urlquery - report: xfantazy.com/video/6051542a4ce90e0b3a572b0b?

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
static.adxadserv.com (1)	128146	2018-06-23 22:08:40 UTC	2020-05-04 07:41:25 UTC	185.76.9.19
a.realsrv.com (2)	10080	No data	No data	185.76.9.22
video.ktkjmp.com (1)	23778	2020-10-02 08:52:19 UTC	2022-01-31 09:33:25 UTC	104.18.51.106
bam.nr-data.net (2)	630	2015-02-10 00:06:27 UTC	2022-05-19 12:27:58 UTC	162.247.241.14
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-24 05:30:55 UTC	34.117.237.239
d192r5l88wrng7.cloudfront.net (4)	0	2022-10-25 19:02:47 UTC	2022-11-24 21:28:15 UTC	54.230.245.16	Unknown ranking
engingsecondu.com (6)	0	2022-11-16 09:50:10 UTC	2022-11-24 10:31:20 UTC	104.21.55.224	Unknown ranking
pogothere.xyz (2)	0	2022-09-04 19:11:25 UTC	2022-11-24 10:31:20 UTC	172.64.173.27	Unknown ranking
a.naturalhealthsource.club (11)	0	No data	No data	135.181.208.216	Unknown ranking
ocsp.sca1b.amazontrust.com (2)	1015	2017-03-03 15:20:51 UTC	2019-03-27 04:05:54 UTC	143.204.42.156
s3t3d2y8.afcdn.net (5)	0	No data	No data	185.76.9.14	Unknown ranking
ocsp.digicert.com (20)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
www.googletagmanager.com (1)	75	2013-05-22 02:07:37 UTC	2022-11-24 08:35:27 UTC	142.250.74.168
cdn.barscreative1.com (2)	25648	2021-09-16 11:14:42 UTC	2022-07-13 08:11:12 UTC	45.133.44.4
cdn.tsyndicate.com (1)	16265	2017-07-04 06:00:09 UTC	2020-06-25 11:21:39 UTC	8.247.218.249
static.serve-servee.com (1)	0	2022-06-18 03:19:30 UTC	2022-11-24 17:21:26 UTC	172.64.111.7	Unknown ranking
analitits.com (1)	186712	2016-06-11 18:10:30 UTC	2022-11-24 12:22:53 UTC	31.220.24.19
static-cache.k2s.cc (12)	182663	2018-09-13 10:35:33 UTC	2022-11-24 18:56:20 UTC	188.72.235.185
skiingsettling.com (1)	0	2022-10-31 06:14:55 UTC	2022-11-24 09:03:56 UTC	192.243.61.227	Unknown ranking
e1.o.lencr.org (15)	6159	No data	No data	23.36.76.226
pemainedperio.com (5)	0	2022-11-24 18:00:28 UTC	2022-11-24 18:53:15 UTC	54.230.111.124	Unknown ranking
ads.adxadserv.com (1)	113382	2018-07-07 20:22:47 UTC	2020-03-27 08:32:20 UTC	185.98.53.2
xfantazy.com (15)	167260	2020-04-20 06:55:54 UTC	2022-11-24 17:15:35 UTC	172.64.163.22
r3.o.lencr.org (20)	344	No data	No data	23.36.77.32
tsyndicate.com (1)	13042	2017-03-16 09:04:54 UTC	2022-11-24 12:12:51 UTC	148.251.152.17
ocsp.pki.goog (14)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.35
creative.xlirdr.com (1)	0	2021-07-02 10:31:16 UTC	2021-07-03 00:00:33 UTC	104.18.59.150	Unknown ranking
adxadserv.com (4)	85319	2018-06-28 23:50:00 UTC	2022-11-24 12:23:04 UTC	185.98.53.29
lcdn.tsyndicate.com (5)	12634	No data	No data	8.247.219.121
www.google-analytics.com (1)	40	2012-10-03 01:04:21 UTC	2022-11-24 10:18:11 UTC	142.250.74.174
cdn.jsdelivr.net (1)	439	2012-09-30 00:15:09 UTC	2020-08-10 12:12:39 UTC	151.101.85.229
i.jads.co (1)	46788	No data	No data	69.16.175.10
lightssyrupdecree.com (5)	0	2022-11-12 08:15:02 UTC	2022-11-24 17:05:32 UTC	173.233.137.60	Unknown ranking
reproductiontape.com (10)	0	2022-11-11 10:42:27 UTC	2022-11-24 14:08:06 UTC	173.233.137.36	Unknown ranking
unseenreport.com (4)	0	2022-03-30 14:33:17 UTC	2022-11-24 08:25:28 UTC	192.243.61.227	Unknown ranking
roomimg.stream.highwebmedia.com (3)	23037	2016-09-05 17:03:58 UTC	2022-11-24 08:24:44 UTC	104.19.241.83
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-24 05:36:55 UTC	34.102.187.140
exploredefinitely.com (1)	0	2021-06-24 18:01:35 UTC	2022-11-24 21:28:15 UTC	173.233.137.60	Unknown ranking
go.xlirdr.com (1)	0	2021-07-02 10:51:47 UTC	2021-07-03 00:01:21 UTC	104.18.59.150	Unknown ranking
cams.gratis (1)	594857	2018-10-14 16:39:32 UTC	2022-11-24 21:07:43 UTC	172.64.135.7
img.strpst.com (1)	12993	2021-06-03 08:45:56 UTC	2022-01-31 08:38:04 UTC	104.18.63.124
mc.yandex.ru (11)	2672	2012-05-21 09:38:30 UTC	2022-11-24 11:15:18 UTC	77.88.21.119
go.xlivrdr.com (1)	0	2021-07-02 10:51:24 UTC	2021-07-03 00:01:21 UTC	104.18.59.150	Unknown ranking
cdn.creative-bars1.com (7)	0	2022-11-15 16:46:22 UTC	2022-11-24 09:25:02 UTC	172.64.109.13	Unknown ranking
syndication.realsrv.com (10)	9112	No data	No data	95.211.229.248
static-assets.highwebmedia.com (4)	16059	2021-01-19 21:46:26 UTC	2022-11-24 11:48:29 UTC	104.16.94.42
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
img-getpocket.cdn.mozilla.net (4)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
ifknittedhurtful.com (1)	0	2022-11-10 10:19:37 UTC	2022-11-24 16:45:35 UTC	192.243.59.13	Unknown ranking
yearbookhobblespinal.com (1)	0	2022-11-10 10:22:18 UTC	2022-11-24 11:37:59 UTC	173.233.137.36	Unknown ranking
accounts.google.com (2)	81	2016-09-05 09:39:47 UTC	2022-11-24 11:10:26 UTC	216.58.207.237
cdn.cloudimagesb.com (2)	23099	2022-10-07 08:01:31 UTC	2022-10-08 10:27:40 UTC	45.133.44.10
xml.serve-servee.com (1)	0	2022-06-18 07:06:23 UTC	2022-11-24 17:21:22 UTC	172.64.111.7	Unknown ranking
poweredby.jads.co (2)	30525	2019-12-04 10:34:12 UTC	2022-11-24 14:31:08 UTC	185.94.236.253
ocsp.globalsign.com (1)	2075	2012-07-20 17:46:16 UTC	2020-05-02 20:58:10 UTC	104.18.21.226
simplewebanalysis.com (2)	0	2022-02-25 04:06:25 UTC	2022-11-24 10:12:21 UTC	18.185.190.54	Unknown ranking
chaturbate.com (2)	6807	2012-05-22 23:11:36 UTC	2022-11-24 08:26:53 UTC	104.18.101.40
friendshipmale.com (1)	0	2022-10-21 12:15:25 UTC	2022-11-24 12:00:08 UTC	172.64.202.23	Unknown ranking
media.aso1.net (1)	123434	2018-09-12 09:13:52 UTC	2022-11-24 21:28:17 UTC	104.21.234.223
pxl.tsyndicate.com (3)	14763	2017-07-05 13:51:06 UTC	2022-11-24 10:47:35 UTC	136.243.51.205
ocsp.sectigo.com (10)	487	2019-11-29 11:50:24 UTC	2021-09-17 20:05:40 UTC	172.64.155.188
fonts.gstatic.com (3)	0	2014-09-09 00:40:21 UTC	2022-11-24 11:09:52 UTC	216.58.207.195	Domain (gstatic.com) ranked at: 540
js-agent.newrelic.com (1)	378	2018-06-22 04:15:37 UTC	2020-05-01 11:44:04 UTC	151.101.86.137
www.facebook.com (1)	99	2012-05-21 00:23:41 UTC	2021-06-08 06:38:51 UTC	157.240.200.35
xfantazy.com (15)	167260	2020-04-20 06:55:54 UTC	2022-11-24 17:15:35 UTC	172.64.162.22
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	54.189.139.67
stats.g.doubleclick.net (1)	96	2013-06-10 20:21:11 UTC	2022-11-24 08:34:31 UTC	142.251.1.154
fonts.googleapis.com (1)	8877	2013-06-10 20:14:26 UTC	2022-11-24 11:11:51 UTC	142.250.74.10

Scan Date	Severity	Indicator	Comment
2022-11-25	2	reproductiontape.com/01/f7/5a/01f75a95a38a8db0a8e82d995253a076.js	Malware
2022-11-25	2	reproductiontape.com/sbar.json?key=21fe3950f412e026c33f1b6cee613eba	Malware
2022-11-25	2	reproductiontape.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2sbRxSeTVwoDYW25NJDg25t (...)	Malware
2022-11-25	2	cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/16577 (...)	Phishing
2022-11-25	2	cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/16137 (...)	Phishing

Scan Date	Severity	Indicator	Comment
2022-11-24	2	skiingsettling.com	Sinkholed
2022-11-24	2	lightssyrupdecree.com	Sinkholed
2022-11-25	2	reproductiontape.com	Sinkholed
2022-11-24	2	lightssyrupdecree.com	Sinkholed
2022-11-25	2	reproductiontape.com	Sinkholed
2022-11-24	2	lightssyrupdecree.com	Sinkholed
2022-11-25	2	reproductiontape.com	Sinkholed
2022-11-24	2	ifknittedhurtful.com	Sinkholed
2022-11-25	2	yearbookhobblespinal.com	Sinkholed
2022-11-25	2	reproductiontape.com	Sinkholed
2022-11-25	2	reproductiontape.com	Sinkholed
2022-11-25	2	reproductiontape.com	Sinkholed
2022-11-25	2	reproductiontape.com	Sinkholed
2022-11-25	2	reproductiontape.com	Sinkholed
2022-11-25	2	reproductiontape.com	Sinkholed
2022-11-24	2	lightssyrupdecree.com	Sinkholed
2022-11-24	2	lightssyrupdecree.com	Sinkholed
2022-11-25	2	reproductiontape.com	Sinkholed
2022-11-25	2	unseenreport.com	Sinkholed
2022-11-25	2	unseenreport.com	Sinkholed
2022-11-25	2	unseenreport.com	Sinkholed
2022-11-25	2	unseenreport.com	Sinkholed

Date	UQ / IDS / BL	URL	IP
2023-01-15 16:50:30 +0000	0 - 7 - 24	xfantazy.com/video/618647d3248b9003ff8116ba	172.64.163.22
2022-12-27 05:49:05 +0000	0 - 2 - 24	xfantazy.com/tag/bondageliberation	172.64.163.22
2022-12-20 19:49:59 +0000	0 - 3 - 15	xfantazy.com/video/62b0468413dbbc05e42a40cf	172.64.163.22
2022-12-20 12:49:57 +0000	0 - 3 - 22	xfantazy.com/video/6256b6895a615f1d0cf9c694	172.64.163.22
2022-11-29 21:55:40 +0000	0 - 0 - 35	xfantazy.com/video/5edc59d923629346a514272b	172.64.163.22

Date	UQ / IDS / BL	URL	IP
2023-02-04 02:17:20 +0000	0 - 0 - 2	push2.asiapushstan4.click/index.php	172.67.186.157
2023-02-04 02:15:27 +0000	0 - 1 - 1	d7ba15d3.cruel.ru.com/	104.26.12.4
2023-02-04 02:14:13 +0000	0 - 3 - 0	postgolflilaput.ml/	104.21.95.235
2023-02-04 02:12:43 +0000	0 - 0 - 2	we-meet-today.com/?sub1=63ddbf02fb5eb5000125a (...)	104.21.81.54
2023-02-04 02:11:13 +0000	0 - 0 - 2	gopalayurvediccenter.com/wp-content/NETFLIX/a (...)	188.114.96.1

Date	UQ / IDS / BL	URL	IP
2023-02-03 02:45:39 +0000	0 - 2 - 25	xfantazy.com/video/603ced975ec2cb18b80961dc	172.64.204.27
2023-02-02 10:21:15 +0000	0 - 3 - 26	xfantazy.com/video/62379c1c76373a1d22aeaaeb	172.64.204.27
2023-01-30 05:57:17 +0000	0 - 2 - 23	xfantazy.com/video/60e796b1fc8074710cdd5c72	172.64.96.10
2023-01-28 18:06:59 +0000	0 - 3 - 28	xfantazy.com/video/61ffb4cb0712281d196d7936	172.64.96.10
2023-01-26 23:56:12 +0000	0 - 2 - 0	xfantazy.com/video/61f0361efe3794103180c226/amp	172.64.142.8

