid%2BxP8OSR2nZPwAAAP%2F%2FAQAA%2F%2F9t%2FqdSVAQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3617726&sub3=1662766132&pid=91283&sub2=icon&auid=7a86a48fb508bc6d8b20e56f1c53da6f&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 213.174.151.98:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /winnotice?sid=H4sIAAAAAAAC%2F1RTz2skRRSu0b0sXvyx4sXFOSrIpHsm0%2BlxD8EYI8HsZtl10dtSXVWdPNPT1VR1TU9yCgriSQb8Bypfsgnq4o%2BDN43SWfAQEDK3gObiweuisGeZMSb4oHiv3vcO36vvq0923BlrwfHTxZt6i7KMz3RbQfPVD8LwRnOFcjdsDuPofjR7o2kGb%2FSiVvBa8x0lNvRMOwiDIAzC5hIZlerhzAQEFQ97YasXtGbbrbA7i6HxsK4ByxuQgzP2PEiOrzxqXAOJGnn%2F20VlN0pdvP5232W81AYDeXAv38h1laN%2FWaamgTQ%2FOJ%2BGtidLh9D5gylF6MHFYEJj1vjlEEl%2BcE4MyWBvyi3JoHIk8hlUgxoqq0G8htAfg%2BQJA4TErVXk%2Ff1b2lR881%2BUT9Axu%2FLkb1A1Zld%2Bv4a8%2F%2FVCRsPmXZ25knRuMUw9aFiD1moU7gjlFgNVRxDlRyD5K5t5soK8v7dqMw2Sfro7UQ1Ka2RqBG4Z3OQQg0sbcEUDfXnaFGEYzgVS8CDuCdGRcyqJZBDyuTTkYRDFcGJCb4SyGEFkIwizjcJsY4NGMO4zkK3huAcVHoXd70VhrxtBieP5PzrTAKfT5hyPIz4bp0k3iBMRyThpB6obpaHodiSPUiR0PP%2BKe%2FbmveuEjBgUP%2F7pMZsGbO6RO7%2BbG%2FIw6pidx66R5fH8xdS6h5UMtmQYSI9KMVSWoeIMFTFUJUM18A9kZtvW78vMuiQ8z%2B3z3PE7xRl7bqrHX%2BI%2BNtRpsxPysBNHgYrjjozjbhirWLVVGMymYVf22rD039ZknwK3DWzRmL3422MUE6fIz5HwI9jsCIKa4O5l8MqDr3ts5R5SfyO4dTwrjNZpS%2Bg%2BivIqys3GTnbGXppSmesc%2Fu9FhfEojMeH9IhhLft0946u2N4dXVn23WpRUp%2B2%2BMQ2d0teqqe%2FfFdtVtrI5UU7%2BuJNMQEm5cP3lC1XeC4pX7PsqwWSUpklbYRiPy7b91Vy29n1BWdyV6zcfmtpuV8YZS3pvAank%2BIHCBqzq9%2FvT%2F%2FD9Rf%2BBJkaxnn03YVCIF1DFNuwxWXPagaTXd6TgqFyfte0k8vmxAPZpdTgid%2BxP8OSR2nZPwAAAP%2F%2FAQAA%2F%2F9t%2FqdSVAQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3617726&sub3=1662766132&pid=91283&sub2=icon&auid=7a86a48fb508bc6d8b20e56f1c53da6f&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: casualproof.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 23:28:54 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 23480548cdf001c7652c15d579d88c49
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 5b6def807c7cad81b8721e0c02afb180
e9a6313ffb7ee3baf608623b796bbfc6ce373fce
19562e22f4d077a833ed529a4eab2f1321fc652a882d5b34c665ef974cd1cd44
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:28:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 20:56:05 GMT
Expires: Thu, 15 Sep 2022 20:56:04 GMT
Etag: "e9a6313ffb7ee3baf608623b796bbfc6ce373fce"
Cache-Control: max-age=603959,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1013
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7483b3f1feccb51e-OSL
cdn.tsyndicate.com/sdk/v1/video.instant.message.css
8.247.218.249200 OK 4.7 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/video.instant.message.css
IP 8.247.218.249:0
File type ASCII text, with very long lines (4667), with no line terminators
Hash 9fba1a3e7202a1124dec5d68f4f07bd1
6d880383c56bbe8244e98f135c7e8ef76e65ebfb
857634cc0df9324a79abf3ae0dc675507c22f020260e3c6ba8b2f2d04c1d24ec
GET /sdk/v1/video.instant.message.css HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Cookie: ts_uid=3d91284a-539d-4047-bc0d-9b7d78f92139; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsCEDRw0ZNRp26aMg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: text/css
content-length: 4667
etag: "62d93607-123b"
last-modified: Thu, 21 Jul 2022 11:18:31 GMT
server: nginx
x-robots-tag: noindex, nofollow
age: 4362753
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
45.133.44.9200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Hash 70cf8250da1a25a7b445231428af7828
a849d338423d2919949340838c768bba90b9081c
b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Sun, 11 Sep 2022 23:28:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
12007250.pix-cdn.org/a/pjexo.html?idzone=3902668&w=900&h=250&ad_sub=&ad_tags=
45.133.44.24200 OK 1.4 kB URL HTTP/2 12007250.pix-cdn.org/a/pjexo.html?idzone=3902668&w=900&h=250&ad_sub=&ad_tags=
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2475), with CRLF line terminators
Hash f224116e9052ec3e90569acc41edf844
701ab91aaa76fb2a0bc21f615401bbd8b84e9f85
95b2b7833993c4bca6836b9c746b538a3728f88ed023ce6fb7d5fb88d030771c
GET /a/pjexo.html?idzone=3902668&w=900&h=250&ad_sub=&ad_tags= HTTP/1.1
Host: 12007250.pix-cdn.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbbnr.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 20 May 2020 13:08:32 GMT
cache-control: max-age=3600
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECttDg9OKfoywESWvqQ9lQIKffnk5qBEM78UKUsIy7l1dq5sx%2BlX3R5GOU96Tv6PoB60F769hTjfG6ShKEnOqmkDoc2yEy8JkUCqGhtwkY%2Bj7qrRo6wnjwSHhFtb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7465b7a0c889ca3f-HAM
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 10 Sep 2022 00:28:54 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
bcprm.com/promo.php?type=direct_link&v=2&c=401977&amute=1&page=popular_chat
185.75.252.140302 Found 138 B URL HTTP/2 bcprm.com/promo.php?type=direct_link&v=2&c=401977&amute=1&page=popular_chat
IP 185.75.252.140:0
ASN #48684 Viking Host B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /promo.php?type=direct_link&v=2&c=401977&amute=1&page=popular_chat HTTP/1.1
Host: bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin:
location: https://bongacams.com/track?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
expires: Fri, 09 Sep 2022 23:28:53 GMT
x-bcs: ded7724
strict-transport-security: max-age=0;
cache-control: no-cache, public
x-bc-bl: 103
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash c3a56cd36b41b7809e68c97c7916e43d
2b36389a43bde4c6bf547b7410c2fa39a41b5e13
627189524293eb48d88e26ebbe7a48a5439ad4ff4e4d350483e9182169e84011
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5792
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:54 GMT
Last-Modified: Fri, 09 Sep 2022 21:52:22 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313
syndication.realsrv.com/ads-iframe-display.php?idzone=3902668&type=900x250&p=https%3A//rtbbnr.com/&dt=1662766125008&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22
95.211.229.248200 OK 52 B URL HTTP/1.1 syndication.realsrv.com/ads-iframe-display.php?idzone=3902668&type=900x250&p=https%3A//rtbbnr.com/&dt=1662766125008&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document, ASCII text, with no line terminators
Hash c3743cf5e9e53705dc66056f1a34f6ec
740253d7fe753ab9b7d71e1832fd1af41c0677c1
c184a4ce5928e23f286176d3c76a8d5c12c67a8957554c92fb144b1cdd2fb17c
GET /ads-iframe-display.php?idzone=3902668&type=900x250&p=https%3A//rtbbnr.com/&dt=1662766125008&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12007250.pix-cdn.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Sep 2022 23:28:54 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22631bcc364e9489.526046631724722643%22%3B%7D; expires=Sun, 08 Sep 2024 23:28:54 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=969388
185.94.236.247200 OK 1.4 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=969388
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 12652f1fed36d1d9e3b171f604d72dcb
999432a1f65a3cc8d43f1f6002af60193eec9cfb
d3c0ec37d1d25a8b5e4512d3ae3c634fb5293154c5267227568ecf8de1a0faad
GET /adshow.php?adzone=969388 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Sep 2022 23:28:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=a70ef62d13757326f054a185d0f1bf19; expires=Sat, 09-Sep-2023 23:28:53 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Mon, 12-Sep-2022 23:28:53 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 12-Sep-2022 23:28:53 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
static-assets.highwebmedia.com/CACHE/js/output.97a5db11ca63.js
104.16.94.42200 OK 237 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.97a5db11ca63.js
IP 104.16.94.42:0
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size 237 kB (236582 bytes)
Hash 1ec188b4c7321a214e0ced7a04b8301a
30e98cb62724b6708bef233268e073bc22eeddcc
0b9de9eef31d5a9a0c4f63c6cb8bf4aebd9dee9cce5564945fb599f658043ed4
GET /CACHE/js/output.97a5db11ca63.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=827275
etag: W/"692ec922d2a39b4037073f70286968b3"
last-modified: Fri, 13 May 2022 09:09:46 GMT
x-amz-id-2: VZ8ol5gj9DR4cR1Ys+gd3EdgeEH8vduV/GWCX0hMYtqbtTyLc8wtgelbUHUwXR/km7ekid2PJdA=
x-amz-meta-s3cmd-attrs: md5:692ec922d2a39b4037073f70286968b3
x-amz-request-id: WKBNH94P832M1DR9
cf-cache-status: HIT
age: 2556616
expires: Sun, 09 Oct 2022 23:28:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7iULN5Mht0OBKwQPrZKziFzZ%2FsTBPa%2BTkP9TcI6MtpC7xRbb4wDNADVPN%2FTU62H9XDUeGQpHYso8ErRAvONhhzP8sPirc748V2L9SE9xKvG8gOrXPkpveeam8rHclJY06%2FNDT6By2FfBfqolp%2BQvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=SisOecHrVlH_P6RcxVk7wne1dth2DKFQ.5T9Yd5wEG0-1662766134270-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7483b3f32c67b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
205.185.208.20200 OK 5.0 kB URL HTTP/1.1 hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP 205.185.208.20:0
File type ASCII text, with very long lines (5027), with no line terminators
Hash 5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:28:54 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10624026
X-HW: 1662766134.dop017.sk1.t,1662766134.cds258.sk1.shn,1662766134.dop017.sk1.t,1662766134.cds225.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/24/124/814208/1027236/1027236_logo.png
205.185.208.20200 OK 18 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/24/124/814208/1027236/1027236_logo.png
IP 205.185.208.20:0
Hash f9276d6abed2d8a5175ca6cc9de8686b
ed9a965369ea5f4fe00ec0cc4a44ca5fb0049ed5
ed2509f0a2848568b16d8c831257a39e7a894c3c0ff1daa9255b8a4155278132
GET /a7/creatives/24/124/814208/1027236/1027236_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:28:54 GMT
Connection: Keep-Alive
ETag: "1648065983"
Content-Length: 3236
Content-Type: image/png
Last-Modified: Wed, 23 Mar 2022 20:06:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10448779
X-HW: 1662766134.dop225.sk1.t,1662766134.cds248.sk1.shn,1662766134.dop225.sk1.t,1662766134.cds242.sk1.c
Access-Control-Allow-Origin: *
trkbng.com/hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
31.192.112.221302 Found 1.5 kB URL HTTP/2 trkbng.com/hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
IP 31.192.112.221:0
ASN #48684 Viking Host B.V.
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash ee4e90be549c5614ac6282a5b80a506b
b60da7c3c1ee54c060fac96fbde6e06dc31a914b
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
GET /hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat HTTP/1.1
Host: trkbng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.promo-bc.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bongocams.biz
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bongacams.org
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bongacams10.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bcmspt.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngwlt.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngpt.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngpst.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngprl.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngpop.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngosv.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngvs.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngdyn.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.dynspt.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.ecdyn.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.trkbc.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.trkbng.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bcprm.com
location: https://bongacams.com/popular-chat?bcs=ZXJpbzFjZTlhNjA1Zjk2ZmFlNDgzN2EwZDgxZGI5NzgyODM5OjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
expires: Fri, 09 Sep 2022 23:28:53 GMT
x-bcs: ded7013
strict-transport-security: max-age=0;
cache-control: no-cache, public
X-Firefox-Spdy: h2
bongacams.com/popular-chat?bcs=ZXJpbzFjZTlhNjA1Zjk2ZmFlNDgzN2EwZDgxZGI5NzgyODM5OjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
195.85.23.89302 Found 33 kB URL HTTP/2 bongacams.com/popular-chat?bcs=ZXJpbzFjZTlhNjA1Zjk2ZmFlNDgzN2EwZDgxZGI5NzgyODM5OjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
IP 195.85.23.89:0
ASN #209242 Cloudflare London, LLC
Hash 343953773c31bf40a02ab3f827f02661
92b20aee5a1bc0c8585d2b66957d577dacb34fc8
71622f6013408980f42edcae53191ba836f6e0f69b5ac6a2a4ed0ab91e8e96c9
GET /popular-chat?bcs=ZXJpbzFjZTlhNjA1Zjk2ZmFlNDgzN2EwZDgxZGI5NzgyODM5OjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1 HTTP/1.1
Host: bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Cookie: __cf_bm=23pqFA_K0yb6lCXI9rYP8owQn_bY7xFpXu8NhfuIrzE-1662766134-0-AfftQLvdn3V7RxDh3abBooYHjomKEDGDlo/0vZlHcAjrvXWUpwuwWJkVCE/Fm8fXHboKFfIsdmvG2AWSJQN92w4=; bonga20120608=0d4d1c0a3b785af3503b9f98d75351ea
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: text/html; charset=utf-8
location: https://no.bongacams.com/popular-chat?bcs=ZXJpbzFjZTlhNjA1Zjk2ZmFlNDgzN2EwZDgxZGI5NzgyODM5OjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
cache-control: no-cache, no-store, must-revalidate
set-cookie: ts_type2=1; expires=Sat, 09-Sep-2023 23:28:54 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
fv=AQZkAwL3ZwL2ZD==; expires=Sat, 09-Sep-2023 23:28:54 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
uh=G3tjp34mDKyZo25SqIuaqSuMDz1zFD==; expires=Sat, 09-Sep-2023 23:28:54 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
ratr=189420%3A%3A401977%3A%3A2022-09-10%2002%3A28%3A54%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7483b3f548380b06-OSL
X-Firefox-Spdy: h2
a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=_Mgc5zS2mHipqRQwWqBdCSuDJORQziEggUzf4uaGHOwKJyg7L4ccCGkcz8BgRD-JNTMU919DV8aQ3ED8KINq9kRFJSXKGX57oQvXybVSqKiY2w_gUIDRUi
66.254.114.171200 OK 35 kB URL HTTP/2 a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=_Mgc5zS2mHipqRQwWqBdCSuDJORQziEggUzf4uaGHOwKJyg7L4ccCGkcz8BgRD-JNTMU919DV8aQ3ED8KINq9kRFJSXKGX57oQvXybVSqKiY2w_gUIDRUi
IP 66.254.114.171:0
Hash 180e2386f2686dfcfc09569a2ce755bc
a770083c914a6992056755a39e7ebc6c42844410
334e4e07ab933eb9074f4fb03929b2b874caa5ec8b63e4a22650dbe0fa519d9a
GET /get/10005363?time=1592491455431&atc=416763&apb=_Mgc5zS2mHipqRQwWqBdCSuDJORQziEggUzf4uaGHOwKJyg7L4ccCGkcz8BgRD-JNTMU919DV8aQ3ED8KINq9kRFJSXKGX57oQvXybVSqKiY2w_gUIDRUi HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KGmMbzDZ9VCWOZhZlAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7077; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 631BCC36-42FE72AB01BB2159-202C803B
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WMCTNjRowyNsi0yIEjRowWNEiWacGxDIwWZWqQgQHSjJkaYWSIEfEwTJ0xGceQmQEDBw4YYVrcKHoDZQyhLcTYcNkCh5kyMWCYoUGmBsgcPCGSsbPQRg4bMh7CqbNTxwwcNmrA6AkHzsIZNHAsfTgHzkQdNBp2NPtwTBu7gGPYuGFjRk8yZig-FOPGzUIZjGk0diyijRuMOjDPICwCjmfQcQM_rBMjIxo6dODM0fHiRRgXBul8djHmTZsXZ8rQeZEVBowao2f8oJOmTZkeDXPISBmDRo0aNDxyqWNcho0wdMb0CLy48fbu3-GI6THkCxskNcxoafLlSpwZQXCoKTNFj5IhY9mARB4IVSGEHTA04QYbSmBxxhUpVZGEFA0RUUMURgwhxxtwXCEGTVWEoUUUTxChhxpNYFEGEzl8dIeGZBjxxRJCVPHEGlK44VkLdmRxhBtoLGGGGFkIEQcbVkRhQxJKEAFHGA5-cYaEREhRRRphmSaZCBy2sSUZvmXkHBlp3BbGHG_E4IIbwoW10V9beNSFWnIApQMMLhhXkQhiRHZnnscVZtoXcNS5EJ7GwRADYw_JYQdicj1Uxhha_pnoDDWkJUIddWCpgwgzkNGiDDjQkBRyOYhEAww0NCXGGDCIlIMYN5Bxg1XSxTADWA-lgZgILbqQA540yOBCQzSEJccXvmYU7LAuFHssdmHVEUZGTbyhRxpssBHGCzXkCQIKWJi0AwhMpOFGHXiAgAdcX9hAw7mO6nBWnimAcMSka7zxggyK6qkoCEakIUcZZryBxwv3wuCmnSI48URYbyw7BsQSh8UGxEU4EdZBdnxxMBsU1XDDraMdNZcIcpxhWWg16PUQyF-IIcdCRs1cRshtvEHGZXDtScaGdz30hkKh0alwHgvR0CjCrsEmG20vjFkmbmiqyeZwYc3haEYb0gFexS3U4UYadLTQkAtkjBGDDB9DfNAXbb8dFh1eMmQDWozZoCtneMOtN997_w2XDY-JXEZfX4BH0d6YFd6RpCGHwQZCdCAdJw1zQiTGXyIcZIZPbEyk1saHFgYaDH0oEBA%3D&s=a566d9129405deec82f7ed6db693af76a9823bf3d3a95c3410e3ac431911b67e1662766133&w=t&r=1&d=890&priv=false
