Overview

URL xfantazy.com/video/5fc582e7b181c14a07fdad7e
IP172.67.69.220
ASNCLOUDFLARENET
Location United States
Report completed2022-09-03 17:58:24 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-03 2 cdn.barscreative1.com/sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/16511 (...) Phishing
2022-09-03 2 a.bestcontentfood.top/warp/4788749?r=7161 Phishing
2022-09-03 2 a.bestcontentfood.top/warp/4787908?r=98900 Phishing
2022-09-03 2 a.bestcontentfood.top/warp/4788750?r=41074 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-03 2 freychang.fun Sinkholed
2022-09-03 2 freychang.fun Sinkholed
2022-09-03 2 unwillingsnick.com Sinkholed
2022-09-03 2 unwillingsnick.com Sinkholed
2022-09-03 2 unwillingsnick.com Sinkholed
2022-09-03 2 unwillingsnick.com Sinkholed
2022-09-03 2 decencyjessiebloom.com Sinkholed
2022-09-03 2 unwillingsnick.com Sinkholed
2022-09-03 2 unwillingsnick.com Sinkholed
2022-09-03 2 unwillingsnick.com Sinkholed
2022-09-03 2 unseenreport.com Sinkholed
2022-09-03 2 unseenreport.com Sinkholed
2022-09-03 2 freychang.fun Sinkholed
2022-09-03 2 addresseepaper.com Sinkholed


Files

URL mc.yandex.ru/watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5 (...)
IP  77.88.21.119
Magic gzip compressed data, max compression\012- data
Size 1311
MD5 15b4f75c2201d9276d7561b9d788c547
SHA1 bfcfbb503423f86def631683134914faec161989
SHA256 4fa5b0e125631b6beed24c1d2d0a1a793520ce772a04c2af2e55b77ebe5b64f8
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (71)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-03 05:01:24 UTC 34.117.237.239
mnemonic passive DNS cdn.tubecorp.com (1) 89278 2020-03-02 13:43:37 UTC 2022-09-03 02:32:06 UTC 45.133.44.25
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-03 04:59:46 UTC 142.250.74.72
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-03 13:43:03 UTC 142.250.74.174
mnemonic passive DNS e1.o.lencr.org (3) 6159 2021-08-20 07:36:30 UTC 2022-09-03 06:43:16 UTC 23.36.77.32
mnemonic passive DNS hw-cdn2.adtng.com (1) 11917 2020-02-20 16:50:17 UTC 2022-09-03 14:51:43 UTC 209.197.3.25
mnemonic passive DNS static-assets.highwebmedia.com (1) 16059 2021-01-19 21:46:26 UTC 2022-09-03 10:07:15 UTC 104.16.93.42
mnemonic passive DNS as.sexad.net (4) 86240 2012-05-22 03:40:32 UTC 2022-09-02 21:47:22 UTC 216.127.52.242
mnemonic passive DNS ocsp.usertrust.com (2) 899 2012-05-21 15:43:18 UTC 2022-09-03 07:47:21 UTC 104.18.32.68
mnemonic passive DNS static-cache.k2s.cc (15) 182663 2018-09-13 10:35:33 UTC 2022-09-02 18:51:47 UTC 188.72.235.185
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-09-03 05:00:17 UTC 104.18.21.226
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-03 09:18:41 UTC 34.120.237.76
mnemonic passive DNS cdn.cloudimagesb.com (1) 23099 2021-02-12 16:15:41 UTC 2022-09-03 11:35:31 UTC 45.133.44.9
mnemonic passive DNS decencyjessiebloom.com (1) 0 2022-08-06 02:09:31 UTC 2022-09-03 11:43:50 UTC 209.192.156.116 Unknown ranking
mnemonic passive DNS cdn.barscreative1.com (1) 25648 2021-09-16 11:14:42 UTC 2022-09-03 10:55:26 UTC 45.133.44.4
mnemonic passive DNS unseenreport.com (2) 0 2022-03-30 14:33:17 UTC 2022-09-03 14:20:22 UTC 192.243.61.227 Unknown ranking
mnemonic passive DNS pxl.tsyndicate.com (4) 14763 2017-07-05 13:51:06 UTC 2022-09-03 12:50:58 UTC 168.119.1.208
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-09-03 05:02:10 UTC 69.16.175.42
mnemonic passive DNS r3.o.lencr.org (20) 344 2020-12-02 08:52:13 UTC 2022-09-03 05:00:20 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-03 05:49:56 UTC 143.204.55.49
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-03 04:59:51 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS accounts.google.com (2) 81 2016-09-05 09:39:47 UTC 2022-09-03 10:12:31 UTC 216.58.207.237
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-03 04:59:56 UTC 31.13.72.36
mnemonic passive DNS pt-static5.ptlwmstc.com (1) 182291 2021-08-02 14:02:38 UTC 2022-09-02 21:11:05 UTC 93.93.51.200
mnemonic passive DNS 12112336.pix-cdn.org (1) 18294 2018-08-23 11:18:44 UTC 2022-09-03 14:41:28 UTC 45.133.44.24
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-03 12:36:27 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (1) 867 2020-06-04 20:08:41 UTC 2022-09-03 07:34:13 UTC 143.204.55.36
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-03 10:24:00 UTC 93.184.220.29
mnemonic passive DNS mc.yandex.ru (8) 2672 2017-01-29 05:34:36 UTC 2022-09-03 13:47:48 UTC 77.88.21.119
mnemonic passive DNS unwillingsnick.com (7) 0 2022-08-06 03:44:45 UTC 2022-09-03 14:37:52 UTC 192.243.61.227 Unknown ranking
mnemonic passive DNS simplewebanalysis.com (1) 0 2022-02-25 04:06:25 UTC 2022-09-03 14:20:09 UTC 18.192.162.188 Unknown ranking
mnemonic passive DNS rtbrennab.com (1) 0 2022-04-20 15:49:10 UTC 2022-09-03 10:44:20 UTC 162.55.139.130 Unknown ranking
mnemonic passive DNS pt-static1.ptlwmstc.com (1) 154690 2021-08-02 14:02:38 UTC 2022-09-02 21:11:05 UTC 93.93.51.200
mnemonic passive DNS bongacams.com (1) 16616 2012-09-30 23:07:56 UTC 2022-09-03 08:58:18 UTC 195.85.23.88
mnemonic passive DNS cdn.sb4you1.com (1) 22321 2021-09-16 11:26:58 UTC 2022-09-03 11:43:52 UTC 172.67.183.56
mnemonic passive DNS cdn.adx1.com (1) 10630 2018-03-05 17:25:10 UTC 2022-09-03 15:57:48 UTC 149.11.201.98
mnemonic passive DNS hw-cdn2.ang-content.com (2) 165651 2019-03-25 22:41:04 UTC 2022-09-03 14:51:43 UTC 205.185.208.20
mnemonic passive DNS pt.wmptctl.com (3) 0 2022-03-02 17:02:35 UTC 2022-09-03 03:30:21 UTC 93.93.51.191 Unknown ranking
mnemonic passive DNS chaturbate.com (2) 6807 2012-05-22 23:11:36 UTC 2022-09-03 13:46:32 UTC 104.18.100.40
mnemonic passive DNS m.sancdn.net (3) 89507 2012-09-29 23:09:57 UTC 2022-09-02 21:33:21 UTC 69.16.175.42
mnemonic passive DNS bcprm.com (1) 30174 2021-06-18 14:10:59 UTC 2022-09-03 07:02:41 UTC 185.75.252.140
mnemonic passive DNS xfantazy.com (25) 167260 2020-04-10 13:44:53 UTC 2022-09-03 13:14:54 UTC 104.26.0.188
mnemonic passive DNS ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-09-03 16:58:13 UTC 172.64.155.188
mnemonic passive DNS amwoukrks.autos (6) 0 2022-08-21 19:26:18 UTC 2022-09-03 11:46:15 UTC 54.230.111.86 Unknown ranking
mnemonic passive DNS a.bestcontentfood.top (3) 54526 2020-02-20 18:41:42 UTC 2022-09-03 12:21:21 UTC 104.21.52.148
mnemonic passive DNS freychang.fun (3) 20665 2021-01-26 01:34:23 UTC 2022-09-03 12:50:59 UTC 104.21.45.207
mnemonic passive DNS lcdn.tsyndicate.com (4) 12634 2020-03-31 14:26:34 UTC 2022-09-03 09:19:35 UTC 8.248.225.238
mnemonic passive DNS tsyndicate.com (3) 13042 2017-03-16 09:04:54 UTC 2022-09-03 12:55:54 UTC 136.243.46.131
mnemonic passive DNS trkbng.com (1) 0 2022-03-17 10:18:30 UTC 2022-09-03 12:37:16 UTC 31.192.112.221 Unknown ranking
mnemonic passive DNS rtbbnr.com (1) 22279 2021-06-17 11:20:02 UTC 2022-09-03 02:32:08 UTC 162.55.139.130
mnemonic passive DNS addresseepaper.com (1) 18169 2021-11-01 21:11:31 UTC 2022-09-03 11:27:09 UTC 104.21.235.2
mnemonic passive DNS creepingbrings.com (1) 0 2022-05-27 14:56:26 UTC 2022-09-03 10:55:24 UTC 104.21.234.232 Unknown ranking
mnemonic passive DNS cdn.tsyndicate.com (4) 16265 2017-07-04 06:00:09 UTC 2022-09-03 13:44:59 UTC 8.248.225.238
mnemonic passive DNS camschat.net (4) 64292 2014-07-22 23:32:18 UTC 2022-09-03 08:58:51 UTC 76.9.16.29
mnemonic passive DNS pt-static2.ptlwmstc.com (2) 188311 2021-08-02 14:02:38 UTC 2022-09-02 21:11:05 UTC 93.93.51.200
mnemonic passive DNS xfantazy.com (25) 167260 2020-04-10 13:44:53 UTC 2022-09-03 13:14:54 UTC 104.26.1.188
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.88
mnemonic passive DNS galleryn10.awemdia.com (5) 0 2022-05-12 11:08:23 UTC 2022-09-01 21:13:36 UTC 93.93.51.190 Domain (awemdia.com) ranked at: 26880
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-03 05:07:57 UTC 151.101.85.229
mnemonic passive DNS media.aso1.net (2) 123434 2018-07-21 19:09:33 UTC 2022-09-03 05:51:51 UTC 104.21.234.154
mnemonic passive DNS poweredby.jads.co (3) 30525 2019-12-04 10:34:12 UTC 2022-09-03 10:50:33 UTC 185.94.236.246
mnemonic passive DNS in16.zog.link (2) 76485 2018-07-31 21:03:54 UTC 2022-09-03 02:32:08 UTC 109.206.181.2
mnemonic passive DNS ocsp.pki.goog (10) 175 2017-06-14 07:23:31 UTC 2022-09-03 04:59:51 UTC 142.250.74.3
mnemonic passive DNS ofghaidarium.xyz (4) 0 2022-09-01 10:11:28 UTC 2022-09-03 12:50:59 UTC 104.21.34.91 Unknown ranking
mnemonic passive DNS bam.nr-data.net (2) 630 2015-02-10 00:06:27 UTC 2022-09-03 05:01:10 UTC 162.247.241.14
mnemonic passive DNS cbjpeg.stream.highwebmedia.com (3) 23619 2017-04-27 08:00:06 UTC 2022-09-03 14:41:30 UTC 131.153.88.90
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-09-03 06:34:19 UTC 151.101.86.137
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-03 05:35:54 UTC 34.212.166.60
mnemonic passive DNS d192r5l88wrng7.cloudfront.net (3) 0 2022-09-01 14:55:21 UTC 2022-09-03 15:06:32 UTC 54.230.245.4 Unknown ranking
mnemonic passive DNS a.focusde.info (8) 499386 2022-01-15 21:28:39 UTC 2022-08-31 11:45:23 UTC 135.181.208.216
mnemonic passive DNS a.adtng.com (1) 15165 2018-07-26 19:17:41 UTC 2022-09-03 14:51:43 UTC 66.254.114.171


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.69.220

Date UQ / IDS / BL URL IP
2022-09-28 05:49:48 +0000
0 - 0 - 16 xfantazy.com/video/5f6580f261e5e63e2c1c7cbc 172.67.69.220
2022-09-24 19:59:23 +0000
0 - 0 - 10 xfantazy.com/video/5eff8410b0c7c44dda3f5749 172.67.69.220
2022-09-21 08:31:07 +0000
0 - 0 - 11 xfantazy.com/video/60f75bbeed696b7119a7fac5 172.67.69.220
2022-09-08 20:54:14 +0000
0 - 0 - 15 xfantazy.com/video/5e364cff61f0be74ac0ccfe4 172.67.69.220
2022-09-03 17:58:24 +0000
0 - 0 - 18 xfantazy.com/video/5fc582e7b181c14a07fdad7e 172.67.69.220