Request	Response
GET /video/6051542a4ce90e0b3a572b0b? HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: xfantazy.com/video/6051542a4ce90e0b3a572b0b? FQDN: xfantazy.com IP: 172.64.163.22 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.64.163.22 HTTP/1.1 302 Found Date: Fri, 25 Nov 2022 04:34:31 GMT Content-Length: 0 Connection: keep-alive location: https://xfantazy.com/video/6051542a4ce90e0b3a572b0b? cache-control: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iamgM%2BDj5YbVSNUFanrBUihLbjclqOYREKbihfqSgEURdlln0dTtp396eRaPvr1D4C6QdKziDo6A8o8ON%2F1p8YTBMbjxxq7J4ju8S%2BUITtZvRuyISlSoeKELgOkyKeA%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 76f7ac226c9672ae-LHR alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA" Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11884 Expires: Fri, 25 Nov 2022 07:52:35 GMT Date: Fri, 25 Nov 2022 04:34:31 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7c60904d097cde276e4e5632cef1b9f1 Sha1: 4f805026462589345d85e8df2d18eafba6237504 Sha256: 12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 611 Cache-Control: 'max-age=158059' Date: Fri, 25 Nov 2022 04:34:31 GMT Last-Modified: Fri, 25 Nov 2022 04:24:20 GMT Server: ECS (ska/F714) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: af40a2fcf8debb90c3608002da6c907a Sha1: 3c75d6c0b557a3bd8d5db50155b8d896e852c145 Sha256: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 25 Nov 2022 04:19:03 GMT cache-control: public,max-age=3600 age: 928 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 567df7db606cf5d0871aa5bc9311b6da Sha1: 4263faac7cbab2fcaf6661911dcad5091c06be17 Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13742 Expires: Fri, 25 Nov 2022 08:23:33 GMT Date: Fri, 25 Nov 2022 04:34:31 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 260e9998c20d831b66f1029c8f47aac9 Sha1: 716d630f647c54dc69a7f9c63a6cac294b3df7f7 Sha256: c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: FojPZJYaxcWy7aWW2Zzo2GhLheewgsHHpN55eyIN0iypZ/3RX5oOmseF1tvVmdzHAVf6RHb7zGQ= x-amz-request-id: J3KJ3ARVZWVE4G1J content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 25 Nov 2022 03:43:41 GMT age: 3050 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
POST /s/gts1p5/PrU7zFTubJs HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/PrU7zFTubJs FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 8d07e5f85f8b1c4ddf314e2855f02bbbb384ce334d85ee1aa11c27d8dc54f4c7 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:31 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 3ac1246514072e571a9b3c94399856fe Sha1: 331c8c09341fb9e357468c68da18d3abd3f7af5a Sha256: 8d07e5f85f8b1c4ddf314e2855f02bbbb384ce334d85ee1aa11c27d8dc54f4c7
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Fri, 25 Nov 2022 04:34:31 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST /s/gts1p5/PrU7zFTubJs HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/PrU7zFTubJs FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 8d07e5f85f8b1c4ddf314e2855f02bbbb384ce334d85ee1aa11c27d8dc54f4c7 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:32 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 3ac1246514072e571a9b3c94399856fe Sha1: 331c8c09341fb9e357468c68da18d3abd3f7af5a Sha256: 8d07e5f85f8b1c4ddf314e2855f02bbbb384ce334d85ee1aa11c27d8dc54f4c7
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:32 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b44543de9922ec7d97f2e0be1865553e Sha1: caef856450efd75de0cfae9402903b1f4bd6de4c Sha256: d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 25 Nov 2022 04:08:53 GMT cache-control: public,max-age=3600 age: 1539 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:32 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b44543de9922ec7d97f2e0be1865553e Sha1: caef856450efd75de0cfae9402903b1f4bd6de4c Sha256: d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: db5d1b45ea9fe0e2b3297c6c93e4c8c71f1462e3ebe646f057da841920cb1e88 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:32 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Tue, 22 Nov 2022 15:14:19 GMT Expires: Tue, 29 Nov 2022 15:14:18 GMT Etag: "80f500c9cc1b84c3b799fc6f055ac1701464a2cc" Cache-Control: max-age=383385,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 76f7ac27c8ff0b3d-OSL --- Additional Info --- Magic: data Size: 472 Md5: 090a712ffd3fe703f9d001c547c88374 Sha1: 80f500c9cc1b84c3b799fc6f055ac1701464a2cc Sha256: db5d1b45ea9fe0e2b3297c6c93e4c8c71f1462e3ebe646f057da841920cb1e88
GET /_next/static/chunks/commons.9b890646c0aa33eb63fe.js HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/video/6051542a4ce90e0b3a572b0b? Cookie: visitorId=aunxcne9m2bdujejini09; experiment-popup-payment-7=0; experiment-save-to-button-2=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: xfantazy.com/_next/static/chunks/commons.9b890646c0aa33 (...) FQDN: xfantazy.com IP: 172.64.162.22 HASH: b9112b8100670f1963c4a6c71f692fdb94405695f7773b12bb18555390aa02b2 172.64.162.22 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Fri, 25 Nov 2022 04:34:32 GMT cache-control: public, max-age=31536000, immutable cf-bgj: minify cf-polished: origSize=1388386 etag: W/"152f62-1826d2b9f14" last-modified: Fri, 05 Aug 2022 08:42:31 GMT vary: Origin, Accept-Encoding cf-cache-status: HIT age: 9661826 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETWYRcnmHZ40OUlOIaiDBXbfLN1VotDFcJEatl5pnkHMQex8x89MQRSNxiqXYR%2FKd4Tp5Ta7uJzqPOEVx4V5hDkPZaLzBe6uNWJC28uBZhLTsbSSmYYVEM6U5OZvaCw%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f7ac270d0875db-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 400695 Md5: 578813045c70d47798ef07e6a4bbd139 Sha1: 2df333c3a2f7ad554669f86eb392699fb88c3bff Sha256: b9112b8100670f1963c4a6c71f692fdb94405695f7773b12bb18555390aa02b2
GET /thumbnail/d7nAvXbzw6e9-DvE_w/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: static-cache.k2s.cc/thumbnail/d7nAvXbzw6e9-DvE_w/w320h2 (...) FQDN: static-cache.k2s.cc IP: 188.72.235.185 HASH: 8b5427269ecdb82208e60b8aef37b87238ea7ff55e3ac272b86d2f01ed7af8c3 188.72.235.185 HTTP/2 200 OK content-type: image/jpeg server: openresty date: Fri, 25 Nov 2022 04:34:32 GMT content-length: 10663 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 10663 Md5: 125a4edcf33be62b9e9e7b19bad888db Sha1: 43027be2f9a90fa08be93b3f8ff8f7446b2863b6 Sha256: 8b5427269ecdb82208e60b8aef37b87238ea7ff55e3ac272b86d2f01ed7af8c3
GET /thumbnail/J-ub7HHwya7lrD2Wqw/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: static-cache.k2s.cc/thumbnail/J-ub7HHwya7lrD2Wqw/w320h2 (...) FQDN: static-cache.k2s.cc IP: 188.72.235.185 HASH: 423bf00686050fc5923adc3d55cf5adff63dee08aa5aff13b1de4880296b17eb 188.72.235.185 HTTP/2 200 OK content-type: image/jpeg server: openresty date: Fri, 25 Nov 2022 04:34:32 GMT content-length: 8546 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 8546 Md5: 98820ad936b52a2b8c6b63d974812a30 Sha1: e2e7bb461a9c3fe4ea8cac668b612fedad208c76 Sha256: 423bf00686050fc5923adc3d55cf5adff63dee08aa5aff13b1de4880296b17eb
GET /thumbnail/JOyRu36kn_3p_jvC_Q/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: static-cache.k2s.cc/thumbnail/JOyRu36kn_3p_jvC_Q/w320h2 (...) FQDN: static-cache.k2s.cc IP: 188.72.235.185 HASH: 68d017adc263b0e6f17e6f28267b28c43163ed226e1e1c714e477547a581673b 188.72.235.185 HTTP/2 200 OK content-type: image/jpeg server: openresty date: Fri, 25 Nov 2022 04:34:32 GMT content-length: 13048 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 13048 Md5: d1125deed4e2e12de538306048958066 Sha1: 71a3b41b7f8261310c90232733e7d5d0bef47fb5 Sha256: 68d017adc263b0e6f17e6f28267b28c43163ed226e1e1c714e477547a581673b
GET /thumbnail/IeiT6CKmm6e6_mnCrQ/w320h240/0.jpeg HTTP/1.1 Host: static-cache.k2s.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: static-cache.k2s.cc/thumbnail/IeiT6CKmm6e6_mnCrQ/w320h2 (...) FQDN: static-cache.k2s.cc IP: 188.72.235.185 HASH: 8d763c5b9254996d169a5ee95034f6aeb78929a3ef9294457d723bdcdc471bf5 188.72.235.185 HTTP/2 200 OK content-type: image/jpeg server: openresty date: Fri, 25 Nov 2022 04:34:32 GMT content-length: 14116 expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data Size: 14116 Md5: be81a13d6635a5820793ab78dddfac41 Sha1: 9e35426095a3635b3a57ffdc7649edeb5088572f Sha256: 8d763c5b9254996d169a5ee95034f6aeb78929a3ef9294457d723bdcdc471bf5
GET /_next/static/chunks/16.2fcecc4fbe403da70f1d.js HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/video/6051542a4ce90e0b3a572b0b? Cookie: visitorId=aunxcne9m2bdujejini09; experiment-popup-payment-7=0; experiment-save-to-button-2=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: xfantazy.com/_next/static/chunks/16.2fcecc4fbe403da70f1d.js FQDN: xfantazy.com IP: 172.64.162.22 HASH: d5c2aac37d0c38d3d48963974720d811bc61e371a56f72d182d4dfbd54572c58 172.64.162.22 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Fri, 25 Nov 2022 04:34:32 GMT cache-control: public, max-age=31536000, immutable cf-bgj: minify etag: W/"4f4a-1835015f16a" last-modified: Sun, 18 Sep 2022 10:12:38 GMT vary: Origin, Accept-Encoding cf-cache-status: HIT age: 2581860 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSq24LC3Am7AMOhprB5Jn3PsKnX2i05dE4I6maKtT2puDZcZggMnIfAn7bXhXno4%2FO4s0QMsy0oCFINP%2B4LAoYbhsfW5kkaBRr9gbBO1aBy9670ekQLO6arBArchSnc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f7ac270d0b75db-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (20298), with no line terminators Size: 6720 Md5: 0e418dfd11118e1c9ef27d8a7b48b306 Sha1: 7f12af27027f53af47171735aac4d4b9c3c5e990 Sha256: d5c2aac37d0c38d3d48963974720d811bc61e371a56f72d182d4dfbd54572c58
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: db5d1b45ea9fe0e2b3297c6c93e4c8c71f1462e3ebe646f057da841920cb1e88 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:32 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Tue, 22 Nov 2022 15:14:19 GMT Expires: Tue, 29 Nov 2022 15:14:18 GMT Etag: "80f500c9cc1b84c3b799fc6f055ac1701464a2cc" Cache-Control: max-age=383385,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 76f7ac27cb86b521-OSL --- Additional Info --- Magic: data Size: 472 Md5: 090a712ffd3fe703f9d001c547c88374 Sha1: 80f500c9cc1b84c3b799fc6f055ac1701464a2cc Sha256: db5d1b45ea9fe0e2b3297c6c93e4c8c71f1462e3ebe646f057da841920cb1e88
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: db5d1b45ea9fe0e2b3297c6c93e4c8c71f1462e3ebe646f057da841920cb1e88 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:32 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Tue, 22 Nov 2022 15:14:19 GMT Expires: Tue, 29 Nov 2022 15:14:18 GMT Etag: "80f500c9cc1b84c3b799fc6f055ac1701464a2cc" Cache-Control: max-age=383385,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 76f7ac27b89eb517-OSL --- Additional Info --- Magic: data Size: 472 Md5: 090a712ffd3fe703f9d001c547c88374 Sha1: 80f500c9cc1b84c3b799fc6f055ac1701464a2cc Sha256: db5d1b45ea9fe0e2b3297c6c93e4c8c71f1462e3ebe646f057da841920cb1e88
GET /_next/static/CQQjK-JMZPEm6YR1Hp7eX/pages/video.js HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/video/6051542a4ce90e0b3a572b0b? Cookie: visitorId=aunxcne9m2bdujejini09; experiment-popup-payment-7=0; experiment-save-to-button-2=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: xfantazy.com/_next/static/CQQjK-JMZPEm6YR1Hp7eX/pages/v (...) FQDN: xfantazy.com IP: 172.64.162.22 HASH: b88960ad56998e6ca92c48bbe51213ca266f116698a4963eed62208e5ba701be 172.64.162.22 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Fri, 25 Nov 2022 04:34:32 GMT cache-control: public, max-age=31536000, immutable cf-bgj: minify etag: W/"597e-18350160ab4" last-modified: Sun, 18 Sep 2022 10:12:45 GMT vary: Origin, Accept-Encoding cf-cache-status: HIT age: 5854655 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJMVkbfqpcofwntnoiOm7cqTJS2V9ZgFugbOBCiBQ%2Fq%2FtFrqzhxGsLtRE6ehSNj5GkVwfWdjEv%2B1mILV%2F99w0HFcYPbO7D41lG%2Bo1BvL1hNFkBSz0vdTuEbrPY%2BCh7w%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f7ac270d0675db-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (22910), with no line terminators Size: 44736 Md5: 40254749abd5e34659c73bf59a587410 Sha1: 67cd2a00f59e1f6115d3966a2b0e226f784afe9a Sha256: b88960ad56998e6ca92c48bbe51213ca266f116698a4963eed62208e5ba701be
GET /gtm.js?id=GTM-PLKQLTX HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: 0d39286e9dcb4b14a2223f034a07aa354e10e7e228798e5e12afbd549fa91ec0 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 25 Nov 2022 04:34:32 GMT expires: Fri, 25 Nov 2022 04:34:32 GMT cache-control: private, max-age=900 last-modified: Fri, 25 Nov 2022 03:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 54293 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (15971) Size: 54293 Md5: 97caec1a07b0d07a0f7ca5cbfd4f1fcb Sha1: 02dbb9d226967b9aae872b15f1e9181d2d525027 Sha256: 0d39286e9dcb4b14a2223f034a07aa354e10e7e228798e5e12afbd549fa91ec0
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: db5d1b45ea9fe0e2b3297c6c93e4c8c71f1462e3ebe646f057da841920cb1e88 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:32 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Tue, 22 Nov 2022 15:14:19 GMT Expires: Tue, 29 Nov 2022 15:14:18 GMT Etag: "80f500c9cc1b84c3b799fc6f055ac1701464a2cc" Cache-Control: max-age=383385,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 76f7ac27bb21b51d-OSL --- Additional Info --- Magic: data Size: 472 Md5: 090a712ffd3fe703f9d001c547c88374 Sha1: 80f500c9cc1b84c3b799fc6f055ac1701464a2cc Sha256: db5d1b45ea9fe0e2b3297c6c93e4c8c71f1462e3ebe646f057da841920cb1e88
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:32 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: aee1eaa2ef2d0edbb0bc5703979e6439 Sha1: 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db Sha256: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:32 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: aee1eaa2ef2d0edbb0bc5703979e6439 Sha1: 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db Sha256: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:32 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 87de3dd2c7dce12b01a337d1554a222a Sha1: 30e0bd68bbb78995aa8a0686ac02848fd5a7a699 Sha256: 533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