136.243.75.209200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WMCTNjRowyNsi0yIEjRowWNEiWacGxDIwWZWqQgQHSjJkaYWSIEfEwTJ0xGceQmQEDBw4YYVrcKHoDZQyhLcTYcNkCh5kyMWCYoUGmBsgcPCGSsbPQRg4bMh7CqbNTxwwcNmrA6AkHzsIZNHAsfTgHzkQdNBp2NPtwTBu7gGPYuGFjRk8yZig-FOPGzUIZjGk0diyijRuMOjDPICwCjmfQcQM_rBMjIxo6dODM0fHiRRgXBul8djHmTZsXZ8rQeZEVBowao2f8oJOmTZkeDXPISBmDRo0aNDxyqWNcho0wdMb0CLy48fbu3-GI6THkCxskNcxoafLlSpwZQXCoKTNFj5IhY9mARB4IVSGEHTA04QYbSmBxxhUpVZGEFA0RUUMURgwhxxtwXCEGTVWEoUUUTxChhxpNYFEGEzl8dIeGZBjxxRJCVPHEGlK44VkLdmRxhBtoLGGGGFkIEQcbVkRhQxJKEAFHGA5-cYaEREhRRRphmSaZCBy2sSUZvmXkHBlp3BbGHG_E4IIbwoW10V9beNSFWnIApQMMLhhXkQhiRHZnnscVZtoXcNS5EJ7GwRADYw_JYQdicj1Uxhha_pnoDDWkJUIddWCpgwgzkNGiDDjQkBRyOYhEAww0NCXGGDCIlIMYN5Bxg1XSxTADWA-lgZgILbqQA540yOBCQzSEJccXvmYU7LAuFHssdmHVEUZGTbyhRxpssBHGCzXkCQIKWJi0AwhMpOFGHXiAgAdcX9hAw7mO6nBWnimAcMSka7zxggyK6qkoCEakIUcZZryBxwv3wuCmnSI48URYbyw7BsQSh8UGxEU4EdZBdnxxMBsU1XDDraMdNZcIcpxhWWg16PUQyF-IIcdCRs1cRshtvEHGZXDtScaGdz30hkKh0alwHgvR0CjCrsEmG20vjFkmbmiqyeZwYc3haEYb0gFexS3U4UYadLTQkAtkjBGDDB9DfNAXbb8dFh1eMmQDWozZoCtneMOtN997_w2XDY-JXEZfX4BH0d6YFd6RpCGHwQZCdCAdJw1zQiTGXyIcZIZPbEyk1saHFgYaDH0oEBA%3D&s=a566d9129405deec82f7ed6db693af76a9823bf3d3a95c3410e3ac431911b67e1662766133&w=t&r=1&d=890&priv=false
IP 136.243.75.209:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WMCTNjRowyNsi0yIEjRowWNEiWacGxDIwWZWqQgQHSjJkaYWSIEfEwTJ0xGceQmQEDBw4YYVrcKHoDZQyhLcTYcNkCh5kyMWCYoUGmBsgcPCGSsbPQRg4bMh7CqbNTxwwcNmrA6AkHzsIZNHAsfTgHzkQdNBp2NPtwTBu7gGPYuGFjRk8yZig-FOPGzUIZjGk0diyijRuMOjDPICwCjmfQcQM_rBMjIxo6dODM0fHiRRgXBul8djHmTZsXZ8rQeZEVBowao2f8oJOmTZkeDXPISBmDRo0aNDxyqWNcho0wdMb0CLy48fbu3-GI6THkCxskNcxoafLlSpwZQXCoKTNFj5IhY9mARB4IVSGEHTA04QYbSmBxxhUpVZGEFA0RUUMURgwhxxtwXCEGTVWEoUUUTxChhxpNYFEGEzl8dIeGZBjxxRJCVPHEGlK44VkLdmRxhBtoLGGGGFkIEQcbVkRhQxJKEAFHGA5-cYaEREhRRRphmSaZCBy2sSUZvmXkHBlp3BbGHG_E4IIbwoW10V9beNSFWnIApQMMLhhXkQhiRHZnnscVZtoXcNS5EJ7GwRADYw_JYQdicj1Uxhha_pnoDDWkJUIddWCpgwgzkNGiDDjQkBRyOYhEAww0NCXGGDCIlIMYN5Bxg1XSxTADWA-lgZgILbqQA540yOBCQzSEJccXvmYU7LAuFHssdmHVEUZGTbyhRxpssBHGCzXkCQIKWJi0AwhMpOFGHXiAgAdcX9hAw7mO6nBWnimAcMSka7zxggyK6qkoCEakIUcZZryBxwv3wuCmnSI48URYbyw7BsQSh8UGxEU4EdZBdnxxMBsU1XDDraMdNZcIcpxhWWg16PUQyF-IIcdCRs1cRshtvEHGZXDtScaGdz30hkKh0alwHgvR0CjCrsEmG20vjFkmbmiqyeZwYc3haEYb0gFexS3U4UYadLTQkAtkjBGDDB9DfNAXbb8dFh1eMmQDWozZoCtneMOtN997_w2XDY-JXEZfX4BH0d6YFd6RpCGHwQZCdCAdJw1zQiTGXyIcZIZPbEyk1saHFgYaDH0oEBA%3D&s=a566d9129405deec82f7ed6db693af76a9823bf3d3a95c3410e3ac431911b67e1662766133&w=t&r=1&d=890&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=3d91284a-539d-4047-bc0d-9b7d78f92139; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsCEDRw0ZNRp26aMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=bloomyogi&f=0.06722703379606132
131.153.88.92200 OK 39 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=bloomyogi&f=0.06722703379606132
IP 131.153.88.92:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 7ee0703a149e166dcd7975424418403f
32b365e7c401cdca008789c99a716a7f97b5c04e
79853367cd10e31dd16fabc423d31d14d3ea1a8b7de89559f4d9e1d57c683d39
GET /stream?room=bloomyogi&f=0.06722703379606132 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=RFcCgVKTOFWSWrIo3_W2YNOAekVyQWqhu0ZbgpXzUxc-1662766134308-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/jpeg
content-length: 38561
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=bloomyogi&f=0.9244846630643828
131.153.88.92200 OK 39 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=bloomyogi&f=0.9244846630643828
IP 131.153.88.92:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 7ee0703a149e166dcd7975424418403f
32b365e7c401cdca008789c99a716a7f97b5c04e
79853367cd10e31dd16fabc423d31d14d3ea1a8b7de89559f4d9e1d57c683d39
GET /stream?room=bloomyogi&f=0.9244846630643828 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=RFcCgVKTOFWSWrIo3_W2YNOAekVyQWqhu0ZbgpXzUxc-1662766134308-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/jpeg
content-length: 38561
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
trkbng.com/hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
31.192.112.221302 Found 117 kB URL HTTP/2 trkbng.com/hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
IP 31.192.112.221:0
ASN #48684 Viking Host B.V.
Size 117 kB (116663 bytes)
Hash 7f6e2b39327f1dff9ade87e14244e8b9
b011dc953227eab4d7a2fa7c697ae22bd5583078
5ddeee89e5cbb3cb96a8c014e497dfffd6a195e7602bca28568579a87287bc2c
GET /hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat HTTP/1.1
Host: trkbng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.promo-bc.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bongocams.biz
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bongacams.org
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bongacams10.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bcmspt.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngwlt.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngpt.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngpst.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngprl.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngpop.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngosv.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngvs.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bngdyn.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.dynspt.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.ecdyn.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.trkbc.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.trkbng.com
BCH_H=1ce9a605f96fae4837a0d81db9782839%7C2022-09-10; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576800000; path=/; domain=.bcprm.com
location: https://bongacams.com/popular-chat?bcs=b3JoaTFjZTlhNjA1Zjk2ZmFlNDgzN2EwZDgxZGI5NzgyODM5OjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
expires: Fri, 09 Sep 2022 23:28:53 GMT
x-bcs: ded7383
strict-transport-security: max-age=0;
cache-control: no-cache, public
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 43abf74fbc3dca5907d4a15757c15680
f23769f3af266ab002746f23495a9e8e3f954057
04fee6246c8efd29a4fc15d6aa69cbae31b137a71379bb90792188c79b0c4820
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4736
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:55 GMT
Last-Modified: Fri, 09 Sep 2022 22:09:59 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 43abf74fbc3dca5907d4a15757c15680
f23769f3af266ab002746f23495a9e8e3f954057
04fee6246c8efd29a4fc15d6aa69cbae31b137a71379bb90792188c79b0c4820
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4736
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:55 GMT
Last-Modified: Fri, 09 Sep 2022 22:09:59 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0ae0487caa4e81395bea3a77dc76bbc1
c248d184abd21ce4da5df86c8e54d8fb8d3f8757
1b4a6906b8227ec4a71714d582514410bb05eb20c78e1d0de98b16349205d31f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6037
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:55 GMT
Last-Modified: Fri, 09 Sep 2022 21:48:18 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0ae0487caa4e81395bea3a77dc76bbc1
c248d184abd21ce4da5df86c8e54d8fb8d3f8757
1b4a6906b8227ec4a71714d582514410bb05eb20c78e1d0de98b16349205d31f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6436
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:55 GMT
Last-Modified: Fri, 09 Sep 2022 21:41:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
cbjpeg.stream.highwebmedia.com/stream?room=bloomyogi&f=0.5969682023341855
131.153.88.92200 OK 38 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=bloomyogi&f=0.5969682023341855
IP 131.153.88.92:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash fdf8f92b6e9ddc4f0d71cb604e2637a0
7a224cbc7d72dfe93f4e3f39be8a88a591313ddd
eeb4c3e9c0d4ae93fddf73c534136f1225c82b1afd35c4c297c9f1147385be29
GET /stream?room=bloomyogi&f=0.5969682023341855 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=RFcCgVKTOFWSWrIo3_W2YNOAekVyQWqhu0ZbgpXzUxc-1662766134308-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/jpeg
content-length: 38199
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 43abf74fbc3dca5907d4a15757c15680
f23769f3af266ab002746f23495a9e8e3f954057
04fee6246c8efd29a4fc15d6aa69cbae31b137a71379bb90792188c79b0c4820
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4670
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 23:28:55 GMT
Last-Modified: Fri, 09 Sep 2022 22:11:06 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
i.bcicdn.com/gifts/901/771be9d5e351d1e4888537352321debb_th.png
195.85.23.30200 OK 20 kB URL HTTP/2 i.bcicdn.com/gifts/901/771be9d5e351d1e4888537352321debb_th.png
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 155 x 155, 8-bit/color RGBA, non-interlaced\012- data
Hash b625446ac227298550d01479011e9bcc
278523298af00f936dcad9b5d230d4835b743726
0a77445d70f74cf91ec3ec5e3797ecd6ab7c0a16f1432235f5f921ce1f2b61c1
GET /gifts/901/771be9d5e351d1e4888537352321debb_th.png HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/png
content-length: 19980
last-modified: Mon, 04 Feb 2019 08:50:36 GMT
etag: "5c57fcdc-4e0c"
expires: Thu, 22 Sep 2022 14:29:59 GMT
cache-control: max-age=2592000
vary: Accept-Encoding
x-cache-0: 1
cf-cache-status: HIT
age: 985046
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3faad2db4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/3d9/0ab/xbig_lq/654df9.webp
195.85.23.30200 OK 12 kB URL HTTP/2 i.bcicdn.com/live/09b/3d9/0ab/xbig_lq/654df9.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b25b4b2180e41df09bbb85179bea1150
e337b0be4799cb5bac8c59e42fc671c16ada8f0e
3f28ea50bc3b2d24ed0214dda51df42af04084b6fd2562d81e79a4f461f5bd1d
GET /live/09b/3d9/0ab/xbig_lq/654df9.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 12346
last-modified: Fri, 09 Sep 2022 23:27:07 GMT
etag: "631bcbcb-303a"
expires: Fri, 16 Sep 2022 23:27:08 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 105
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd32b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/099/37d/3b1/xbig_lq/71118f.webp
195.85.23.30200 OK 10 kB URL HTTP/2 i.bcicdn.com/live/099/37d/3b1/xbig_lq/71118f.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3857871bb390720311ea2c7177ab8979
5484406de0e47426dd16f22ab10091066c6fa7bf
4f144758c921bb1cf6c787c6194e6ec8366c61efd94dce2d850019d610cc8782
GET /live/099/37d/3b1/xbig_lq/71118f.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 10502
last-modified: Fri, 09 Sep 2022 23:20:12 GMT
etag: "631bca2c-2906"
expires: Fri, 16 Sep 2022 23:20:13 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 521
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd30b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/069/095/3b1/xbig_lq/092836.webp
195.85.23.30200 OK 10 kB URL HTTP/2 i.bcicdn.com/live/069/095/3b1/xbig_lq/092836.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8897990707dc1d87a0fbf6b51dc94295
202052c7e85af7ae9041dc7214121ef89bd4cf1f
da50f5bcb021f37a75faf2fb9c4e2d40d89178c31b7f487eb2fadadfbd962410
GET /live/069/095/3b1/xbig_lq/092836.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 10064
last-modified: Fri, 09 Sep 2022 23:27:44 GMT
etag: "631bcbf0-2750"
expires: Fri, 16 Sep 2022 23:27:45 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: HIT
cf-cache-status: HIT
age: 70
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd36b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/3ca/1b4/xbig_lq/a73adb.webp
195.85.23.30200 OK 8.4 kB URL HTTP/2 i.bcicdn.com/live/09b/3ca/1b4/xbig_lq/a73adb.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f4ed2a1f5702452fcd3bac1404447b3c
48035911705daf410df05a438dfc59c8ba3b69af
e4ee9c99e4947b6bd57168026c880f9bb9e39992a0d3882d707d12a515ea4861
GET /live/09b/3ca/1b4/xbig_lq/a73adb.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 8388
last-modified: Fri, 09 Sep 2022 23:26:49 GMT
etag: "631bcbb9-20c4"
expires: Fri, 16 Sep 2022 23:26:51 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 124
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd35b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/068/30e/37f/xbig_lq/e5ff37.webp
195.85.23.30200 OK 10 kB URL HTTP/2 i.bcicdn.com/live/068/30e/37f/xbig_lq/e5ff37.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b332eb0de7577dec3f3ddd268e606f41
ff88e38f3f153f77b272a18586ec9386ff310c35
4328d8fa4fb1b22aaaa3a25c875fcf5236e35e0cf663bf4228a40d89e442194e
GET /live/068/30e/37f/xbig_lq/e5ff37.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 9984
last-modified: Fri, 09 Sep 2022 23:25:45 GMT
etag: "631bcb79-2700"
expires: Fri, 16 Sep 2022 23:25:46 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 189
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd39b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/05f/127/0ee/xbig_lq/bce4d9.webp
195.85.23.30200 OK 14 kB URL HTTP/2 i.bcicdn.com/live/05f/127/0ee/xbig_lq/bce4d9.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8828399f1e241349beb3f487c755ce25
15d710d1c4f1184a74f1b55349f28479235b67a2
f4c29bb4fc3274a9df6dcc6de804f6c851af962552da9335072e022ac6a69d9f
GET /live/05f/127/0ee/xbig_lq/bce4d9.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 14220
last-modified: Fri, 09 Sep 2022 23:25:02 GMT
etag: "631bcb4e-378c"
expires: Fri, 16 Sep 2022 23:25:03 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 232
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd38b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/02b/139/286/xbig_lq/9c359f.webp
195.85.23.30200 OK 10 kB URL HTTP/2 i.bcicdn.com/live/02b/139/286/xbig_lq/9c359f.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ea45d2ccb39bb347d9e50c11afa10e28
612de921444f98236089d957a895f6f0d69c38a9
5b9756d326bea40613c2452247b30fdd8427efe99b1c34af70e3f4fad4fc1068
GET /live/02b/139/286/xbig_lq/9c359f.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 10006
last-modified: Fri, 09 Sep 2022 23:28:17 GMT
etag: "631bcc11-2716"
expires: Fri, 16 Sep 2022 23:28:18 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o-91: 2
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 35
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd34b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/0ba/283/xbig_lq/b62cd9.webp
195.85.23.30200 OK 12 kB URL HTTP/2 i.bcicdn.com/live/09b/0ba/283/xbig_lq/b62cd9.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0b693fa80f400d5f84bac97ffc69b426
1b8fb1c1bb87a18d6a68771a61d20048b88af084
2b492cca291b8e8d1a025eb394dd45616e5ebb360b232e4159a8f92e3261bd76
GET /live/09b/0ba/283/xbig_lq/b62cd9.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 11736
last-modified: Fri, 09 Sep 2022 23:25:36 GMT
etag: "631bcb70-2dd8"
expires: Fri, 16 Sep 2022 23:25:37 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 198
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd3ab4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/099/030/190/xbig_lq/1faffb.webp
195.85.23.30200 OK 6.9 kB URL HTTP/2 i.bcicdn.com/live/099/030/190/xbig_lq/1faffb.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 50d07d9fc970c0598be0aa8e2c19dad4
a645842269f377cb94fae361c0ad3e63e6025a49
a3e162dc1db96c5ff194e91b480f37bdabc3d885af5773ed1f1a448e8dffb1ed
GET /live/099/030/190/xbig_lq/1faffb.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 6858
last-modified: Fri, 09 Sep 2022 23:26:46 GMT
etag: "631bcbb6-1aca"
expires: Fri, 16 Sep 2022 23:26:46 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 128
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd3db4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/05e/25d/36e/xbig_lq/5e434f.webp
195.85.23.30200 OK 3.9 kB URL HTTP/2 i.bcicdn.com/live/05e/25d/36e/xbig_lq/5e434f.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aeda76a1d99128a7aa3e523a15b15971
8dfd3a9c61b0fe2284c50820289f44dd7b3c98f6
08a4d515e1eb073a4069520b291b2ba26793852d03b554d3241d228a21559740
GET /live/05e/25d/36e/xbig_lq/5e434f.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 3882
last-modified: Fri, 09 Sep 2022 23:25:25 GMT
etag: "631bcb65-f2a"
expires: Fri, 16 Sep 2022 23:25:36 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 199
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd3fb4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/094/3d2/3d0/xbig_lq/ceb46c.webp
195.85.23.30200 OK 8.5 kB URL HTTP/2 i.bcicdn.com/live/094/3d2/3d0/xbig_lq/ceb46c.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 19ea3dc02bcd161b11e648e33f768db7
b778991398fcc8ad6aeaac026a19cfbc3ca6f105
d800e8b5b8109a70f1a0e47275265b0ee617b242775b139765751189c4a571e6
GET /live/094/3d2/3d0/xbig_lq/ceb46c.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 8490
last-modified: Fri, 09 Sep 2022 23:25:15 GMT
etag: "631bcb5b-212a"
expires: Fri, 16 Sep 2022 23:25:16 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o-91: 2