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-05 20:26:54 +0000
0 - 0 - 1 skechersshoesgreece.gr/ 172.67.181.134
2022-12-05 20:25:43 +0000
0 - 0 - 2 clip69.biz/ 188.114.97.1
2022-12-05 20:24:22 +0000
0 - 0 - 1 m.butterflydefer.top/ 104.21.41.29
2022-12-05 20:24:14 +0000
0 - 0 - 1 mrcandywholesale.com/ 23.227.38.65
2022-12-05 20:23:23 +0000
0 - 0 - 2 loader.oxy.st/get/05c6c9536a9b2298ac39e24dddf (...) 104.21.234.183

Last 5 reports on domain: xfantazy.com

Date UQ / IDS / BL URL IP
2022-12-04 19:49:53 +0000
0 - 0 - 27 xfantazy.com/video/63215686df915905ff622722 172.67.137.4
2022-12-02 07:31:24 +0000
0 - 0 - 29 xfantazy.com/video/5fa9094a0c205613746667b6 172.64.162.22
2022-12-01 21:42:16 +0000
0 - 0 - 30 xfantazy.com/video/620852c85a615f1d0cdf5e9b 172.64.162.22
2022-11-29 21:55:40 +0000
0 - 0 - 35 xfantazy.com/video/5edc59d923629346a514272b 172.64.163.22
2022-11-29 03:55:04 +0000
0 - 0 - 35 xfantazy.com/video/5f76ce8301bf221df0f0efe7?u (...) 104.21.46.88

No other reports with similar screenshot



JavaScript

Executed Scripts (150)


Executed Evals (4)

#1 JavaScript::Eval (size: 125, repeated: 1) - SHA256: 920d80e57685294073e6844ab22908618709844b22774b5e6c29e260c3a62799

                                        (function() {
    try {
        return document.getElementsByTagName("video")["fluid-videoplayer"] ? "ready" : "null"
    } catch (a) {
        return "null"
    }
})();
                                    

#2 JavaScript::Eval (size: 84, repeated: 1) - SHA256: 44379bf89e3d499c6e5084c2762e92070d823eb0c3b4f20d8fa9adbafe954ba9

                                        (function() {
    var b = 23;
    return function(a) {
        a.set("dimension" + b, a.get("clientId"))
    }
})();
                                    

#3 JavaScript::Eval (size: 146, repeated: 1) - SHA256: 04fdd53a79e755c063893c43cba7f311f8db7c412a07b372255addb55a7651bf

                                        (function() {
    find = /UA-(.*)/;
    gacode = "UA-86899934-6";
    return void 0 === gacode || "undefined" == gacode || "" == gacode ? "" : !0 === find.test(gacode) ? gacode : ""
})();
                                    

#4 JavaScript::Eval (size: 145, repeated: 1) - SHA256: a2bb9e7040697095a3076ee3136c7cff7dc38b1c78649fb5f6c6fb4145100030

                                        (function() {
    find = /G-(.*)/;
    gacode = "UA-86899934-6";
    return void 0 === gacode || "undefined" == gacode || "" == gacode ? "" : !0 === find.test(gacode) ? gacode : ""
})();
                                    

Executed Writes (9)

#1 JavaScript::Write (size: 208, repeated: 1) - SHA256: 78b2fdc0a3b3a03ef793d896d9f467bcf4e63c1702fa3029152b0bd16d1d51c0

                                        < iframe width = "300"
height = "250"
src = "//cdn.tubecorp.com/i/b.html?spot=4511&src=2045230537&pid=19775&width=300&height=250&spaceid=859"
scrolling = "no"
frameborder = "0"
marginheight = "0"
marginwidth = "0" > < /iframe>
                                    

#2 JavaScript::Write (size: 449, repeated: 1) - SHA256: a81bb422d0bc483c5b0854665f30031275c2c069c18c6242e498865a65a55f52

                                        < div style = "width:300px;height:250px;" >
    < script id = "adn-4787908"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4787908?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div>
                                    

#3 JavaScript::Write (size: 46, repeated: 1) - SHA256: de73a926a8381f11229c3f788149919c2b1e9620adcdf9c657c1df31971b423f

                                        < ins class = "aso-zone"
data - zone = "87882" > < /ins>
                                    

#4 JavaScript::Write (size: 484, repeated: 1) - SHA256: 17d94e96963dd14c2da602a6073d5af159c974cddf5e1526eaaf2725ec1bf6df

                                        < !DOCTYPE html > < html > < head > < title > < /title><style>html,body{margin:0;padding:0;height:100%;width:100%;}</style > < /head><body><!-- JuicyAds v3.0 --> < script type = "text/javascript"
data - cfasync = "false"
async src = "https://poweredby.jads.co/js/jads.js" > < /script> < ins id = "969388"
data - width = "908"
data - height = "258" > < /ins> < script type = "text/javascript"
data - cfasync = "false"
async > (adsbyjuicy = window.adsbyjuicy || []).push({
    'adzone': 969388
}); < /script>
<!--JuicyAds END--></body></html>
                                    

#5 JavaScript::Write (size: 494, repeated: 1) - SHA256: 1c29fbfbb74a5e15d9cf4a85270e2eb953820fe2404ec6181487ae0ad963029c

                                        < !DOCTYPE html > < html > < head > < title > < /title><style>html,body{margin:0;padding:0;height:100%;width:100%;}</style > < /head><body><script src="/ / cdn.tsyndicate.com / sdk / v1 / video.instant.message.js "></script> < script >
    TSVideoInstantMessage({
        spot: "b5346988f58b4a3986d63c85fcf561b2",
        width: "460",
        cookieExpires: "4",
    }); < /script> < iframe width = "300"
height = "250"
frameborder = "0"
scrolling = "no"
src = "//tsyndicate.com/iframes2/81050e2dae874825b1263242bcb82944.html?" > < /iframe></body > < /html>
                                    

#6 JavaScript::Write (size: 466, repeated: 1) - SHA256: 7e39e1ccad5d1f4baf21a097c72621648e45cb2a83029705e97c51036a870350

                                        < center > < div style = "width:900px;height:250px;" >
    < script id = "adn-4788749"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4788749?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div></center >
                                    

#7 JavaScript::Write (size: 466, repeated: 1) - SHA256: b5272c53eb4935fda2b3d6dc53f72c170823461564078417c6da556b68d47dfc

                                        < center > < div style = "width:900px;height:250px;" >
    < script id = "adn-4788750"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4788750?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div></center >
                                    

#8 JavaScript::Write (size: 1039, repeated: 1) - SHA256: d3899377f69babd32698438b5ce683db6153d0b4e8ffcabcf542890ef5563a00

                                        < div id = "ts_ad_native_atxjr" > < /div> < script src = "//cdn.tsyndicate.com/sdk/v1/master.spot.js" > < /script> < script >
    TsMasterSpot({
        "containerId": "ts_ad_native_atxjr",
        "spot": "WF8qxoGQpTQRg0uYg8RBqicfsIjfiOk4",
        "nativeSettings": {
            "cols": 5,
            "rows": 1,
            "titlePosition": "none",
            "adsByPosition": "none",
            "type": "label-under",
            "styles": {
                "container": {
                    "width": "100%"
                },
                "thumb": {
                    "border-radius": "4px"
                },
                "label": {
                    "height": "80px",
                    "background": "rgba(255,255,255,0.65)"
                },
                "headlineLink": {
                    "padding-top": "5px",
                    "font-size": "12px",
                    "font-weight": "bold",
                    "min-height": "45px"
                },
                "brandnameLink": {
                    "color": "#444"
                }
            }
        }
    }); < /script>
                                    

#9 JavaScript::Write (size: 46, repeated: 1) - SHA256: b7c224bd318e210fb3724a686d2e6fdff03e16ced4163e2e207bd2468a998f0a

                                        < ins class = "aso-zone"
data - zone = "87884" > < /ins>
                                    


HTTP Transactions (223)


Request Response
                                        
                                            GET /video/5fc582e7b181c14a07fdad7e HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.26.1.188
HTTP/1.1 302 Found
                                        
Date: Sat, 03 Sep 2022 17:58:13 GMT
Content-Length: 0
Connection: keep-alive
location: https://xfantazy.com/video/5fc582e7b181c14a07fdad7e
cache-control: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dU5lmvs%2BuSkCNy7HOJBIPOhXyC5CLmHY3ETwLYeyczYGSZ%2BTFVh4Ih5fnVIQh8mJ9xvI05XAQADEtwOYc7FRQprZsY3q0TWjqu3%2FziWzZK3GV6QXl00kqhJz9MqV0w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74505f4c8fb9b515-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 03 Sep 2022 17:43:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: f-CwMLqbUgZfAEkwHmA0YdnoZEzC-V9nG2zFVNKwcCLFC2U7nRjXMA==
Age: 906


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13347
Expires: Sat, 03 Sep 2022 21:40:40 GMT
Date: Sat, 03 Sep 2022 17:58:13 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -Xj_r92pm1jkG1ZKOTpUXGmNqSqjFkZ3xEhA04fPZiVA43fXkjjcvg==
age: 60176
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 03 Sep 2022 17:58:13 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5fc582e7b181c14a07fdad7e
Cookie: visitorId=78ob34gxsz5rp4xq8niyu; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.0.188
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:14 GMT
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:19:48 GMT
etag: W/"61c-179fb7179e1"
cf-cache-status: HIT
age: 28684962
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUeWKF3yaVTeSMQIR1BT5%2FlnrotwSpORiUbOunYA8d18%2BNYjw1SzS6JCtwS%2FKxHm73UykWHoaUu3R%2FO4GfcTqkV%2BneMYc1PhzACr8ZwqkJbKiQIQIgcl%2F1KT52UG8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f51fdefb524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1564), with no line terminators
Size:   1153
Md5:    754923db85d1d0cc3d73e0ea692c4c65
Sha1:   afca17b521b05d2a531349def032f95e080d14b0
Sha256: 3f181ae9e60105cabb8afcaf4f159386bdf3684bb1798de5f20fb1119bd9f67d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:14 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 03:14:20 GMT
Expires: Sat, 10 Sep 2022 03:14:19 GMT
Etag: "47c3c05a957a3f8a0d125f1cc1903d52bb5ff5ae"
Cache-Control: max-age=551164,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74505f52cc1d0b65-OSL

                                        
                                            GET /_next/static/chunks/47.6c9a4510342e4dd3af77.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5fc582e7b181c14a07fdad7e
Cookie: visitorId=78ob34gxsz5rp4xq8niyu; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.0.188
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:14 GMT
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"620-181397f9e59"
cf-cache-status: HIT
age: 7669055
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bS%2Frer5WFIDYW2y4ycYeWQFVPg5tnYtrzQ039DCwaCOglICiuaDjtQDqewjI7%2FG71s6wna0AjL0FAiyi5RS7by%2BbRb4PVRxbO%2Bym0%2FFCNER%2FSQyZd3lD1swmO%2BOmpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f51ede1b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1568), with no line terminators
Size:   1266
Md5:    fbe93b229683780df854b7af607bfc70
Sha1:   0c4320bd6a6c1d35c0918d3a3eeb9ab92beac09a
Sha256: 63f2911e6057a4f7eecf58d0d3008f1cc4ae8afe2bf8f5cbe2761663bad403b1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /thumbnail/IO7AtH_0n63o-D3B-Q/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:14 GMT
content-length: 12028
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   12028
Md5:    a177496d4fc05a3945a0388c467a42e3
Sha1:   0585ae7565cedb41c60970e3a3b942f7ff6b983c
Sha256: c411265cacd5375c9e168c25a982e958a96e0261e8d4b86e097101673fc2137c
                                        
                                            GET /thumbnail/J-ibvnD1m6zqq2iQ_g/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:14 GMT
content-length: 12291
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   12291
Md5:    44dda25ede482ff89be22ef60e59d5f8
Sha1:   0d18faffada7eeef728ce387282d29b432b41fd0
Sha256: fbd04c2536abfd09b0a4cabbd309207cf919a3ffeafd3fb9a4e4a6cea43907b3
                                        
                                            GET /thumbnail/IeiWtXeiwq268WnGrQ/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:14 GMT
content-length: 13925
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   13925
Md5:    9399e14388de9b7ab8949e46e8f3efa3
Sha1:   0951ca83d4ff90ec57f5626f453ad5c085df0420
Sha256: d0665782ccb2a6b313891d536719084ae87ae13885acdf2bb92a795a71dcd384
                                        
                                            GET /thumbnail/d-WU6X-jm_-4_jSW-Q/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:14 GMT
content-length: 10605
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   10605
Md5:    d45a3f7f988b4b5959853aabcbcd2759
Sha1:   108c505528e1a840afe739d23502b7f6ff9051c7
Sha256: af2cd756d7e99762c889b599e9c9aadca23edde71f184e4d665be8638044c79c
                                        
                                            GET /video/5fc582e7b181c14a07fdad7e HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.26.0.188
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Sat, 03 Sep 2022 17:58:13 GMT
vary: Origin
set-cookie: visitorId=78ob34gxsz5rp4xq8niyu; Domain=xfantazy.com; Path=/; Expires=Fri, 03 Sep 2032 17:58:13 GMT; HttpOnly experiment-popup-payment-7=0; Path=/; Expires=Sat, 10 Sep 2022 17:58:13 GMT experiment-save-to-button-2=0; Path=/; Expires=Sat, 10 Sep 2022 17:58:13 GMT
x-powered-by: Next.js
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgmLoCndYxuI%2FrZNK6Salr%2FPcy2E2Yt59UBDpY0mkt%2FNi%2FD%2FMOBaAuAgA8xpKncycDCb2pol4J55Akh3uG7OPRe70xwZOPNAC%2F6Wy6LxmdSkaY76mgfFbFq1vlsNVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f4e5914b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18552)
Size:   424544
Md5:    7896b6c2b032e8d72f9eb8734e38e71d
Sha1:   438983c12c077eac19d03b013758a5c3a29d7475
Sha256: e1b14953bfbc7c0bf025cefc0e42c3fadffbcf83ee10903abf4dc1f0711e5a40
                                        