GET /_next/static/chunks/7.38d845e9473548212694.js HTTP/1.1 Host: xfantazy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/video/6051542a4ce90e0b3a572b0b? Cookie: visitorId=aunxcne9m2bdujejini09; experiment-popup-payment-7=0; experiment-save-to-button-2=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: xfantazy.com/_next/static/chunks/7.38d845e9473548212694.js FQDN: xfantazy.com IP: 172.64.162.22 HASH: d09b3a73f03420a8bdcdb51604bd183e06dc180d32f4663852bd0bd7a5873a39 172.64.162.22 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Fri, 25 Nov 2022 04:34:32 GMT cache-control: public, max-age=31536000, immutable cf-bgj: minify etag: W/"97ba-183501608ac" last-modified: Sun, 18 Sep 2022 10:12:44 GMT vary: Origin, Accept-Encoding cf-cache-status: HIT age: 2581816 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mItFbtmEHzrC5DzvqFWqpMpFh1wii%2BqNmHrWT2%2BcSdKPUp2IbMKDmjaExgQxLCSw9GS1BavoIKoSiATe5xxRHXmiOPPa%2BIL%2F%2FRr9zrHL6DSTyPWwy8F8vZ7MlMDVGCc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f7ac270d0975db-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (38842), with no line terminators Size: 26507 Md5: 619d28de9fa9c57889ba72380f7ccdb8 Sha1: ead1f9e4a1285f965b582a120386715054fdb01a Sha256: d09b3a73f03420a8bdcdb51604bd183e06dc180d32f4663852bd0bd7a5873a39
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:32 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: a0111a2443450172e5d2b48d350a8f57 Sha1: 75e89d4cd001303e66a93880f96d6c47e7d665ab Sha256: c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://xfantazy.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15860 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 23 Nov 2022 18:53:49 GMT expires: Thu, 23 Nov 2023 18:53:49 GMT cache-control: public, max-age=31536000 age: 121243 last-modified: Wed, 11 May 2022 19:24:42 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Size: 15860 Md5: e9f5aaf547f165386cd313b995dddd8e Sha1: acdef5603c2387b0e5bffd744b679a24a8bc1968 Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://xfantazy.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15920 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 23 Nov 2022 14:07:32 GMT expires: Thu, 23 Nov 2023 14:07:32 GMT cache-control: public, max-age=31536000 age: 138420 last-modified: Wed, 11 May 2022 19:24:45 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data Size: 15920 Md5: 3a44e06eb954b96aa043227f3534189d Sha1: 23cef6993ddb2b2979e8e7647fc3763694e2ba7d Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:32 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 87de3dd2c7dce12b01a337d1554a222a Sha1: 30e0bd68bbb78995aa8a0686ac02848fd5a7a699 Sha256: 533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 8SuSZ6MSSb335i+DymIAbA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.189.139.67 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.189.139.67 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: WhZhQCHeW3rrYv9NiM059NAULJc= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google-analytics.com/analytics.js FQDN: www.google-analytics.com IP: 142.250.74.174 HASH: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e 142.250.74.174 HTTP/2 200 OK content-type: text/javascript strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20039 date: Fri, 25 Nov 2022 02:41:08 GMT expires: Fri, 25 Nov 2022 04:41:08 GMT cache-control: public, max-age=7200 age: 6804 last-modified: Tue, 27 Sep 2022 22:01:05 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1325) Size: 20039 Md5: 47e6f374ca946fddd5b59871b325736c Sha1: baa9282efc8785e84d247c3bff518eaa45f101c4 Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js FQDN: cdn.jsdelivr.net IP: 151.101.85.229 HASH: 73c6bbad275690c160ed6e68c4cd317e8c8bc46e3ca5a1445d6195bfa3ef100b 151.101.85.229 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * cache-control: public, max-age=604800, s-maxage=43200 cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload x-jsd-version: 1.249.0 x-jsd-version-type: version etag: W/"346a1-5pJjF6sMSAvD5NiPdWPuLzoQQcw" content-encoding: gzip accept-ranges: bytes date: Fri, 25 Nov 2022 04:34:32 GMT age: 36610 x-served-by: cache-fra-eddf8230060-FRA, cache-bma1682-BMA x-cache: HIT, HIT vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 85108 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 (with BOM) text, with very long lines (587) Size: 85108 Md5: 48c6510db10510d25a14e132b6c6bd1a Sha1: de1feca854233a18bd70d0484154bcacbd138c1d Sha256: 73c6bbad275690c160ed6e68c4cd317e8c8bc46e3ca5a1445d6195bfa3ef100b
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1 FQDN: ocsp.globalsign.com IP: 104.18.21.226 HASH: a627e02a53ab4ad42a9f02d4705c81e37ac9040094e9bca71c1bd275865fb9a5 104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:32 GMT Transfer-Encoding: chunked Connection: keep-alive Etag: "018A3951B41DEF6AA2ED1611866A7E5A897CA95C" Expires: Fri, 25 Nov 2022 15:00:00 GMT Last-Modified: Fri, 25 Nov 2022 03:00:00 UTC Cache-Control: s-maxage=3600, public, no-transform, must-revalidate CF-Cache-Status: HIT Age: 1984 Vary: Accept-Encoding Server: cloudflare CF-RAY: 76f7ac2b9f1ffac8-OSL --- Additional Info --- Magic: data Size: 16156 Md5: 90c2787d73615138c6abe3e2ca95dcdb Sha1: 98eb8b73fad582e36a94b831d829fb6271bcd1d7 Sha256: a627e02a53ab4ad42a9f02d4705c81e37ac9040094e9bca71c1bd275865fb9a5
GET /zRdVuw7.js HTTP/1.1 Host: a.naturalhealthsource.club User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: a.naturalhealthsource.club/zRdVuw7.js FQDN: a.naturalhealthsource.club IP: 135.181.208.216 HASH: c150c66fcb4046136dbe12330c525eaa6ec2630e5aeb33cd8f82ef326bbc5623 135.181.208.216 HTTP/2 200 OK content-type: application/javascript server: nginx date: Fri, 25 Nov 2022 04:34:33 GMT last-modified: Sat, 22 Oct 2022 11:28:35 GMT etag: W/"6353d3e3-1cfaf" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public vary: Accept-Encoding, Accept-Encoding x-cache: Hit from cloudfront via: 1.1 a30105057fbcc8761b99df13f333a9ea.cloudfront.net (CloudFront) x-amz-cf-pop: ARN54-C1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: 3dhIfSF4qVJIn0erZwVR93Bg4fc358zoUV_hJgeGJlX-w2eKgXtYuw== age: 2570725 x-frame-options: DENY x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 37172 Md5: 9d2fc4e98a8fcb01a3513c2b63d763ee Sha1: 16d6c946c5ea6bf87c47c4ac4ea5a675208faba2 Sha256: c150c66fcb4046136dbe12330c525eaa6ec2630e5aeb33cd8f82ef326bbc5623
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: d9a457f10f38f897731fe1c6cda956052be0e157745902f43f82ed2db038669e 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "2F2DAD5175C4AF75DE29B95E624718E6357D2F7C685C71AF04C2E89B87860AD7" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18524 Expires: Fri, 25 Nov 2022 09:43:17 GMT Date: Fri, 25 Nov 2022 04:34:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1628 Md5: d90c672eff33f4747f496caa2d4af6ff Sha1: 8db2df92ad95e63d25af7aa3902cf29131625fa9 Sha256: d9a457f10f38f897731fe1c6cda956052be0e157745902f43f82ed2db038669e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 17d8f5e3d61b280281d448cd7248ba5a7c74b49d5b912a3d212ca7a768c569db 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EAC3156A5E13751A4CF955318DA2DEDA872F12001D9D7928F0F386A5934D7AF3" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=1283 Expires: Fri, 25 Nov 2022 04:55:56 GMT Date: Fri, 25 Nov 2022 04:34:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 4165 Md5: 37f079f5855e02d16cb6d537ca6d0d55 Sha1: 7b86de9e9f770744b0b80ae65f08eae2a5952c4d Sha256: 17d8f5e3d61b280281d448cd7248ba5a7c74b49d5b912a3d212ca7a768c569db
GET /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F6051542a4ce90e0b3a572b0b%3F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afp%3A1141%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1311919842147%3Ahid%3A65875391%3Az%3A0%3Ai%3A20221125043432%3Aet%3A1669350873%3Ac%3A1%3Arn%3A944215714%3Arqn%3A1%3Au%3A1669350873358294287%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C94%2C267%2C0%2C356%2C0%2C%2C238%2C9%2C%2C%2C%2C1147%3Ans%3A1669350870843%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669350873%3At%3Aonline%20xxx%20video%2032%20Pure%20Taboo%20-%20Gia%20Derza%20%7C%20art%20%7C%20hardcore%20porn%20hardcore%20sex%20reporter%20gif%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xfantazy.com Referer: https://xfantazy.com/ Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A (...) FQDN: mc.yandex.ru IP: 77.88.21.119 HASH: 6e0a6ac8ed96b6e5af727d8d5dd279365a001c94c0f290a7434ed83b6db584e2 77.88.21.119 HTTP/2 200 OK content-type: application/json; charset=utf-8 content-length: 419 date: Fri, 25 Nov 2022 04:34:33 GMT x-content-type-options: nosniff access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Fri, 25-Nov-2022 04:34:33 GMT last-modified: Fri, 25-Nov-2022 04:34:33 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (419), with no line terminators Size: 419 Md5: 5eeab3e669d4c5f05bb905422fb7635c Sha1: 31d0f00129b49bcf3ab28a1db4a6d80a89c0e218 Sha256: 6e0a6ac8ed96b6e5af727d8d5dd279365a001c94c0f290a7434ed83b6db584e2
GET /metrika/advert.gif HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: mc.yandex.ru/metrika/advert.gif FQDN: mc.yandex.ru IP: 77.88.21.119 HASH: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 77.88.21.119 HTTP/2 200 OK content-type: image/gif content-length: 43 date: Fri, 25 Nov 2022 04:34:33 GMT access-control-allow-origin: * etag: "637f41b2-2b" expires: Fri, 25 Nov 2022 05:34:33 GMT accept-ranges: bytes last-modified: Thu, 24 Nov 2022 13:04:34 GMT cache-control: max-age=3600 strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js HTTP/1.1 Host: exploredefinitely.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: exploredefinitely.com/a2/f9/90/a2f990f10476061c719d1c1a (...) FQDN: exploredefinitely.com IP: 173.233.137.60 HASH: 9e8bdeff67ac9724f58ff8430bda2d96bf8964d590f6f1292506cd8b7b99ae46 173.233.137.60 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.19.5 Date: Fri, 25 Nov 2022 04:34:33 GMT Transfer-Encoding: chunked Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: 49020fe8fd88b73df80e1b44d41d7b52 Strict-Transport-Security: max-age=0; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (37164), with no line terminators Size: 13433 Md5: e9be4af3a0cff955b5721db2a014262f Sha1: 62ffd09e6353a6715b7adf3edf6b297ca6185fb0 Sha256: 9e8bdeff67ac9724f58ff8430bda2d96bf8964d590f6f1292506cd8b7b99ae46
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:33 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: d3d2d21ac304813a16da64921ce18ba4 Sha1: 98b1762c675c61eeb18254986461e6b1074ebc92 Sha256: af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-121614197-2&cid=114694667.1669350873&jid=265596840&gjid=1940512941&_gid=1045273581.1669350873&_u=YGBAiEABBAAAAEAAI~&z=156207599 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_ (...) FQDN: stats.g.doubleclick.net IP: 142.251.1.154 HASH: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b 142.251.1.154 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: https://xfantazy.com strict-transport-security: max-age=10886400; includeSubDomains; preload date: Fri, 25 Nov 2022 04:34:33 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 1 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: very short file (no magic) Size: 1 Md5: c4ca4238a0b923820dcc509a6f75849b Sha1: 356a192b7913b04c54574d18c28d46e6395428ab Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /21/fe/39/21fe3950f412e026c33f1b6cee613eba.js HTTP/1.1 Host: skiingsettling.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: skiingsettling.com/21/fe/39/21fe3950f412e026c33f1b6cee6 (...) FQDN: skiingsettling.com IP: 192.243.61.227 HASH: 9263ff392990470cae15de0bf844593ec52641ec9307c097191af49b7d9bd891 192.243.61.227 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.22.0 Date: Fri, 25 Nov 2022 04:34:33 GMT Transfer-Encoding: chunked Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: 380e14514ce9948de1708f5f0bd5b1d6 Strict-Transport-Security: max-age=0; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: data Size: 15048 Md5: aaa60985f261abebc6ca3ae640bbb68b Sha1: 7fdf5fb341305db68c4eb14966f744d9ec460bed Sha256: 9263ff392990470cae15de0bf844593ec52641ec9307c097191af49b7d9bd891 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 3d745fbf6d7563deeac08ec38de8db388536ff113a89fd20e8e51d9fd6f200d1 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "3D745FBF6D7563DEEAC08EC38DE8DB388536FF113A89FD20E8E51D9FD6F200D1" Last-Modified: Tue, 22 Nov 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11865 Expires: Fri, 25 Nov 2022 07:52:18 GMT Date: Fri, 25 Nov 2022 04:34:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: daedbf6ef8bc447ac2d08a42d4c4bf9f Sha1: 2864128c9304bd42925932eda5b14ab62f805081 Sha256: 3d745fbf6d7563deeac08ec38de8db388536ff113a89fd20e8e51d9fd6f200d1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:33 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: d3d2d21ac304813a16da64921ce18ba4 Sha1: 98b1762c675c61eeb18254986461e6b1074ebc92 Sha256: af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69" Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4088 Expires: Fri, 25 Nov 2022 05:42:41 GMT Date: Fri, 25 Nov 2022 04:34:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b75c00c21f5854618bc06d14b8d83c40 Sha1: ae14f585ae9682e6c2fad146c12c00ee4d83e8f3 Sha256: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69" Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4088 Expires: Fri, 25 Nov 2022 05:42:41 GMT Date: Fri, 25 Nov 2022 04:34:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b75c00c21f5854618bc06d14b8d83c40 Sha1: ae14f585ae9682e6c2fad146c12c00ee4d83e8f3 Sha256: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69" Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4088 Expires: Fri, 25 Nov 2022 05:42:41 GMT Date: Fri, 25 Nov 2022 04:34:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b75c00c21f5854618bc06d14b8d83c40 Sha1: ae14f585ae9682e6c2fad146c12c00ee4d83e8f3 Sha256: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8006 x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cIB-AHSrIAMFvKw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 21:35:08 GMT etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075" age: 25165 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8006 Md5: 8b6ee13d43732f7c764a49500d092865 Sha1: 5d15fd672e968d59b541e4d5d0d01cd5e69f4075 Sha256: fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /?rwlrd=961956 HTTP/1.1 Host: d192r5l88wrng7.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: d192r5l88wrng7.cloudfront.net/?rwlrd=961956 FQDN: d192r5l88wrng7.cloudfront.net IP: 54.230.245.16 HASH: 57be907e23c38a73f4928e9b40e671ffc4ed77bdb0c24e75688db985e7415981 54.230.245.16 HTTP/2 200 OK content-length: 112410 date: Fri, 25 Nov 2022 04:34:33 GMT access-control-allow-origin: * cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-encoding: gzip pragma: no-cache x-cache: Miss from cloudfront via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: uYlJrV3etWzkxzC5EKn3zNrjWgnAHyZl2RkVXCYhWi4mH6Dx6PDyiQ== X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 112804 Md5: 54549123ccb5f3ce81037bddff2c4563 Sha1: 1ca7285a5d8bec106b0fb8822131ad7ffe379cec Sha256: 57be907e23c38a73f4928e9b40e671ffc4ed77bdb0c24e75688db985e7415981