x-bc-o: 1
x-circle-r: HIT
cf-cache-status: HIT
age: 218
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd3bb4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/3d5/1fe/xbig_lq/ccf806.webp
195.85.23.30200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/09b/3d5/1fe/xbig_lq/ccf806.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 414c4385f743eca0e87a8f2f4d8533e6
dcb1ced36947cc08e00f1eeb927a442e5f8fdd92
ed9dff6ed73e98ec9ad20ee8d80ebb359da9062c2fcb765c7de68ca386fc2307
GET /live/09b/3d5/1fe/xbig_lq/ccf806.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 16124
last-modified: Fri, 09 Sep 2022 23:24:20 GMT
etag: "631bcb24-3efc"
expires: Fri, 16 Sep 2022 23:24:21 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: HIT
cf-cache-status: HIT
age: 274
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd3cb4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/09f/06d/xbig_lq/b71c26.webp
195.85.23.30200 OK 12 kB URL HTTP/2 i.bcicdn.com/live/09c/09f/06d/xbig_lq/b71c26.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash de974172c76d70a93a4481a674835ad6
476cfbc01735c048c117b949c5c305b3b1ff827c
dbe122a1873c0205679e3860f5ec43a0ac3075dc4258f95746be14a077535087
GET /live/09c/09f/06d/xbig_lq/b71c26.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 12532
last-modified: Fri, 09 Sep 2022 23:02:22 GMT
etag: "631bc5fe-30f4"
expires: Fri, 16 Sep 2022 23:02:22 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 1592
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd3eb4f9-OSL
X-Firefox-Spdy: h2
chatw-39.stream.highwebmedia.com/ws/info?t=1662766125943
104.19.241.83200 OK 13 kB URL HTTP/2 chatw-39.stream.highwebmedia.com/ws/info?t=1662766125943
IP 104.19.241.83:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 513e467800009a5fae5c6fd645f6d49c
aed655c21846c546e84b77538510be8545197dd7
72b1bbdb30f8fb3668cd2cb455354c1d744a584395cbb88825ae4f6c462cba23
GET /ws/info?t=1662766125943 HTTP/1.1
Host: chatw-39.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Cookie: _cfuvid=RFcCgVKTOFWSWrIo3_W2YNOAekVyQWqhu0ZbgpXzUxc-1662766134308-0-604800000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qW5iB5SwwhYo1EpmhqC2A1TP7IfvrxpsMNcgGJzCgudwj3re%2FdmZtwhanRoRWF5fclFP1Jz5hoNjq3P5Wd3EfW1Hiy9%2BujTVyBHnVExiC5TwgotfnJOFCZW9wZciGPHTNzxCcXdNBaMLijcaTng%2Fmv0Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3f8ac98b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/live/017/18b/10c/xbig_lq/ba0b76.webp
195.85.23.30200 OK 15 kB URL HTTP/2 i.bcicdn.com/live/017/18b/10c/xbig_lq/ba0b76.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 94dbe6ad06cf1b81b51837e4cbd009ce
65a55f8c99055c461682b50671069ad5b920f0cc
e210e530dcdb46cf2861a2933055a0bdeb1d91922e380211bf49e2222afd018e
GET /live/017/18b/10c/xbig_lq/ba0b76.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 14984
last-modified: Fri, 09 Sep 2022 23:27:33 GMT
etag: "631bcbe5-3a88"
expires: Fri, 16 Sep 2022 23:27:34 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 80
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd41b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/095/3d7/381/xbig_lq/776254.webp
195.85.23.30200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/095/3d7/381/xbig_lq/776254.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a2998956fd1e7b9aa5f8d64cb80d8a38
11d63cd70b25c44543bbf63c1273e762dd935460
63708d72d7d1f6e73774d9ebb3d8d56de9af402c348008f847bec671ff3fcfb0
GET /live/095/3d7/381/xbig_lq/776254.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 15712
last-modified: Fri, 09 Sep 2022 23:27:46 GMT
etag: "631bcbf2-3d60"
expires: Fri, 16 Sep 2022 23:27:47 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 64
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd42b4f9-OSL
X-Firefox-Spdy: h2
a.focusde.info/api/spots/303891?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 11 kB URL HTTP/2 a.focusde.info/api/spots/303891?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash dde4b58eb9490a246755514f7a4aebfd
4939b0f18b37061f2c6a14d46013cdd8738d8e0d
cc4fdf1bcb1270f3e6997e0e9c9301dff1ee13bd287dc13e438e0b039b15029c
GET /api/spots/303891?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=jy5ZxIUqujXs7XIELbof
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/live/099/3e6/244/xbig_lq/82fb6c.webp
195.85.23.30200 OK 11 kB URL HTTP/2 i.bcicdn.com/live/099/3e6/244/xbig_lq/82fb6c.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c71e0fc9b2c585af0db6499a5eb8d2bd
dde72c09c17f2ea34db994ae0a2d16d30a824be0
9941d55dc63172aeb04ab58ffd671913d12431722179f72215aed455335746c5
GET /live/099/3e6/244/xbig_lq/82fb6c.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 10972
last-modified: Fri, 09 Sep 2022 23:24:40 GMT
etag: "631bcb38-2adc"
expires: Fri, 16 Sep 2022 23:24:42 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 244
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd45b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/209/2d4/xbig_lq/f5c12e.webp
195.85.23.30200 OK 8.9 kB URL HTTP/2 i.bcicdn.com/live/09a/209/2d4/xbig_lq/f5c12e.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1819e1a3326b28886935f3934d9d21c3
7178443429cb56dda5e403f8cd861f23aab2dc3f
6c401ebe7506810df3382793b687141b52f3d0eff79aeebb12cfc01d1f20b9e9
GET /live/09a/209/2d4/xbig_lq/f5c12e.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 8918
last-modified: Fri, 09 Sep 2022 23:24:04 GMT
etag: "631bcb14-22d6"
expires: Fri, 16 Sep 2022 23:24:04 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 276
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd47b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/090/13e/0c2/xbig_lq/85a450.webp
195.85.23.30200 OK 18 kB URL HTTP/2 i.bcicdn.com/live/090/13e/0c2/xbig_lq/85a450.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e1352a9c3294a45fb317d88242b18f88
c0e8ce1d2bea8a4ba575f9320feb259d52340801
f1e22e9ebb1498eb4ec848e2508656ebe96372ab9bdd877d9426434ce50c2ad9
GET /live/090/13e/0c2/xbig_lq/85a450.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 18114
last-modified: Fri, 09 Sep 2022 23:28:02 GMT
etag: "631bcc02-46c2"
expires: Fri, 16 Sep 2022 23:28:03 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 32
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd44b4f9-OSL
X-Firefox-Spdy: h2
a.focusde.info/api/spots/391867?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 24 kB URL HTTP/2 a.focusde.info/api/spots/391867?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d6c5dc9fbfafb36bcf569e92ed62eb26
5f61095e75813cf45c00f1d7d704fc91f9ca05fa
3642e8c64cdc2b386b95d13bf61f53cb1821affe30125d33e4469cc8af9a4f54
GET /api/spots/391867?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=La9piBvG9PhTNnlK4KDT; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.e1067846ea15.js
104.16.94.42200 OK 47 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.e1067846ea15.js
IP 104.16.94.42:0
File type ASCII text, with very long lines (1534)
Hash 85f16fc5b8cba080dd2803dee6015f41
80a65fcdbf5102457732a0e637901fde4e8155d3
e29b4add18f0dc312da71e91a041fa574cbc1d00d3db0ba0e02b8e2836e3c042
GET /CACHE/js/output.e1067846ea15.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=108152
etag: W/"97a23c5e27826ee4bed1dbcfe0601da8"
last-modified: Thu, 24 Jun 2021 21:24:09 GMT
x-amz-id-2: gJdq637yDaGW5b/k/xLZcaVgKR2zPrz11wa1iwf3/kEEAF2JWIngCVC4T9LIrDSnBaklrTBcytM=
x-amz-meta-s3cmd-attrs: md5:97a23c5e27826ee4bed1dbcfe0601da8
x-amz-request-id: C8A0N4S7KE12CYZQ
cf-cache-status: HIT
age: 1908088
expires: Sun, 09 Oct 2022 23:28:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4KDDuzqmVssLhOFxDR%2BhqwXU%2FqbhE3ut8ksYLaY0ngVVUeRqeZExlH45pSJnVvC%2BWZNqfGMutWWIo4vYtIJhG%2Bno8padw68EJZmHQiPaOT0idlzXXc6gJhPmoU%2FK3q3gyeH4GW%2BAzfBKf8FFoRmHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=SisOecHrVlH_P6RcxVk7wne1dth2DKFQ.5T9Yd5wEG0-1662766134270-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7483b3f32c66b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/09f/393/xbig_lq/93d433.webp
195.85.23.30200 OK 8.5 kB URL HTTP/2 i.bcicdn.com/live/09a/09f/393/xbig_lq/93d433.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5877d97ba0bfe840e2da4eeec7caf9b1
dff7b64b9b72ac82e135bce255ad81401f01fb77
5f2135406ffdef24d44cddc5becda28fdd7e58412143da0935ef7783c5754e04
GET /live/09a/09f/393/xbig_lq/93d433.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 8458
last-modified: Fri, 09 Sep 2022 23:27:37 GMT
etag: "631bcbe9-210a"
expires: Fri, 16 Sep 2022 23:27:38 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 69
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd49b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/050/1a7/272/xbig_lq/0f8dbc.webp
195.85.23.30200 OK 36 kB URL HTTP/2 i.bcicdn.com/live/050/1a7/272/xbig_lq/0f8dbc.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
Hash 8eb61d2dcd6b56c2bbe476dd542f9361
a6f6dce344995d56b799262229a8778d6227f814
14d26420c7b40ebaac64b506cfe8c5ddf7ed7dbb0723a83fb054b64fcdb996aa
GET /live/050/1a7/272/xbig_lq/0f8dbc.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 14428
last-modified: Fri, 09 Sep 2022 23:25:07 GMT
etag: "631bcb53-385c"
expires: Fri, 16 Sep 2022 23:25:09 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 202
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd4ab4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/334/20b/xbig_lq/4c113c.webp
195.85.23.30200 OK 7.9 kB URL HTTP/2 i.bcicdn.com/live/09a/334/20b/xbig_lq/4c113c.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4f295c93820c1a5fa92e9acca5aaa02c
af861edf314e4e92b796323787b19d5a6702a9bb
400f7a3bf42ef125b3b24c0023e28b5ea6098c4884aeb36819be0e2a87ab43eb
GET /live/09a/334/20b/xbig_lq/4c113c.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 7934
last-modified: Fri, 09 Sep 2022 23:26:49 GMT
etag: "631bcbb9-1efe"
expires: Fri, 16 Sep 2022 23:26:51 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 103
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd4db4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/05a/140/xbig_lq/b3b325.webp
195.85.23.30200 OK 12 kB URL HTTP/2 i.bcicdn.com/live/09c/05a/140/xbig_lq/b3b325.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 50f8a3f1634bb828c5814fb87fce72d7
195c0999568309a0ae25ceb9d611823e90d4c678
f57fc116593a58e186f2ceb69fce463cc42b709bb81b26be505cbc1ab0c98bd0
GET /live/09c/05a/140/xbig_lq/b3b325.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 11890
last-modified: Fri, 09 Sep 2022 23:27:03 GMT
etag: "631bcbc7-2e72"
expires: Fri, 16 Sep 2022 23:27:05 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 108
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd4bb4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/0fa/0c2/xbig_lq/21c914.webp
195.85.23.30200 OK 10 kB URL HTTP/2 i.bcicdn.com/live/09b/0fa/0c2/xbig_lq/21c914.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f8b7edcd88710292dd36f3e0499a601e
089fb5f0368c26ac0756ade0572f2ce791acd6a6
694c84fe07999676c4d1fb58418f9b4f0f6fe1fc77e227148ceee8fa7f1fcddf
GET /live/09b/0fa/0c2/xbig_lq/21c914.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 10000
last-modified: Fri, 09 Sep 2022 23:26:33 GMT
etag: "631bcba9-2710"
expires: Fri, 16 Sep 2022 23:26:36 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 130
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd4cb4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/0ff/33e/xbig_lq/f2ea8e.webp
195.85.23.30200 OK 21 kB URL HTTP/2 i.bcicdn.com/live/09b/0ff/33e/xbig_lq/f2ea8e.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8405cd6803d8ff5a8590684118a41d55
4be97ed6869712cfc7c40d3b95d887c2d9ccd98b
f5d3e3cd60ad9d7e549f6b5f42c9f5ce28ff0deb0ed9e3b69af3f75a622c51cd
GET /live/09b/0ff/33e/xbig_lq/f2ea8e.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 20650
last-modified: Fri, 09 Sep 2022 23:28:05 GMT
etag: "631bcc05-50aa"
expires: Fri, 16 Sep 2022 23:28:06 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 45
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd4eb4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/1d3/0c0/xbig_lq/9834c6.webp
195.85.23.30200 OK 9.0 kB URL HTTP/2 i.bcicdn.com/live/09c/1d3/0c0/xbig_lq/9834c6.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9c53a891eda8b0c1565443a674e3fa82
c6ea3e64d9ac1615ec6e3b5bcabcd31e504fc02a
fc74b4185f67ac1b4b844ddc9235d0e24d10517e427a498bac8b4b63623031e4
GET /live/09c/1d3/0c0/xbig_lq/9834c6.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 8962
last-modified: Fri, 09 Sep 2022 23:25:48 GMT
etag: "631bcb7c-2302"
expires: Fri, 16 Sep 2022 23:25:49 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 185
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd4fb4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/04b/1ae/xbig_lq/7aa508.webp
195.85.23.30200 OK 9.6 kB URL HTTP/2 i.bcicdn.com/live/09c/04b/1ae/xbig_lq/7aa508.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 010b5a3c1459c8d21c48f096e75e4a5c
37ffdd971c202d60a27630c1baa144699d967a73
8bab55a388fbabc75cffc8d9b69e0a9f73f309c9eaddcd6ba2dc04714b03b3db
GET /live/09c/04b/1ae/xbig_lq/7aa508.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 9600
last-modified: Fri, 09 Sep 2022 23:28:21 GMT
etag: "631bcc15-2580"
expires: Fri, 16 Sep 2022 23:28:22 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 33
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd51b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/019/0bb/xbig_lq/306512.webp
195.85.23.30200 OK 11 kB URL HTTP/2 i.bcicdn.com/live/09c/019/0bb/xbig_lq/306512.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63e979f2f41d37f53f5e55627f752848
569e781e26eede6e988f9d9460eb171d4319493f
781f7cc0633c97a1e2bf53c46c7072860fff6be3054c05d8de5fa91e0c85327a
GET /live/09c/019/0bb/xbig_lq/306512.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 11266
last-modified: Fri, 09 Sep 2022 23:27:46 GMT
etag: "631bcbf2-2c02"
expires: Fri, 16 Sep 2022 23:27:46 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 69
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd52b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/0a5/1ae/xbig_lq/06a588.webp
195.85.23.30200 OK 11 kB URL HTTP/2 i.bcicdn.com/live/09c/0a5/1ae/xbig_lq/06a588.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b9096488c2c12aae9d63ddf0ea66b95
e1e481e6e0c5ce698752749980648ddd09b0763f
16a84fa406a152e7d769bbbb01e660d8f43fbab8c0149cdc8fb58819198de1eb
GET /live/09c/0a5/1ae/xbig_lq/06a588.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 10946
last-modified: Fri, 09 Sep 2022 23:28:22 GMT
etag: "631bcc16-2ac2"
expires: Fri, 16 Sep 2022 23:28:23 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 18
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd53b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/0b9/392/xbig_lq/00e010.webp
195.85.23.30200 OK 23 kB URL HTTP/2 i.bcicdn.com/live/09b/0b9/392/xbig_lq/00e010.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4dc079a1a6a6bcde296e0afb51b8769e
e5fb516a4a9626183a6f3f1f78796602a75d8e3d
56527ca392d117836fabd3332173b1c7a0fab3f067254cf9f77816c455f7643b
GET /live/09b/0b9/392/xbig_lq/00e010.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 22986
last-modified: Fri, 09 Sep 2022 23:24:29 GMT
etag: "631bcb2d-59ca"
expires: Fri, 16 Sep 2022 23:24:29 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 249
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd54b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/117/3a0/xbig_lq/1a6a1e.webp
195.85.23.30200 OK 11 kB URL HTTP/2 i.bcicdn.com/live/09c/117/3a0/xbig_lq/1a6a1e.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 98f77e9c2bbb5d2492778659510acb23
29e262cfbfb280870cac14943e9b7ce66ed8afd1
4e9f8691797a75fef8e6601f919818e7d86efef20431ad60a36ed78977754476
GET /live/09c/117/3a0/xbig_lq/1a6a1e.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 10934
last-modified: Fri, 09 Sep 2022 23:26:35 GMT
etag: "631bcbab-2ab6"
expires: Fri, 16 Sep 2022 23:26:37 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 137
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd55b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/0d4/17d/xbig_lq/515a5e.webp
195.85.23.30200 OK 9.0 kB URL HTTP/2 i.bcicdn.com/live/09c/0d4/17d/xbig_lq/515a5e.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 103a48d671433bcfb9f9fc1d4b44ca9d
a4fcff939a6ce708d4ce8f093bb6b5788dac042b