                                            GET /gtm.js?id=GTM-PLKQLTX HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Sep 2022 17:58:14 GMT
expires: Sat, 03 Sep 2022 17:58:14 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Sep 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52684
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15971)
Size:   52684
Md5:    d72a098ea4c463bf0ad594e73b55aba1
Sha1:   8bb2ef933c64e07638166af44707d4a96277b383
Sha256: 569a6126e6a1134b898b9cf49e3970ac7125c611033333a8b24e4ae2702d8042
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 253446
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_next/static/runtime/webpack-f4d22593ad73f080a168.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5fc582e7b181c14a07fdad7e
Cookie: visitorId=78ob34gxsz5rp4xq8niyu; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.0.188
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:14 GMT
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:28 GMT
etag: W/"2fb2-1826d2b92c0"
cf-cache-status: HIT
age: 2538835
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVrZCz6WpygskZmFJgeaOWmpQ4EmE8u0mG%2BUIIa73LyAZ9ymMpYfvA0MQZKwEIz9VRxq6dYP90CR8l7KJUrxIzayk2pmN0bHFtFLUSdVxaFDMkbPcS86nWoAC7StZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f51fdf0b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12210), with no line terminators
Size:   5359
Md5:    ae3ba643e616f9cfb373b346a4176074
Sha1:   f15a6a1834bd30b079bab0601f7045519b6d42a3
Sha256: d1b581e7e2096a900268c4c64ea674f12f940320aec448588fb5728d425cda0c
                                        
                                            GET /_next/static/runtime/main-8daa673a54696bb62abb.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5fc582e7b181c14a07fdad7e
Cookie: visitorId=78ob34gxsz5rp4xq8niyu; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.0.188
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:14 GMT
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:19:48 GMT
etag: W/"11cd7-179fb717a09"
cf-cache-status: HIT
age: 28684961
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2FSkcvzejWcPWax6NP1wmME50x2RrVNH0Xa%2BGAFPZn0V%2FmNOup%2Byds3SADl2uPFp8NtrmqStIrCq3qGd9TCXH8PeNIVmYsGCIuDIGsLUUTJBLbyp%2FDZUkf2bRqKsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f51fdf2b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   25820
Md5:    b874e5b225887e9edd611f4982a6adfa
Sha1:   ab9d173eea7e07a8cf80eb365a9f289b87d434b1
Sha256: e9eb460597a577a30cb661969c2bd42637418446a6360a682ebe46127c1f1925
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 02:02:22 GMT
expires: Sun, 03 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 57352
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 253446
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /thumbnail/3a44af549e112/main/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 404 Not Found
content-type: application/json
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:14 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- data
Size:   581
Md5:    a27abd9ec94a0839cf7d16e2470577e5
Sha1:   8bc747540b04cb77b41575075985192d1478a5b3
Sha256: f6fda6351c5c677afb2d9ac60f7681b7b637e640c7b02feca86ed0d319a5d41b
                                        
                                            GET /static/xf-small.png HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5fc582e7b181c14a07fdad7e
Cookie: visitorId=78ob34gxsz5rp4xq8niyu; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.0.188
HTTP/2 200 OK
content-type: image/png
                                        
date: Sat, 03 Sep 2022 17:58:14 GMT
content-length: 1153
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Fri, 05 Aug 2022 08:39:19 GMT
etag: W/"481-1826d28b1ec"
cf-cache-status: HIT
age: 2891
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auJmSCtOIxsoFlJQ0IAQLxxPXySWG%2B%2BGsfoknJZFBW4EnlO0SEYyzFnraFxkjJQ8Zyb1ExeZw92DjRd0aRMjC%2FB1Zz0fpXab%2Bc1tBLQsC8%2BZklpG343AADR7jNsPIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f54899ab524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1153
Md5:    73788af337ff4a5e7c8d8ea19dba155f
Sha1:   e0bd72878475603f40ebd05077c626816ed3285c
Sha256: be4a320fd44fdaaced2a2056ff7a4c0765a6ed0996c9b4c94a0cb2458967e8df
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PNdoFuH5O5qYCIgupaDlSg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.212.166.60
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9VPNOo/x3fNVqUGJ1lpqP5lNrHY=

                                        
                                            GET /npm/yandex-metrica-watch/tag.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.242.0
x-jsd-version-type: version
etag: W/"3364d-8zUodyTu6b7iC+HzYMc9hdc5tyQ"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Sep 2022 17:58:14 GMT
age: 31663
x-served-by: cache-fra19171-FRA, cache-bma1661-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 83361
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (681)
Size:   83361
Md5:    5e95fd71c0607321599b2ed694f30adc
Sha1:   15e75c6e8fd13c12afb93e659206ec28893f7d17
Sha256: eb5c363392c61c58e2ab8088a17da732d4c552a8a063e8276082192d5aa81a77
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "1268284441A7C0B1F9CDF1D5AC694C61FD512F33"
Expires: Sun, 04 Sep 2022 04:00:00 GMT
Last-Modified: Sat, 03 Sep 2022 16:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2976
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74505f55db67fab8-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    0044404981768b7b7a8df58b2209572c
Sha1:   bb96d0afa5e895d1af090b26246671a068d8e1f4
Sha256: 71c639eb3086976b4fd41a6fd005429fb63597b712922f1801c62c17bf02f3a4
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 03 Sep 2022 16:41:12 GMT
expires: Sat, 03 Sep 2022 18:41:12 GMT
cache-control: public, max-age=7200
age: 4622
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /_next/static/chunks/styles.77acb212b856be16971e.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5fc582e7b181c14a07fdad7e
Cookie: visitorId=78ob34gxsz5rp4xq8niyu; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.0.188
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:14 GMT
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:19:05 GMT
etag: W/"55-179fb70cfea"
cf-cache-status: HIT
age: 28684714
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DofbN59MgnhnZvmlC%2BDG%2F9ez%2FQK0MvtS0UkzpMchuSw6Zl4zgvvXcCPMfe%2FeLIpDEaUH3jOMrkAZkwEZjWcnenJxzCCO0sLySSZZ3BVgq4KWUEWR1tolUxuScCqxmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f569c41b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   69
Md5:    b538c227613edeab9c999e2dbaac87a3
Sha1:   62d70c28e89564b710be0821fb78b72e328d54c3
Sha256: f4d4478f6c8d6589e6338822542e37c07a6462d7ca9584947c7845c94009e440
                                        
                                            GET /_next/static/css/styles.f80584c6.chunk.css HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5fc582e7b181c14a07fdad7e
Cookie: visitorId=78ob34gxsz5rp4xq8niyu; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.0.188
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:14 GMT
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Fri, 05 Aug 2022 08:42:36 GMT
etag: W/"2fd40-1826d2bb0c7"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5goKBX53hyMmg6cJiqU2Nck5tOqWN45qse55DdMsgcVIKxrI2cRAj91tODKdacPUhh%2Bs4DZ5OJUAkswYcYKhSt5df89KBlLfqp7xy0lOH9g%2B16pOUqIbyr2UgEobIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f569c3db524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (24334)
Size:   49865
Md5:    442fe15d10a493f054ba0231bf19d7df
Sha1:   546536633bd3813b996931873d6edd352e3db9c6
Sha256: 22b7e0afc860158a90f90dfa8fc9e8057e7f454d01e44459c40a68f773617544
                                        
                                            GET /_next/static/chunks/242.e6062ff562716b6e41db.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5fc582e7b181c14a07fdad7e
Cookie: visitorId=78ob34gxsz5rp4xq8niyu; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.0.188
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:14 GMT
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 28 Jun 2022 10:55:52 GMT
etag: W/"26cdb-181a9f40d06"
cf-cache-status: HIT
age: 5814024
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3qAXZa%2BRfTGk2MmB1ThOBQJlI3yfOXDwjCisLeafnexrc2TQV2xAUx7HcZIhn%2BRYCDoAS4F2PFNMPw2PHc2YLe3DxmkPDx5%2BPqeZmhLitEbxMNhEb5GugzeX724mA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f56ac45b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   72546
Md5:    eb0ddbe56dccb64c7d6ac8dc02227c4f
Sha1:   015c08dee0dbfa8cee9b50c91a547d9796518e25
Sha256: 402a67035e51cddc0c1212e2cdab9110f83d2723467679c44aecee48c6d094d9
                                        
                                            GET /_next/static/chunks/51.21792104df3f91cda445.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5fc582e7b181c14a07fdad7e
Cookie: visitorId=78ob34gxsz5rp4xq8niyu; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.0.188
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:14 GMT
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"ce5-181397f9e59"
cf-cache-status: HIT
age: 7674143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKLLj2qt0%2BiniyZNKXMOMyOTHEM74KqcRflJJ7dxAf6Qh%2FAdXN70A3tMyxzF0341eX0APYtJOCq3QvOh7e%2FWd1wNot934mB0NyI4Q75rIzkCDpv7YiAopVANTz39%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f578d6eb524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3301), with no line terminators
Size:   1617
Md5:    4973591acd0442614083d61ad71de2f6
Sha1:   a050ff8c14f9ab93bc380d45ed83fd5ca9203d39
Sha256: dd568b1a5d115abf90f2daa5b4652d5ace1048c64033529e882a4268ac1b426f
                                        
                                            GET /_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/index.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5fc582e7b181c14a07fdad7e
Cookie: visitorId=78ob34gxsz5rp4xq8niyu; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiIxY2UwOGExOTY4OTE3IiwiaWF0IjoxNjYyMjI3ODk1LCJleHAiOjE2NjI4MzI2OTV9.UTINzAj0N3Nse5Mz7oKZzku6CT3UeokVAG-QtTCa40k; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiOGVlYmIxYjkyY2Y5MiIsImlhdCI6MTY2MjIyNzg5NSwiZXhwIjoxNjY0ODE5ODk1fQ.vrujbak3g8m4yFP-aNsDWhExZw0vILECIV7Jhy3Boco
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.0.188
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:15 GMT
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:45 GMT
etag: W/"2b7-1826d2cbfb8"
cf-cache-status: HIT
age: 2538361
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XE3z835arIhKqLgc0AS4irUOHWoQiqXRIvR8KPlnDZyLvCx%2Ba4kSZQy56VaTl1FW53dA3ICjaO2k4eZr%2BPRM9pAjUKxQKHXHxHJYM9yoLoCbBGtCKmgNyVYYu8gzng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f596fbab524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (695), with no line terminators
Size:   4091
Md5:    7c1865c3daad497ea4c2cc57e75b4cad
Sha1:   64d45f5fcb959ca9e8c5a2aa29908e8217a048ee
Sha256: 504256eb99dd86a52e301183285d54b83b88b80c129596b2e4cafb2ace3df29c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B69C0CC122EF29722DBD7DA5DA2A9E46D7B7BB439DE9B0614C4DDE6E3E5335EE"
Last-Modified: Thu, 01 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7084
Expires: Sat, 03 Sep 2022 19:56:19 GMT
Date: Sat, 03 Sep 2022 17:58:15 GMT
Connection: keep-alive