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 72f2913f7c0770ebab0f2683bdc1ec5a5db8872e8f2c62a8fd5c9178b95dbb06 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4270 x-amzn-requestid: 7327f8fb-804b-4d09-83dc-628e35ffa74b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cIB8xFwXoAMFkqQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637fe384-33f83cea2c585279140f4f59;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: NLXTbS53l_c-lByM8Ym4_tfOlgP2lB-F1dYxOSfdeEfBSM41X0Cpug== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 21:35:01 GMT etag: "6217a262002244ef3f2e8034076a735cafd9888a" age: 25172 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4270 Md5: 648677a7e7bab1896a190d2e5fb7243c Sha1: 6217a262002244ef3f2e8034076a735cafd9888a Sha256: 72f2913f7c0770ebab0f2683bdc1ec5a5db8872e8f2c62a8fd5c9178b95dbb06
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.156 HASH: d2c786795613bca9a9bee9143dc278307b828a07b40880cfa20e087895aa359a 143.204.42.156 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=124697 Date: Fri, 25 Nov 2022 04:34:33 GMT Etag: "637f7219-1d7" Expires: Sat, 26 Nov 2022 15:12:50 GMT Last-Modified: Thu, 24 Nov 2022 13:31:05 GMT Server: ECS (dcb/7EA6) X-Cache: Miss from cloudfront Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: qG8UJ3aDlR7jn1ziPF0jBGqidMqKtqIARADeklLTf7nBlxuV6sD0oQ== Age: 6105 --- Additional Info --- Magic: data Size: 471 Md5: 5348b4ee74a9c894db836c2b61cc7086 Sha1: 9a65195ea94f2f7326007ad86ca1675010f4c00e Sha256: d2c786795613bca9a9bee9143dc278307b828a07b40880cfa20e087895aa359a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3955 x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cCM9NGJHoAMF4sQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ== via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 02:07:28 GMT age: 8825 etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3955 Md5: 4006a9037ab5f28dca62b0aa7a704c41 Sha1: 74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8277 x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cIB-KFtmIAMF00Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: rIKW7gaK37mlbk_TUo63AH9-XDOoF3Z-5mGaeOkzmESFLJ3GHz60lA== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 21:35:10 GMT etag: "6a8504212141af411a18ce58960c8bb52e8116ac" age: 25163 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8277 Md5: f59a591b222397ff0f01c22a0786e660 Sha1: 6a8504212141af411a18ce58960c8bb52e8116ac Sha256: 624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1
GET /stats HTTP/1.1 Host: simplewebanalysis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: simplewebanalysis.com/stats FQDN: simplewebanalysis.com IP: 18.185.190.54 HASH: e5c980cce45df1a35d4bdb8a268997c712386321634d49ef1a4c2faca9fa7350 18.185.190.54 HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Fri, 25 Nov 2022 04:34:33 GMT content-length: 40 server: fasthttp access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true set-cookie: uid_id2=5ec3dee3-f9ea-424d-9c3b-07c9d3564787:2:1; expires=Mon, 22 Nov 2032 04:34:33 GMT; secure; SameSite=None X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 40 Md5: e499c89a7ed56bbc9ed84e86f71c907b Sha1: bbd0ce2be91f544f014813c17379e9d26ed075aa Sha256: e5c980cce45df1a35d4bdb8a268997c712386321634d49ef1a4c2faca9fa7350
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.156 HASH: d2c786795613bca9a9bee9143dc278307b828a07b40880cfa20e087895aa359a 143.204.42.156 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=122578 Date: Fri, 25 Nov 2022 04:34:33 GMT Etag: "637f7219-1d7" Expires: Sat, 26 Nov 2022 14:37:31 GMT Last-Modified: Thu, 24 Nov 2022 13:31:05 GMT Server: ECS (bsa/EB20) X-Cache: Miss from cloudfront Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: cV1v1JjbSH5QdNkhbTVkElB25wIOVU8255YJb-DoTmx_NAAwBn0V5Q== Age: 3986 --- Additional Info --- Magic: data Size: 471 Md5: 5348b4ee74a9c894db836c2b61cc7086 Sha1: 9a65195ea94f2f7326007ad86ca1675010f4c00e Sha256: d2c786795613bca9a9bee9143dc278307b828a07b40880cfa20e087895aa359a
GET /stats HTTP/1.1 Host: simplewebanalysis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: simplewebanalysis.com/stats FQDN: simplewebanalysis.com IP: 18.185.190.54 HASH: c861f1710e050ee6a555055b56422809892e238a2d47ded41f2087ee0395e970 18.185.190.54 HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Fri, 25 Nov 2022 04:34:34 GMT content-length: 40 server: fasthttp access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true set-cookie: uid_id2=d0595856-e3f8-48d6-a6d3-a9c57ab29ee2:2:1; expires=Mon, 22 Nov 2032 04:34:34 GMT; secure; SameSite=None X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 40 Md5: 639dac7fab97701f3d099ce28969563c Sha1: 04ac4f5f541515e6aa88d95320e2d425f73730f7 Sha256: c861f1710e050ee6a555055b56422809892e238a2d47ded41f2087ee0395e970
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 0ad073449cdc28013c246ef309c9c3792f582172d4686af74f0b737cb68df6f1 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "0AD073449CDC28013C246EF309C9C3792F582172D4686AF74F0B737CB68DF6F1" Last-Modified: Wed, 23 Nov 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14758 Expires: Fri, 25 Nov 2022 08:40:32 GMT Date: Fri, 25 Nov 2022 04:34:34 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 4f86e152e080297ee8cba39a80a13e38 Sha1: f916875bce604836a95a022234321e02b375bb67 Sha256: 0ad073449cdc28013c246ef309c9c3792f582172d4686af74f0b737cb68df6f1
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 3d745fbf6d7563deeac08ec38de8db388536ff113a89fd20e8e51d9fd6f200d1 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "3D745FBF6D7563DEEAC08EC38DE8DB388536FF113A89FD20E8E51D9FD6F200D1" Last-Modified: Tue, 22 Nov 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11863 Expires: Fri, 25 Nov 2022 07:52:18 GMT Date: Fri, 25 Nov 2022 04:34:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: daedbf6ef8bc447ac2d08a42d4c4bf9f Sha1: 2864128c9304bd42925932eda5b14ab62f805081 Sha256: 3d745fbf6d7563deeac08ec38de8db388536ff113a89fd20e8e51d9fd6f200d1
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 0ad073449cdc28013c246ef309c9c3792f582172d4686af74f0b737cb68df6f1 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "0AD073449CDC28013C246EF309C9C3792F582172D4686AF74F0B737CB68DF6F1" Last-Modified: Wed, 23 Nov 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14757 Expires: Fri, 25 Nov 2022 08:40:32 GMT Date: Fri, 25 Nov 2022 04:34:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 4f86e152e080297ee8cba39a80a13e38 Sha1: f916875bce604836a95a022234321e02b375bb67 Sha256: 0ad073449cdc28013c246ef309c9c3792f582172d4686af74f0b737cb68df6f1
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 0ad073449cdc28013c246ef309c9c3792f582172d4686af74f0b737cb68df6f1 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "0AD073449CDC28013C246EF309C9C3792F582172D4686AF74F0B737CB68DF6F1" Last-Modified: Wed, 23 Nov 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14757 Expires: Fri, 25 Nov 2022 08:40:32 GMT Date: Fri, 25 Nov 2022 04:34:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 4f86e152e080297ee8cba39a80a13e38 Sha1: f916875bce604836a95a022234321e02b375bb67 Sha256: 0ad073449cdc28013c246ef309c9c3792f582172d4686af74f0b737cb68df6f1
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F6051542a4ce90e0b3a572b0b%3F&charset=utf-8&hittoken=1669350873_73ef624b1d644b5e2cfedad7294766650f23c2227fe97e18941e4b5ad51202e4&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1311919842147%3Ahid%3A65875391%3Az%3A0%3Ai%3A20221125043434%3Aet%3A1669350874%3Ac%3A1%3Arn%3A379714731%3Arqn%3A3%3Au%3A1669350873358294287%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669350870843%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669350874&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)rqnt(3)aw(1)rqnl(1)ti(2) HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 52 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxf (...) FQDN: mc.yandex.ru IP: 77.88.21.119 HASH: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 77.88.21.119 HTTP/2 200 OK content-type: image/gif content-length: 43 date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Fri, 25-Nov-2022 04:34:35 GMT last-modified: Fri, 25-Nov-2022 04:34:35 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F6051542a4ce90e0b3a572b0b%3F&charset=utf-8&hittoken=1669350873_73ef624b1d644b5e2cfedad7294766650f23c2227fe97e18941e4b5ad51202e4&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1311919842147%3Ahid%3A65875391%3Az%3A0%3Ai%3A20221125043434%3Aet%3A1669350874%3Ac%3A1%3Arn%3A73931272%3Arqn%3A2%3Au%3A1669350873358294287%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669350870843%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669350874&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)rqnt(2)aw(1)rqnl(1)ti(2) HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 45 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxf (...) FQDN: mc.yandex.ru IP: 77.88.21.119 HASH: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 77.88.21.119 HTTP/2 200 OK content-type: image/gif content-length: 43 date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Fri, 25-Nov-2022 04:34:35 GMT last-modified: Fri, 25-Nov-2022 04:34:35 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F6051542a4ce90e0b3a572b0b%3F&charset=utf-8&hittoken=1669350873_73ef624b1d644b5e2cfedad7294766650f23c2227fe97e18941e4b5ad51202e4&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1311919842147%3Ahid%3A65875391%3Az%3A0%3Ai%3A20221125043434%3Aet%3A1669350874%3Ac%3A1%3Arn%3A468123273%3Arqn%3A6%3Au%3A1669350873358294287%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669350870843%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669350874&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)rqnt(6)aw(1)rqnl(1)ti(2) HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 99 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxf (...) FQDN: mc.yandex.ru IP: 77.88.21.119 HASH: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 77.88.21.119 HTTP/2 200 OK content-type: image/gif content-length: 43 date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Fri, 25-Nov-2022 04:34:35 GMT last-modified: Fri, 25-Nov-2022 04:34:35 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sfp.js HTTP/1.1 Host: friendshipmale.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: friendshipmale.com/sfp.js FQDN: friendshipmale.com IP: 172.64.202.23 HASH: 6b029a6aabd032aa6389a5b91acb466611397e0ed4e2bf8891d5543db6e177df 172.64.202.23 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Fri, 25 Nov 2022 04:34:33 GMT p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin: * expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: max-age=14400 x-request-id: abee5be725b4c2dc8d34ca6b926cfd80 strict-transport-security: max-age=0; includeSubdomains cf-cache-status: EXPIRED last-modified: Fri, 25 Nov 2022 04:34:33 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xnuN%2FpeI23Bxoc3riqoxzEnfyflhgE0OJuXcUOba0evFFTmAJ3d3NFeWm2bllL4x3jyd8wS6kHUXdMnZpONJ1Zwg7kijZDy%2BCP5wZWmHhb4WczqTl0QdJeLlWEFmIYn8Yh0dpE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 76f7ac31cbc60079-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Size: 27162 Md5: e7e03604b3ce4c388d505f30039573e3 Sha1: c38b5b26be9648732efa959e9aa80858ceac27e7 Sha256: 6b029a6aabd032aa6389a5b91acb466611397e0ed4e2bf8891d5543db6e177df
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F6051542a4ce90e0b3a572b0b%3F&charset=utf-8&hittoken=1669350873_73ef624b1d644b5e2cfedad7294766650f23c2227fe97e18941e4b5ad51202e4&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1311919842147%3Ahid%3A65875391%3Az%3A0%3Ai%3A20221125043434%3Aet%3A1669350874%3Ac%3A1%3Arn%3A646817413%3Arqn%3A5%3Au%3A1669350873358294287%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669350870843%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669350874&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)rqnt(5)aw(1)rqnl(1)ti(2) HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 98 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxf (...) FQDN: mc.yandex.ru IP: 77.88.21.119 HASH: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 77.88.21.119 HTTP/2 200 OK content-type: image/gif content-length: 43 date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Fri, 25-Nov-2022 04:34:35 GMT last-modified: Fri, 25-Nov-2022 04:34:35 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 0ad073449cdc28013c246ef309c9c3792f582172d4686af74f0b737cb68df6f1 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "0AD073449CDC28013C246EF309C9C3792F582172D4686AF74F0B737CB68DF6F1" Last-Modified: Wed, 23 Nov 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14757 Expires: Fri, 25 Nov 2022 08:40:32 GMT Date: Fri, 25 Nov 2022 04:34:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 4f86e152e080297ee8cba39a80a13e38 Sha1: f916875bce604836a95a022234321e02b375bb67 Sha256: 0ad073449cdc28013c246ef309c9c3792f582172d4686af74f0b737cb68df6f1