f409c88d710a484449a3fa18dec5763307c95faba83c712b35cfc76097ebb247
GET /live/09c/0d4/17d/xbig_lq/515a5e.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 9004
last-modified: Fri, 09 Sep 2022 23:25:54 GMT
etag: "631bcb82-232c"
expires: Fri, 16 Sep 2022 23:26:04 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 168
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd56b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/093/210/3b8/8b31078a5de9f763d050c5de2dd5fa61_avatars.jpg
195.85.23.30200 OK 913 B URL HTTP/2 i.bcicdn.com/093/210/3b8/8b31078a5de9f763d050c5de2dd5fa61_avatars.jpg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, progressive, precision 8, 32x32, components 3\012- data
Hash b20218141a5f675c70a5aa4bf0e06262
ac38f1104aa98050d0a4d2d8b338c2c49d94a734
33b4acdff477f66d089aa36c30ac6fda4782784fbf63b59dcf1e2ab5f7f6f646
GET /093/210/3b8/8b31078a5de9f763d050c5de2dd5fa61_avatars.jpg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/jpeg
content-length: 913
access-control-allow-origin: *
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "624a2c58-391"
expires: Thu, 06 Oct 2022 22:43:15 GMT
last-modified: Sun, 03 Apr 2022 23:23:04 GMT
x-o1-p6: EXPIRED
x-bc-o: 2
cf-cache-status: HIT
age: 261202
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3faad29b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/093/210/3b8/8b31078a5de9f763d050c5de2dd5fa61_profile_s.jpg
195.85.23.30200 OK 11 kB URL HTTP/2 i.bcicdn.com/093/210/3b8/8b31078a5de9f763d050c5de2dd5fa61_profile_s.jpg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, progressive, precision 8, 226x224, components 3\012- data
Hash a2318392ba621890ed89e7074470f619
a00973c936976aeefe81fcd71b6acb42d0bd0b76
e36452d51d322b237d55005b5753db8572e1bc5758343ea0da34a425f781bff0
GET /093/210/3b8/8b31078a5de9f763d050c5de2dd5fa61_profile_s.jpg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/jpeg
content-length: 10573
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "624a2c58-294d"
expires: Wed, 07 Sep 2022 05:16:13 GMT
last-modified: Sun, 03 Apr 2022 23:23:04 GMT
vary: Accept-Encoding
x-cache-0: 1
cf-cache-status: HIT
age: 261202
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3faad2ab4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/06c/255/xbig_lq/8daba6.webp
195.85.23.30200 OK 5.8 kB URL HTTP/2 i.bcicdn.com/live/09a/06c/255/xbig_lq/8daba6.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 133b72258aa1fcdeb2744ba323bfd347
8376e7f6690c81bbdf6a3bee64b406bb5f4cc38f
7252c181597b865a59f222cfd19faa5a7c4a1e82eff3fb0462937a70debd36de
GET /live/09a/06c/255/xbig_lq/8daba6.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 5764
last-modified: Fri, 09 Sep 2022 23:28:16 GMT
etag: "631bcc10-1684"
expires: Fri, 16 Sep 2022 23:28:18 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 37
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6dd7b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/095/1c4/309/xbig_lq/fb0650.webp
195.85.23.30200 OK 11 kB URL HTTP/2 i.bcicdn.com/live/095/1c4/309/xbig_lq/fb0650.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 84f2ea18306ee42b98ca9e17b749100d
05a6c7a2b006e7a23fbd7f72cb14074b2e9b4750
c7784c1d65d5fcbf2ef66f827c044d05601b1358cea13333b87fefc55b335ed2
GET /live/095/1c4/309/xbig_lq/fb0650.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 11360
last-modified: Fri, 09 Sep 2022 23:27:19 GMT
etag: "631bcbd7-2c60"
expires: Fri, 16 Sep 2022 23:27:19 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 78
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6ddbb4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/091/25d/06c/xbig_lq/99fef7.webp
195.85.23.30200 OK 14 kB URL HTTP/2 i.bcicdn.com/live/091/25d/06c/xbig_lq/99fef7.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash acbcf5ee8798b8caf83eeb61d14185a8
572cfcdb9f8bfbc9fbbcb62fa3a5028951c7fba9
f1c180f25ee61bb6706b014cfc918d46c9d74db4c9dfe445e9a6bc933d937ecb
GET /live/091/25d/06c/xbig_lq/99fef7.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 13466
last-modified: Fri, 09 Sep 2022 23:24:43 GMT
etag: "631bcb3b-349a"
expires: Fri, 16 Sep 2022 23:24:45 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 247
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6ddab4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/066/28a/30c/xbig_lq/1d1287.webp
195.85.23.30200 OK 4.4 kB URL HTTP/2 i.bcicdn.com/live/066/28a/30c/xbig_lq/1d1287.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5274af857fb3c191df3b0c481159e0c1
ecbc4d9f415854c3ee8dc89c97ee11bbc2417a3b
d48e3625fd7beaf404c2ec91dc84b70fadbe225f15f9a338921da076df045f19
GET /live/066/28a/30c/xbig_lq/1d1287.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 4398
last-modified: Fri, 09 Sep 2022 23:26:00 GMT
etag: "631bcb88-112e"
expires: Fri, 16 Sep 2022 23:26:04 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o-91: 2
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 154
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6dddb4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/027/1b8/14c/xbig_lq/782b07.webp
195.85.23.30200 OK 6.4 kB URL HTTP/2 i.bcicdn.com/live/027/1b8/14c/xbig_lq/782b07.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 46e73bccc8d231d27641bef0a935440a
c99ac251ccc548cc9cab9eda5929a3517fe127f2
b3f930879d36a9c097dfc952cb01896c7459c7e83324277459a1a0d4775702f3
GET /live/027/1b8/14c/xbig_lq/782b07.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 6356
last-modified: Fri, 09 Sep 2022 23:24:45 GMT
etag: "631bcb3d-18d4"
expires: Fri, 16 Sep 2022 23:24:46 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 229
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6de0b4f9-OSL
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=bloomyogi&f=0.9911078516811613
131.153.88.92200 OK 39 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=bloomyogi&f=0.9911078516811613
IP 131.153.88.92:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash f1ebc03c6020e340203e7e045fd18503
e47712ac4f62eb824a160c7c75829d059ff1a040
23638a8a03624c6278c5bc1d8b55dc7c569d2b1e4ba45f6744d4d73ff661fe86
GET /stream?room=bloomyogi&f=0.9911078516811613 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=RFcCgVKTOFWSWrIo3_W2YNOAekVyQWqhu0ZbgpXzUxc-1662766134308-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/jpeg
content-length: 38973
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/079/0a5/xbig_lq/fb0650.webp
195.85.23.30200 OK 8.4 kB URL HTTP/2 i.bcicdn.com/live/09c/079/0a5/xbig_lq/fb0650.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 60e9560a4df84ed45c5dc1827b33fa05
b1536996d28f8f7fe83e6a09be078b4cb214bf46
63e6a9505ecc6d560cdbdb6da7fc8548cc0926bef125242959d70cb3dc2d4d31
GET /live/09c/079/0a5/xbig_lq/fb0650.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 8350
last-modified: Fri, 09 Sep 2022 23:27:18 GMT
etag: "631bcbd6-209e"
expires: Fri, 16 Sep 2022 23:27:18 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 97
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6de5b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/images/svg/bc/model_of_hour/female_2.svg
195.85.23.30200 OK 9.8 kB URL HTTP/2 i.bcicdn.com/images/svg/bc/model_of_hour/female_2.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (14148), with no line terminators
Hash 295cf731392232134ab19b40d0d0bf69
451296549af99c1853aee8d316fb48eec6604668
6d01a0e1b0cad15cd73af6c0c1a509dd407e05300ca09e65a9fb5cb5bb0fdffe
GET /images/svg/bc/model_of_hour/female_2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Dec 2019 03:04:32 GMT
etag: W/"5e096940-3744"
expires: Fri, 23 Sep 2022 00:49:21 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 985375
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3faad2fb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/live/096/339/116/xbig_lq/b62cd9.webp
195.85.23.30200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/096/339/116/xbig_lq/b62cd9.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 85374aae0b5c45778b3c53e07a1784cb
e2018be14c09c6894568424434e5d46f7aa67809
47bc86bba2b0b7fc8539ae93ef138a9de8d8514675017f43d269a3135e84e499
GET /live/096/339/116/xbig_lq/b62cd9.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 16098
last-modified: Fri, 09 Sep 2022 23:25:35 GMT
etag: "631bcb6f-3ee2"
expires: Fri, 16 Sep 2022 23:25:37 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 187
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6de1b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/083/113/xbig_lq/156627.webp
195.85.23.30200 OK 12 kB URL HTTP/2 i.bcicdn.com/live/09a/083/113/xbig_lq/156627.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b54f0bfe3c3ecdd81543cd628b452ca1
b5a350d2bc873139a28a3facc842dfbb8f6615fa
50f85216a461891ddf6e2bfedf02d31eaf381e29aaaa2b8e4a3a504d38ba808b
GET /live/09a/083/113/xbig_lq/156627.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 11488
last-modified: Fri, 09 Sep 2022 23:28:13 GMT
etag: "631bcc0d-2ce0"
expires: Fri, 16 Sep 2022 23:28:17 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 32
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6de2b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/065/02a/02f/xbig_lq/54702b.webp
195.85.23.30200 OK 3.3 kB URL HTTP/2 i.bcicdn.com/live/065/02a/02f/xbig_lq/54702b.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6809875b943a3183052a4f0aa761ecb6
448d98a45b5c55c81d8d2d1f82f7d605604681d6
3c811601adc4b184e9868c3f94d834fa40b8bee62de86b3ca7721ae78764f66c
GET /live/065/02a/02f/xbig_lq/54702b.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 3260
last-modified: Fri, 09 Sep 2022 23:26:21 GMT
etag: "631bcb9d-cbc"
expires: Fri, 16 Sep 2022 23:26:23 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 152
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6dd8b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/promotions/traffic/2/1/182x600/no.jpg
195.85.23.30200 OK 51 kB URL HTTP/2 i.bcicdn.com/promotions/traffic/2/1/182x600/no.jpg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 182x600, components 3\012- data
Hash 37b255d5ee1fe34d42dbbd92fb2db099
0bb9d2cd02edb25070aca474b7bcf385d2f88f81
772ade780a1dc8fc6d1ad4e3b2ef26711a43a0ab22ca948ee8c0c3f71cc0fdef
GET /promotions/traffic/2/1/182x600/no.jpg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/jpeg
content-length: 50974
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "62442e16-c71e"
expires: Wed, 28 Sep 2022 04:00:30 GMT
last-modified: Wed, 30 Mar 2022 10:16:54 GMT
vary: Accept-Encoding
x-cache-0: 1
cf-cache-status: HIT
age: 1020505
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6de8b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/097/34c/35f/xbig_lq/e5ff37.webp
195.85.23.30200 OK 8.4 kB URL HTTP/2 i.bcicdn.com/live/097/34c/35f/xbig_lq/e5ff37.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d203adeb2f2348c2eb207a5790592e7b
be9bb9228652320c848cdd66a0af7fd9e40500b0
dd71c03dcdbca50a64d01d0fa1b47990ae8fc2098901fd099a60231bc2621e74
GET /live/097/34c/35f/xbig_lq/e5ff37.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 8388
last-modified: Fri, 09 Sep 2022 23:25:42 GMT
etag: "631bcb76-20c4"
expires: Fri, 16 Sep 2022 23:25:43 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 161
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6de7b4f9-OSL
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Sep 2022 23:28:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 996
x-timer: S1662766136.609982,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
i.bcicdn.com/images/svg/bc/listing/ls_bage_fp.svg
195.85.23.30200 OK 15 kB URL HTTP/2 i.bcicdn.com/images/svg/bc/listing/ls_bage_fp.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6558), with no line terminators
Hash 83b6675a52f4fcbc480dc5ee0e237512
6f2e8bd71b85d06043cccf17f9c56b048962a782
21559b4a9e4d5c8bf7da5c62948e166f5d444eb5d6605927471a02567578845b
GET /images/svg/bc/listing/ls_bage_fp.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Jul 2019 06:10:34 GMT
etag: W/"5d26d2da-199e"
expires: Wed, 21 Sep 2022 07:16:44 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 984728
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd31b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=bloomyogi&f=0.18562201775452014
131.153.88.92200 OK 38 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=bloomyogi&f=0.18562201775452014
IP 131.153.88.92:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash a5741f53128ac41f924415ea2caf9107
b8dcfd7eab490fb7d782188ee671a58a1b1b05ba
793a466c7000f883b9787deb6e665009f94950d38cbd946cf92bdbb4b9b1b385
GET /stream?room=bloomyogi&f=0.18562201775452014 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=RFcCgVKTOFWSWrIo3_W2YNOAekVyQWqhu0ZbgpXzUxc-1662766134308-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/jpeg
content-length: 38045
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/0595.js
195.85.23.30200 OK 6.0 kB URL HTTP/2 i.bcicdn.com/js-min/1t88Q/0595.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (6094), with no line terminators
Hash 92b05100e52feebd2adeaafc326bedca
9c684605efb18071b342bd076eab5161b91f0c13
bb017d6bff4f7753fd7aa4050e050790339df30e98bc532c9593d8c0ac3bdd0e
GET /js-min/1t88Q/0595.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:40 GMT
etag: W/"631b025c-17ce"
expires: Sun, 09 Oct 2022 09:08:38 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd1f01b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2273&ck=1&ref=https://chaturbate.com/embed/bloomyogi/&ap=147&be=776&fe=1690&dc=1318&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662766124245,%22n%22:0,%22r%22:0,%22re%22:410,%22f%22:410,%22dn%22:410,%22dne%22:410,%22c%22:410,%22s%22:410,%22ce%22:410,%22rq%22:413,%22rp%22:722,%22rpe%22:735,%22dl%22:747,%22di%22:1271,%22ds%22:1317,%22de%22:1326,%22dc%22:1689,%22l%22:1689,%22le%22:1692%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fcp=1583&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIBBlsCBwEOBQQFBlZXDhh4Yy8TFUMhJTshCU0XAwlWHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlMNXlYMGwwDCkkbGRtGDW5RDhEXRllEWl1YRRRDWwAWBkoACVQXFRMSWE0EPQoAQVwIGRtCCEVcPgYMCQIPVxcDEwJZWBUXEQYCElwbWl4MExVDEAYVFgNKQWZZDkJNQ1hBBwsHTUBLUwBFXE8BDAlBShtXS14WQlwTPQoAQVwbVl0FVFcABwZOUVtQDhgNBQcAFABRW1dOUwlUCgUHCAtQA1oAQUobR1xXBENcE0BZRgsSTUVKC04eWE8PBgAFCVZRSlAHVE0YTAALDkkbGRtDBEBMBBEXOw4DTV1WVUMLGyYnN0ZPRElMTVkOX2YXBxEXCglXFwMTUh8OQ05BEQI5XVBPWAJUZgcDDg0PHxsPG34VWVwTQE9GFgdmUVxHCFJcPhYaFAZEAxddVBJaTQ4SQUhBE1hqVkI%2BV1gMCw8dQVwbeVBfFEkbTUAWBTwJSmpPVBNCUA4MQV5BRBUXTFA%2BU0sOFRABETlfVFRYDUgbW0AlDREDX1pBE00TTAA9ARYMEUpQS24XVEsSCwwKQVwbDA8fURMVQxcCOxASS1xXVkMLGywNGQ0PClgaDB9RERE5U1JfQypQW0xJQUkBVz1VUFhGS0MDCFcfCUhCJAEADVYaCwFQAQlQUlJEJQ9LUF9eGR4AV0xTRk9EXlxNbgJeVAwLF0ZZRFpWCgRQU1hUBlcAVkQVF0lQE1BUEkBZRhg6G19WWA9uVhcHEQgCH2UXAxE9Ewg9QE9EP0RNWkxDPRMDQT5BADcLCWkbHUFtGwIDDhQCD15bZRNbEWVDFgIrECRlFxURPRNdCBECBg8DZkZWRA9VZUNYQzhBV2UXFRE9E1QOAAoIBjRcUVBDBFJNPUBZRD9EWEBNXj0TFUE%2BQQEOBFxRZkcIVVwOPQwKDx9lFwMRPRMIPUBPRD9ETVRLVgRFZUNYQzhBOVtZWF8KbRscQE9GBgpQUlBTDVRmEhIPDRc5TVBKRRITA0NCIQgWFHVSUF8jdhklEQASESQIFX1CAkdLI1BDIBAFT0d7AkF1SgIUESZXRmtbakEYYlFBQE9GBgpQUlBTDVRmEhIPDRc5TVBKRRJuVxJAWUZDJFVAS0MEVXUOBQoKLBBcR1VQGBFrBAwCCQY1SUxqWQ5GSkEGChcACU9QS0g%2BQVgGB0NGT0RYVk1YF1RmEhIPDRc5TVBKRRITA0NCIQgWFHVSUF8jdhklEQASESQKFRsdQ1BaFQsVATwVSVlQRT5FXBIWEDsNFRsPGxEjXUwTEAYALwleXFd%2BF1RLDQMaRAcPSlZWRwRDQD4SAgMGRhsZG1IAXGYVAwRGWURJQFtdCFIbTUAACw8JS2pUXgVUG1tADw0EDk1YVlUEExVDEAwLDjlKQVhFFEIbW0APDRUDG0hE&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2273&ck=1&ref=https://chaturbate.com/embed/bloomyogi/&ap=147&be=776&fe=1690&dc=1318&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662766124245,%22n%22:0,%22r%22:0,%22re%22:410,%22f%22:410,%22dn%22:410,%22dne%22:410,%22c%22:410,%22s%22:410,%22ce%22:410,%22rq%22:413,%22rp%22:722,%22rpe%22:735,%22dl%22:747,%22di%22:1271,%22ds%22:1317,%22de%22:1326,%22dc%22:1689,%22l%22:1689,%22le%22:1692%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fcp=1583&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIBBlsCBwEOBQQFBlZXDhh4Yy8TFUMhJTshCU0XAwlWHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlMNXlYMGwwDCkkbGRtGDW5RDhEXRllEWl1YRRRDWwAWBkoACVQXFRMSWE0EPQoAQVwIGRtCCEVcPgYMCQIPVxcDEwJZWBUXEQYCElwbWl4MExVDEAYVFgNKQWZZDkJNQ1hBBwsHTUBLUwBFXE8BDAlBShtXS14WQlwTPQoAQVwbVl0FVFcABwZOUVtQDhgNBQcAFABRW1dOUwlUCgUHCAtQA1oAQUobR1xXBENcE0BZRgsSTUVKC04eWE8PBgAFCVZRSlAHVE0YTAALDkkbGRtDBEBMBBEXOw4DTV1WVUMLGyYnN0ZPRElMTVkOX2YXBxEXCglXFwMTUh8OQ05BEQI5XVBPWAJUZgcDDg0PHxsPG34VWVwTQE9GFgdmUVxHCFJcPhYaFAZEAxddVBJaTQ4SQUhBE1hqVkI%2BV1gMCw8dQVwbeVBfFEkbTUAWBTwJSmpPVBNCUA4MQV5BRBUXTFA%2BU0sOFRABETlfVFRYDUgbW0AlDREDX1pBE00TTAA9ARYMEUpQS24XVEsSCwwKQVwbDA8fURMVQxcCOxASS1xXVkMLGywNGQ0PClgaDB9RERE5U1JfQypQW0xJQUkBVz1VUFhGS0MDCFcfCUhCJAEADVYaCwFQAQlQUlJEJQ9LUF9eGR4AV0xTRk9EXlxNbgJeVAwLF0ZZRFpWCgRQU1hUBlcAVkQVF0lQE1BUEkBZRhg6G19WWA9uVhcHEQgCH2UXAxE9Ewg9QE9EP0RNWkxDPRMDQT5BADcLCWkbHUFtGwIDDhQCD15bZRNbEWVDFgIrECRlFxURPRNdCBECBg8DZkZWRA9VZUNYQzhBV2UXFRE9E1QOAAoIBjRcUVBDBFJNPUBZRD9EWEBNXj0TFUE%2BQQEOBFxRZkcIVVwOPQwKDx9lFwMRPRMIPUBPRD9ETVRLVgRFZUNYQzhBOVtZWF8KbRscQE9GBgpQUlBTDVRmEhIPDRc5TVBKRRITA0NCIQgWFHVSUF8jdhklEQASESQIFX1CAkdLI1BDIBAFT0d7AkF1SgIUESZXRmtbakEYYlFBQE9GBgpQUlBTDVRmEhIPDRc5TVBKRRJuVxJAWUZDJFVAS0MEVXUOBQoKLBBcR1VQGBFrBAwCCQY1SUxqWQ5GSkEGChcACU9QS0g%2BQVgGB0NGT0RYVk1YF1RmEhIPDRc5TVBKRRITA0NCIQgWFHVSUF8jdhklEQASESQKFRsdQ1BaFQsVATwVSVlQRT5FXBIWEDsNFRsPGxEjXUwTEAYALwleXFd%2BF1RLDQMaRAcPSlZWRwRDQD4SAgMGRhsZG1IAXGYVAwRGWURJQFtdCFIbTUAACw8JS2pUXgVUG1tADw0EDk1YVlUEExVDEAwLDjlKQVhFFEIbW0APDRUDG0hE&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2273&ck=1&ref=https://chaturbate.com/embed/bloomyogi/&ap=147&be=776&fe=1690&dc=1318&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662766124245,%22n%22:0,%22r%22:0,%22re%22:410,%22f%22:410,%22dn%22:410,%22dne%22:410,%22c%22:410,%22s%22:410,%22ce%22:410,%22rq%22:413,%22rp%22:722,%22rpe%22:735,%22dl%22:747,%22di%22:1271,%22ds%22:1317,%22de%22:1326,%22dc%22:1689,%22l%22:1689,%22le%22:1692%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fcp=1583&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIBBlsCBwEOBQQFBlZXDhh4Yy8TFUMhJTshCU0XAwlWHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlMNXlYMGwwDCkkbGRtGDW5RDhEXRllEWl1YRRRDWwAWBkoACVQXFRMSWE0EPQoAQVwIGRtCCEVcPgYMCQIPVxcDEwJZWBUXEQYCElwbWl4MExVDEAYVFgNKQWZZDkJNQ1hBBwsHTUBLUwBFXE8BDAlBShtXS14WQlwTPQoAQVwbVl0FVFcABwZOUVtQDhgNBQcAFABRW1dOUwlUCgUHCAtQA1oAQUobR1xXBENcE0BZRgsSTUVKC04eWE8PBgAFCVZRSlAHVE0YTAALDkkbGRtDBEBMBBEXOw4DTV1WVUMLGyYnN0ZPRElMTVkOX2YXBxEXCglXFwMTUh8OQ05BEQI5XVBPWAJUZgcDDg0PHxsPG34VWVwTQE9GFgdmUVxHCFJcPhYaFAZEAxddVBJaTQ4SQUhBE1hqVkI%2BV1gMCw8dQVwbeVBfFEkbTUAWBTwJSmpPVBNCUA4MQV5BRBUXTFA%2BU0sOFRABETlfVFRYDUgbW0AlDREDX1pBE00TTAA9ARYMEUpQS24XVEsSCwwKQVwbDA8fURMVQxcCOxASS1xXVkMLGywNGQ0PClgaDB9RERE5U1JfQypQW0xJQUkBVz1VUFhGS0MDCFcfCUhCJAEADVYaCwFQAQlQUlJEJQ9LUF9eGR4AV0xTRk9EXlxNbgJeVAwLF0ZZRFpWCgRQU1hUBlcAVkQVF0lQE1BUEkBZRhg6G19WWA9uVhcHEQgCH2UXAxE9Ewg9QE9EP0RNWkxDPRMDQT5BADcLCWkbHUFtGwIDDhQCD15bZRNbEWVDFgIrECRlFxURPRNdCBECBg8DZkZWRA9VZUNYQzhBV2UXFRE9E1QOAAoIBjRcUVBDBFJNPUBZRD9EWEBNXj0TFUE%2BQQEOBFxRZkcIVVwOPQwKDx9lFwMRPRMIPUBPRD9ETVRLVgRFZUNYQzhBOVtZWF8KbRscQE9GBgpQUlBTDVRmEhIPDRc5TVBKRRITA0NCIQgWFHVSUF8jdhklEQASESQIFX1CAkdLI1BDIBAFT0d7AkF1SgIUESZXRmtbakEYYlFBQE9GBgpQUlBTDVRmEhIPDRc5TVBKRRJuVxJAWUZDJFVAS0MEVXUOBQoKLBBcR1VQGBFrBAwCCQY1SUxqWQ5GSkEGChcACU9QS0g%2BQVgGB0NGT0RYVk1YF1RmEhIPDRc5TVBKRRITA0NCIQgWFHVSUF8jdhklEQASESQKFRsdQ1BaFQsVATwVSVlQRT5FXBIWEDsNFRsPGxEjXUwTEAYALwleXFd%2BF1RLDQMaRAcPSlZWRwRDQD4SAgMGRhsZG1IAXGYVAwRGWURJQFtdCFIbTUAACw8JS2pUXgVUG1tADw0EDk1YVlUEExVDEAwLDjlKQVhFFEIbW0APDRUDG0hE&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:28:55 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7483b3fcfb691c0e-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=c143237d22cc6d27; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
i.bcicdn.com/images/svg/bc/model_of_hour/female_1.svg
195.85.23.30200 OK 30 kB URL HTTP/2 i.bcicdn.com/images/svg/bc/model_of_hour/female_1.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (12779), with no line terminators
Hash 8eccccf497b8971dc25d99029bcb3c27
75f82536ebc8e5818ab9a8b7fcbef4f177ee1da0
f81eef28ef7e1c6a84d237a02c1457df9a93b8db47281e3de85ff54fd4e946d3
GET /images/svg/bc/model_of_hour/female_1.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Dec 2019 03:04:32 GMT
etag: W/"5e096940-31eb"
expires: Mon, 26 Sep 2022 10:06:22 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 985343
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3faad2eb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/5122e.js
195.85.23.30200 OK 20 kB URL HTTP/2 i.bcicdn.com/js-min/1t88Q/5122e.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (9693), with no line terminators
Hash c7102e996e83b626621f321fe97e6686
1f56ac7a163dccc439dc73747d56799292aef221
91b3e7a5e3e86f9c8e54d8a2b6f01103a6a8bea6b3dba4b66ca167c88df2f804
GET /js-min/1t88Q/5122e.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:40 GMT
etag: W/"631b025c-25dd"
expires: Sun, 09 Oct 2022 09:08:06 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd1f03b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/fonts/open_sans/v23/bold/latin.woff2
195.85.23.30200 OK 15 kB URL HTTP/2 i.bcicdn.com/fonts/open_sans/v23/bold/latin.woff2
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type Web Open Font Format (Version 2), TrueType, length 15112, version 1.0\012- data
Hash b596676fc00af9806c16a12e9a0350f8
056bafe30541a1926905966fa58b0df058504e36
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
GET /fonts/open_sans/v23/bold/latin.woff2 HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://no.bongacams.com
Connection: keep-alive
Referer: https://i.bcicdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:56 GMT
content-type: application/octet-stream
content-length: 15112
last-modified: Wed, 15 Sep 2021 03:49:40 GMT
etag: "61416d54-3b08"
expires: Fri, 23 Sep 2022 16:21:04 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 625903
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fe4820b4f9-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/cfd51.js
195.85.23.30200 OK 20 kB URL HTTP/2 i.bcicdn.com/js-min/1t88Q/cfd51.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (4292), with no line terminators
Hash 81fe2301472b2511950464652da6d92a
04c1ff31f6b40163ffb3edea992c9774d0654a88
80890c072147fbfa533d9f5ea6aca20a604536b18fab4204761a2979ab78a7e4
GET /js-min/1t88Q/cfd51.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-10c4"
expires: Sun, 09 Oct 2022 09:07:54 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd2f0ab4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/85e3.js
195.85.23.30200 OK 24 kB URL HTTP/2 i.bcicdn.com/js-min/1t88Q/85e3.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (18490), with no line terminators
Hash 77cba397a0978cc7dc2eeddb80ae5c89
d6ef9b11c8a82d1df98e51389a549bb9f7f878e2
791c298eafc2fc39e08258f6e389351c044ffd338f00281b5f290e77c04a15e7
GET /js-min/1t88Q/85e3.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:40 GMT
etag: W/"631b025c-483a"
expires: Sun, 09 Oct 2022 10:25:06 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd1efbb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
chatw-39.stream.highwebmedia.com/ws/446/w5xbrpba/websocket
104.19.241.83101 Switching Protocols 0 B URL HTTP/1.1 chatw-39.stream.highwebmedia.com/ws/446/w5xbrpba/websocket
IP 104.19.241.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/446/w5xbrpba/websocket HTTP/1.1
Host: chatw-39.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://chaturbate.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aVXxQpZTHN+vO/fRSgJvww==
Connection: keep-alive, Upgrade
Cookie: _cfuvid=RFcCgVKTOFWSWrIo3_W2YNOAekVyQWqhu0ZbgpXzUxc-1662766134308-0-604800000
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 09 Sep 2022 23:28:56 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DMRb39Jq/izoIY+27rWj2io2B0o=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLUeM5zqMl6PfSUYQEQB18w427DmKFjYaxejoimNRToSHwAf6cD7zZMnlSraaIR7HOg9c7kdU06UxDyBk%2FH2szealdBF%2BcH48z4SMTtT5iS8yBQq%2Bf%2BzNNp86wnx5Yoky7rVHzDwkf2CLqEB3Zw%2FNO5O"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7483b3fb9eb00b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9a0f9299c55f6945276fd1c604988e5e
87c5265716b80c1d2b523af2d936299ebac5ef37
de0697da395c9f834374a1337925c0d3a48780e8e8d8af7c521c94eddbeaf44f
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 23:28:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 03:32:23 GMT
Expires: Thu, 15 Sep 2022 03:32:22 GMT
Etag: "87c5265716b80c1d2b523af2d936299ebac5ef37"
Cache-Control: max-age=602852,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 797
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7483b3ff8fd0b51e-OSL
i.bcicdn.com/js-min/1t88Q/f5d4.js
195.85.23.30200 OK 49 kB URL HTTP/2 i.bcicdn.com/js-min/1t88Q/f5d4.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with no line terminators
Hash dbc04ce589794eff9f88dbe734b09570
aa62dbb500c53d91546857cf2ca82cc9249e72b8
b2dbf39a6613cce689e9d6ee281b7c0e6409a4553b08173906ef6586f7cf8852
GET /js-min/1t88Q/f5d4.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:40 GMT
etag: W/"631b025c-cc"
expires: Sun, 09 Oct 2022 09:08:08 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd1efdb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/a9e8b.js
195.85.23.30200 OK 17 kB URL HTTP/2 i.bcicdn.com/js-min/1t88Q/a9e8b.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (9361), with no line terminators
Hash db6dad4bc78c2eec4dd6145b3dd60a49
c41b9899a837fed9a998d9889b9533cbe57a06b0
ec24002053932c43701f851bcfe644bb653193e1d439017e2904d39896164be5
GET /js-min/1t88Q/a9e8b.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:56 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-2491"
expires: Sun, 09 Oct 2022 09:08:08 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fe2811b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/42f5b.js
195.85.23.30200 OK 36 kB URL HTTP/2 i.bcicdn.com/js-min/1t88Q/42f5b.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type Unicode text, UTF-8 text, with very long lines (42366), with no line terminators
Hash bbfd462120b9c04b434ff98b4803fddb
7fc2a210ebae694ba216f2450e7ddb871e9c658d
7f8b1b6c1d94cc0734d99f2046dba7d9fa45948be8d07757058f169f023a04ba
GET /js-min/1t88Q/42f5b.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:56 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-a57f"
expires: Sun, 09 Oct 2022 09:08:22 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fe481eb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/6c7b5.js
195.85.23.30200 OK 2.8 kB URL HTTP/2 i.bcicdn.com/js-min/1t88Q/6c7b5.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (1119), with no line terminators
Hash c911ae6a7c32b02e14f285aa607c530c
fe451b9bb73b26877362acee207430851d8de628
5ebf6c66e6ec7a5dee10dce2e78df105f96e13cc0939321cd6fda54ab375441f
GET /js-min/1t88Q/6c7b5.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-45f"
expires: Sun, 09 Oct 2022 09:08:38 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd6f52b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
certify.alexametrics.com/atrk.gif?frame_height=250&frame_width=900&iframe=1&title=Mest%20popul%C3%A6re%20live%20sexchatter%20med%20gratis%20cam%20p%C3%A5%20BongaCams&time=1662766127949&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=0&ref_url=https%3A%2F%2Fpoweredby.jads.co%2F&host_url=https%3A%2F%2Fno.bongacams.com%2Fpopular-chat%3Fbcs%3DZXJpbzFjZTlhNjA1Zjk2ZmFlNDgzN2EwZDgxZGI5NzgyODM5OjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~%26amute%3D1&random_number=7818425498&sess_cookie=80db97c218324959b4b409d5d17&sess_cookie_flag=1&user_cookie=80db97c218324959b4b409d5d17&user_cookie_flag=1&dynamic=true&domain=bongacams.com&account=X2xYi1a8Dy00aY&jsv=20130128&user_lang=en-US
54.230.111.59200 OK 43 B URL HTTP/1.1 certify.alexametrics.com/atrk.gif?frame_height=250&frame_width=900&iframe=1&title=Mest%20popul%C3%A6re%20live%20sexchatter%20med%20gratis%20cam%20p%C3%A5%20BongaCams&time=1662766127949&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=0&ref_url=https%3A%2F%2Fpoweredby.jads.co%2F&host_url=https%3A%2F%2Fno.bongacams.com%2Fpopular-chat%3Fbcs%3DZXJpbzFjZTlhNjA1Zjk2ZmFlNDgzN2EwZDgxZGI5NzgyODM5OjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~%26amute%3D1&random_number=7818425498&sess_cookie=80db97c218324959b4b409d5d17&sess_cookie_flag=1&user_cookie=80db97c218324959b4b409d5d17&user_cookie_flag=1&dynamic=true&domain=bongacams.com&account=X2xYi1a8Dy00aY&jsv=20130128&user_lang=en-US
IP 54.230.111.59:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /atrk.gif?frame_height=250&frame_width=900&iframe=1&title=Mest%20popul%C3%A6re%20live%20sexchatter%20med%20gratis%20cam%20p%C3%A5%20BongaCams&time=1662766127949&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=0&ref_url=https%3A%2F%2Fpoweredby.jads.co%2F&host_url=https%3A%2F%2Fno.bongacams.com%2Fpopular-chat%3Fbcs%3DZXJpbzFjZTlhNjA1Zjk2ZmFlNDgzN2EwZDgxZGI5NzgyODM5OjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~%26amute%3D1&random_number=7818425498&sess_cookie=80db97c218324959b4b409d5d17&sess_cookie_flag=1&user_cookie=80db97c218324959b4b409d5d17&user_cookie_flag=1&dynamic=true&domain=bongacams.com&account=X2xYi1a8Dy00aY&jsv=20130128&user_lang=en-US HTTP/1.1
Host: certify.alexametrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
x-amz-meta-alexa-last-modified: 20110117123941
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 09 Sep 2022 03:28:58 GMT
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: psWWvYVnGPWRVtrknC8-s10Tm7Gfl6M6uB-9LqHryqH9m1yaN-mUaA==
Age: 72000
i.bcicdn.com/js-min/1t88Q/c5f20.js
195.85.23.30200 OK 4.1 kB URL HTTP/2 i.bcicdn.com/js-min/1t88Q/c5f20.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (12940), with no line terminators
Hash 64e94364861eb27e45bf8f6684be9f58
f33077ed6db9300f4be21334b1cde5d74879f8e0
ff46a9d29162b6ec74df3d10111f23d92e0ee3fd2d0ebc07ddcacd9dff6a4aa7
GET /js-min/1t88Q/c5f20.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:56 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-328c"
expires: Sun, 09 Oct 2022 09:08:36 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47024
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b4042cf2b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=1307923504180264
143.204.55.3201 Created 1.0 kB URL HTTP/2 realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=1307923504180264
IP 143.204.55.3:0
File type JSON data\012- , ASCII text, with very long lines (804)
Hash 5e30465dbbf1bfc2863f0e67156bf02f
646f1e046214d54c05dd3462888ca2bc808735b8
7b899d89b82e4817d458e5adc5ef0fe2df738ef0e15bc67825026c9c3765f26a
POST /keys/KSKw2g.L36ISg/requestToken?rnd=1307923504180264 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: application/json
X-Ably-Version: 1.2
Ably-Agent: ably-js/1.2.13 browser
Content-Length: 1039
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
content-length: 1036
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Fri, 09 Sep 2022 23:28:57 GMT
vary: Origin
x-ably-serverid: frontend.0e02.5.eu-central-1-A.i-0b4640ce374896716.e91nZACxABFbUv
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xB2xo_r3XhivXUT-OhBFIRFPx46rkFaja6ns6GSWrHEmDUSQ-LpKIg==
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=bloomyogi&f=0.19803715054039972
131.153.88.92200 OK 38 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=bloomyogi&f=0.19803715054039972
IP 131.153.88.92:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 45c7083892a834088b45963f66322eb1
da7337d591cf1987656c5aaf2d4b1d9a5f767d8d
72044a7bf89bb9e1661ad5295e73ad02c9bd046a9a5096be392fe02b88dd2b4f
GET /stream?room=bloomyogi&f=0.19803715054039972 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=RFcCgVKTOFWSWrIo3_W2YNOAekVyQWqhu0ZbgpXzUxc-1662766134308-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:57 GMT
content-type: image/jpeg
content-length: 38366
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/e61b0.js
195.85.23.30200 OK 7.5 kB URL HTTP/2 i.bcicdn.com/js-min/1t88Q/e61b0.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (1793), with no line terminators
Hash 0ba1d9119b10e501cf52c4986dc4b41b
90df26066e45aa306f148b73df486b79f4aec373
d9fe9f3e9b5e13e194cdf9efbc14ae37c20472d2813d9c029961bf4035b25fba
GET /js-min/1t88Q/e61b0.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-701"
expires: Sun, 09 Oct 2022 09:07:51 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd6f55b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/replace/10/arial/999/bnct_v2.svg