                                        
                                            GET /_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/top.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5fc582e7b181c14a07fdad7e
Cookie: visitorId=78ob34gxsz5rp4xq8niyu; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiIxY2UwOGExOTY4OTE3IiwiaWF0IjoxNjYyMjI3ODk1LCJleHAiOjE2NjI4MzI2OTV9.UTINzAj0N3Nse5Mz7oKZzku6CT3UeokVAG-QtTCa40k; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiOGVlYmIxYjkyY2Y5MiIsImlhdCI6MTY2MjIyNzg5NSwiZXhwIjoxNjY0ODE5ODk1fQ.vrujbak3g8m4yFP-aNsDWhExZw0vILECIV7Jhy3Boco
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.0.188
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:15 GMT
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:46 GMT
etag: W/"582-1826d2cc2d4"
cf-cache-status: HIT
age: 2538195
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZXaorxVVg%2BwSz47jHDFhVsBzLuNTx77cPufyreeisgVt7YrI%2FjNQjrKf%2BRvvz22pxY%2B7da9CUwtV7W8FjRg79iPv5Ue1ydkz9BZuuygQarMKDhOW2Q%2F3UlmAOub%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f596fceb524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1410), with no line terminators
Size:   681
Md5:    3e03209aa96c5fcd35ba34ba00bacddc
Sha1:   cf2909c741c35f17b4372d9ff015fefcc820ec98
Sha256: a207885a1fda7132f08ada12648c1f4ffe5c2bc9761911ce871d7b32a2f6f19b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_next/static/oDS-1OtrlAeeVjTgw5hAY/pages/login.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5fc582e7b181c14a07fdad7e
Cookie: visitorId=78ob34gxsz5rp4xq8niyu; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiIxY2UwOGExOTY4OTE3IiwiaWF0IjoxNjYyMjI3ODk1LCJleHAiOjE2NjI4MzI2OTV9.UTINzAj0N3Nse5Mz7oKZzku6CT3UeokVAG-QtTCa40k; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiOGVlYmIxYjkyY2Y5MiIsImlhdCI6MTY2MjIyNzg5NSwiZXhwIjoxNjY0ODE5ODk1fQ.vrujbak3g8m4yFP-aNsDWhExZw0vILECIV7Jhy3Boco
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.0.188
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:15 GMT
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:45 GMT
etag: W/"ba5-1826d2cbfb8"
cf-cache-status: HIT
age: 2537910
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=actFIFJvwQZ%2BmjArjXy8SY5y4lbNSyN4WfMJzZ3D%2F5eG7TLXY9vofunqbRLKFUTJMLacIjyxVTHpyvpa%2B5aXUg8NsJpHFAAGIv1ODD%2F2wrWLNETraq5ePhaM9eT1Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f596fbeb524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2981), with no line terminators
Size:   114803
Md5:    7a12c1ab14b8db891085c158095e88a9
Sha1:   1e13043c911568780b65e70e0b294b731ba6ac1c
Sha256: 91d2c4b778a9b807f332e98587347876bace260bf735e94160342daf00bd731d
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:15 GMT
Content-Length: 939
Connection: keep-alive
Expires: Wed, 07 Sep 2022 14:45:08 GMT
ETag: "2c0920c1b9bcf58412c2c9e6d8ad7e16ae74b710"
Last-Modified: Sat, 03 Sep 2022 14:45:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 791
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74505f5bdf59fab8-OSL

                                        
                                            GET /_next/static/chunks/70.aeba4e9e28ccf1bae13a.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5fc582e7b181c14a07fdad7e
Cookie: visitorId=78ob34gxsz5rp4xq8niyu; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.0.188
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:14 GMT
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"56d-181397f9e5d"
cf-cache-status: HIT
age: 7674157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoQnQEltkKed%2BBxCRfnsCJjZ7TofIq5qHd14SFj7LbUQf8cgkuCQqFZEnB9APnGTJHvS%2FUTJZw4%2FWMAp3iBbeRBPK89CZW7dmqYMWsXwpbkMv%2BNyzWIAO%2FQq4u8YUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f578d73b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1389), with no line terminators
Size:   14227
Md5:    71e1ce49cfa488b4dcc3a8a37e7b0211
Sha1:   e1d84e9f47e995a5cf07edebda8411cd00d77107
Sha256: 1f3725fe6f4d62747f660c24841fe5571273d38927377be7f4276dc9b07278e3
                                        
                                            GET /VEd6TTR7eBk+CQUpFntXZRUDHHFtBSAFRBkWSg9AMCxDBmc5Hlw5XTB6Q3sFbXJMa0Q9I0d+BnI0DixAITRHfBI9KRwiCXIxR30abGlDYwRyMkd8EiA3GyoJZWEKOUA4ekt7AmZ1SHoMbXRLeQA HTTP/1.1 
Host: ofghaidarium.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.34.91
HTTP/2 204 No Content
                                        
date: Sat, 03 Sep 2022 17:58:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FoNq7XwO%2F3Bv6USzcd2826XBT%2B75dI5b2N3ppndeNQdZ88%2FfGlzSt9D427wQGTUdo81PxviMv%2FORwtnxcKRVGi4lxgk6nWx16TCz7dvaKDzSmzn3VFHSfcQRUpEgxTv5nbo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f5c58651bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /TnFqeDhhTgkLBRs2IwFaCT8ALXkAFTxKah8wLC5pFx0jPW8iJEwMUSpMU04KfkBYXkgnFVdJAGgCHhlMOwJXSR4nHwwXBWgHV0kWfl9bVgpoBFdJHjoBCx8Ff1caDEwiTFtODnxDWE8Ad0JbTgg HTTP/1.1 
Host: ofghaidarium.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.34.91
HTTP/2 204 No Content
                                        
date: Sat, 03 Sep 2022 17:58:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bL%2FPnEfrecg164eTrSX5UPjIObZwQKvibHyRXwAAXINZUMeE35%2BT5xtPk7OpzolbpPsgldSu5HNouYUK3c4bbQYhcWVkSYKocp4Cqif02C5kkvBpQEd2D%2Bl0u8vZfiAt8nUF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f5c58661bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /QVFyaHMgMxEFTCBsEE4GMz1PTUEHdEAuF3BoQBpGLWlKHwEvNkVGEC0+BwwVMz4cHF0vNAZNQQcFIQMDKAY1MQMLAAVNQQMGJlwZAzwkDhUJJRAKJQMiOyo2chI2GEACKSsHNBI6ATgweTQ5KSIjADZcBAM8JD8RAgg2JhQHYhApEHMTKgxEExUZKzgJNSUOGwhnODkfLRQLOQYDK0Y4OQJpNQ4bDCMWH0tyGTElHgU7HiwWACkqDB8bJxcuOTYZHBxEE2MBAxFyOSEmMnk6IhADeAc6BwoWPEZdFQlkOgkKEycXLjowFDVRRghjNDkpCSE+DiUTZz45XiJmNjslNwQwXSYkPwY7Egc1RA1DJSAkAQQrFDZYMgsFOCASKBMIDjY5PiMsSnIEBU4ZMj4cGE4oHzw7EA81OzwRJxI HTTP/1.1 
Host: amwoukrks.autos
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.86
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1172
date: Sat, 03 Sep 2022 17:58:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8rBq7z-Mt1wVn-qNaH_dZWGvxaV6-iI0UQvC0ZAFtYEeJvswEd6vXA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3017), with no line terminators
Size:   1172
Md5:    9c3774dbb07b0b9262d78f6bd2181361
Sha1:   e779beaaf88ac2306caaeaa13daff93d56afce50
Sha256: e699a8880d4df82cf0dbb5f120884f36cd6221d0d185751f5a6683edcd797d5d
                                        
                                            GET /eGQ5TGlXW1o/VCtUb309SiIOKiw6XWwUJw8wcTQwHld3Cg0UKR84ABxZAHpYQVEPahkRAAR/W14XTS0dDRcEfllIUx8lBx4LBH1PDlkJYlFWXRd8Tw1ZCGodCAVecVheFE04BUVVD3pbSlYOdFBLVQ10 HTTP/1.1 
Host: ofghaidarium.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.34.91
HTTP/2 204 No Content
                                        
date: Sat, 03 Sep 2022 17:58:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFxTxMByigjtrqawEFhOgrjDdu33svnQ7UiVYcYTRsI4IoeCY7C2QkPIBsSfdNSWcTxcbcsRJqsdTF1MhVerIcDmWbJC1er5FipeoY%2BYNBfu0%2BjZL%2BKhGtadrozh1trF2rod"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f5c686c1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /dW1RMXUUDzJcShRQMxcABwFsFEczSGN3EURUY0NAGVVpRgcbCmYfFhkCJFUTBwI/RVsbCCUURzMfA3U7ICAZUhstKSFmJjEvMHw0RCIyVjMeLARnHCI+NVcyITweeBsnLDIDFiI1YXggLTk1ST0CWQd4MBo5NGA7DDUTaAQjKjpmMBwdAFAkMz8bZxZHKQR/HCcHBH8yHBkbYSMCDxtjLxgJOnsENF4UcidHFR1rJDM+NQIzDSw6UhoiByF3MUcoE2swHT0yXA0cLxd7RhY1FHInDzcXUiQ4XzdgI0MsFwQdNDoDaTAcCQh+DSMrEFYzHiwEVUU0AHxgNyADCHU4GQYXeCMgWgJ3P0cJBgEyIjUAZzwkXBYXHwYCP0FIAylmBiE3AmRhGxYsOXs HTTP/1.1 
Host: amwoukrks.autos
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.86
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1159
date: Sat, 03 Sep 2022 17:58:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S9tMOCMFXxcRftcSR29WrqPgENsY-Ll4wOt6lEyly6f9sFRVahc8wQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3001), with no line terminators
Size:   1159
Md5:    969823854b4564a1bd6c5e2bb55b5dbf
Sha1:   255391f07b90d7e80633c8d21992b46ff4ab7cb9
Sha256: 65aa5c8986967917a8b4fc083ff7354b4546cc37b45f3ec48c2f62015f4eff14
                                        
                                            GET /thumbnail/3a44af549e112/main/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 404 Not Found
content-type: application/json
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:15 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (529), with no line terminators
Size:   529
Md5:    ab3121ca914031073b42abf764ea33c4
Sha1:   6e22c08647cf2225fbfc523b4ba032fc463979de
Sha256: 1ab2138460737dd9fed575e8996272f532d71e4df23995dfff8ac6eeecf9a2e5
                                        
                                            GET /MldCZkxTNSELc1NqIEA5QDt/Q350cnAgKANucBR5Xm96ET5cMHVIL144NwIqQDgsEmJcMjZDfnQbDTIKSBgFHi1qP3MDGQJmGyA7ZAEGEQJ2FBQBKmUgAD4NWTwPLX0HMRpUCVkzJTx0YRNyLApeMBokfHseACcKZAEDVxRkPHYDD2QzETIrXhwVIBlgFRQBKmAGDD4ORQUUIxlzBxUgI2MPAAovdCAYPBlkBSclGncWFDAOZRQrCQF6Zw8CFFU8GCU7XjMKJwVKHxRSBmoFMjELZxIXNx1VAgM3L0ETLgEvcz0HAhRVOwYkHgMxJyckdBEuER10Em8jBXFmOjULdDMIJX9WFQEgfHgWFy8FagU1Ih0DYwQ1fWMBFB4dURY4Mw5lPyEkGmdmECUNFD0xCSJCahoAf1QHFSgmdy4MVzZT HTTP/1.1 
Host: amwoukrks.autos
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.86
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1176
date: Sat, 03 Sep 2022 17:58:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: anG6LAJ0nbkE5Kn-UpJKfWc2BrRcf2zFvLde_9vE0YVOwrr3nimgUQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3023), with no line terminators
Size:   1176
Md5:    49609d2c41cd7ad9057b3cbe256684c6
Sha1:   b98e3dedb394c205e24f78d86c9116c45ff4e98f
Sha256: dec8b7eb0c9ef7e35861f11028a531e867d65903104f9b925ab0fbf3200207ad
                                        
                                            GET /eHZsekJXSQ8JfzUbKjYQMC8nLHE2RD4rBCkQAjgBOiA+ACQtFUoOKxxLVUxwSEdYXDIRElFLZAsCDQ43C0tdXCsWEANHZA5LXVRxTFheQmxIUBlHc14CHBslRUdKCjYMGlFLdE5EXkh1QE9fSHJB HTTP/1.1 
Host: ofghaidarium.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.34.91
HTTP/2 204 No Content
                                        
date: Sat, 03 Sep 2022 17:58:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6%2BmjkinV6JrdSTEfM8b1bDBT3GU0Huu25MEO5mCW2FpEMkxoopLRKZdG9AzfhlDRCdhg1QSGFj8o%2FF%2BRxbxuSpWOjRIxU5ACjaFtm4t9AGD1hqz3M0bEwpdhycXibB4IPR3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f5cc8c61bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 17:58:15 GMT
Last-Modified: Sat, 03 Sep 2022 16:25:23 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dQOilN9QEGdfBPZ_mWzTBxRDWotqdsY1AyLhJe5ynC0CQWWbcUXQ2Q==
Age: 5572

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3503
Expires: Sat, 03 Sep 2022 18:56:39 GMT
Date: Sat, 03 Sep 2022 17:58:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3503
Expires: Sat, 03 Sep 2022 18:56:39 GMT
Date: Sat, 03 Sep 2022 17:58:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3503
Expires: Sat, 03 Sep 2022 18:56:39 GMT
Date: Sat, 03 Sep 2022 17:58:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3503
Expires: Sat, 03 Sep 2022 18:56:39 GMT
Date: Sat, 03 Sep 2022 17:58:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3503
Expires: Sat, 03 Sep 2022 18:56:39 GMT
Date: Sat, 03 Sep 2022 17:58:16 GMT
Connection: keep-alive