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F6051542a4ce90e0b3a572b0b%3F&charset=utf-8&hittoken=1669350873_73ef624b1d644b5e2cfedad7294766650f23c2227fe97e18941e4b5ad51202e4&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1311919842147%3Ahid%3A65875391%3Az%3A0%3Ai%3A20221125043434%3Aet%3A1669350874%3Ac%3A1%3Arn%3A701626175%3Arqn%3A7%3Au%3A1669350873358294287%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669350870843%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669350874&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)rqnt(7)aw(1)rqnl(1)ti(2) HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 98 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxf (...) FQDN: mc.yandex.ru IP: 77.88.21.119 HASH: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 77.88.21.119 HTTP/2 200 OK content-type: image/gif content-length: 43 date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Fri, 25-Nov-2022 04:34:35 GMT last-modified: Fri, 25-Nov-2022 04:34:35 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F6051542a4ce90e0b3a572b0b%3F&charset=utf-8&hittoken=1669350873_73ef624b1d644b5e2cfedad7294766650f23c2227fe97e18941e4b5ad51202e4&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1311919842147%3Ahid%3A65875391%3Az%3A0%3Ai%3A20221125043434%3Aet%3A1669350874%3Ac%3A1%3Arn%3A15246786%3Arqn%3A9%3Au%3A1669350873358294287%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669350870843%3Anp%3ATGludXggeDg2XzY0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669350874&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)rqnt(9)aw(1)rqnl(1)ti(2) HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 39 Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxf (...) FQDN: mc.yandex.ru IP: 77.88.21.119 HASH: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 77.88.21.119 HTTP/2 200 OK content-type: image/gif content-length: 43 date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Fri, 25-Nov-2022 04:34:35 GMT last-modified: Fri, 25-Nov-2022 04:34:35 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F6051542a4ce90e0b3a572b0b%3F&charset=utf-8&hittoken=1669350873_73ef624b1d644b5e2cfedad7294766650f23c2227fe97e18941e4b5ad51202e4&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1311919842147%3Ahid%3A65875391%3Az%3A0%3Ai%3A20221125043434%3Aet%3A1669350874%3Ac%3A1%3Arn%3A700058684%3Arqn%3A8%3Au%3A1669350873358294287%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669350870843%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669350874%3At%3Aonline%20xxx%20video%2032%20Pure%20Taboo%20-%20Gia%20Derza%20%7C%20art%20%7C%20hardcore%20porn%20hardcore%20sex%20reporter%20gif%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29rqnt%288%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xfantazy.com Referer: https://xfantazy.com/ Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxf (...) FQDN: mc.yandex.ru IP: 77.88.21.119 HASH: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 77.88.21.119 HTTP/2 200 OK content-type: image/gif content-length: 43 date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: https://xfantazy.com access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Fri, 25-Nov-2022 04:34:35 GMT last-modified: Fri, 25-Nov-2022 04:34:35 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 3bcde7ef68f8d91ea51c79994968ab6a41b5594055d71823cbf13eb16cdad69c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "3BCDE7EF68F8D91EA51C79994968AB6A41B5594055D71823CBF13EB16CDAD69C" Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3846 Expires: Fri, 25 Nov 2022 05:38:41 GMT Date: Fri, 25 Nov 2022 04:34:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 70f8773d7c1eccf4306ad3d53cae01e6 Sha1: 1b2756900ae188b5b8c0eadab8527389ec2c9d2f Sha256: 3bcde7ef68f8d91ea51c79994968ab6a41b5594055d71823cbf13eb16cdad69c
GET /TGlkaGEtCwcFXi1UBk4UPgVZTVMKTFYuBX1QVhpUIFFcHxMiDlNGAiAGEQwHPgYKHE8iDBBNUwo9MD87DwhXLRQPOhMmNSYCNCINFiABWQV7MQ8MEwgtIS0pNlgGLggeKiYAFgAmNy1YHA4xBCc0GjUqUXwvKh8raVsiP1AvASYRFgE9IxslACgMJQcJKA4sGQIeMQUwKig3IS8qEVAOKh0kDykJdAYlBTApLCwpLQA7ITEoHQYOPAoBJTFaGS4/LFE2LQETMSg7IBAgIAYGMiAoCiszADQvBRQqOH0zCj8lAgYyICgvLicmMCgCUSslfCcTPxYgXjEFTCgwKVoJGQoMAyktLzEsNicvUDspBioyIFgbIzVcMgYOCAY2GA1BWicaByoKMBQRMwtReS0COSA+LjY5Ew89FCcwOx08Cw15DwI9IH8/DylHJhoLBhFxPStbKjYgNjgRFC4qDjc6LA HTTP/1.1 Host: pemainedperio.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: pemainedperio.com/TGlkaGEtCwcFXi1UBk4UPgVZTVMKTFYuBX1QV (...) FQDN: pemainedperio.com IP: 54.230.111.124 HASH: d13eed25596ed3cf52e8c4d7b3d03acf8ef2c809b8e98ad253b46aa62aaa6204 54.230.111.124 HTTP/2 200 OK content-type: text/html content-length: 1201 date: Fri, 25 Nov 2022 04:34:35 GMT server: openresty/1.17.8.2 cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" content-encoding: gzip accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache: Miss from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: jCux9lQUXbNRNT7yYLHtgfuB7EcuqiTiSe7I-GhObvkL_dDZUPD8Jg== X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3050), with no line terminators Size: 1201 Md5: cdadb0f273f45ac5b019f9cde9928bc1 Sha1: f23e073711f971994cb5e1c18501e6a4f081f96d Sha256: d13eed25596ed3cf52e8c4d7b3d03acf8ef2c809b8e98ad253b46aa62aaa6204
GET /cUdkZ3YQJQcKSRB6BkEDAytZQkQ3YlYhEkB+VhVDHX9cEAQfIFNJFR0oEQMQAygKE1gfIhBCRDceBlcOOyYsIjs4PgcoIhk0CCsgJw4zP0NEEDEpPDstCy8+CX4cIDIwNTwlQkUKMD4SNT4iKDQjEgsDMBkfJR5GHwNUHzw6FAcrIjdyFSw3BhMxCR4HDzYlJTgUPTQxMAoDLDNAAy8/Gh8QIjUSFwAhATEwAgstHkkENwlDRAUDMT0XKQg9JyQBXAUwAj03CUNEDxwANBQpVSknGHYUAkcWDTM/HgIQHik9FykPBjRBN0FVMDIBCCUhHA1RNiAjIwIkW0UJIQAnGyUiCEUpHxxTITQBAQE+GQk1Vk4ADiYIIzIUKR8iJAoUAS4dIzxWTwAXIjE3Vy0XCBgBejU/LEIVFT4xAwQM HTTP/1.1 Host: pemainedperio.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers	URL: pemainedperio.com/cUdkZ3YQJQcKSRB6BkEDAytZQkQ3YlYhEkB+V (...) FQDN: pemainedperio.com IP: 54.230.111.124 HASH: eafe788b69e0e60ba963388c84af9c11f93feb3f1a1913b88646dca9c42016c5 54.230.111.124 HTTP/2 200 OK content-type: text/html content-length: 1173 date: Fri, 25 Nov 2022 04:34:35 GMT server: openresty/1.17.8.2 cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" content-encoding: gzip accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache: Miss from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: x6kzgJG8fXvja2Zhiqj0HVfhs7Ss8FGVj8COfJSp-V6ZHePFC0t8UQ== X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators Size: 1173 Md5: 527c16188e73dceab8a9f4b3b71edb8d Sha1: 647f75fb9d5f3e167113e1cdac331e46946a17a2 Sha256: eafe788b69e0e60ba963388c84af9c11f93feb3f1a1913b88646dca9c42016c5
GET /d21qTTQWDwkgCxZQCGtBBQFXaAYxSFgLUEZUWD8BG1VSOkYZCl1jVxsCHylSBQIEORoZCB5oBjE3DydmAA4veW4gFV4aVyZYDgtxRl4+DG42PDI9Vy8KJyt9NgIgBGYiVSIhDEA9OT5bNiszCHo1WSAcci4ELXxbLzk9KlIgBSQDUkYVPAt2PRc+JX0yLCkIZjQ8Oyl+JRkwD0MYGykYfiAvOXR8ID9SBn4PNzMIYiFVOgxyEjwtOX01Kw0Ffg8/OwVDFFQyOm42JQA9UjUGKA9SGzwvG2E6IDI6bjYvEy5hNgY4G1IjCjgcXzZfPgx2ITwdNVI1BkcMdzgrUgV5IitPf3YjFRoMYyAZIw92FDsmH3IVOz8EfSQsOA9lP1gmD3ExOwwIRCQqOwRGPysZBGIvGlIPYTUrMwhbJC8/fBFFK0wnRxgDGnBlEh8OJn86CDh5 HTTP/1.1 Host: pemainedperio.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers	URL: pemainedperio.com/d21qTTQWDwkgCxZQCGtBBQFXaAYxSFgLUEZUW (...) FQDN: pemainedperio.com IP: 54.230.111.124 HASH: 2eb921476c542c3556c68943318362475181e27208b3e17e6ab919b0098c2ff8 54.230.111.124 HTTP/2 200 OK content-type: text/html content-length: 1188 date: Fri, 25 Nov 2022 04:34:35 GMT server: openresty/1.17.8.2 cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" content-encoding: gzip accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache: Miss from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: MOMBSX4Zy3kzRh1qkVtXwNTxyoLUEphIaIAu7zqX95KJPut1X7eFzg== X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3037), with no line terminators Size: 1188 Md5: 195f8264ece24c9d9efc5b7b15d56a33 Sha1: 2b20f6996527b9b885340ce8c085e68077e30ab5 Sha256: 2eb921476c542c3556c68943318362475181e27208b3e17e6ab919b0098c2ff8
GET /QW1vUUxuUgwicSQqACgdFlQlCSsxXDlhfRUsJxcbEDtXECkHGkklJSVQVmd9eFhZdzwoCVJifmceGzA4NB5SYGooAwk+cWcbUmFieUNeY2JxSxpsfWcZHzArfFxJITg1AVJgendUXGR8eVpcZHpw HTTP/1.1 Host: engingsecondu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: engingsecondu.com/QW1vUUxuUgwicSQqACgdFlQlCSsxXDlhfRUsJ (...) FQDN: engingsecondu.com IP: 104.21.55.224 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.21.55.224 HTTP/2 204 No Content date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6svrCzp5Fl7AEMCqzJiwmFO4v0c5c4DAKxcMv3L9Q926ylVFIZFrJ9Cw8BroO%2F4niKJO9NElCcO5DyaYuVehph3B0LPpWhrN6Ci2b5UW9WzxmWP9GXWpQzDKctDOBSZK8y12w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f7ac3999f80b59-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MVlUa3keZjcYRH8BJAQoWzIRPxVzaxU6O3UOOiI4dRxtChxGNnIfEFVkbV1ICGxiTQlYPWlYSxcqIAoNRCppWUkBbnICF1c2aVpfR2RkRUEfaGZFSRcsaVpfRSk1DEQAfyQfDV1kZV1PCGphW0EGamFdTQ HTTP/1.1 Host: engingsecondu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: engingsecondu.com/MVlUa3keZjcYRH8BJAQoWzIRPxVzaxU6O3UOO (...) FQDN: engingsecondu.com IP: 104.21.55.224 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.21.55.224 HTTP/2 204 No Content date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2Fz5xbGAGFUhnbiWc%2BFvt%2BbCJuQ8Wx6GSoc1XC4TL2JM%2F1IwRJS%2BE7Q5LyY8sLUdhmz813v9g%2Bt8%2FZjaK%2FpAsjaXjBiP63J9m%2F8oCUnFe9d5U0dWpLXmH1i%2FMsVNSDzVY0XgSA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f7ac3999fc0b59-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /OWVBcDQWWiIDCV0yCyVgUiMCJllrUiQlemoHCRgBaDMXGFFhBmcEXV1YeEYGCVR1VkRQAXxBEkoRIARBSlhwVl1XAy5NEk9YcF4HDUtyQRoIQzRNBR8RMRFTBFRnAEBNCXxBAg9cckUEAVJyRgUP HTTP/1.1 Host: engingsecondu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: engingsecondu.com/OWVBcDQWWiIDCV0yCyVgUiMCJllrUiQlemoHC (...) FQDN: engingsecondu.com IP: 104.21.55.224 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.21.55.224 HTTP/2 204 No Content date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2Z4TI5hKGJxttNqE0miefwU5pzNc6InZyYIEOZez%2BCyC2uEJIJKFXhkE%2FcumRNNXs6WjHEElMFLMra4TmILQ8srBekpwcfMTnD54h7dNc2PPkcWXCIs9QUorRZN4x3Yh0wsVw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f7ac3999fa0b59-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d2tTRDFYVDA3DC0GJwdjMQ8LHF89HAkCdxYPPXVaIj1idFUaPnUwWBNWanIDR1phYkEeD251CVEYJyVFAhhudRceBTUrDFEdbnUfR0VhagNRHm51FwMbMiMMRk0jMEUbVmJyB05YZnQJQFhmcwg HTTP/1.1 Host: engingsecondu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: engingsecondu.com/d2tTRDFYVDA3DC0GJwdjMQ8LHF89HAkCdxYPP (...) FQDN: engingsecondu.com IP: 104.21.55.224 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.21.55.224 HTTP/2 204 No Content date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwMuhjoxMttJLH5uYAE23UPTuzv6%2FGYR66IciqJUwCepkpZHjD1lJf%2B3UBamXGbi4RXjCdanTYKCQ84sNfaM4v7DpLlglxoi6JsRCj%2B5y0%2BtlNlqhSM7Tp3G7rgXb0wQBDpOeQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f7ac39a9fe0b59-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /TXlKdHRiRikHSQMUJjciCSgCLCw9Hg41OhwaDSU6CUgyAxYcGmwAHSlEc0JFdEx8UgQkHXdHRmsKPhUAOAp3RkR9TmwdGisWd0VSO0R6WkxjSHhaRGsMd0VSOQkrE0l8XzoAACFEe0JCdEp/REx6TXxCRA HTTP/1.1 Host: engingsecondu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 TE: trailers	URL: engingsecondu.com/TXlKdHRiRikHSQMUJjciCSgCLCw9Hg41OhwaD (...) FQDN: engingsecondu.com IP: 104.21.55.224 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.21.55.224 HTTP/2 204 No Content date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Chcct3FWzZyQLeWIFpzwL5jKK4vT%2BO7M24NT3jGbbEz62fNOJdl7EWkpjXCGi%2BD4oWPkFgG0t2m87AevOYkjwoSLUZIry7L4qMvR1CpSjtsI3ClNsIeoloV9GK1WiFGU49%2FK%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f7ac39ba010b59-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: af1876e84a84e68805ab80adff1a3aff55be92c87af888dda8cb83b85fbb773d 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "AF1876E84A84E68805AB80ADFF1A3AFF55BE92C87AF888DDA8CB83B85FBB773D" Last-Modified: Thu, 24 Nov 2022 13:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4059 Expires: Fri, 25 Nov 2022 05:42:14 GMT Date: Fri, 25 Nov 2022 04:34:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c2c3b6f01bcf5f0b23525c971d471b78 Sha1: 645ea202a65555a197d287d6b01e492a8dfc4b0a Sha256: af1876e84a84e68805ab80adff1a3aff55be92c87af888dda8cb83b85fbb773d
GET /Yb0xJaHEMIycOThslLVVIWX55WUNJJjoHHx9xGDArXB44MTYdDyFOBRUodFhXAy0nD0xJKScLTF5qKAwTUnhvHRBSISYSGAMgKE1DKXlnWFRdfGEfGAEoJh8CSn55BgVKfnlZQUF8bFszSn55HxgBen1NQi1pe1gJWXhsWzNKfnkaB0p/CFlBWmJ5QVRdfC-4NEgQjbFo3XXx4WEFefHhNQ18qIBoUCSMxTUMpfXldX19qPFVA HTTP/1.1 Host: d192r5l88wrng7.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pemainedperio.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: d192r5l88wrng7.cloudfront.net/Yb0xJaHEMIycOThslLVVIWX55 (...) FQDN: d192r5l88wrng7.cloudfront.net IP: 54.230.245.16 HASH: c825e813d8728f5c56841c931885d1513c0759ccca22ec0e46eac50fc5df89b1 54.230.245.16 HTTP/2 200 OK content-length: 186 date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: * cache-control: max-age=31556926 content-encoding: gzip x-cache: Miss from cloudfront via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: onngDEFOVnyzh3HeFQwRjGLtSsvhBEvpwrF3zZeTHBkBF_PyPMCPKA== X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 186 Md5: e0a207ef3d36a204d24734ce085f1379 Sha1: 55ee3db01569c5e3825dfddb4f27f1f503bcacc7 Sha256: c825e813d8728f5c56841c931885d1513c0759ccca22ec0e46eac50fc5df89b1
GET /TTWZCa3EuCSwNTjkPJlZIe1d7XkdrDDEEHz1bFiRCBhwLOSE9PgUlFxsQB00FNwJ/W1chBywMTGsDLAhMfEAjDxNwUmQfASINfx4fKQMkAh8oAmQeEHALLREYIQojTkMLU2xbVH9WahwYIwItHAJoVHIFBWhUclpBY1ZnWDNoVHIcGCNQdk5CD0NwWwl7Um-dYM2hUchkHaFUDWkF4SHJCVH9WJQ4SJglnWTd/VnNbQXxWc05DfQArGRQrCTpOQwtXcl5ffUA3VkA HTTP/1.1 Host: d192r5l88wrng7.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pemainedperio.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: d192r5l88wrng7.cloudfront.net/TTWZCa3EuCSwNTjkPJlZIe1d7 (...) FQDN: d192r5l88wrng7.cloudfront.net IP: 54.230.245.16 HASH: 1fd564326a17456dc0969331f842825e8c079a05958bcd1442fe17aef9825f9c 54.230.245.16 HTTP/2 200 OK content-length: 332 date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: * cache-control: max-age=31556926 content-encoding: gzip x-cache: Miss from cloudfront via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: IHKXG9o0vD_5_Q_-ydZcD4juw8tqs-Zc-bCgHnbbzhSLuHj4VsuGTw== X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (420), with no line terminators Size: 332 Md5: 85347d342ddde5b99d1afcc294044efe Sha1: fa6f007670660888936a584af2ad2db13d206015 Sha256: 1fd564326a17456dc0969331f842825e8c079a05958bcd1442fe17aef9825f9c