195.85.23.30200 OK 3.2 kB URL HTTP/2 i.bcicdn.com/images/replace/10/arial/999/bnct_v2.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (13382)
Hash 08c630fefa884ab874d9566725939b16
f86289930f1d123ae74595db3a05719cb433f652
8afde220b570f070830d25ceeb480c49adf867410d2031087d549b2005a4ea3c
GET /images/replace/10/arial/999/bnct_v2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Mar 2022 11:31:02 GMT
etag: W/"6231ca76-345d"
expires: Mon, 12 Sep 2022 11:34:41 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-p4: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 436742
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd5ab4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe535d149-d5c6-4543-8a5b-a5a98be48b9e.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe535d149-d5c6-4543-8a5b-a5a98be48b9e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 362d0931425ffa11f3287246f0480cc8
cc0f8bf63d11aeb3ea780af092523833f3b1abd3
75619cdf413b35451f109180e084a3630d0665a24b29e45510fed938d381db75
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe535d149-d5c6-4543-8a5b-a5a98be48b9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6676
x-amzn-requestid: 97140273-f327-4ec8-b076-cea440ce1d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNi34HNxoAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb1cb-6356b02944a048db1be05d1c;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2s35YFxVMMVFBVoSTyoCp0w0ivNRYerua-rmRWXdbvtP2UHafYwUmw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:18 GMT
etag: "cc0f8bf63d11aeb3ea780af092523833f3b1abd3"
content-type: image/jpeg
age: 4539
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/connect?access_token=KSKw2g.AL36ISgQdEE6AYpEO3hdagtC0ratT7XdbsDVipETegDL-4goEY&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=8363725891782706
143.204.55.3200 OK 570 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/connect?access_token=KSKw2g.AL36ISgQdEE6AYpEO3hdagtC0ratT7XdbsDVipETegDL-4goEY&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=8363725891782706
IP 143.204.55.3:0
File type JSON data\012- , ASCII text
Hash bc4ad1f13f7b023e0c86ddbf4dc7994d
b861cb78d711a041c1a5b76af699037da1eaadd4
50f097be2842f7885d840ad887bb72193d15c3cbe60d464f9bc7d401e6b85c09
GET /comet/connect?access_token=KSKw2g.AL36ISgQdEE6AYpEO3hdagtC0ratT7XdbsDVipETegDL-4goEY&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=8363725891782706 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 570
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Fri, 09 Sep 2022 23:28:57 GMT
vary: Origin
x-ably-serverid: frontend.2afb.4.eu-central-1-A.i-0f022fd098c50866c.e91De3nSQBFfuH
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: isqJMP5ngyYzbhY-pGcKlk9JCkd1qiKKmaV9kbOXIsLfW8yfws5O6Q==
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/5c01m.js
195.85.23.30200 OK 33 kB URL HTTP/2 i.bcicdn.com/js-min/1t88Q/5c01m.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash c1eff8ac9099bc69fd170ff67f24d501
0682a68f7c8ceec50b0315f42b900cbc1ff379e2
4efd3b0fe451f503a0cbd6c9c360b2b59ed56f66adcd06a21559c5081cada526
GET /js-min/1t88Q/5c01m.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:40 GMT
etag: W/"631b025c-16829"
expires: Sun, 09 Oct 2022 09:08:07 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd6f40b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/categories.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/categories.js
IP 104.26.1.188:0
GET /_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/categories.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiIxMzgzZWM2MDJjYjVkIiwiaWF0IjoxNjYyNzY2MTMwLCJleHAiOjE2NjMzNzA5MzB9.kyj4gI35DUWIgg6K4UzFmlGsV_bXBdT0I_IKKHCgJv4; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiMTAyMWM4YzA1NWQyMiIsImlhdCI6MTY2Mjc2NjEzMCwiZXhwIjoxNjY1MzU4MTMwfQ.RZcihPLphEF7uCuGfgSLuukr5F8SgEoEF25ALjahmqc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:45 GMT
etag: W/"240b-1826d2cbfb8"
cf-cache-status: HIT
age: 3076548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2ycQ8fojfhhHn7DaziWhZN0iwxcbz90MbxMYERGSBa%2BiJGytFLqepqPQCBpuKe6na4zulATDX9DrRQEK1cR3CVaOG050XNNv1thQa4aD3vgy1yR%2FkJj53FOyFUTGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3db1ed10b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.09a0bf741d47.js
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.09a0bf741d47.js
IP 104.16.94.42:0
GET /CACHE/js/output.09a0bf741d47.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"bb81bca2482741d6c4dcf148cb33a79d"
last-modified: Wed, 17 Aug 2022 00:26:59 GMT
x-amz-id-2: 3dz298/kgeP1Pq/aBz8wop8Gas15qR9oG1wjU5FgYthy7g6Z9MZpPydhaAydlHaKkHGU8KIJbDw=
x-amz-meta-s3cmd-attrs: md5:bb81bca2482741d6c4dcf148cb33a79d
x-amz-request-id: RGGA1ZRYYYSSRXHH
cf-cache-status: HIT
age: 2069922
expires: Sun, 09 Oct 2022 23:28:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAK4qoGQ1C2jCibcZxKJdYVZmXN4bE%2FUamuUaKpKeL2Em%2F6ndo9E%2BVE03c%2FBPxEbFYrxErBMk21fb9vVJoGb%2FwlZwPzxHt4X8JeFUVald0xhB%2BtVxnV0Z%2FKVYVY3wm66byLBdgioBls3EYHYGQIJVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=SisOecHrVlH_P6RcxVk7wne1dth2DKFQ.5T9Yd5wEG0-1662766134270-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7483b3f32c68b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/def50.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/def50.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/def50.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-4300"
expires: Sun, 09 Oct 2022 09:08:06 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd1f07b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/e1680.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/e1680.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/e1680.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-13ae5"
expires: Sun, 09 Oct 2022 10:25:06 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd6f44b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/sprite/bc/slot_machine_game_field.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/images/sprite/bc/slot_machine_game_field.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /images/sprite/bc/slot_machine_game_field.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no.bongacams.com
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Sep 2020 03:44:58 GMT
etag: W/"5f62dbba-12c9"
expires: Sun, 25 Sep 2022 23:02:47 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 439326
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b4043cf6b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/3c1a0.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/3c1a0.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/3c1a0.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:57 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:40 GMT
etag: W/"631b025c-90a1"
expires: Sun, 09 Oct 2022 09:08:04 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47030
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b408e809b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1t6ba/extra/chat.css
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1t6ba/extra/chat.css
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1t6ba/extra/chat.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 07:00:21 GMT
etag: W/"631ae485-57d14"
expires: Sun, 09 Oct 2022 07:01:40 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 59201
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3faad26b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/56a3b.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/56a3b.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/56a3b.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:57 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:40 GMT
etag: W/"631b025c-58f7"
expires: Sun, 09 Oct 2022 09:08:38 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47030
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b4056dc3b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/59c9u.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/59c9u.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/59c9u.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:57 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-c656"
expires: Sun, 09 Oct 2022 09:08:22 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47030
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b408f811b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/ec/00/1d/ec001dc29e91541d24566db06ea9a7fd/1660813615.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/ec/00/1d/ec001dc29e91541d24566db06ea9a7fd/1660813615.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/ec/00/1d/ec001dc29e91541d24566db06ea9a7fd/1660813615.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 18 Aug 2022 09:07:00 GMT
etag: W/"62fe0134-59e"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 10 Sep 2022 00:28:52 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
media.aso1.net/js/ifr.html
104.21.234.155200 OK 0 B URL HTTP/2 media.aso1.net/js/ifr.html
IP 104.21.234.155:0
GET /js/ifr.html HTTP/1.1
Host: media.aso1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/html
last-modified: Mon, 29 Aug 2022 13:18:49 GMT
etag: W/"630cbcb9-6ea"
expires: Fri, 02 Sep 2022 06:53:13 GMT
cache-control: max-age=259200
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-cache-status: HIT
age: 848179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDBg%2FX0EmyE%2B4KPo207hRRmQEhgz5GDLlIUGfe5C0muXwY92EMVtgcpk9KSkqqEJ8Wqok8xz4Hc4YVL%2F2mDE93siLVZpGB4IDupt9icGTNc9VGvn92K6aBnBMKrkObLleA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7483b3e91c00dceb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/images/sprite/bc/model_flags_atlas2.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/images/sprite/bc/model_flags_atlas2.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /images/sprite/bc/model_flags_atlas2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.bcicdn.com/css-min/1t6ba/extra/listing.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:56 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 06:50:29 GMT
etag: W/"62fb3e35-850e"
expires: Thu, 15 Sep 2022 07:03:03 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-p4: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2132743
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3ff4922b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/4278e.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/4278e.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/4278e.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-158e"
expires: Sun, 09 Oct 2022 09:08:06 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd7f66b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/dc3as.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/dc3as.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/dc3as.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:56 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-3063"
expires: Sun, 09 Oct 2022 09:08:06 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b4012aa3b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
tsyndicate.com/do2/b5346988f58b4a3986d63c85fcf561b2/vast?w=1280&h=1024&keywords=ifr&tz=0
136.243.81.150200 OK 0 B URL HTTP/2 tsyndicate.com/do2/b5346988f58b4a3986d63c85fcf561b2/vast?w=1280&h=1024&keywords=ifr&tz=0
IP 136.243.81.150:0
ASN #24940 Hetzner Online GmbH
GET /do2/b5346988f58b4a3986d63c85fcf561b2/vast?w=1280&h=1024&keywords=ifr&tz=0 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://media.aso1.net
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://media.aso1.net
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-vast: 3.0
x-request-id: cd5e79d5bc9d0717
set-cookie: ts_uid=78aba994-453a-42b8-9e35-58550fd54835; expires=Thu, 09 Mar 2023 23:28:54 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZOWjAiDEjRhcWIsYU3OIQYpmJMWzYkIGjhowaM2h06aMg; expires=Sat, 10 Sep 2022 23:28:54 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.67.137.152200 OK 0 B IP 172.67.137.152:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Origin: https://xfantazy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 84
last-modified: Fri, 09 Sep 2022 23:27:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4F4ptyuXnUP3xirGoRcN58I9NOTc8MQGLDyDaYEQo2M5HSUgmThI5YRl8c2Ny%2BpldcW14%2BSX7CgMyo6sT7yTLD95ebsj8SpSA2OpM1nkh9puZWKCm8yYpl4P1tNtCKM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7483b3e5bbf41c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.focusde.info/api/spots/303891?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/303891?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/303891?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=jy5ZxIUqujXs7XIELbof
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1t6ba/hg.css
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1t6ba/hg.css
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1t6ba/hg.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 07:00:21 GMT
etag: W/"631ae485-c440"
expires: Sun, 09 Oct 2022 07:01:40 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 59227
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6dd5b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1t6ba/extra/listing.css
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1t6ba/extra/listing.css
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1t6ba/extra/listing.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 07:00:21 GMT
etag: W/"631ae485-120e6"
expires: Sun, 09 Oct 2022 07:01:41 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 59227
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6dd6b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/sprite/bc/ft_atlas_2.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/images/sprite/bc/ft_atlas_2.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /images/sprite/bc/ft_atlas_2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.bcicdn.com/css-min/1t6ba/lt.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:56 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Apr 2021 10:07:22 GMT
etag: W/"607961da-abd3"
expires: Thu, 22 Sep 2022 14:28:53 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 436743
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fe0ffbb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/6cb85.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/6cb85.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/6cb85.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:56 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-2d66"
expires: Sun, 09 Oct 2022 09:08:07 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47022
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b4043cf5b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/sprite/bc/chat_games2.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/images/sprite/bc/chat_games2.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /images/sprite/bc/chat_games2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no.bongacams.com
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:56 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Aug 2022 11:30:14 GMT
etag: W/"6308aec6-1454"
expires: Sun, 25 Sep 2022 11:37:32 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1252284
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b4043cf8b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.tubecorp.com/i/b.html?spot=6435&src=885895434&pid=19775&width=900&height=250&spaceid=1018
45.133.44.25200 OK 0 B URL HTTP/2 cdn.tubecorp.com/i/b.html?spot=6435&src=885895434&pid=19775&width=900&height=250&spaceid=1018
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /i/b.html?spot=6435&src=885895434&pid=19775&width=900&height=250&spaceid=1018 HTTP/1.1
Host: cdn.tubecorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:53 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.20.1
last-modified: Sat, 20 Nov 2021 06:50:54 GMT
etag: W/"df-5d132d02c9e77"
x-request-id: 7b1b5bf2d2e4c6887b413a8c6186de3e
content-encoding: gzip
expires: Sat, 10 Sep 2022 00:28:53 GMT
cache-control: max-age=3600
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/81050e2dae874825b1263242bcb82944.html?