                                        
                                            GET /TSkpiWGYpJQw+WT4jBmVffHtbbVBsIBE3CDp3CxYoGSksPC8eKAQbQD4wBmVWbCYDNgF3bAc2BXd7RDkCKHdWfhI6JQllEyQuBz4PJC8GfhMrdw83HCMmDjlDeAxXdlZveFJwHnt7R2skb3hSNA8kPxp9VHoyWm45fH5HayRveFIqEG95I2FQZHpLfVR6LQ-c7DSVvUB5UentSaFd6e0dqViwjED0AJTJHaiBzfExoQD93Uw HTTP/1.1 
Host: d192r5l88wrng7.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amwoukrks.autos/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.4
HTTP/2 200 OK
                                        
content-length: 328
date: Sat, 03 Sep 2022 17:58:16 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U-fY_otNuQxQS-OqeuN9CIxWawvj1NxGn7kuMnZeyS1cEe6tFBJJ3Q==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (404), with no line terminators
Size:   328
Md5:    d4d1808d0138e73947f19b6cd6413bb9
Sha1:   4e1b674d2b422287c86fa5c0af00bbd874d70021
Sha256: 17c01808ea8ca569e188613e2bde19da355ebcb2fa8ecc5af4b155a82c502821
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4994
x-amzn-requestid: de39357f-d378-4bb8-b4d9-7dd4f82fbb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xgj-kEHvoAMFyBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309b390-119fa01e254e89cb39a1b794;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 06:02:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V6_bFwCNNOb2sZgOQJ8NekZD0pbYwclTg17YlQjCIdKFKGuzfDR0nQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 03:42:03 GMT
age: 51373
etag: "31305131f340191799484f212e15513bd1204e88"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4994
Md5:    60769237af4f32c663d494d91a672d08
Sha1:   31305131f340191799484f212e15513bd1204e88
Sha256: 6df36e459f3a2d0271732b645009b116e6671363f6c3050d22bbfe2d911a77bd
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.192.162.188
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:16 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
set-cookie: uid_id2=39ac5163-3130-4767-87ec-8fbb1b1d5db7:1:1; expires=Tue, 31 Aug 2032 17:58:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    5722e941d4bc588ac3786ece425d93b8
Sha1:   2c254d8dcfb3e7eda1c51514d21d64709432e883
Sha256: 834320ce7630c7309b3ba6f0f424da3ce2f14d4893280f6c21037a791f65f528
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14061
x-amzn-requestid: db7b338c-4fb1-46c0-827a-87e43ceacb90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjB_aFGyoAMFbeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ab062-060509a31e21bd514f736d49;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 00:01:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p_pP4bQ_t2iBcAl5CetPTBaNmV8E_Br_0Mn5qIlGeC8JCmILxA_l6A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 10:54:15 GMT
age: 25441
etag: "8bdbc6e135be6e582d0e23754399422e3792777b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14061
Md5:    d78cbff83c152b84864606781a29563d
Sha1:   8bdbc6e135be6e582d0e23754399422e3792777b
Sha256: 3c385de9ade05e1652ccc386e73aaccc4c223a07b81af4c5fdf3f73a166909f7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7501
x-amzn-requestid: bf297fc4-9164-45ee-bfab-06761a52e3ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMJEP1IAMFdpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-6b3e6416133d67a83d8a1469;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: datd5eYK6nOAUdEpy_y4gcqsVmCqjP4qhzTnlJ9pSrquoYk2PPugTA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:49:54 GMT
age: 72502
etag: "f3a3d835a37f9b23e7458f9b7bc721bc415b61cc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7501
Md5:    23b580e2b673257d24b9c2e80c4c48ce
Sha1:   f3a3d835a37f9b23e7458f9b7bc721bc415b61cc
Sha256: c0e3559fde3dd08cdbd360f39dddcc98dd7c1b3aebd0861cc07105872a116d11
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:37:26 GMT
age: 73250
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10435
Md5:    955f2a35bd6b3802670e7fa8a7cda833
Sha1:   4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
Sha256: 2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6976
x-amzn-requestid: da379546-9525-4e13-b9f0-a6446839df66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eNeG7kIAMF4-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63127722-37399f67565b06e7111095cd;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: alcmiW5Cb3Z96RJNXfz4F54HNERbyV71Q8hqVuNEOTUc48kItzlfHQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:49:53 GMT
age: 72503
etag: "af3989072b658e2de119d006ae4ca1703468913d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6976
Md5:    c199f7fc2a2857dec134bfdb2673e28c
Sha1:   af3989072b658e2de119d006ae4ca1703468913d
Sha256: e57411ba0221f6ffa7baf7c374ec790959a66d6a683fad40883ef01cf67e35c3
                                        
                                            GET /rRDNUMHcnXDpWSDBaMA1OcgFkAUViWSdfGTQOInRAc2cWX0IUXTdxHw4VIEoTeQNyXBYqVGkWEipQaQFRJVc2DUNiRjUNGitJPVwbJRZmdkJqA3ECR2xLZQFSd3FxAkcoWjpFD2EBZEhPcmxiBFJ3cXECRzZFcQM2fQV6AF5hAWRXEidYOxVFAgFkAUd0Am-QBUnYDMlkFIVU7SFJ2dW0GWXQVIQ1G HTTP/1.1 
Host: d192r5l88wrng7.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amwoukrks.autos/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.4
HTTP/2 200 OK
                                        
content-length: 189
date: Sat, 03 Sep 2022 17:58:16 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T8U7Y6NSGgTsQegtwr4JkLaQbjIVNsDFlINPD5l0E6GqDNoS0rmbhw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   189
Md5:    9dbf27360d0ded976f145caf4cd473ef
Sha1:   aaa2007b10f712913bef7d2634edd9b7c7288e9e
Sha256: 0a8588c0babc1eaa8365e2158cb058114df0528514c41bfa86773df77b75d107
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7975
x-amzn-requestid: 5ed9a360-5a7f-427a-a750-bd8f25214909
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XwpOBEpjIAMFzXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63102259-4b9d2f6e61cc186f78718168;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 03:09:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BU7CFrnTBhvyqoRVp1t-e_ZErBnJA9l4qGkmxOQd10W48IzyIFGFZw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 03:46:11 GMT
age: 51125
etag: "950611314b81428b3d80ff8659272cc800cf48b6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7975
Md5:    f4cb62c7c522b71c62a97630d8330ef5
Sha1:   950611314b81428b3d80ff8659272cc800cf48b6
Sha256: 3fd0bbf8a1fe8776136d611d6b99b909b71e6af3a13f8794338af2f0026b59ff
                                        
                                            GET /LOTFzOGxaXh1eU01YFwVVDwNDCVgfWwBXAkkMK15fX2EkdgZ8SD0JFlgXB0IIBAFVVA1XVk4eCVdSTglKWFURBVgfRQNXBwRVEUAPWFoQXBlcFwZZUVReCVEAVVBWCioMH0MdXgkZCwldHAIxHV4JXRpWGUEUQQgUAQcsDlgcAjEdXglDBR1feAhFFlwQFE-EIC1xSGFdJC3dBCF0JAUIIXRwDQ14FS1QVVxQcAzUBWhcBVU1RCA HTTP/1.1 
Host: d192r5l88wrng7.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amwoukrks.autos/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.4
HTTP/2 200 OK
                                        
content-length: 592
date: Sat, 03 Sep 2022 17:58:16 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8FovJ2kI6sITMU_PSpIx1cJMTgHoHaQ8CYilD0eBzX0GDPZHxTgdTA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (822), with no line terminators
Size:   592
Md5:    df064c2ebe4c7a73c6068e12e67b95bf
Sha1:   0d74548ff2175017bdbf92a4751af5b82a6a6999
Sha256: a960a3ea7fdbb7677357064bce3f9b226482a7b06f6a3051a428376e5a82ba50
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D354E8A4FFE12C5326CE0A33FA83CD57E1524A13D7644AFC54A02A5BFF6BEDFC"
Last-Modified: Fri, 02 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4044
Expires: Sat, 03 Sep 2022 19:05:40 GMT
Date: Sat, 03 Sep 2022 17:58:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4952
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 17:58:16 GMT
Last-Modified: Sat, 03 Sep 2022 16:35:44 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Sat, 03 Sep 2022 17:58:16 GMT
access-control-allow-origin: *
etag: "6312122a-2b"
expires: Sat, 03 Sep 2022 18:58:16 GMT
accept-ranges: bytes
last-modified: Fri, 02 Sep 2022 17:24:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sfp.js HTTP/1.1 
Host: creepingbrings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.234.232
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sat, 03 Sep 2022 17:58:16 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 325543720bae933cea5fc8fdb7f88b8c
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 03 Sep 2022 17:58:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiaS9inXAK3phEY2k2uk5drIMR%2BpnfygNWMoPNaSXULouaAAZpJZsc0AZYlRhyXV%2BtcDoCmfzJU%2Fy%2BwTeSnA2OlSOgTQ9K4Xg0B1we4uv1zu7ztRTfEKvdS%2FOUcWun8KvmVBY9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74505f5d5eb7773b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   23556
Md5:    d86546630e87f2a828991dce19469691
Sha1:   49eec40f1aec6c5cdb2d8b0a61421856f7c63288
Sha256: 7eb1b0602f7d9606bee73afa6e474f82bd672369a607e11437d1215a1511ef14
                                        
                                            GET /utx?cb=mGUHQobZOWJj&top=xfantazy.com&tid=961956 HTTP/1.1 
Host: amwoukrks.autos
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.86
HTTP/2 204 No Content
                                        
date: Sat, 03 Sep 2022 17:58:16 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://xfantazy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 03 Sep 2022 17:59:16 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OZowwT3LwI5K7Ua4_NvVEGR4kL2WYXkiS0n9Ka3Tr9CWrCTsRpXEig==
X-Firefox-Spdy: h2

                                        
                                            GET /utx?cb=dM8rFR0tmvPQ&top=xfantazy.com&tid=962014 HTTP/1.1 
Host: amwoukrks.autos
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.86
HTTP/2 204 No Content
                                        
date: Sat, 03 Sep 2022 17:58:16 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://xfantazy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 03 Sep 2022 17:59:16 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yRH_YUhT3xv-isw8Cl7WNdiN_ZkLose6igq6NVhxpnUUekG-1Yxf5Q==
X-Firefox-Spdy: h2

                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Sep 2022 17:58:16 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S621337808%3A1662227896350545&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVHuq6N999ZAbEW4yDZpN1ZqhWBNvATBtiwCPimaSYifS5Lx16VOkmAUhuMJazs-v6X1tz9CQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-yOZqhi5LQQ61NwcrGqsyrA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:y3tiXXAuGAQCh5G12QAuPbt6bxvCww:wJa9XmEjDzn_zn8E;Path=/;Expires=Mon, 02-Sep-2024 17:58:16 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Size:   395
Md5:    9e4f920ecb78f1c11005621bc1fb2738
Sha1:   d9dcbd6d8d624b48c07f77b4d845356045ac7534
Sha256: ccc13d153998f93beacffcd082e173d23a43cb7ffb3353acf108cb0dd6eef0f2
                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Sep 2022 17:58:16 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S923606146%3A1662227896395556&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXkHtOWLeY1DNxDgthS2mMBWBcv4ACqy2vtalRpOsSH5ry84lr3G-iaUW8zX3uh8mXUXQ1aIQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-KnCLZg_v3I2iczz1LN19WQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 391
server: GSE
set-cookie: __Host-GAPS=1:BTJ85SxmRsWgS74XhJENVzR9hcosXw:AJTjaaKMAaTbMPqB;Path=/;Expires=Mon, 02-Sep-2024 17:58:16 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Size:   391
Md5:    60c39862d27a03eb4d508f50a92099d8
Sha1:   4b0502023fa255ad4e72e94056f2aed6edeb9734
Sha256: 86ee89e6976643a3af3cbc032ca627d8a3547e17e849fc8f1b96eb61d2e9b603
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4952
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 17:58:16 GMT
Last-Modified: Sat, 03 Sep 2022 16:35:44 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/html; charset="utf-8"
                                        
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-fb-debug: H+WzR16OvSHTvGiVmwohy/d+9ajjBQs6B9lt6aERzdWWG7NowKd9z4b5SgLjgXGKJAyAWfNY4yGLd2mBjRSmVQ==
date: Sat, 03 Sep 2022 17:58:16 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32016)
Size:   29184
Md5:    1cbc84f59f16b0797ee2353aa36ba524
Sha1:   eb096112e7bf9710e1cdffa120aab6aa458c8f2c
Sha256: e2bba4e711839254728729e8e039beead7725eaad1396fc289f463f120531c3f
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5fc582e7b181c14a07fdad7e&charset=utf-8&hittoken=1662227895_537bb468a04ea65f69c5c7e4bb02dfce231d0fff41df6920c4f587d0de8aacc8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A350668067412%3Ahid%3A539577197%3Az%3A0%3Ai%3A20220903175813%3Aet%3A1662227894%3Ac%3A1%3Arn%3A809520273%3Arqn%3A2%3Au%3A1662227893623708635%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662227890488%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662227894&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 45
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Sat, 03 Sep 2022 17:58:16 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Sep-2022 17:58:16 GMT
last-modified: Sat, 03-Sep-2022 17:58:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET / HTTP/1.1 
Host: freychang.fun
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Origin: https://xfantazy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.45.207
HTTP/2 200 OK
content-type: text/plain
                                        
date: Sat, 03 Sep 2022 17:58:16 GMT
set-cookie: csu=1507349768652275@1@1662227896; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DF3psWvdof7VzeW0DNHfboO2OZo5JCgeXccFzBZCbtgCc5QDzd4LD8IZTE4ctXJRzB8CRF3ItY2TSJw6Q47LQs8X%2F06ejXQhq3Zt135CWn7m5Z%2BM0EFUVfI50tpdZ4KW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f5fda24b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   71
Md5:    ae97957af7b06fbc57c55232c739dccc
Sha1:   ec469ca8aebe707f92f669e38b524acd620e6381
Sha256: cfa68f97de1b71ce5a4b13b9db3cf0e363ebe684f18f3e743f03c7aa4c0557fe