GET /ZejRwcE4ZWx4WcQ5dFE13TAZAQXpcXgMfIAoJIRU8Hl87PSsoAFYENB4JQFYiG1oXTWgfWhNNf1xVFBJzThIEACERCQQdJRtZBwovCUJWBS9HWR8KJxZYEVV8PAFeQGtIBFgHJxRQHwc9XwZAHjpfBkBBflQEVUMMXwZABycUAkRVfTgRQkA2TABVQwxfBk-ACOF8HMUF+TxpAWWtIBBcVLRFbVUIISARBQH5LBEFVfEpSGQIrHFsIVXw8BUBFYEoSBU1/ HTTP/1.1 Host: d192r5l88wrng7.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pemainedperio.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: d192r5l88wrng7.cloudfront.net/ZejRwcE4ZWx4WcQ5dFE13TAZA (...) FQDN: d192r5l88wrng7.cloudfront.net IP: 54.230.245.16 HASH: beff21e9130511bff124036ac13b1797023608c1bd76663263b1b12ed9017656 54.230.245.16 HTTP/2 200 OK content-length: 594 date: Fri, 25 Nov 2022 04:34:35 GMT access-control-allow-origin: * cache-control: max-age=31556926 content-encoding: gzip x-cache: Miss from cloudfront via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: WFm3n3Opnq6P2uLm3gOvCSRPBcWmfZFU1JxyPWP5MTu6-xfb5n8srA== X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (818), with no line terminators Size: 594 Md5: 9ac2709f84aed4fe2a3bda8766c2c331 Sha1: 36950dd4b6e56da45f69a5460faa16aca8400d66 Sha256: beff21e9130511bff124036ac13b1797023608c1bd76663263b1b12ed9017656
GET /api/spots/289411?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid= HTTP/1.1 Host: a.naturalhealthsource.club User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: a.naturalhealthsource.club/api/spots/289411?host=xfanta (...) FQDN: a.naturalhealthsource.club IP: 135.181.208.216 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 135.181.208.216 HTTP/2 200 OK server: nginx date: Fri, 25 Nov 2022 04:34:35 GMT content-length: 0 set-cookie: nauid=rvtGXWtHTO1ozcgUayK0; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None cache-control: private X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/spots/380873?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid= HTTP/1.1 Host: a.naturalhealthsource.club User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: a.naturalhealthsource.club/api/spots/380873?host=xfanta (...) FQDN: a.naturalhealthsource.club IP: 135.181.208.216 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 135.181.208.216 HTTP/2 200 OK server: nginx date: Fri, 25 Nov 2022 04:34:35 GMT content-length: 0 set-cookie: nauid=ZMfKcJkOobCykmcyHSzJ; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None cache-control: private X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/spots/391860?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid= HTTP/1.1 Host: a.naturalhealthsource.club User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: a.naturalhealthsource.club/api/spots/391860?host=xfanta (...) FQDN: a.naturalhealthsource.club IP: 135.181.208.216 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 135.181.208.216 HTTP/2 200 OK server: nginx date: Fri, 25 Nov 2022 04:34:35 GMT content-length: 0 set-cookie: nauid=f53T3wN5IPdKkshJoJGX; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None cache-control: private X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/spots/406858?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid= HTTP/1.1 Host: a.naturalhealthsource.club User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: a.naturalhealthsource.club/api/spots/406858?host=xfanta (...) FQDN: a.naturalhealthsource.club IP: 135.181.208.216 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 135.181.208.216 HTTP/2 200 OK server: nginx date: Fri, 25 Nov 2022 04:34:35 GMT content-length: 0 set-cookie: nauid=KPnC3FUMOHbRfXMilo2d; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None cache-control: private X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js HTTP/1.1 Host: lightssyrupdecree.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lightssyrupdecree.com/4d/0a/fc/4d0afc2425eea6b0cd5a468c (...) FQDN: lightssyrupdecree.com IP: 173.233.137.60 HASH: e469f151b684d830e941baddfab1a5c2f62375a83c8b278f92c020c8cecf0c44 173.233.137.60 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.19.5 Date: Fri, 25 Nov 2022 04:34:35 GMT Transfer-Encoding: chunked Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: 83783d652f08a8eb7b8e909576a54bcd Strict-Transport-Security: max-age=0; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators Size: 28771 Md5: ea0d2ba24b25b72c55a3d5577127fe77 Sha1: dc0b936b38b3dc581478914bec0a85e3e26e6fcf Sha256: e469f151b684d830e941baddfab1a5c2f62375a83c8b278f92c020c8cecf0c44 Alerts: Blocklists: - quad9: Sinkholed
GET /01/f7/5a/01f75a95a38a8db0a8e82d995253a076.js HTTP/1.1 Host: reproductiontape.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: reproductiontape.com/01/f7/5a/01f75a95a38a8db0a8e82d995 (...) FQDN: reproductiontape.com IP: 173.233.137.36 HASH: 43726cc7718a282288aa1c1a3fc1fd470a962dd2ff8f6f48a4701ebce3842f09 173.233.137.36 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.19.5 Date: Fri, 25 Nov 2022 04:34:35 GMT Transfer-Encoding: chunked Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: f99fd7e033cc8d03942239846df73487 Strict-Transport-Security: max-age=0; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators Size: 28777 Md5: 3481dd7c44e9f372ff3822fd63755625 Sha1: b2bdc7c5d59e24d27309f3802416325abf5836da Sha256: 43726cc7718a282288aa1c1a3fc1fd470a962dd2ff8f6f48a4701ebce3842f09 Alerts: Blocklists: - fortinet: Malware - quad9: Sinkholed
GET /sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2 HTTP/1.1 Host: lightssyrupdecree.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: lightssyrupdecree.com/sbar.json?key=a2f990f10476061c719 (...) FQDN: lightssyrupdecree.com IP: 173.233.137.60 HASH: 2afee4cb02d1537a8928efd0296eda571691f454197e2803268c35384fb72f4c 173.233.137.60 HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Server: nginx/1.19.5 Date: Fri, 25 Nov 2022 04:34:35 GMT Transfer-Encoding: chunked Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Custom-Referer: https://xfantazy.com Access-Control-Allow-Origin: https://xfantazy.com Access-Control-Allow-Credentials: true Set-Cookie: u_pl=15600826; expires=Sat, 26 Nov 2022 04:34:35 GMT; secure; SameSite=None pdhtkv=true; expires=Sat, 26 Nov 2022 04:34:35 GMT; secure; SameSite=None uncs=1; expires=Sat, 26 Nov 2022 04:34:35 GMT; secure; SameSite=None pdhtkv29=true; expires=Sat, 26 Nov 2022 04:34:35 GMT; secure; SameSite=None uncs29=1; expires=Sat, 26 Nov 2022 04:34:35 GMT; secure; SameSite=None Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: 8cb757c829a10ad54057405ff40efbdf Strict-Transport-Security: max-age=0; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (5664), with no line terminators Size: 4030 Md5: 3749a813efb32386534fef5d8fa99559 Sha1: 4ea6adac0e1afbd81d37820206a305e46e2f6935 Sha256: 2afee4cb02d1537a8928efd0296eda571691f454197e2803268c35384fb72f4c Alerts: Blocklists: - quad9: Sinkholed
GET /sbar.json?key=21fe3950f412e026c33f1b6cee613eba HTTP/1.1 Host: reproductiontape.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: reproductiontape.com/sbar.json?key=21fe3950f412e026c33f (...) FQDN: reproductiontape.com IP: 173.233.137.36 HASH: 98831f01671627208e3276eaa4a1bec92b2315b88b8172704d918e71249b223a 173.233.137.36 HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Server: nginx/1.19.5 Date: Fri, 25 Nov 2022 04:34:35 GMT Transfer-Encoding: chunked Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Custom-Referer: https://xfantazy.com Access-Control-Allow-Origin: https://xfantazy.com Access-Control-Allow-Credentials: true Set-Cookie: u_pl=17661735; expires=Sat, 26 Nov 2022 04:34:35 GMT; secure; SameSite=None pdhtkv=true; expires=Sat, 26 Nov 2022 04:34:35 GMT; secure; SameSite=None uncs=1; expires=Sat, 26 Nov 2022 04:34:35 GMT; secure; SameSite=None pdhtkv29=true; expires=Sat, 26 Nov 2022 04:34:35 GMT; secure; SameSite=None uncs29=1; expires=Sat, 26 Nov 2022 04:34:35 GMT; secure; SameSite=None Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: b097bbd7c745279b6b0ca54d4dface58 Strict-Transport-Security: max-age=0; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: JSON data\012- , Unicode text, UTF-8 text, with very long lines (6023), with no line terminators Size: 4320 Md5: 1d299b19171bd800078c90e2b42c7c28 Sha1: 482786018cbd785f5819e86fd17b35cdb3a10a07 Sha256: 98831f01671627208e3276eaa4a1bec92b2315b88b8172704d918e71249b223a Alerts: Blocklists: - fortinet: Malware - quad9: Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3o0X9aCyFxFljgoy6Z6fTMY9LMbdSDQmcXcl5%2Bqq6kk51VVNVff0ZEAIuyB7ktmbeup8k2xYDeJeBUEmXiQg2CISxBz05MWLsFdlJgPjPqh676vvHb7vvfp4PzsnPjJ6tvWeGUil6GKz6lde3Zaam9xVNm5XAr%2FqX61sS73UuFrpTy7beyPwm1X%2FtcrbgnXNYs0PfD%2Fwg8qqtCIy%2FcUpC5kct4Nq2682atWg2UDfPold5sFRD7x3Tl6A5OVTOz88gmRj6Pjr68J1U5O8fiPOFE2NRY8ffaC72uQa8byMrIdIH826YVxJyKeXYPTRzAFM72DiAKEsifdrgFAfzWQi7B1eKA0VhEbIn0HeG0OoMSQdg5m7kPwnAjCOjU3o%2BMGGsTndvWDphC3JwuN%2FIPOSLPx%2BBTr%2BakXJfuWWUVkqjXboRwVkfwzZGSPJTpAOPMj8BCy9A8l%2FJIuP16Hjg02nDCQvpu6lHENGYygxBHUessmRHrLIQ5Z4iPlZhTbbke%2B3ojCq15cbjLF6nbHm8hJv8npjOfKRsYm8IdJkCKaGYHYPid1DV94vCblzAJt9B7dTwHEPLi2J9%2F4eerxALghyR5BTglwS5ClB3isOuXI1VzzgymVhMMu1Wa4XI5N29umhSTtCk%2F3knDw%2FHc7fz36Drjir0FrUbvtR4DdaS%2F5SwFpBmwcsoLROa4LxGpwsIN2lqd%2BBLMmVl%2F5AMtnYR%2F8ipCdw6gRMPgeavQyaj1o1H3Rn1Fj2MdDH%2FYjqlA52q8zE4KZAki4g3fX21Tl5caqjffonBDu99vCzSXwOZgsktsCH8nuCjro3umlycnDT5I482kxSGcsBnSzwVkpTcfmLd8Vubixfu%2B6GD99kE2JSHt8WLl2nmkvdceTLFcm5sKvGMkG%2BXXPbItzK3M5KZnWWrG%2B9tboWJ1Y4J40eg8qSkE%2F%2BApMlebr7zvRzvvJLC9KOYbMCcXZKZgFpxmDJHlwy1%2B8MgVXznjDxkGfFyNbC%2BaOSBErMMQ0LuP%2FhcF7vu3voWA80vQsdF%2BjZAj1VgKohXHZ5lCb29NrP9WkgVN4oVNY7CJVV9y%2BG6%2BRZRTQjPxJ%2BTYRRO4xa1OftqNEOaTsQrbBJA6SuZHs3fvsPAAD%2F%2FwEAAP%2F%2FjXDSFHQEAAA%3D HTTP/1.1 Host: lightssyrupdecree.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lightssyrupdecree.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWg (...) FQDN: lightssyrupdecree.com IP: 173.233.137.60 HASH: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c 173.233.137.60 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx/1.19.5 Date: Fri, 25 Nov 2022 04:34:35 GMT Content-Length: 7 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: d897b9c35d32e58954ab55997b6896e4 Strict-Transport-Security: max-age=0; includeSubdomains --- Additional Info --- Magic: ASCII text, with no line terminators Size: 7 Md5: 132d6af1b46048b45cf86cdee7991d31 Sha1: eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c Alerts: Blocklists: - quad9: Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2sbRxSeTVwoDYW25NJDg25toci7%2BmFbzcHUTRxMXdtNUnyemZ2Vph7NLDM7WlmXmgRKDj0otx7Xn%2By4P0JoTu2lEORcWkMh6qGYUkP%2BhkKgtyJZoObBzHvffO%2Fwfe%2FNV%2Fv%2BjITw9HTrU9OTStH5ejksvbctdWxyV9q4XYrCcni1tC31Qu1qqTu%2BbOfDKKyXw%2FdLNwTfMfOVMArDKIxKq9KKxHTnJyxk%2BrARlRthuVYpR%2FUauvZl7HwARwPEnTPyFmQ8eqX162NIPoRu%2F3hNuJ3MpB9cb3tFM2PRiY8%2B1zva5BrtWZnYAIk%2BmnbDuBEh31yA0UdTBzCdg7EDMDkiwZ8RmD6aygTrHJ4rZQpCg8WXkHeGEGoISYfg5i5k%2FIwAPMbGJnT7wYaxOd09Z%2BmYHZG5F%2F9A5iMy9%2Fdl6PajFSW7pVtG%2BUwa7dBNCsjuELI5ROqPkfUCyPwYPLsDGf9O5l%2BsQ7cPNp0ykHExcS%2FlEDIZQok%2BqAvgx0cG8EkAnwZox6clWm8kYbiYsKRaXapxzqtVzutLC3E9rtaWkhCej%2BX1kaV9cNUHt3tI7R525P0RIXcOYP0TuFYBFwdw2YgEn%2B2hExfIBUHuCHJKkEuCPCPIO8VhrFzFFQ9i5TyLprkyzdViYLLmPj00WVNosp%2BekTfHwwle%2F%2FJd7IjTUiVKRLVRD5NaVBFhZYFXq0nEFrgQC1FVMAonC0h3YeK3J0fkSv0SUjkiry4%2FAaPHcOoYXL4B6t8BzQeLlRC0NagthejpnzXNvKWqJajKWs54y0WZK88QmwJpNodsN9hXZ%2BTtycIaP30LwU%2BWf3t%2B49Hl3nNwWyC1Bb6QTwma6t7gpsnJwU2TO%2FJ4M81kW%2FboeJm3MpqJi99%2FInZzY%2BO1a67%2F3Ud8TIzLh7eFy9apjqVuOvLDioxjYVeN5YL8sua2BdvyrrXirfbp%2BtbHq2vt1ArnpNFDUPnMfQ0uR%2BQ1cTj5plee%2Fgtph7C%2BQNufkGlAmiF4ugeXztQ7Q2DVrIelAXJfDGyFzR6VJFBihikr4P6H2azed%2FfQtAFodhe6XaBjC3RUAar6cP7iIEvtyfIf1UmAqWDAlA0OmLLq%2FvlonTwtiXoSJiKsCJY0WLJIw7iR1BqMNiKxyOo0QuZGfO%2F6X%2F8BAAD%2F%2FwEAAP%2F%2FPkGSC34EAAA%3D HTTP/1.1 Host: reproductiontape.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Cookie: u_pl=17661735; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: reproductiontape.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2sb (...) FQDN: reproductiontape.com IP: 173.233.137.36 HASH: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c 173.233.137.36 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx/1.19.5 Date: Fri, 25 Nov 2022 04:34:35 GMT Content-Length: 7 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: 5eaa5a6a0316ecc9a9e7a58f5f0bc54e Strict-Transport-Security: max-age=0; includeSubdomains --- Additional Info --- Magic: ASCII text, with no line terminators Size: 7 Md5: 132d6af1b46048b45cf86cdee7991d31 Sha1: eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c Alerts: Blocklists: - fortinet: Malware - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 906b12ecb187e42e1a0522ad8a6418b1901f7c87adb31afe4b602e3756ade39f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "906B12ECB187E42E1A0522AD8A6418B1901F7C87ADB31AFE4B602E3756ADE39F" Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9333 Expires: Fri, 25 Nov 2022 07:10:09 GMT Date: Fri, 25 Nov 2022 04:34:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: e35fa4dae40bd0e50b8721139c5c1e96 Sha1: 29c62a374706992243f28a55ccde2c170e0957f4 Sha256: 906b12ecb187e42e1a0522ad8a6418b1901f7c87adb31afe4b602e3756ade39f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 94a7bd6ac9bd7809afd8615a15a598f0bd81c00d65739193a7d26a1e0b400b49 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "94A7BD6AC9BD7809AFD8615A15A598F0BD81C00D65739193A7D26A1E0B400B49" Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2054 Expires: Fri, 25 Nov 2022 05:08:50 GMT Date: Fri, 25 Nov 2022 04:34:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d363aefd1a49a8d1bee47992e20e469c Sha1: c6f6d65427abcb94cf47475bcc5eeba92dc5eb88 Sha256: 94a7bd6ac9bd7809afd8615a15a598f0bd81c00d65739193a7d26a1e0b400b49
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 9d1088838a00c0d99333fb0e41c67616e11f6df0169d4337a38ac3384e66aca4 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9D1088838A00C0D99333FB0E41C67616E11F6DF0169D4337A38AC3384E66ACA4" Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10886 Expires: Fri, 25 Nov 2022 07:36:02 GMT Date: Fri, 25 Nov 2022 04:34:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f46bbbaed40ddd7d66dc07a510d128e6 Sha1: 63f0c610a767c70c337b06cfaa01a7a152249196 Sha256: 9d1088838a00c0d99333fb0e41c67616e11f6df0169d4337a38ac3384e66aca4
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 9d1088838a00c0d99333fb0e41c67616e11f6df0169d4337a38ac3384e66aca4 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9D1088838A00C0D99333FB0E41C67616E11F6DF0169D4337A38AC3384E66ACA4" Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10886 Expires: Fri, 25 Nov 2022 07:36:02 GMT Date: Fri, 25 Nov 2022 04:34:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f46bbbaed40ddd7d66dc07a510d128e6 Sha1: 63f0c610a767c70c337b06cfaa01a7a152249196 Sha256: 9d1088838a00c0d99333fb0e41c67616e11f6df0169d4337a38ac3384e66aca4