136.243.81.150200 OK 0 B URL HTTP/2 tsyndicate.com/iframes2/81050e2dae874825b1263242bcb82944.html?
IP 136.243.81.150:0
ASN #24940 Hetzner Online GmbH
GET /iframes2/81050e2dae874825b1263242bcb82944.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:53 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 4c09cff36d733c2a
set-cookie: ts_uid=3d91284a-539d-4047-bc0d-9b7d78f92139; expires=Thu, 09 Mar 2023 23:28:53 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsCEDRw0ZNRp26aMg; expires=Sat, 10 Sep 2022 23:28:53 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A378857331%3Arqn%3A8%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122%3At%3Afree%20xxx%20video%2034%20Goddess%20Brooke%20Marie%20Feed%20Me%20Daddy%20JOI%20%7C%20goddess%20brooke%20%7C%20femdom%20porn%20free%20cfnm%20femdom%20-%20XFantazy.com&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A378857331%3Arqn%3A8%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122%3At%3Afree%20xxx%20video%2034%20Goddess%20Brooke%20Marie%20Feed%20Me%20Daddy%20JOI%20%7C%20goddess%20brooke%20%7C%20femdom%20porn%20free%20cfnm%20femdom%20-%20XFantazy.com&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
GET /watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A378857331%3Arqn%3A8%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122%3At%3Afree%20xxx%20video%2034%20Goddess%20Brooke%20Marie%20Feed%20Me%20Daddy%20JOI%20%7C%20goddess%20brooke%20%7C%20femdom%20porn%20free%20cfnm%20femdom%20-%20XFantazy.com&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&hittoken=1662766130_f919b27d255648e3a3fc121024408d416a88075ea091388b17ad820bc0e2c264&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766122%3Ac%3A1%3Arn%3A378857331%3Arqn%3A8%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766122%3At%3Afree%20xxx%20video%2034%20Goddess%20Brooke%20Marie%20Feed%20Me%20Daddy%20JOI%20%7C%20goddess%20brooke%20%7C%20femdom%20porn%20free%20cfnm%20femdom%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%288%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 09 Sep 2022 23:28:51 GMT
access-control-allow-origin: https://xfantazy.com
set-cookie: yandexuid=2092126221662766131; Expires=Sat, 09-Sep-2023 23:28:51 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2092126221662766131; Expires=Sat, 09-Sep-2023 23:28:51 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2546199541662766131; Path=/; SameSite=None; Secure
i=Q7crY2WkKkFK6U+X5FOl/grcHhHea+mANDdXFUxhJtrt+vOqdqGj6RKmfqsVjC57bXQz761gg86lLrku+lSWaDBnZeI=; Expires=Mon, 06-Sep-2032 23:28:33 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694302131.yrts.1662766131#1694302131.yrtsi.1662766131; Expires=Sat, 09-Sep-2023 23:28:51 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 23:28:51 GMT
last-modified: Fri, 09-Sep-2022 23:28:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
a.focusde.info/api/spots/312874?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/312874?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/312874?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=jy5ZxIUqujXs7XIELbof
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/26281.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/26281.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/26281.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-62e"
expires: Sun, 09 Oct 2022 09:07:51 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd7f65b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/replace/10/arial/999/bnct_add1_v2.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/images/replace/10/arial/999/bnct_add1_v2.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /images/replace/10/arial/999/bnct_add1_v2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Mar 2022 11:31:02 GMT
etag: W/"6231ca76-35ac"
expires: Mon, 12 Sep 2022 11:34:41 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-p4: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 434357
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd5bb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/7.38d845e9473548212694.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/7.38d845e9473548212694.js
IP 104.26.1.188:0
GET /_next/static/chunks/7.38d845e9473548212694.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"97ba-181397f9e55"
cf-cache-status: HIT
age: 8206522
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvUkcxhwhjV%2BPjl%2Fi77AewUkIHuhhaS3L5h7%2FPO0DL1iPPknQOm7R6xg6OUKX0nHwnDb4gwQIo2rBQNWI78W%2BDBrKAlpp5LVB5ds59q4xHws%2BHxrIVyraXq8aX7x1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d55b920b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
172.67.137.152200 OK 0 B IP 172.67.137.152:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Origin: https://xfantazy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/plain
set-cookie: csu=1324025511162042@1@1662766132; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86YxfxxhTZcdQv4uplC%2FG1eNQngRJgYAEH1kCvRl6%2BmBJm1R%2BX6%2FrCjwsrheXNwOKWaw%2BD1te7GrMFjGyUg90aE9OPh3lT8VbUc2pr0k6P2dcakKMYEOkjaDF24dC7t5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3e5cbf81c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1t6ba/extra/listing_catrows.css
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1t6ba/extra/listing_catrows.css
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1t6ba/extra/listing_catrows.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 07:00:21 GMT
etag: W/"631ae485-1454"
expires: Sun, 09 Oct 2022 07:01:40 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 59227
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6dd3b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/7848m.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/7848m.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/7848m.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-ef"
expires: Sun, 09 Oct 2022 09:08:18 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd7f5eb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/d76ae.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/d76ae.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/d76ae.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:56 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-2a7e"
expires: Sun, 09 Oct 2022 09:08:07 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b400ca62b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjY0MzUsImlkIjoxMDE4LCJsYWJlbHMiOiIiLCJzaXRlX2lkIjo2NDM1LCJ0eXBlIjoiYmFubmVyIiwic3BhY2VpZCI6MTAxOCwic3BvdF9pZCI6MCwiaWR6b25lIjozOTAyNjY4LCJ6b25lIjoidGNfcGFiXzkwMHgyNTAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6Ijg4NTg5NTQzNCIsInV0bTEiOiJ0Y2Jhbl9pIiwidXRtMiI6IjY0MzUiLCJ1dG0zIjoiMTk3NzUiLCJ1dG00IjoiIn0sImJhbm5lciI6eyJ3Ijo5MDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjY0MzUiLCJwYWdlIjoiaHR0cHM6Ly9hLmZvY3VzZGUuaW5mby8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiYWQ2MmY3ZDVjMjMwZGJjMGYyZDhlNzBjODhiYjI1MDQifSwiZXh0Ijp7ImR0IjoxNjYyNzY2MTI0MzA3fX0=
159.69.163.6200 OK 0 B URL HTTP/2 rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjY0MzUsImlkIjoxMDE4LCJsYWJlbHMiOiIiLCJzaXRlX2lkIjo2NDM1LCJ0eXBlIjoiYmFubmVyIiwic3BhY2VpZCI6MTAxOCwic3BvdF9pZCI6MCwiaWR6b25lIjozOTAyNjY4LCJ6b25lIjoidGNfcGFiXzkwMHgyNTAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6Ijg4NTg5NTQzNCIsInV0bTEiOiJ0Y2Jhbl9pIiwidXRtMiI6IjY0MzUiLCJ1dG0zIjoiMTk3NzUiLCJ1dG00IjoiIn0sImJhbm5lciI6eyJ3Ijo5MDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjY0MzUiLCJwYWdlIjoiaHR0cHM6Ly9hLmZvY3VzZGUuaW5mby8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiYWQ2MmY3ZDVjMjMwZGJjMGYyZDhlNzBjODhiYjI1MDQifSwiZXh0Ijp7ImR0IjoxNjYyNzY2MTI0MzA3fX0=
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjY0MzUsImlkIjoxMDE4LCJsYWJlbHMiOiIiLCJzaXRlX2lkIjo2NDM1LCJ0eXBlIjoiYmFubmVyIiwic3BhY2VpZCI6MTAxOCwic3BvdF9pZCI6MCwiaWR6b25lIjozOTAyNjY4LCJ6b25lIjoidGNfcGFiXzkwMHgyNTAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6Ijg4NTg5NTQzNCIsInV0bTEiOiJ0Y2Jhbl9pIiwidXRtMiI6IjY0MzUiLCJ1dG0zIjoiMTk3NzUiLCJ1dG00IjoiIn0sImJhbm5lciI6eyJ3Ijo5MDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjY0MzUiLCJwYWdlIjoiaHR0cHM6Ly9hLmZvY3VzZGUuaW5mby8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiYWQ2MmY3ZDVjMjMwZGJjMGYyZDhlNzBjODhiYjI1MDQifSwiZXh0Ijp7ImR0IjoxNjYyNzY2MTI0MzA3fX0= HTTP/1.1
Host: rtbbnr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.tubecorp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 09 Sep 2022 23:28:53 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
xfantazy.com/video/629a418633a7ea0600f6d506
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/video/629a418633a7ea0600f6d506
IP 104.26.1.188:0
GET /video/629a418633a7ea0600f6d506 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: text/html; charset=utf-8
vary: Origin
set-cookie: visitorId=qt1asiltpbrd4hu80r9t7i; Domain=xfantazy.com; Path=/; Expires=Thu, 09 Sep 2032 23:28:48 GMT; HttpOnly
experiment-popup-payment-7=0; Path=/; Expires=Fri, 16 Sep 2022 23:28:48 GMT
experiment-save-to-button-2=0; Path=/; Expires=Fri, 16 Sep 2022 23:28:48 GMT
x-powered-by: Next.js
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtlPZ5o5pu9TIed5KFCtePyw9%2FNsnlJ9FMg%2Bof7vT9gFGuTCHxK0Id0XzYLJjSB8Yo3P415HcTgJkSW0i3BsQ3UB5sqT5mgcilr0ZD4aM27PvqeVv07JcHAlw4Abyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3cfe8670b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.focusde.info/api/spots/391865?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/391865?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/391865?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=ZXAfc6jz51F4U6E1QuZh; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/notifications/text_bubble/3/css/style.css
104.21.51.177200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/notifications/text_bubble/3/css/style.css
IP 104.21.51.177:0
GET /sb/ssp/notifications/text_bubble/3/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/css
last-modified: Tue, 19 Jul 2022 14:06:28 GMT
etag: W/"62d6ba64-23ce"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 114473
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcQAQ2WM4mgl%2FL9oVTW%2Bwk2IPi7bt%2F3C%2BW2JcrBQ6L3nHw%2FeNWTO%2FxnQy13ALZn74D5srjWLA7wZAN2HsV50WyYZmDCDchdrGNxnFDiiEWbUavR3RHV9X9xnMIJHc7I0XhE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7483b3e9c883b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.bc85e791cb2f.js
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.bc85e791cb2f.js
IP 104.16.94.42:0
GET /CACHE/js/output.bc85e791cb2f.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=202270
etag: W/"7d90e856406997eee24123ea8a61c92d"
last-modified: Fri, 10 Sep 2021 01:29:44 GMT
x-amz-id-2: HJqgrzmpP8NIgQA+YW8wx4YmDeOFkE860/zZrYgEfEOOhSRenFjn4mxx7ChaQYvyWjZAxImMIY8=
x-amz-meta-s3cmd-attrs: md5:7d90e856406997eee24123ea8a61c92d
x-amz-request-id: EVKN10SQAKNB8VZG
cf-cache-status: HIT
age: 431710
expires: Sun, 09 Oct 2022 23:28:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BgUpT7APUaCCBmxDgrCh71cAeJv%2BI3Sn8T%2FlKacmu5lr076wsPgHaTnrIA1gKhYLHyX9Ywwp%2Bml%2BHaJpjaCW2CBXGKzWW1demZ3JpDm3uIdwQ%2F%2BjLXgWkoUjSEDKG11%2BClZIOwAJgmw4O5E1t%2Fljw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=s6324vprcPZKKPtefvKzocbGBMRiH9HQpCauVBWEajE-1662766134271-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7483b3f32c6ab4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
no.bongacams.com/popular-chat?bcs=ZXJpbzFjZTlhNjA1Zjk2ZmFlNDgzN2EwZDgxZGI5NzgyODM5OjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
195.85.23.95200 OK 0 B URL HTTP/2 no.bongacams.com/popular-chat?bcs=ZXJpbzFjZTlhNjA1Zjk2ZmFlNDgzN2EwZDgxZGI5NzgyODM5OjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
GET /popular-chat?bcs=ZXJpbzFjZTlhNjA1Zjk2ZmFlNDgzN2EwZDgxZGI5NzgyODM5OjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1 HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Cookie: __cf_bm=23pqFA_K0yb6lCXI9rYP8owQn_bY7xFpXu8NhfuIrzE-1662766134-0-AfftQLvdn3V7RxDh3abBooYHjomKEDGDlo/0vZlHcAjrvXWUpwuwWJkVCE/Fm8fXHboKFfIsdmvG2AWSJQN92w4=; bonga20120608=0d4d1c0a3b785af3503b9f98d75351ea
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin
x-ua-compatible: IE=edge,chrome=1
cache-control: no-cache, no-store, must-revalidate
set-cookie: ts_type2=1; expires=Sat, 09-Sep-2023 23:28:54 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
fv=AQZkAwL3ZwL2ZD==; expires=Sat, 09-Sep-2023 23:28:54 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
uh=pzqaoRgfq2ElA1H1qxqEoSOenHf5qj==; expires=Sat, 09-Sep-2023 23:28:54 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
ratr=189420%3A%3A401977%3A%3A2022-09-10%2002%3A28%3A54%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A; expires=Sat, 27-Aug-2072 23:28:54 GMT; Max-Age=1576799999; path=/; domain=.bongacams.com; HttpOnly
BONGAH_HIT=1ce9a605f96fae4837a0d81db9782839%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-09-10%2002%3A28%3A54; expires=Wed, 08-Mar-2023 23:28:54 GMT; Max-Age=15551999; path=/; domain=.bongacams.com; secure; HttpOnly; SameSite=None
BONGA_REF=https%3A%2F%2Fpoweredby.jads.co%2F; expires=Wed, 08-Mar-2023 23:28:54 GMT; Max-Age=15551999; path=/; domain=.bongacams.com; HttpOnly
reg_ver2=3; expires=Sat, 09-Sep-2023 23:28:54 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
sg=690; expires=Sat, 09-Sep-2023 23:28:54 GMT; Max-Age=31535999; path=/; domain=.bongacams.com; secure; SameSite=None
__ti=H4sIAAAAAAACAyWIPQ6AIAxGr2K6k7RVgnw9DQkOnTU4EO6u4vR-xjCKEbtCeWEJmYMqKyELTqNKmLwPb4Tt0-tfCjdq0ztWFEtJ4P3t8gC89nCkVAAAAA~~; expires=Fri, 16-Sep-2022 23:28:55 GMT; Max-Age=604800; path=/; domain=.bongacams.com
warning18=%5B%22no_NO%22%5D; expires=Sat, 09-Sep-2023 23:28:55 GMT; Max-Age=31536000; path=/; domain=.bongacams.com; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7483b3f5999ab52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/040/0e4/xbig_lq/33492d.webp
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/live/09c/040/0e4/xbig_lq/33492d.webp
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /live/09c/040/0e4/xbig_lq/33492d.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/webp
content-length: 7070
last-modified: Fri, 09 Sep 2022 23:24:11 GMT
etag: "631bcb1b-1b9e"
expires: Fri, 16 Sep 2022 23:24:12 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o-91: 2
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 283
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd50b4f9-OSL
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1500%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766121%3Ac%3A1%3Arn%3A1028279843%3Arqn%3A1%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Ads%3A2%2C23%2C787%2C0%2C361%2C0%2C%2C184%2C7%2C%2C%2C%2C1524%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766121%3At%3Afree%20xxx%20video%2034%20Goddess%20Brooke%20Marie%20Feed%20Me%20Daddy%20JOI%20%7C%20goddess%20brooke%20%7C%20femdom%20porn%20free%20cfnm%20femdom%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1500%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766121%3Ac%3A1%3Arn%3A1028279843%3Arqn%3A1%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Ads%3A2%2C23%2C787%2C0%2C361%2C0%2C%2C184%2C7%2C%2C%2C%2C1524%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766121%3At%3Afree%20xxx%20video%2034%20Goddess%20Brooke%20Marie%20Feed%20Me%20Daddy%20JOI%20%7C%20goddess%20brooke%20%7C%20femdom%20porn%20free%20cfnm%20femdom%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
GET /watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1500%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766121%3Ac%3A1%3Arn%3A1028279843%3Arqn%3A1%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Ads%3A2%2C23%2C787%2C0%2C361%2C0%2C%2C184%2C7%2C%2C%2C%2C1524%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766121%3At%3Afree%20xxx%20video%2034%20Goddess%20Brooke%20Marie%20Feed%20Me%20Daddy%20JOI%20%7C%20goddess%20brooke%20%7C%20femdom%20porn%20free%20cfnm%20femdom%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F629a418633a7ea0600f6d506&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1500%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1143931729285%3Ahid%3A617580327%3Az%3A0%3Ai%3A20220909232841%3Aet%3A1662766121%3Ac%3A1%3Arn%3A1028279843%3Arqn%3A1%3Au%3A166276612163574945%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662766119057%3Aco%3A0%3Awv%3A2%3Ads%3A2%2C23%2C787%2C0%2C361%2C0%2C%2C184%2C7%2C%2C%2C%2C1524%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662766121%3At%3Afree%20xxx%20video%2034%20Goddess%20Brooke%20Marie%20Feed%20Me%20Daddy%20JOI%20%7C%20goddess%20brooke%20%7C%20femdom%20porn%20free%20cfnm%20femdom%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 09 Sep 2022 23:28:50 GMT
access-control-allow-origin: https://xfantazy.com
set-cookie: yandexuid=4578067271662766130; Expires=Sat, 09-Sep-2023 23:28:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4578067271662766130; Expires=Sat, 09-Sep-2023 23:28:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2059901811662766130; Path=/; SameSite=None; Secure
i=cxify0zZCQABTXPb3RnseY5F4xduUMhpylOlOhsG/dTiUPnPIbPz5OjJqKqVBLM8KzcTiKJp56iWthlic5KfcJy8III=; Expires=Mon, 06-Sep-2032 23:28:28 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694302130.yrts.1662766130#1694302130.yrtsi.1662766130; Expires=Sat, 09-Sep-2023 23:28:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 23:28:50 GMT
last-modified: Fri, 09-Sep-2022 23:28:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.1486cd5aa4f0.js
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.1486cd5aa4f0.js
IP 104.16.94.42:0
GET /CACHE/js/output.1486cd5aa4f0.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=117895
etag: W/"eb2259ff6dbd950ae158f73065752aa1"
last-modified: Thu, 21 Oct 2021 18:11:54 GMT
x-amz-id-2: k6NhlyRh+XXZM7+pSOMylQwAMSlxLRy7teDHalfRWz7mnIIf6Ig6amIFaKAolUjBHmL3PkEkULk=
x-amz-meta-s3cmd-attrs: md5:eb2259ff6dbd950ae158f73065752aa1
x-amz-request-id: FHZ86T60E9WK32PB
cf-cache-status: HIT
age: 438925
expires: Sun, 09 Oct 2022 23:28:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWQDOmMXoU4t%2FJZ7UNKecuiUvGQyPdLc9hCoa%2FgYwvwUnP1oPr3PXPO0xzlrVyAGKS6A0%2BKL%2BisEbhFHTbi%2Bh%2BpXAHFtFinxJ8jwBjDAH9hckxmexyq0cBaYTqo4g3u5UQXJoksSRIrnGQTFTxy4xA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=RFcCgVKTOFWSWrIo3_W2YNOAekVyQWqhu0ZbgpXzUxc-1662766134308-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7483b3f36c8fb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/images/default/social/tiktok.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/images/default/social/tiktok.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /images/default/social/tiktok.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Jun 2019 03:11:53 GMT