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5fc582e7b181c14a07fdad7e&charset=utf-8&hittoken=1662227895_537bb468a04ea65f69c5c7e4bb02dfce231d0fff41df6920c4f587d0de8aacc8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A350668067412%3Ahid%3A539577197%3Az%3A0%3Ai%3A20220903175813%3Aet%3A1662227894%3Ac%3A1%3Arn%3A359553759%3Arqn%3A6%3Au%3A1662227893623708635%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662227890488%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662227894&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 99
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Sat, 03 Sep 2022 17:58:16 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Sep-2022 17:58:16 GMT
last-modified: Sat, 03-Sep-2022 17:58:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: freychang.fun
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Origin: https://xfantazy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.21.45.207
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Sat, 03 Sep 2022 17:58:16 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1946
last-modified: Sat, 03 Sep 2022 17:25:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUdMGod4RdF1aZ%2FENlBwncjtVrJvz%2FdJSTZvBLXHEp6Vr%2FzL7Wd98TO6P0buevOwI21EnbTWT7aARfo9j2Xa8Xa3GifiFnddTh3pTimppORUqoY5pzMTdbRGD1Udvyed"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74505f5fda1eb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   102443
Md5:    3bb3e134e15f9db8ca962e65622030b4
Sha1:   d70eb42555f0467b7eba8cc18b91d25b7fced587
Sha256: 13b834de9ab04e04f4b7414cc74d68ff04b9f3797cb58784641bb192094697eb

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js HTTP/1.1 
Host: unwillingsnick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Sat, 03 Sep 2022 17:58:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a8ec173b11dff9448441d6c7c37a6ff9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size:   28743
Md5:    8c42282d82cfcf4fecbdc4134516f039
Sha1:   76e341c8ae481eeec5f8218a5c883a056651cc5c
Sha256: a5319244ac342b9537402b3e25dde24c5b74eca35ad19694f0121a93050c2be2

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5fc582e7b181c14a07fdad7e&charset=utf-8&hittoken=1662227895_537bb468a04ea65f69c5c7e4bb02dfce231d0fff41df6920c4f587d0de8aacc8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A350668067412%3Ahid%3A539577197%3Az%3A0%3Ai%3A20220903175813%3Aet%3A1662227894%3Ac%3A1%3Arn%3A804454021%3Arqn%3A7%3Au%3A1662227893623708635%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662227890488%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662227894&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Sat, 03 Sep 2022 17:58:16 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Sep-2022 17:58:16 GMT
last-modified: Sat, 03-Sep-2022 17:58:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5fc582e7b181c14a07fdad7e&charset=utf-8&hittoken=1662227895_537bb468a04ea65f69c5c7e4bb02dfce231d0fff41df6920c4f587d0de8aacc8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A350668067412%3Ahid%3A539577197%3Az%3A0%3Ai%3A20220903175813%3Aet%3A1662227894%3Ac%3A1%3Arn%3A280287241%3Arqn%3A9%3Au%3A1662227893623708635%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662227890488%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662227894&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 39
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Sat, 03 Sep 2022 17:58:16 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Sep-2022 17:58:16 GMT
last-modified: Sat, 03-Sep-2022 17:58:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5fc582e7b181c14a07fdad7e&charset=utf-8&hittoken=1662227895_537bb468a04ea65f69c5c7e4bb02dfce231d0fff41df6920c4f587d0de8aacc8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A350668067412%3Ahid%3A539577197%3Az%3A0%3Ai%3A20220903175813%3Aet%3A1662227894%3Ac%3A1%3Arn%3A1051444136%3Arqn%3A8%3Au%3A1662227893623708635%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662227890488%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662227894%3At%3A%EF%BB%BFDenis%20and%20Rosa%20Backdoor%20Lesbians_%5BLovely-Teen.Me%5D%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%288%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Sat, 03 Sep 2022 17:58:16 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Sep-2022 17:58:16 GMT
last-modified: Sat, 03-Sep-2022 17:58:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "C6EDCB641CB643133EB1AA66D52742EE22817B88899DE4EDBEA6053E317E2AC8"
Last-Modified: Fri, 02 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5746
Expires: Sat, 03 Sep 2022 19:34:02 GMT
Date: Sat, 03 Sep 2022 17:58:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "C6EDCB641CB643133EB1AA66D52742EE22817B88899DE4EDBEA6053E317E2AC8"
Last-Modified: Fri, 02 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5745
Expires: Sat, 03 Sep 2022 19:34:02 GMT
Date: Sat, 03 Sep 2022 17:58:17 GMT
Connection: keep-alive

                                        
                                            GET /sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2 HTTP/1.1 
Host: unwillingsnick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.22.0
Date: Sat, 03 Sep 2022 17:58:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://xfantazy.com
Access-Control-Allow-Origin: https://xfantazy.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15600826; expires=Sun, 04 Sep 2022 17:58:16 GMT; secure; SameSite=None pdhtkv=true; expires=Sun, 04 Sep 2022 17:58:17 GMT; secure; SameSite=None uncs=1; expires=Sun, 04 Sep 2022 17:58:17 GMT; secure; SameSite=None pdhtkv29=true; expires=Sun, 04 Sep 2022 17:58:17 GMT; secure; SameSite=None uncs29=1; expires=Sun, 04 Sep 2022 17:58:17 GMT; secure; SameSite=None sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]; expires=Sat, 03 Sep 2022 17:58:22 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 161c4b1b07ecaf33c15c765a54f67d73
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (6202), with no line terminators
Size:   4299
Md5:    b1dac5c59c45e4c56c3b3d312cbd655b
Sha1:   193699dcbf9307c153ebc1efa9b7b697239eaad5
Sha256: f356ebebdab31a2fa8a1d6e953d56fdf41912d845bba8c2968f44af1f4dac724

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5fc582e7b181c14a07fdad7e&charset=utf-8&hittoken=1662227895_537bb468a04ea65f69c5c7e4bb02dfce231d0fff41df6920c4f587d0de8aacc8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A350668067412%3Ahid%3A539577197%3Az%3A0%3Ai%3A20220903175813%3Aet%3A1662227894%3Ac%3A1%3Arn%3A1051444136%3Arqn%3A8%3Au%3A1662227893623708635%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662227890488%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662227894%3At%3A%EF%BB%BFDenis%20and%20Rosa%20Backdoor%20Lesbians_%5BLovely-Teen.Me%5D%20-%20XFantazy.com&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 302 Found
                                        
location: /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5fc582e7b181c14a07fdad7e&charset=utf-8&hittoken=1662227895_537bb468a04ea65f69c5c7e4bb02dfce231d0fff41df6920c4f587d0de8aacc8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A350668067412%3Ahid%3A539577197%3Az%3A0%3Ai%3A20220903175813%3Aet%3A1662227894%3Ac%3A1%3Arn%3A1051444136%3Arqn%3A8%3Au%3A1662227893623708635%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662227890488%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662227894%3At%3A%EF%BB%BFDenis%20and%20Rosa%20Backdoor%20Lesbians_%5BLovely-Teen.Me%5D%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%288%29fip%281%29rqnl%281%29ti%282%29
date: Sat, 03 Sep 2022 17:58:16 GMT
access-control-allow-origin: https://xfantazy.com
set-cookie: yandexuid=9245796681662227896; Expires=Sun, 03-Sep-2023 17:58:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=9245796681662227896; Expires=Sun, 03-Sep-2023 17:58:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=2671461471662227896; Path=/; SameSite=None; Secure i=Rkjv/nmIonOM+XHHdFo+LRIzeRZyOGpjnYSqdp8QGh65HUdBZY5xsNbqYdscJb9gR/ZgHDP4qlUZYL5NrELec3hxgxE=; Expires=Tue, 31-Aug-2032 17:58:15 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1693763896.yrts.1662227896#1693763896.yrtsi.1662227896; Expires=Sun, 03-Sep-2023 17:58:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Sep-2022 17:58:16 GMT
last-modified: Sat, 03-Sep-2022 17:58:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   1311
Md5:    15b4f75c2201d9276d7561b9d788c547
Sha1:   bfcfbb503423f86def631683134914faec161989
Sha256: 4fa5b0e125631b6beed24c1d2d0a1a793520ce772a04c2af2e55b77ebe5b64f8

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BFBF63C5A64A90588FE96288DCA89317003FBEB6D3A4713C9E739836ADD9C465"
Last-Modified: Sat, 03 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6814
Expires: Sat, 03 Sep 2022 19:51:51 GMT
Date: Sat, 03 Sep 2022 17:58:17 GMT
Connection: keep-alive

                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRRSt3o0HUUTdXGRR5qigk%2B6eSU%2FGPQTjmjUYN%2BuuojeprqqZlKnuaqq6picjQthV2YswexCvnTfJBjUselQwyGTFQ0DYEcEIRvTg0YPCXpWZDRv80Pz%2F%2B73De%2B%2FXh5vuiPhw9PD8q7onlaIzs1W%2F8vRbQXCusixT161056K3o%2Fq5iuk834yq%2FjOVC4Kt6ZnQD3w%2F8IPKojSipbszYxAy220G1aZfrYfVYLaOrvn%2Fbp0HSz3wzhF5HJKPpm5705BsiDT54rywa7nOnn0pcYrm2qDDd95I11JdpEhOxpbx0Ep3jtnQ9s7iHnS6PZEL3blPjOWIeN%2FvIU53jkUi7mxNdMYKIkXMH0LRGUKoISQdgulrkPwOARjHxRWkyc2L2hR0%2FR5Kx%2BiITN39B7IYkalfp5EmtxaU7FauaOVyqVOLbquE7A4h20Nkbh957xRksQ%2BWX4XkP5CZu8tIk60VqzQkLyfepRxCtoZQog9qPbjxJz24lgeXeUj4YYUFQdDwOaP%2BXJOxGm%2BIOOJ%2BQButgAZ%2BNAfHxvL6yLM%2BmOqDmQ1kZgNr8saIkKtbMO5b2NUSlnuw%2BYh4r22gw0sUgqCwBAUlKCRBkRMUnXKbKxva8iZX1sXBcQ%2BPe60c6Ly9Sbd13hYp2cyOyGOTcP56%2BGusicMKDVvNpt8K%2FHoj8qOANYImD1hAaY2GgvEQVpaQ9tTEb0%2BOyPTZP5CND%2Fbev4jpPqzaB5OPgronQYtBI%2FRBVwf1OR%2B9dLfbomlOe%2BtVphNwXSLLp5Cve5vqiDwx0TH7nIZgB%2FPfPfLTBz%2F%2F7cBMicyUeEfeJmir64PLuiBbl3VhyZcrWS4T2aPjA17JaS4e%2BOwVsV5ow5fO2%2F6nL7AxMB53Xxc2X6Ypl2nbks8XJOfCLGrDBPlmyb4p4kvOri44k7ps%2BdKLi0tJZoS1UqdD0LG1My%2BDyRF5cEFM3ubZvT8hzRDGlUjcATkuSL0Plm3AZgfz7%2Fd%2Bv3Br%2Bl1YfRpGnXDizEPhyoEJ45OfShIocbLTuIQVB%2FO%2FpJ98tPLbOcTifiCb9jra5inQ%2FBrSpETHlOioElT1Yd3pQZ6Zg%2Fkfa5NCrLxBrIy3FSujbtwL18rDSqNW82nUnA0aDSoacT2ca0UBpzSsR2EU0RpyO2JnPv7qPwAAAP%2F%2FAQAA%2F%2F%2BbTzO%2FZgQAAA%3D%3D HTTP/1.1 
Host: unwillingsnick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Sat, 03 Sep 2022 17:58:17 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab04ed94bd560ea5d36bcc379feceedd
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5fc582e7b181c14a07fdad7e&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afp%3A1373%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A350668067412%3Ahid%3A539577197%3Az%3A0%3Ai%3A20220903175812%3Aet%3A1662227893%3Ac%3A1%3Arn%3A1051401788%3Arqn%3A1%3Au%3A1662227893623708635%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662227890488%3Ads%3A0%2C32%2C463%2C0%2C389%2C0%2C%2C305%2C14%2C%2C%2C%2C1394%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662227893%3At%3A%EF%BB%BFDenis%20and%20Rosa%20Backdoor%20Lesbians_%5BLovely-Teen.Me%5D%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         77.88.21.119
HTTP/2 302 Found
                                        
location: /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5fc582e7b181c14a07fdad7e&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afp%3A1373%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A350668067412%3Ahid%3A539577197%3Az%3A0%3Ai%3A20220903175812%3Aet%3A1662227893%3Ac%3A1%3Arn%3A1051401788%3Arqn%3A1%3Au%3A1662227893623708635%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662227890488%3Ads%3A0%2C32%2C463%2C0%2C389%2C0%2C%2C305%2C14%2C%2C%2C%2C1394%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662227893%3At%3A%EF%BB%BFDenis%20and%20Rosa%20Backdoor%20Lesbians_%5BLovely-Teen.Me%5D%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Sat, 03 Sep 2022 17:58:15 GMT
access-control-allow-origin: https://xfantazy.com
set-cookie: yandexuid=1711791321662227895; Expires=Sun, 03-Sep-2023 17:58:15 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=1711791321662227895; Expires=Sun, 03-Sep-2023 17:58:15 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=1087027871662227895; Path=/; SameSite=None; Secure i=a845gDkhdl/9y8nu2I53lGIp+BfOYX3hN23Wg9wSnivod62Okh8WHHTXYRVHdCglfGfmfYEBr0UA+tGwUlKIhsm/aK8=; Expires=Tue, 31-Aug-2032 17:58:12 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1693763895.yrts.1662227895#1693763895.yrtsi.1662227895; Expires=Sun, 03-Sep-2023 17:58:15 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Sep-2022 17:58:15 GMT
last-modified: Sat, 03-Sep-2022 17:58:15 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "1CFAD5B31797B523124803475F8287F629C20379925967E633CBAA04B09892A9"
Last-Modified: Fri, 02 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3684
Expires: Sat, 03 Sep 2022 18:59:41 GMT
Date: Sat, 03 Sep 2022 17:58:17 GMT
Connection: keep-alive