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3366 Expires: Fri, 25 Nov 2022 05:30:42 GMT Date: Fri, 25 Nov 2022 04:34:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 666f0822fa3b2bd37642dc6f1f9b95ea Sha1: b082ce304fa32d1afd9eee2c00c4d751d444f730 Sha256: ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
GET /pixel/purst?dl=0&th=0&sc=0&rs=4173&rd=4173&fd=1719&bv=22.10.v.10&tmpl=136 HTTP/1.1 Host: ifknittedhurtful.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ifknittedhurtful.com/pixel/purst?dl=0&th=0&sc=0&rs=4173 (...) FQDN: ifknittedhurtful.com IP: 192.243.59.13 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.243.59.13 HTTP/1.1 200 OK Server: nginx/1.17.6 Date: Fri, 25 Nov 2022 04:34:36 GMT Content-Length: 0 Connection: keep-alive Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Access-Control-Expose-Headers: Content-Length,Content-Range --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3366 Expires: Fri, 25 Nov 2022 05:30:42 GMT Date: Fri, 25 Nov 2022 04:34:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 666f0822fa3b2bd37642dc6f1f9b95ea Sha1: b082ce304fa32d1afd9eee2c00c4d751d444f730 Sha256: ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
GET /sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html HTTP/1.1 Host: cdn.barscreative1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1 (...) FQDN: cdn.barscreative1.com IP: 45.133.44.4 HASH: eb5b706390e15df5ffe68b8eddf9c1448617ff910c0e49822c0c210c02bed8d8 45.133.44.4 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 25 Nov 2022 04:34:36 GMT server: nginx/1.17.6 last-modified: Wed, 13 Jul 2022 12:11:03 GMT etag: W/"62ceb657-4a6" cache-control: max-age=3600 access-control-allow-origin: * access-control-expose-headers: Date content-encoding: gzip expires: Fri, 25 Nov 2022 05:34:36 GMT x-proxy-cache: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, ASCII text Size: 403 Md5: 7af11c609bc1cd0ba8692aac78ce0a48 Sha1: 93a7a4b2afc623533ffec6edf15adab365812b45 Sha256: eb5b706390e15df5ffe68b8eddf9c1448617ff910c0e49822c0c210c02bed8d8 Alerts: Blocklists: - fortinet: Phishing
GET /pixel/purst?dl=0&th=0&sc=0&rs=4317&rd=4317&fd=1787&bv=22.10.v.10&tmpl=136 HTTP/1.1 Host: yearbookhobblespinal.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: yearbookhobblespinal.com/pixel/purst?dl=0&th=0&sc=0&rs= (...) FQDN: yearbookhobblespinal.com IP: 173.233.137.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 173.233.137.36 HTTP/1.1 200 OK Server: nginx/1.19.5 Date: Fri, 25 Nov 2022 04:34:36 GMT Content-Length: 0 Connection: keep-alive Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Access-Control-Expose-Headers: Content-Length,Content-Range --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /sb/chat/mob/ssp/v2/new/3/img/close.png HTTP/1.1 Host: cdn.creative-bars1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/img/clo (...) FQDN: cdn.creative-bars1.com IP: 172.64.109.13 HASH: 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd 172.64.109.13 HTTP/2 200 OK content-type: image/png date: Fri, 25 Nov 2022 04:34:36 GMT content-length: 5982 last-modified: Tue, 05 Jul 2022 10:43:39 GMT etag: "62c415db-175e" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * access-control-expose-headers: Date cf-cache-status: HIT age: 830616 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYtV%2BtcwRMcYtGCPPBwhwjpuNIE4PNszFeTJTPTlB6LR3puFWX06UKolIci6yl8NdPAxOtMQ6opZOeoE1LeBaKPwY7G9hKmkBfAV3FOv7ov4mvSxfIttYUXKluPUNcb2o0sCHJH1vduL"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 76f7ac4129cbd188-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data Size: 5982 Md5: c489ce2c491a22ee37a55e26a92dfd73 Sha1: 2fa588ab09e94dd902e5bd24b48f98ad1949c9d6 Sha256: 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=386 HTTP/1.1 Host: reproductiontape.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Cookie: u_pl=17661735; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482& (...) FQDN: reproductiontape.com IP: 173.233.137.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 173.233.137.36 HTTP/1.1 200 OK Server: nginx/1.19.5 Date: Fri, 25 Nov 2022 04:34:36 GMT Content-Length: 0 Connection: keep-alive Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Access-Control-Expose-Headers: Content-Length,Content-Range --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1 Host: cdn.barscreative1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbc (...) FQDN: cdn.barscreative1.com IP: 45.133.44.4 HASH: 2b89a7f27d56abecf8a08b1a7205d4eb2caf9498d54a21b1aa63f24d611da5fd 45.133.44.4 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 25 Nov 2022 04:34:36 GMT server: nginx/1.17.6 last-modified: Fri, 19 Feb 2021 09:27:09 GMT etag: W/"602f846d-4fa" cache-control: max-age=3600 access-control-allow-origin: * access-control-expose-headers: Date content-encoding: gzip expires: Fri, 25 Nov 2022 05:34:36 GMT x-proxy-cache: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 2263 Md5: 9024cad659e2d201b2f906852993e4c5 Sha1: 03d55aab13011a102894cf8547ec7abed2dfb6e4 Sha256: 2b89a7f27d56abecf8a08b1a7205d4eb2caf9498d54a21b1aa63f24d611da5fd Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3366 Expires: Fri, 25 Nov 2022 05:30:42 GMT Date: Fri, 25 Nov 2022 04:34:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 666f0822fa3b2bd37642dc6f1f9b95ea Sha1: b082ce304fa32d1afd9eee2c00c4d751d444f730 Sha256: ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 23c45f9941b1a476fe0cd4650c9ea13a22e05e5640025e380b13faa4997109ca 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: e61028bc752671cea11924bc1a42a422 Sha1: b2555d630c063dda53f0e5a84324759e42b48352 Sha256: 23c45f9941b1a476fe0cd4650c9ea13a22e05e5640025e380b13faa4997109ca
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 23c45f9941b1a476fe0cd4650c9ea13a22e05e5640025e380b13faa4997109ca 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 04:34:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: e61028bc752671cea11924bc1a42a422 Sha1: b2555d630c063dda53f0e5a84324759e42b48352 Sha256: 23c45f9941b1a476fe0cd4650c9ea13a22e05e5640025e380b13faa4997109ca
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5019 Cache-Control: max-age=93334 Date: Fri, 25 Nov 2022 04:34:36 GMT Etag: "637efbd7-1d7" Expires: Sat, 26 Nov 2022 06:30:10 GMT Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT Server: ECS (ska/F714) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 670dda5fda45a89db08867e9109f65b7 Sha1: 2a64bc381f8e795fe7a46a98c3e8add2f1ade404 Sha256: 7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 6428e7f877dc58c23c7ac0d9597d40db3548026b8e5aa5f5c58706841b45bd1c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "6428E7F877DC58C23C7AC0D9597D40DB3548026B8E5AA5F5C58706841B45BD1C" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4656 Expires: Fri, 25 Nov 2022 05:52:12 GMT Date: Fri, 25 Nov 2022 04:34:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: 3f4a7fb0a46243afcdef495930802d62 Sha1: 979a0675885be263f28e6b3cf9a699c8cdd69f04 Sha256: 6428e7f877dc58c23c7ac0d9597d40db3548026b8e5aa5f5c58706841b45bd1c
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 6428e7f877dc58c23c7ac0d9597d40db3548026b8e5aa5f5c58706841b45bd1c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "6428E7F877DC58C23C7AC0D9597D40DB3548026B8E5AA5F5C58706841B45BD1C" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4656 Expires: Fri, 25 Nov 2022 05:52:12 GMT Date: Fri, 25 Nov 2022 04:34:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: 3f4a7fb0a46243afcdef495930802d62 Sha1: 979a0675885be263f28e6b3cf9a699c8cdd69f04 Sha256: 6428e7f877dc58c23c7ac0d9597d40db3548026b8e5aa5f5c58706841b45bd1c
GET /utx?cb=q89Mg5l7GtyT&top=xfantazy.com&tid=961956 HTTP/1.1 Host: pemainedperio.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: pemainedperio.com/utx?cb=q89Mg5l7GtyT&top=xfantazy.com& (...) FQDN: pemainedperio.com IP: 54.230.111.124 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.230.111.124 HTTP/2 204 No Content date: Fri, 25 Nov 2022 04:34:36 GMT server: openresty/1.17.8.2 access-control-allow-credentials: true access-control-allow-origin: https://xfantazy.com cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" set-cookie: ut=x; Expires=Fri, 25 Nov 2022 04:35:36 GMT; Max-Age=60 accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache: Miss from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 2l6NCM4iQCrTVYVhSDXzqHmU1vNTX2Bf7si1W_2YC-YtYAYRgrxOWw== X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: accounts.google.com/ServiceLogin?passive=true&continue= (...) FQDN: accounts.google.com IP: 216.58.207.237 HASH: c64725807d7f2be93eeeea16935fbce56991d078408786e19b351bcec84f5d37 216.58.207.237 HTTP/2 302 Found content-type: text/html; charset=UTF-8 x-frame-options: DENY cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Fri, 25 Nov 2022 04:34:36 GMT location: https://accounts.google.com/v3/signin/identifier?dsh=S1762565696%3A1669350876466042&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAuKMlINnnegAqSXpfj8W88ojcwPz27-HzrCAie94nhNxLSE2E5j3VtvSDx3UTDPFROsC_90sw strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-UaaWqGLSrrtZMDt2_VMGUQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 392 server: GSE set-cookie: __Host-GAPS=1:fNqUNbEuAWvsKZ_1pIhMTnTo1STK6g:_85rVteaVpIB6k0a;Path=/;Expires=Sun, 24-Nov-2024 04:34:36 GMT;Secure;HttpOnly;Priority=HIGH alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380) Size: 392 Md5: bef9b31187c7c02e6af3f254a1d9c849 Sha1: 774aafcf706244abe3ce5b85e598960446443f9e Sha256: c64725807d7f2be93eeeea16935fbce56991d078408786e19b351bcec84f5d37
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 5a7ebb4a3bfc1046cd3c07cef6bd550f3452c3cf4d48d48e6428473f2de44c51 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5A7EBB4A3BFC1046CD3C07CEF6BD550F3452C3CF4D48D48E6428473F2DE44C51" Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5889 Expires: Fri, 25 Nov 2022 06:12:45 GMT Date: Fri, 25 Nov 2022 04:34:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4f6c1497d491ebdec0b24caf356dad1f Sha1: 6efe847d68565760b80862295cb809e7efee7de8 Sha256: 5a7ebb4a3bfc1046cd3c07cef6bd550f3452c3cf4d48d48e6428473f2de44c51
GET /utx?cb=WecJwUDqzXJa&top=xfantazy.com&tid=962014 HTTP/1.1 Host: pemainedperio.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: pemainedperio.com/utx?cb=WecJwUDqzXJa&top=xfantazy.com& (...) FQDN: pemainedperio.com IP: 54.230.111.124 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.230.111.124 HTTP/2 204 No Content date: Fri, 25 Nov 2022 04:34:36 GMT server: openresty/1.17.8.2 access-control-allow-credentials: true access-control-allow-origin: https://xfantazy.com cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" set-cookie: ut=x; Expires=Fri, 25 Nov 2022 04:35:36 GMT; Max-Age=60 accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache: Miss from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: OcyCLi_61ZVNhUTOHiVeYNjParJsLXIux4ui5rqTgkXbzCTGdQadog== X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fstyle.css&l=4649&fd=121 HTTP/1.1 Host: reproductiontape.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://xfantazy.com/ Cookie: u_pl=17661735; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482& (...) FQDN: reproductiontape.com IP: 173.233.137.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 173.233.137.36 HTTP/1.1 200 OK Server: nginx/1.19.5 Date: Fri, 25 Nov 2022 04:34:36 GMT Content-Length: 0 Connection: keep-alive Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Access-Control-Expose-Headers: Content-Length,Content-Range --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1 Host: cdn.creative-bars1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xfantazy.com Connection: keep-alive Referer: https://xfantazy.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: cdn.creative-bars1.com/sb/ssp/utility/social-media/face (...) FQDN: cdn.creative-bars1.com IP: 172.64.109.13 HASH: 60eed66130c70fbeb214c6ab5a7f747cfaaad001a5f10d33d3da7d57f70d6f98 172.64.109.13 HTTP/2 200 OK content-type: text/css date: Fri, 25 Nov 2022 04:34:36 GMT last-modified: Fri, 27 Aug 2021 12:19:14 GMT etag: W/"6128d842-18be" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * access-control-expose-headers: Date cf-cache-status: HIT age: 830574 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0Mhwrv%2FnOa3JrAEWr9zitF5088VkjOhT92lWPakLx37eMmwnOsc6%2BW9r%2FeeATyMGHHvTpCNh2%2BkghGgdksL8g2cmfBUdlQORN14HglsoEHIufaL4Q0HGLWIjXnQbapnoYLwK%2BN85K4r"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 76f7ac40e982d188-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 1482 Md5: 908dce303e802b45f99455bfa3c26ef2 Sha1: 2f064693d34a6eac3903455fc3de8477c4554e40 Sha256: 60eed66130c70fbeb214c6ab5a7f747cfaaad001a5f10d33d3da7d57f70d6f98
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 6428e7f877dc58c23c7ac0d9597d40db3548026b8e5aa5f5c58706841b45bd1c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "6428E7F877DC58C23C7AC0D9597D40DB3548026B8E5AA5F5C58706841B45BD1C" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4656 Expires: Fri, 25 Nov 2022 05:52:12 GMT Date: Fri, 25 Nov 2022 04:34:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: 3f4a7fb0a46243afcdef495930802d62 Sha1: 979a0675885be263f28e6b3cf9a699c8cdd69f04 Sha256: 6428e7f877dc58c23c7ac0d9597d40db3548026b8e5aa5f5c58706841b45bd1c
GET /si/e2/d0/7c/e2d07cfc54a4a2629ecb06a4ac9d023c/1658144633.jpg HTTP/1.1 Host: cdn.cloudimagesb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.cloudimagesb.com/si/e2/d0/7c/e2d07cfc54a4a2629ecb06 (...) FQDN: cdn.cloudimagesb.com IP: 45.133.44.10 HASH: ef6e3d4a4df9d2c4f104857ab7b5b545e6f3e6c0dda989d6fcd0707513136445 45.133.44.10 HTTP/2 200 OK content-type: image/jpeg date: Fri, 25 Nov 2022 04:34:36 GMT content-length: 12632 server: nginx/1.17.6 last-modified: Mon, 18 Jul 2022 11:44:01 GMT etag: "62d54781-3158" expires: Sun, 27 Nov 2022 04:34:36 GMT cache-control: max-age=172800 x-proxy-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data Size: 12632 Md5: 9a26092fd440aa10142a9e87e8370c2c Sha1: b1c33219c136dc2ee76d081d02f0cb9c15032f41 Sha256: ef6e3d4a4df9d2c4f104857ab7b5b545e6f3e6c0dda989d6fcd0707513136445