etag: W/"5d1433f9-61c"
expires: Fri, 23 Sep 2022 00:53:58 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 981049
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3faad2bb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/c6f52.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/c6f52.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/c6f52.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-807"
expires: Sun, 09 Oct 2022 09:08:16 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd1f05b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/i18n-min/1662692544/messages/no.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/i18n-min/1662692544/messages/no.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /i18n-min/1662692544/messages/no.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 03:02:50 GMT
etag: W/"631aacda-24626"
expires: Sun, 09 Oct 2022 03:03:41 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 73427
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3faad27b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/041b8.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/041b8.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/041b8.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-11ce"
expires: Sun, 09 Oct 2022 09:08:06 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd6f51b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/sprite/bc/mini_profile.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/images/sprite/bc/mini_profile.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /images/sprite/bc/mini_profile.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no.bongacams.com
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:56 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Jun 2021 04:42:41 GMT
etag: W/"60c82fc1-2c81"
expires: Tue, 27 Sep 2022 10:23:41 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 438578
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b4043cf9b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js
IP 104.26.1.188:0
GET /_next/static/runtime/main-8daa673a54696bb62abb.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:19:48 GMT
etag: W/"11cd7-179fb717a09"
cf-cache-status: HIT
age: 29223196
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1SYMgQ%2BjQwy74n6T%2Fir5MjvCc%2B%2FBjB3M1z07P0A5e8raNlFh6ObtpXTIatlsxKv1QSQ4APQ7uLDtbBtZ0n%2FEuIiNDDJdGJGpEAammD%2FNhkuDS2%2FGBm5voLM9m0v3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d56b9b0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/cachebust/chatembed-prod-cc351ba5d4d5.js
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/cachebust/chatembed-prod-cc351ba5d4d5.js
IP 104.16.94.42:0
GET /cachebust/chatembed-prod-cc351ba5d4d5.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=902959
etag: W/"5403d147e6bf18891a9c75f58ab8b55b"
last-modified: Fri, 09 Sep 2022 07:57:41 GMT
x-amz-id-2: uSZe9nQMNhSR5u7VzibMrsre4IXniiWnRLSAp8nRCsfpriKGuJIep3JsfzWI0wpWpD69YJro0qo=
x-amz-meta-s3cmd-attrs: md5:5403d147e6bf18891a9c75f58ab8b55b
x-amz-request-id: DXBXNHGE28P1Y7FC
cf-cache-status: HIT
age: 55704
expires: Sun, 09 Oct 2022 23:28:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICvdiBGd3s11RlwhaMpqZdNr7RJ3XsdVQncprB6VGqOMAJ3Pxq3liqh5Kt8mpKh9nIpSUEEcLFyNrW75o7DfGKQEMc8wPD0yxl0u2sAbRGYPWk2iRiaHzdVCrZFf0ZJS%2FUPx8Yp0bCv80Ak4RUWciw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=s6324vprcPZKKPtefvKzocbGBMRiH9HQpCauVBWEajE-1662766134271-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7483b3f32c6bb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/jsi18n/en/djangojs.js?hash=cc351ba5d4d5
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/jsi18n/en/djangojs.js?hash=cc351ba5d4d5
IP 104.16.94.42:0
GET /jsi18n/en/djangojs.js?hash=cc351ba5d4d5 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=3271
etag: W/"32cad827f4958bb8450fc33065ba4b42"
last-modified: Thu, 28 Apr 2022 02:42:35 GMT
x-amz-id-2: XHuCgr9zCVlhz17DDRWIm6NWtOGoJAksyLLUAB3rQ2l9Bso1jDCJn1S1WiQNMFlyv1dRtxwvpXQ=
x-amz-meta-s3cmd-attrs: md5:32cad827f4958bb8450fc33065ba4b42
x-amz-request-id: DXBZGAVC3K7ND5PK
cf-cache-status: HIT
age: 55704
expires: Sun, 09 Oct 2022 23:28:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wrF5c1cismTIfofXEIXUYAcwN5fsJ3VqqtpBXAefkFlcZaF5R5AqxJ4PzyAxniZ9GVYi%2BInRn%2Ftduf44P0ZOcmPwQbq5HynbA%2FnnnB0QqaixNG54scugGlnfx9vLozV5PgHhpuJOqojT2llrMCN9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=re7tWprzhpidyPr_meCpBOG3lgaGLDZjwu.7uxaFYd4-1662766134313-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7483b3f36c8eb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
no.bongacams.com/images/sprite/bc/icon11.svg
195.85.23.95200 OK 0 B URL HTTP/2 no.bongacams.com/images/sprite/bc/icon11.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
GET /images/sprite/bc/icon11.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=b3JoaTFjZTlhNjA1Zjk2ZmFlNDgzN2EwZDgxZGI5NzgyODM5OjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=23pqFA_K0yb6lCXI9rYP8owQn_bY7xFpXu8NhfuIrzE-1662766134-0-AfftQLvdn3V7RxDh3abBooYHjomKEDGDlo/0vZlHcAjrvXWUpwuwWJkVCE/Fm8fXHboKFfIsdmvG2AWSJQN92w4=; bonga20120608=0d4d1c0a3b785af3503b9f98d75351ea; BONGAH_HIT=1ce9a605f96fae4837a0d81db9782839%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-09-10%2002%3A28%3A54; sg=690; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/svg+xml
last-modified: Wed, 07 Sep 2022 03:04:44 GMT
etag: W/"63180a4c-5ab6"
expires: Sun, 09 Oct 2022 23:28:55 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 245732
vary: Accept-Encoding
server: cloudflare
cf-ray: 7483b3fd8d97b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.focusde.info/api/spots/391868?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/391868?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/391868?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=jy5ZxIUqujXs7XIELbof; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
a.medfoodsafety.com/loader?a=4787912&v=2&t=1&s=4776911&p=8575&if=true
172.67.136.170200 OK 0 B URL HTTP/2 a.medfoodsafety.com/loader?a=4787912&v=2&t=1&s=4776911&p=8575&if=true
IP 172.67.136.170:0
GET /loader?a=4787912&v=2&t=1&s=4776911&p=8575&if=true HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:53 GMT
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0sb7MIWjejH85meKAp7WcLmXQ9o%2FC2j8DGm4NN98F6EqMCgAY8eoFBup4Ds%2FN6TKSL5pDQ8LT03S6IIk6xK3QIO7DRPYDaYLvsR6DUYvu6GpoQIRZokwAuvFqPcJ4Kn9M2HsjZL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3ec5910b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
chaturbate.com/topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
104.18.100.40302 Found 0 B URL HTTP/2 chaturbate.com/topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
IP 104.18.100.40:0
GET /topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.medfoodsafety.com/
Connection: keep-alive
Cookie: __cf_bm=htnCytJe_NL.xZrauQROLrJTJhmYZ4EzKLrRRBbbRAc-1662766133-0-AYpwPkpnmB4yCB583UZmScRP3abMki8sXuSGlWceW59c+HKS28Y6Z9l6WiisKZjykKJZNwirETehiSqm5E5eItM=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 09 Sep 2022 23:28:53 GMT
content-type: text/html; charset=utf-8
location: /embed/bloomyogi/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
set-cookie: stcki="pOtSwZ=1\054FqPd9a=0\0546pduSG=0\054aDBbcK=0\0548UAXRV=1"; expires=Sun, 09-Oct-2022 23:28:53 GMT; Max-Age=2592000; Path=/
affkey=eJyrVipSslJQyigpKSi20tdP1MtNTUnLz08pTkxLLanUS87P1VeqBQDmXQyt; Domain=.chaturbate.com; expires=Sun, 09-Oct-2022 23:28:53 GMT; Max-Age=2592000; Path=/
sbr=sec:sbr6c4e68cf-0153-46cb-80e1-91097c320b6d:1oWnQb:HNCAMr0oQEgigPEEmPf3Vje-sG4; Domain=.chaturbate.com; expires=Wed, 04-Jun-2025 23:28:53 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7483b3ef1a920b41-OSL
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/cachebust/theatermode-react-cc351ba5d4d5.js
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/cachebust/theatermode-react-cc351ba5d4d5.js
IP 104.16.94.42:0
GET /cachebust/theatermode-react-cc351ba5d4d5.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=193983
etag: W/"4893101ee3b8d42e9143406cc23ca10b"
last-modified: Fri, 09 Sep 2022 07:57:39 GMT
x-amz-id-2: tee0DvdEugqPILyyMHd8vr0H/JQzvDVF9NNkakrEMSrzCPGyeb1+fgYcxoXIB8Uk0IwCeNNQPqQ=
x-amz-meta-s3cmd-attrs: md5:4893101ee3b8d42e9143406cc23ca10b
x-amz-request-id: DXBY4X8W1VHHY6W3
cf-cache-status: HIT
age: 55704
expires: Sun, 09 Oct 2022 23:28:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePCgsQvmr%2BXN0Na5%2B1RB0uGEuF%2BlEJzUTOALCNUEVDFuN58OC1hDyTxF%2BFKx%2F3dKVjmoTw6kfwyXmhTeIkS2qH2PqCYUVtfjGrKp36gOmsZzDjqxJA4FuaAKxjQyoldv%2BJTDJbgWLIrABrToNJzurg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=s6324vprcPZKKPtefvKzocbGBMRiH9HQpCauVBWEajE-1662766134271-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7483b3f32c69b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/a83b2.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/a83b2.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/a83b2.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:40 GMT
etag: W/"631b025c-54a9"
expires: Sun, 09 Oct 2022 09:08:36 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd7f62b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/replace/10/arial/999/bnct_add2.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/images/replace/10/arial/999/bnct_add2.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /images/replace/10/arial/999/bnct_add2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jun 2021 09:45:11 GMT
etag: W/"60c08da7-2a63"
expires: Mon, 12 Sep 2022 11:34:41 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-p4: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2375645
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd5cb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.medfoodsafety.com/loader?a=4788749&v=2&t=30&s=4776911&p=8575&if=true
172.67.136.170200 OK 0 B URL HTTP/2 a.medfoodsafety.com/loader?a=4788749&v=2&t=30&s=4776911&p=8575&if=true
IP 172.67.136.170:0
GET /loader?a=4788749&v=2&t=30&s=4776911&p=8575&if=true HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:53 GMT
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaot8H%2FueTF6H4b49Fr%2Fsw79BzWlg7DMA1iXNjDqPt%2Fm%2F7nVyqXeHbNkCqT7S3sjdpWiNjvD%2BKpJpJMAkj9xbdbl0rxkOYj4RxtNfK8fTx08hLkpHhKLTXJo18tLyQsQ4cdvRY1T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3ec5912b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/commons.9b890646c0aa33eb63fe.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/commons.9b890646c0aa33eb63fe.js
IP 104.26.1.188:0
GET /_next/static/chunks/commons.9b890646c0aa33eb63fe.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:36 GMT
etag: W/"152f62-1826d2bb0af"
cf-cache-status: HIT
age: 3077070
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTeMD1gH9yxUbpZZpuZGdPLOh54Jt0ulX3oAHnCnVvcHTl6jexh0W79p3G7NQ3JtgRaYAXe7MFanuNt0pUmUJJWDYJPcMTOG4fRaNFrVVk1o5iBgr4zj2mmM%2Bp%2FJTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d55b910b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1t6ba/cr.css
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1t6ba/cr.css
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1t6ba/cr.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 07:00:21 GMT
etag: W/"631ae485-13455"
expires: Sun, 09 Oct 2022 07:01:41 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 59227
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6dd2b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/promotions/sapphire_and_titan/3/182x600/no.svg
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/promotions/sapphire_and_titan/3/182x600/no.svg
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /promotions/sapphire_and_titan/3/182x600/no.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: image/svg+xml
last-modified: Fri, 01 Apr 2022 13:41:46 GMT
etag: W/"6247011a-115b8"
expires: Wed, 28 Sep 2022 04:01:31 GMT
cache-control: max-age=2592000
vary: Accept-Encoding
x-cache-0: 1
cf-cache-status: HIT
age: 1020444
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fabd58b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1t88Q/cc7b6.js
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1t88Q/cc7b6.js
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1t88Q/cc7b6.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 09:07:39 GMT
etag: W/"631b025b-1b5"
expires: Sun, 09 Oct 2022 09:08:22 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 47029
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fd6f45b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.67.137.152200 OK 0 B IP 172.67.137.152:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Origin: https://xfantazy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 84
last-modified: Fri, 09 Sep 2022 23:27:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAigxjuHCR8ewZMe3IhK0OjccSLxPJxa3147xTofW6jlXh1sMwLzc16RcRrqNkqMVuyCGwCh7C5eNMrVf5d%2FJk1axXLrAaLYDhz0CBN5Drxvsn86sv7q5hyoNVxYkykK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7483b3e5bbf31c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/styles.77acb212b856be16971e.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/styles.77acb212b856be16971e.js
IP 104.26.1.188:0
GET /_next/static/chunks/styles.77acb212b856be16971e.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:19:05 GMT
etag: W/"55-179fb70cfea"
cf-cache-status: HIT
age: 29222950
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffpt4zYTGaF7uB67%2FCGe%2FiuX5Y3lEMd0fr%2Bw6YK4hXEATAYVi7yyKA9O8asFVr80CBwW2adUG4R9a%2Ba8S4BgoP7oYUxpDiE7K5TEXtqU0E%2B9U%2F1tFDFix6WGBi0pww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3d8ddb30b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/login.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/login.js
IP 104.26.1.188:0
GET /_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/login.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/629a418633a7ea0600f6d506
Cookie: visitorId=qt1asiltpbrd4hu80r9t7i; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiIxMzgzZWM2MDJjYjVkIiwiaWF0IjoxNjYyNzY2MTMwLCJleHAiOjE2NjMzNzA5MzB9.kyj4gI35DUWIgg6K4UzFmlGsV_bXBdT0I_IKKHCgJv4; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiMTAyMWM4YzA1NWQyMiIsImlhdCI6MTY2Mjc2NjEzMCwiZXhwIjoxNjY1MzU4MTMwfQ.RZcihPLphEF7uCuGfgSLuukr5F8SgEoEF25ALjahmqc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:45 GMT
etag: W/"ba5-1826d2cbfb8"
cf-cache-status: HIT
age: 3076145
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Djdvg2Z3oLZYO9Hb5J8EkPRzzE19mLr6AqlCXKubKQlDpXl3fPwfG%2F5docjaiEduoBI8JMV9mbQx%2Br3XxmsxLcB5cfaSJrhMbutLKXcwTITNsi9%2B8Lh2fD%2Fb%2FUe8zw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7483b3db0ecb0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.focusde.info/api/spots/303894?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/303894?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/303894?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=jy5ZxIUqujXs7XIELbof
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 23:28:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/css/output.cc7c3355797b.css
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.cc7c3355797b.css
IP 104.16.94.42:0
GET /CACHE/css/output.cc7c3355797b.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=246489
etag: W/"ff2f3baed2820c4c9ad8a0e5faadfe11"
last-modified: Thu, 01 Sep 2022 23:26:03 GMT
x-amz-id-2: b1+VuikajRX43fI12stCWkWnRQJlXi9r7VNYuD2X0XqjtgXKMz7u53Nd5EIvISx+8bg4CCeT5Z4=
x-amz-meta-s3cmd-attrs: md5:ff2f3baed2820c4c9ad8a0e5faadfe11
x-amz-request-id: EC6KTG6NT1H753P4
cf-cache-status: HIT
age: 691198
expires: Sun, 09 Oct 2022 23:28:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kogPttwRe5HFzO9SpHrl8kviNHGhmlGY1puDxIjUQcsC9JPHM7WsWeCHtmLMqSFeemDRVh3wXW0sU6UccU2zF5%2FrrCvZjFBUlcGdmYSRGC5x3EyUOVzsxjs0jZNg7OP9kCMmC7gmJlY9I8WsLjJ%2B6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=SisOecHrVlH_P6RcxVk7wne1dth2DKFQ.5T9Yd5wEG0-1662766134270-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7483b3f32c60b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/css/output.3d204bbf93b6.css
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.3d204bbf93b6.css
IP 104.16.94.42:0
GET /CACHE/css/output.3d204bbf93b6.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:54 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=81638
etag: W/"77a4b7340f86a2695a27c44ead4a3c3a"
last-modified: Fri, 26 Aug 2022 19:58:07 GMT
x-amz-id-2: cT2XzitaGs304rRIS5L6DtspU49RncpTLW6ZdmdBel/qFViEHV886seyqVF3DvvcxxSowlOC/S8=
x-amz-meta-s3cmd-attrs: md5:77a4b7340f86a2695a27c44ead4a3c3a
x-amz-request-id: TB1RA68HF42BCY09
cf-cache-status: HIT
age: 1222066
expires: Sun, 09 Oct 2022 23:28:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgDXYE3CQNm%2B2%2BzGy3psvqb22nXpYi05vtektr7rekQaXBINi%2BTmUMgp%2FWZVJdZbgRfiMAklwg3DgdpNH%2FnkMgehcgWIhO6dTmQubE5sIw1zauVA7iysEopWPDndo2NW1NhrZb%2FVPAVyVmx%2B4HX%2BXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=zud.88in0GUnJL2KnRybEXJJllX4cDp3kaZHBAGRJ4g-1662766134272-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7483b3f32c62b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1t6ba/ft.css
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1t6ba/ft.css
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1t6ba/ft.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 07:00:21 GMT
etag: W/"631ae485-3a14"
expires: Sun, 09 Oct 2022 07:01:41 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 59227
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3faad25b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1t6ba/lt.css
195.85.23.30200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1t6ba/lt.css
IP 195.85.23.30:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1t6ba/lt.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 23:28:55 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 07:00:21 GMT
etag: W/"631ae485-19ecb"
expires: Sun, 09 Oct 2022 07:01:40 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 59227
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7483b3fb6dd4b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2