                                        
                                            GET /sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html HTTP/1.1 
Host: cdn.barscreative1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.4
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Sat, 03 Sep 2022 17:58:17 GMT
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-616"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 03 Sep 2022 18:58:17 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2434
Md5:    e0e06adf15bde93eb3fda66828baf7c4
Sha1:   e81efca1f658737e0ce13ab3cfd9065409568ea0
Sha256: 3ea0162237a7a86f558cd0e232c5ce65784c92e37c928c39f9c32d2d66b8d9da

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F18%2F52%2F6a%2F18526a6becad408914fcf53d946360f0%2F1651134763.html&l=1558&fd=134 HTTP/1.1 
Host: unwillingsnick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Sat, 03 Sep 2022 17:58:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/purst?dl=0&th=0&sc=0&rs=3587&rd=3587&fd=839&bv=22.8.v.2&tmpl=136 HTTP/1.1 
Host: decencyjessiebloom.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         209.192.156.116
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Sat, 03 Sep 2022 17:58:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /floater?cs=bU13S3NddEJ5Q1V4TnhKWXtHckE&abt=0&red=1&sm=83&k=xfantazy%20denis%20rosa%20backdoor%20lesbians%20lovely%20teen&v=0.8.9.0&sts=0&prn=1&emb=0&tid=961956&fs=1&t=600&m=1&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5fc582e7b181c14a07fdad7e&jst=4&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi3_&_c9le=1662227893978&crc=1 HTTP/1.1 
Host: amwoukrks.autos
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.86
HTTP/2 200 OK
content-type: text/plain
                                        
content-length: 1200
date: Sat, 03 Sep 2022 17:58:17 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://xfantazy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=9b2771c7-5fde-47a5-bd5c-2c6d430b2b8e
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dis7HEtUxNwqGSiQCkmZWLrcCM7r_C5cm3McV02uR6QwSiCbXRL-1Q==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1890), with no line terminators
Size:   1200
Md5:    5b1ae96a9ebc2a151d1e7114625be519
Sha1:   b3fa7f4ef40e1620016ec658fb98a1eff045d3a5
Sha256: dc546ba05c198b4149516a542f1b3d41d52442fab80f71a8e5e5852186e6507d
                                        
                                            GET /thumbnail/cryRuySkyPrk8Dyerg/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:17 GMT
content-length: 15886
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   15886
Md5:    ee89e1f3ce43179798a2f3a45985eb08
Sha1:   27848dc47265db5a641e7688e0c5f1e29381143d
Sha256: 1613c1e941917c95fe8276ec61a3878a46228f65a4f93791c60dde0b6b8b6b19
                                        
                                            GET /thumbnail/cOqSunT0ma_q_m_C_w/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:17 GMT
content-length: 14575
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   14575
Md5:    cd18b1809a1a5383cc9b888044ee0974
Sha1:   fa8612451e61ec1540f8fa2061bd547ae839880f
Sha256: 74edff77387f4252ca8dfbbc563d437f41072d30d060c139b25a33756f17ae9c
                                        
                                            GET /thumbnail/LOyWvHelyqvp_TmS9w/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:17 GMT
content-length: 10933
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   10933
Md5:    4339da44d0bafb09b811822420978a33
Sha1:   b524cbdff7086a9a90bb286f82dba53f7b073678
Sha256: f690a0baa5abd3ab010f021b5d231c32cc0977f5c1843a6e97ece6c9d58f71bd
                                        
                                            GET /thumbnail/crjB6yWjma7r-jqe-g/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:17 GMT
content-length: 14395
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   14395
Md5:    573cd310cb037ea9413256b7419fe41f
Sha1:   5131787e3578101e40dfb9495f9cbb9827f677aa
Sha256: 01c5b64629678a022ff858bce1ce3a7a72a1d1cbeacc35bdcae3d0b18d195b03
                                        
                                            GET /thumbnail/LeXA6HShyabq_GmW9w/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:17 GMT
content-length: 10049
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   10049
Md5:    075231b57a83d1c1135447e2dedb9a8d
Sha1:   1a2bbdf871f239d8fb7aeb5353b64e840ddf2126
Sha256: c55c708567d833f8be34a28a4a58878f854d21a4cc6bad8411e0120921e3e0d4
                                        
                                            GET /thumbnail/JenHun_1y6bk_W3F-A/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:17 GMT
content-length: 13041
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   13041
Md5:    cbf6d6d34c8b98e6fa00b548a3ba5148
Sha1:   7256737c2f3ca8d8338ddf5a974f8fb18141457d
Sha256: a72804c0fcda7c7064e538f40265249ec8afcbe14ab9e9931b41b24851faf18a
                                        
                                            GET /thumbnail/de2X7yL3zK2_8DqS-Q/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:17 GMT
content-length: 13959
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   13959
Md5:    68fe668efdb7d69a8cabf0e679852aea
Sha1:   312f2fec96d3fcc03b09f0c916eb09727bcf89b8
Sha256: 43a6f445be54bfc0861a7d62ba5eb044c9e3127ddb5fa283e6b7e6afcbbd89cb
                                        
                                            GET /thumbnail/cu-T6HDwnvi4rGmfrg/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:17 GMT
content-length: 11270
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   11270
Md5:    1a7b24a14b3acbe8715e0ab2682624d8
Sha1:   f7426e2527bc18ac3a87ad156318e30c7082ea5a
Sha256: f3647a34ca43440bed5b39ff4b3822d091314f8b9f05c88781326d48f4d1079d
                                        
                                            GET /thumbnail/cbiRuXP0w6zk_2iT_g/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.185
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Sat, 03 Sep 2022 17:58:17 GMT
content-length: 18029
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   18029
Md5:    1c637bb0ab238a3c4ddb505439446e45
Sha1:   236f37e917acd9782dcc4982c9198e2e5215b2b3
Sha256: 218099ac353d55b92750506e11063e97c6226fe0b4eff31a67a64ffac4001329
                                        
                                            GET /api/spots/391865?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1 
Host: a.focusde.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=qs7lgpgvDBTpKIgYPNRB
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         135.181.208.216
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Sat, 03 Sep 2022 17:58:17 GMT
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (654)
Size:   505
Md5:    60213100e66ef8798114adffc5d5f0e9
Sha1:   7d8d05e98ef42d9b0a807f7d7016fbd92e3815e8
Sha256: 1c86fb7aefa9e085d6927314b03cd4db91d54b4290cca2cd51c049ceb31b5905
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fstyle.css&l=8924&fd=44 HTTP/1.1 
Host: unwillingsnick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Sat, 03 Sep 2022 17:58:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=48 HTTP/1.1 
Host: unwillingsnick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Sat, 03 Sep 2022 17:58:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9B6E9CF70930F53FCAC6543955A52BAF9F2BBF4065EDD3E04CD696E31DCC67A7"
Last-Modified: Fri, 02 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11004
Expires: Sat, 03 Sep 2022 21:01:41 GMT
Date: Sat, 03 Sep 2022 17:58:17 GMT
Connection: keep-alive

                                        
                                            GET /js/ifr.html HTTP/1.1 
Host: media.aso1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.234.154
HTTP/2 200 OK
content-type: text/html
                                        
date: Sat, 03 Sep 2022 17:58:17 GMT
last-modified: Mon, 29 Aug 2022 13:18:49 GMT
etag: W/"630cbcb9-6ea"
expires: Fri, 02 Sep 2022 06:53:13 GMT
cache-control: max-age=259200
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-cache-status: HIT
age: 309944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78bwif33nPkhq6ch527l96A%2BZv3apWrcUWj1XqpxFesROyxudpXezvDgdJ%2BYvfHDgtrxwVR1vcnsoFaYfN%2F2f2KPq9j6P2rmEtxQufCA3iVlMA6FRIsTB%2FF924h7mQiofw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74505f68da20dd1f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1168
Md5:    72509e6363dc0fdd52a0715c43c97190
Sha1:   d37f22547e0a235bfbc2c1b05a8f3badfba51628
Sha256: 7a6ab075d4b2ed32775da6d6832fa6267742c9e2e81704c401c3f5eaee1d264c
                                        
                                            GET /sb/ssp/utility/live-message/3-2/css/animate.css HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.183.56
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 03 Sep 2022 17:58:17 GMT
last-modified: Thu, 28 Apr 2022 08:29:13 GMT
etag: W/"626a5059-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2706793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPj6FupsDrOaZ73fsuOOUWNdb7WhiQiwhDm3NZ8k%2Fvva6zAYwYhaiaLU7f1i%2BDsLcJt%2Frq%2FVZrEdVEGKdFyE3RlUmjwqyPVz1n%2B%2BQCWap1Hl6uyh3ZFlAw9g6oPdtvAmQAs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74505f66fa6b0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   8765
Md5:    32022883e20f3f477ac9fd8072936aba
Sha1:   5e322166bf00398c42e3c87e302c55e847fc2e1a
Sha256: 29436381e65ea468ae758e5d38fa7e78eead6a882c153aba9579195b90188873
                                        
                                            GET /si/25/f8/67/25f8672a8dede505f1d482a0fae4ce30/1655369803.jpg HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.9
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 03 Sep 2022 17:58:17 GMT
content-length: 11257
server: nginx/1.17.6
last-modified: Thu, 16 Jun 2022 08:56:51 GMT
etag: "62aaf053-2bf9"
expires: Mon, 05 Sep 2022 17:58:17 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size:   11257
Md5:    fdd0d70787cbe32ddf0f337191cd073e
Sha1:   c69ec6c3647241c0fecb67eba56195414120253b
Sha256: e2014a64037f30864207347c73f351be90f4cf3b5abaed05f86252d9007cb40d
                                        
                                            GET /api/spots/391866?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1 
Host: a.focusde.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=qs7lgpgvDBTpKIgYPNRB
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         135.181.208.216
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Sat, 03 Sep 2022 17:58:17 GMT
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   11725
Md5:    386abc9fde640c5f2ecd1f061ac9da86
Sha1:   deafb2025c7d6ef46f0773288fb1e6de754d2409
Sha256: 626be625694d5f08e240a5ae2456292dc2e535821addc93afaec5c0beba3ca97
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fjs%2Fscript.js&l=1173&fd=13 HTTP/1.1 
Host: unwillingsnick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Sat, 03 Sep 2022 17:58:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /warp/4788749?r=7161 HTTP/1.1 
Host: a.bestcontentfood.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.52.148
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:18 GMT
referer: b.bestcontentfood.top
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKmn16gZsCwT3D8du8L7Ts694wyUe0BstDsK99SoNKzma%2FYTha09Z2yftebivAaXT3n1VVgM0qzCMLGbVeIrRanJyj6qh1ZfwfVR9ED%2B4QQkWQr1sdnUto0JFZg9lODoZhSis9POd6c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f6a4e8eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4181), with no line terminators
Size:   1838
Md5:    2d54695179dc83669833af8920d3032f
Sha1:   370aaba114ee985f21da1aa903d6ce55753c7ba7
Sha256: ab9d52c7ff60bdd92dd7cb191224304f8bc3cfc2c6d6cecab18687c2927c0075

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /warp/4787908?r=98900 HTTP/1.1 
Host: a.bestcontentfood.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.52.148
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:18 GMT
referer: b.bestcontentfood.top
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLRNuhti7auSmeXDPk%2FaLdbmLtsZm7IW4ChGAmnr7P5ZK01yVwopA%2BZFtrnikCcvIc300vbkiRRew5zs%2FytYzc3CoRHlNZIQWZuFNEMC4fjdrbZBzO3IHl3y%2FTvdRwfuKSubVnTX0FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f6a5e9bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   33768
Md5:    ffae5327c57f884b777d4f079e70639b
Sha1:   e4be9e507e3e6c9e4629c8d9e360c841739cd540
Sha256: 80c1280616bc9fa2f110327a03aaf6759033eb95c64c037274d403b02deb47c6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /warp/4788750?r=41074 HTTP/1.1 
Host: a.bestcontentfood.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.52.148
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:18 GMT
referer: b.bestcontentfood.top
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjAVoDYvRuXFiuNGetr83dwZnpIpV6jq02nfAX3Umhbd%2FqL71in8x3lleatyA9ViwIGn3%2BnkwRx%2BuS66vT1CSQARtCUVoTRMk%2BAMekVwFNImfKFb7NAeX%2FC9iDdH9w6nzkFRhO8KAis%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74505f6a5ea0b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4181), with no line terminators
Size:   1795
Md5:    e0ec313ee2e4edc1faec21dcfad245db
Sha1:   5917ef818723818bf90bd0cc41d9174344142aeb
Sha256: e03fa830fa2584b64f36c5e90b9c0b21e6a25b90620d87999fcbfcf5fb3d6c42

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /i/b.html?spot=4511&src=2045230537&pid=19775&width=300&height=250&spaceid=859 HTTP/1.1 
Host: cdn.tubecorp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.25
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sat, 03 Sep 2022 17:58:17 GMT
server: nginx/1.20.1
last-modified: Sat, 20 Nov 2021 06:50:54 GMT
etag: W/"df-5d132d02c9e77"
x-request-id: 6abbfcba916360f3e54990a6a877f067
content-encoding: gzip
expires: Sat, 03 Sep 2022 18:58:17 GMT
cache-control: max-age=3600
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2598
Md5:    a6661776d2f4cbf17e175989740cacdd
Sha1:   216957c8aae73d35163f7ae96cdccdea034514fd
Sha256: c40b1433123b7364acd68fe133bcba8d63751ae1ca3b006cf7888ba498d4b061
                                        
                                            GET /api/spots/312874?p=1&s1=%subid1%&kw= HTTP/1.1 
Host: a.focusde.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         135.181.208.216
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sat, 03 Sep 2022 17:58:17 GMT
vary: Accept-Encoding
set-cookie: nauid=qKSE9oCtW7oWI9GZV2H8; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Size:   3508
Md5:    25b1531fa831eba9b732a706713b85de
Sha1:   4cf1d6eacb862505bde5ce0e1a5c9236612fd024
Sha256: 5078096dfe5cfdf0bef4b30807a02d21ab8d70d25d0ca631506f6658c9b41fe0
                                        
                                            GET /sdk/v1/master.spot.js HTTP/1.1 
Host: cdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.248.225.238
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 03 Sep 2022 17:58:18 GMT
content-length: 12719
last-modified: Thu, 14 Jul 2022 11:59:44 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"62d00530-887a"
age: 4426277
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (28232)
Size:   12719
Md5:    4520e83afc590988f95a471da9bcd876
Sha1:   e8a542d49dd03c3a275698a6ea6d8b128059c26e
Sha256: 2a617aaacef5473d6a1dc19c828d085a570bcb56e8e2787d3f6f425e0fdd3792
                                        
                                            GET /sdk/v1/video.instant.message.js HTTP/1.1 
Host: cdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.248.225.238
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 03 Sep 2022 17:58:18 GMT
content-length: 3512
last-modified: Thu, 21 Jul 2022 11:18:31 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"62d93607-21d4"
age: 3824507
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5088
Md5:    484c11a95bd394fc9c5fa0d907679eda
Sha1:   e3511c918762bf81027c72b5e8b7beb32bb75850
Sha256: a421f4f1b960d21dc634e3111b5484ac277a1fade3cf7160fa4e2821495bcd97
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "15AD9CA32BA14FF1F47EBDB9A10FC7EF75BB4AF54FC7D2AE02C06AE6E7192703"
Last-Modified: Thu, 01 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6971
Expires: Sat, 03 Sep 2022 19:54:29 GMT
Date: Sat, 03 Sep 2022 17:58:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:18 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 20:27:02 GMT
Expires: Fri, 09 Sep 2022 20:27:01 GMT
Etag: "167bc93278ced6a1166bdfe8f184d36ec1de8381"
Cache-Control: max-age=526722,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74505f6e9b481bfa-OSL

                                        
                                            GET /sdk/v1/n.css HTTP/1.1 
Host: cdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: ts_uid=97ba94ef-5402-428c-8e7a-17f3dde0586f; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsCFjRgwaMnLg6NJH
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.248.225.238
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 03 Sep 2022 17:58:18 GMT
content-length: 19411
etag: "62d93607-4bd3"
last-modified: Thu, 21 Jul 2022 11:18:31 GMT
server: nginx
x-robots-tag: noindex, nofollow
age: 3824518
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19411), with no line terminators
Size:   19411
Md5:    f0c8bad08999a9d413b61c81c0e2a606
Sha1:   ebb86ba43d0f2386f2f3cdbb57f4746a1d8bcaf5
Sha256: 79ebc0f15cd767ec1f7e624730bedc0fdac746e41dbb8b2fbf1a1d1ec3b6877d
                                        
                                            GET /js/jads.js HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.246
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Sat, 03 Sep 2022 17:58:18 GMT
Content-Length: 178
Connection: keep-alive
Location: jads2.js


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "21B9EA1F732109234B738A4A82F7EAC08C3DC2F4BEECA1598BC1FE3B5F87E36D"
Last-Modified: Thu, 01 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5981
Expires: Sat, 03 Sep 2022 19:37:59 GMT
Date: Sat, 03 Sep 2022 17:58:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Sep 2022 17:58:18 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 15:56:20 GMT
Expires: Sat, 10 Sep 2022 15:56:19 GMT
Etag: "c4bb058f22e2194f42d8b8910ee5eadd2c8c674c"
Cache-Control: max-age=596880,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74505f7028e5b518-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3E9EE1D3E96D8B88B5F757321B9C3D801EE2A0F40C0642634F6C48720B548F0C"
Last-Modified: Fri, 02 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5638
Expires: Sat, 03 Sep 2022 19:32:16 GMT
Date: Sat, 03 Sep 2022 17:58:18 GMT
Connection: keep-alive

                                        
                                            GET /sdk/v1/b.b.js HTTP/1.1 
Host: lcdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=83ae6d5c-bba7-42a1-afbc-39462126dfe4; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsCFjRgwaMnLg6NJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         8.248.225.238
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 03 Sep 2022 17:58:18 GMT
content-length: 2808
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 15493635
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2590)
Size:   2808
Md5:    01c3ce239d639853ba1e41661c115938
Sha1:   704741ca41e890a26eef6190c2d61131ff294f56
Sha256: 9aabcddb7b91826c4b8bf721d77fa448ceba501616a38c6fe0d6c4f11091ed47
                                        
                                            GET /js/jads2.js HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://media.aso1.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.246
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Sat, 03 Sep 2022 17:58:18 GMT
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3758), with no line terminators
Size:   1719
Md5:    558e1b61fc513016183a3812938e79fb
Sha1:   5f72ea61a2aad8f7a0956321d3fd8524db70eddf
Sha256: a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
                                        
                                            GET /964ea29fa8c906c50a6ce6278bed628d.png HTTP/1.1 
Host: cdn.adx1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         149.11.201.98
HTTP/2 200 OK
content-type: image/png
                                        
server: openresty/1.15.8.3
date: Sat, 03 Sep 2022 17:58:18 GMT
content-length: 19427
last-modified: Tue, 21 Jun 2022 21:25:16 GMT
etag: "62b2373c-4be3"
expires: Thu, 15 Sep 2022 10:53:38 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Size:   19427
Md5:    749dc1a761b4cadc07648fe3ed87796a
Sha1:   0023796a9b6c8ec9c554b3aac96f99753568a6c1
Sha256: d865312aaaacbcb21bf9525e62c3c93e889c543a2976e786772369981d9500c0
                                        
                                            GET /banner/in/show/?mid=1270276935&pid=0&site=4511&sc=NO&usage_type=DCH&subid=2045230537&sid=0&cid=12774&price=0&is_cpm=1&cpm=0.0048&ecpm=0.0048&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=a.focusde.info&hostname=auc-banner-hz-0&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=4511&utm_campaign=19775&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=&min_cpm=0.0001&placement_type_id=-1&skin_test=&verify_hash=&score=1&ml=&ttl=&space_id=859&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=&url=%2F%2Fin16.zog.link%2Fin%2Ftishow%2F%3Fkatds_ep%3DES3Yy321zjS-Lu9xvmMcZHwnTt7tduNO5ej8nOjp0oKU9nqpqvuR29Ta3HGhRpq92_3tBuM2TVz0narsA0iGCC5sYk3PJeqpu4rBfVm99Eb-GuZS8SFlG9jVtS555gS1kvFmecypcrrLB17fnTtE5SKYZF2SxUgb6Rj2dxFf5RYME3JWAtEn9Wpnoh5mnyDxYwLW-SRmsP8K_hkxPmfgvly5fF8aewUUT6MrLxrbJvR3k7e14eYKXnCZ7AaCCnuGjBUGkY0aauJ5mNz-_20dCvddTCqgtZRfvVhUUX8I9za8s8khhW3EqosQ0oCwkIELnyq83awCae-2K0G79KzLsGtVg25n4gwwo79ToaDdsQPExER8amd6w_QTNo2IufXSWa7lkmZ2DOj4wGxBHu66duMBJY6A0o2KfBjqxxOiSQlwJB3hryJD8MtrOZqhnuVEyHpGS_SoLHGqjWg77MZcxriTDQ2fWK6ojTOvzqndJi43xP_M8VTxxds4szGJbpE9AwKnVwFV7OL_ggcG511iZ_yDfSS8FhpcK6bTbYZKAxgmyx14oYUCukh_Jd96SNHbnEU2tGB-CPww4YDycI_BW8zzjSQ5bI0R0cVkT4dMwiL08b6rH63W4whu7CEy70713SL8TsVBeXQe7qnqutEZq0HW-HVyl9rnxB8ozqNU6Ns84DemF7rchEwLEnYUkAKwVSP-GJ0DVdPXzeuCDrA2WL7C2flkBuP7GsKR0C4mmw6hXy9UZuKY1V1n8J_RwxyKb5i1-h54Yzmg-tRyCtzRKk9ezV6Vve79s6eCKZKLCtvyodFXPhHrPD5Iw9_4ry1oNG9O0XMd2CctRoNLoqxgD5Q_zgRzt8e88kOVa5oHDGQ5d-eEoxV0WPemliqoJBzVCXTcVFIb_SxfBm1WV3A_kWZp3viLhy_DCGl0RcfpFT9fOj7Au-Pz4LUR1FgODeSYiFMP06CgX92DGaBhRdY7qbUHOeU_nLo8swUj-vZaMRzBeE0EG2IiowHWdxvmV1I_tQhn_DPhC1MX9mzPKg55sL58OBPi_iPCL7K7ubRdQ04GJWbFjVb2X81tqd0LGeTjkvunOZ0rTT9aBr1aCJhHQOZ5GnDsfdqU-9fLFduEYpkdj4ShH4pVTMarAM-c3CGcT7a2E3C4C0oLOcWEtQ1cWKOMAKr_IBOjh_Ne3ZoQ7ruxvX-NTGIE7i_JzKyWyY1GaZ-KUexAJ_czK_xmTgDVaFlcWAqetVspDr2v7F9elUsnZRb-xk78LDQIgl9FIGzLkcCv6GsKCbrwZ7T3Uskh8JdfZL2QNhBm_hNcIG27PUJlfKnpwqM_43kEcaatrIoeJrnZtWX2_j47e8Hjvgrg4XPWdLQJZ43wqtXWdUHqZ2qRBgDpMrWKPP76jg-N8B8jIGSbLx7Xj2PqygGPw-IdSsyZfWhT66x_iHsXwe1YvJPIOj_lZvEhhvUqDGHcP1vuaGIkd8UubYqM4aOSwXkDkLKZQDNK65UMkKrPx-_XjRlJCGhT--kycnLaL_uHRzcEPt4uhX7km9e63n-CN-ubD58LmSeT9uT8W8ZI2JoiVvbt_1HE_GHO9ItpHgbHBMcNeeA1brwsJFK_21nwF8M7I_XHu8ttURaneEBjhk9DvZxqsnCJiSoxkTp4hhC1M7t6JpbgIkk6p6bkAVM_pGa-IFWLCMKn7K7DKSkE73GZx_0tUxUhO0GbZugli4d8gPC9BWymKN133aXflS6OKXP3P-2-4cnqGzIgSGW3xEwXa5Ja0fS9GiXNnpRKOLDa0kiGabXdGfpeZu_EnWBBRm3vIq-8S-GvtoHerHnLwi7CUYoeh5wPcQwaTJF_1S1pXzXsn3OBkWYH7vJ5kCwGcXK3P-be07zJZw3Rl7h5DKgPQwnnoHgWytfhDaKOeKiuAgv_iWKR4Ge9DNG4GF4AR0adb8CWhWxWdVdk6Mhl-oW-FBL5xAZuLgcV1hiURLpH6YR4zHKmN5TSoDW3SC0hJE71zcqw9kBIdXJTEgG8RSdCrXV_LVX62XzNsJsHc38j7IbmGKt2PZNr93Jfe7f8m8Y%26sp%3D0.0048&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem= HTTP/1.1 
Host: rtbrennab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbbnr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         162.55.139.130
HTTP/2 302 Found
                                        
server: nginx/1.16.0
date: Sat, 03 Sep 2022 17:58:19 GMT