                                        
                                            GET /video/6051542a4ce90e0b3a572b0b? HTTP/1.1 

                                        
                                            
Host: xfantazy.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         172.64.163.22

                                        
                                            HTTP/1.1 302 Found

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:31 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: keep-alive 

                                        
                                            
location: https://xfantazy.com/video/6051542a4ce90e0b3a572b0b? 

                                        
                                            
cache-control: no-cache 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iamgM%2BDj5YbVSNUFanrBUihLbjclqOYREKbihfqSgEURdlln0dTtp396eRaPvr1D4C6QdKziDo6A8o8ON%2F1p8YTBMbjxxq7J4ju8S%2BUITtZvRuyISlSoeKELgOkyKeA%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 76f7ac226c9672ae-LHR 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 611 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:31 GMT 

                                        
                                            
Last-Modified: Fri, 25 Nov 2022 04:24:20 GMT 

                                        
                                            
Server: ECS (ska/F714) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    af40a2fcf8debb90c3608002da6c907a

                                                Sha1:   3c75d6c0b557a3bd8d5db50155b8d896e852c145

                                                Sha256: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=13742 

                                        
                                            
Expires: Fri, 25 Nov 2022 08:23:33 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:31 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    260e9998c20d831b66f1029c8f47aac9

                                                Sha1:   716d630f647c54dc69a7f9c63a6cac294b3df7f7

                                                Sha256: c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2

                                        
                                            POST /s/gts1p5/PrU7zFTubJs HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:31 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: scaffolding on HTTPServer2 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    3ac1246514072e571a9b3c94399856fe

                                                Sha1:   331c8c09341fb9e357468c68da18d3abd3f7af5a

                                                Sha256: 8d07e5f85f8b1c4ddf314e2855f02bbbb384ce334d85ee1aa11c27d8dc54f4c7

                                        
                                            POST /s/gts1p5/PrU7zFTubJs HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:32 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: scaffolding on HTTPServer2 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    3ac1246514072e571a9b3c94399856fe

                                                Sha1:   331c8c09341fb9e357468c68da18d3abd3f7af5a

                                                Sha256: 8d07e5f85f8b1c4ddf314e2855f02bbbb384ce334d85ee1aa11c27d8dc54f4c7

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Fri, 25 Nov 2022 04:08:53 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 1539 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         172.64.155.188

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:32 GMT 

                                        
                                            
Content-Length: 472 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Tue, 22 Nov 2022 15:14:19 GMT 

                                        
                                            
Expires: Tue, 29 Nov 2022 15:14:18 GMT 

                                        
                                            
Etag: "80f500c9cc1b84c3b799fc6f055ac1701464a2cc" 

                                        
                                            
Cache-Control: max-age=383385,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb1 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 76f7ac27c8ff0b3d-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    090a712ffd3fe703f9d001c547c88374

                                                Sha1:   80f500c9cc1b84c3b799fc6f055ac1701464a2cc

                                                Sha256: db5d1b45ea9fe0e2b3297c6c93e4c8c71f1462e3ebe646f057da841920cb1e88

                                        
                                            GET /thumbnail/d7nAvXbzw6e9-DvE_w/w320h240/0.jpeg HTTP/1.1 

                                        
                                            
Host: static-cache.k2s.cc

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         188.72.235.185

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: openresty 

                                        
                                            
date: Fri, 25 Nov 2022 04:34:32 GMT 

                                        
                                            
content-length: 10663 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-cache-status: HIT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data

                                                Size:   10663

                                                Md5:    125a4edcf33be62b9e9e7b19bad888db

                                                Sha1:   43027be2f9a90fa08be93b3f8ff8f7446b2863b6

                                                Sha256: 8b5427269ecdb82208e60b8aef37b87238ea7ff55e3ac272b86d2f01ed7af8c3

                                        
                                            GET /thumbnail/JOyRu36kn_3p_jvC_Q/w320h240/0.jpeg HTTP/1.1 

                                        
                                            
Host: static-cache.k2s.cc

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         188.72.235.185

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: openresty 

                                        
                                            
date: Fri, 25 Nov 2022 04:34:32 GMT 

                                        
                                            
content-length: 13048 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-cache-status: HIT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data

                                                Size:   13048

                                                Md5:    d1125deed4e2e12de538306048958066

                                                Sha1:   71a3b41b7f8261310c90232733e7d5d0bef47fb5

                                                Sha256: 68d017adc263b0e6f17e6f28267b28c43163ed226e1e1c714e477547a581673b

                                        
                                            GET /_next/static/chunks/16.2fcecc4fbe403da70f1d.js HTTP/1.1 

                                        
                                            
Host: xfantazy.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/video/6051542a4ce90e0b3a572b0b? 

                                        
                                            
Cookie: visitorId=aunxcne9m2bdujejini09; experiment-popup-payment-7=0; experiment-save-to-button-2=0 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         172.64.162.22

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
date: Fri, 25 Nov 2022 04:34:32 GMT 

                                        
                                            
cache-control: public, max-age=31536000, immutable 

                                        
                                            
cf-bgj: minify 

                                        
                                            
etag: W/"4f4a-1835015f16a" 

                                        
                                            
last-modified: Sun, 18 Sep 2022 10:12:38 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2581860 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSq24LC3Am7AMOhprB5Jn3PsKnX2i05dE4I6maKtT2puDZcZggMnIfAn7bXhXno4%2FO4s0QMsy0oCFINP%2B4LAoYbhsfW5kkaBRr9gbBO1aBy9670ekQLO6arBArchSnc%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f7ac270d0b75db-LHR 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (20298), with no line terminators

                                                Size:   6720

                                                Md5:    0e418dfd11118e1c9ef27d8a7b48b306

                                                Sha1:   7f12af27027f53af47171735aac4d4b9c3c5e990

                                                Sha256: d5c2aac37d0c38d3d48963974720d811bc61e371a56f72d182d4dfbd54572c58

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         172.64.155.188

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:32 GMT 

                                        
                                            
Content-Length: 472 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Tue, 22 Nov 2022 15:14:19 GMT 

                                        
                                            
Expires: Tue, 29 Nov 2022 15:14:18 GMT 

                                        
                                            
Etag: "80f500c9cc1b84c3b799fc6f055ac1701464a2cc" 

                                        
                                            
Cache-Control: max-age=383385,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb3 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 76f7ac27b89eb517-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    090a712ffd3fe703f9d001c547c88374

                                                Sha1:   80f500c9cc1b84c3b799fc6f055ac1701464a2cc

                                                Sha256: db5d1b45ea9fe0e2b3297c6c93e4c8c71f1462e3ebe646f057da841920cb1e88

                                        
                                            GET /gtm.js?id=GTM-PLKQLTX HTTP/1.1 

                                        
                                            
Host: www.googletagmanager.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.168

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-headers: Cache-Control 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
date: Fri, 25 Nov 2022 04:34:32 GMT 

                                        
                                            
expires: Fri, 25 Nov 2022 04:34:32 GMT 

                                        
                                            
cache-control: private, max-age=900 

                                        
                                            
last-modified: Fri, 25 Nov 2022 03:00:00 GMT 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Google Tag Manager 

                                        
                                            
content-length: 54293 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (15971)

                                                Size:   54293

                                                Md5:    97caec1a07b0d07a0f7ca5cbfd4f1fcb

                                                Sha1:   02dbb9d226967b9aae872b15f1e9181d2d525027

                                                Sha256: 0d39286e9dcb4b14a2223f034a07aa354e10e7e228798e5e12afbd549fa91ec0

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:32 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    aee1eaa2ef2d0edbb0bc5703979e6439

                                                Sha1:   8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db

                                                Sha256: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:32 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    87de3dd2c7dce12b01a337d1554a222a

                                                Sha1:   30e0bd68bbb78995aa8a0686ac02848fd5a7a699

                                                Sha256: 533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:32 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    a0111a2443450172e5d2b48d350a8f57

                                                Sha1:   75e89d4cd001303e66a93880f96d6c47e7d665ab

                                                Sha256: c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://xfantazy.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.195

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 15920 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Wed, 23 Nov 2022 14:07:32 GMT 

                                        
                                            
expires: Thu, 23 Nov 2023 14:07:32 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 138420 

                                        
                                            
last-modified: Wed, 11 May 2022 19:24:45 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data

                                                Size:   15920

                                                Md5:    3a44e06eb954b96aa043227f3534189d

                                                Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d

                                                Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: 8SuSZ6MSSb335i+DymIAbA== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         54.189.139.67

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: WhZhQCHeW3rrYv9NiM059NAULJc= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /npm/yandex-metrica-watch/tag.js HTTP/1.1 

                                        
                                            
Host: cdn.jsdelivr.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         151.101.85.229

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cache-control: public, max-age=604800, s-maxage=43200 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
x-jsd-version: 1.249.0 

                                        
                                            
x-jsd-version-type: version 

                                        
                                            
etag: W/"346a1-5pJjF6sMSAvD5NiPdWPuLzoQQcw" 

                                        
                                            
content-encoding: gzip 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
date: Fri, 25 Nov 2022 04:34:32 GMT 

                                        
                                            
age: 36610 

                                        
                                            
x-served-by: cache-fra-eddf8230060-FRA, cache-bma1682-BMA 

                                        
                                            
x-cache: HIT, HIT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 

                                        
                                            
content-length: 85108 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (587)

                                                Size:   85108

                                                Md5:    48c6510db10510d25a14e132b6c6bd1a

                                                Sha1:   de1feca854233a18bd70d0484154bcacbd138c1d

                                                Sha256: 73c6bbad275690c160ed6e68c4cd317e8c8bc46e3ca5a1445d6195bfa3ef100b

                                        
                                            GET /zRdVuw7.js HTTP/1.1 

                                        
                                            
Host: a.naturalhealthsource.club

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         135.181.208.216

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Fri, 25 Nov 2022 04:34:33 GMT 

                                        
                                            
last-modified: Sat, 22 Oct 2022 11:28:35 GMT 

                                        
                                            
etag: W/"6353d3e3-1cfaf" 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: max-age=315360000, public 

                                        
                                            
vary: Accept-Encoding, Accept-Encoding 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 a30105057fbcc8761b99df13f333a9ea.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: ARN54-C1 

                                        
                                            
alt-svc: h3=":443"; ma=86400 

                                        
                                            
x-amz-cf-id: 3dhIfSF4qVJIn0erZwVR93Bg4fc358zoUV_hJgeGJlX-w2eKgXtYuw== 

                                        
                                            
age: 2570725 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   37172

                                                Md5:    9d2fc4e98a8fcb01a3513c2b63d763ee

                                                Sha1:   16d6c946c5ea6bf87c47c4ac4ea5a675208faba2

                                                Sha256: c150c66fcb4046136dbe12330c525eaa6ec2630e5aeb33cd8f82ef326bbc5623

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "EAC3156A5E13751A4CF955318DA2DEDA872F12001D9D7928F0F386A5934D7AF3" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=1283 

                                        
                                            
Expires: Fri, 25 Nov 2022 04:55:56 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:33 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   4165

                                                Md5:    37f079f5855e02d16cb6d537ca6d0d55

                                                Sha1:   7b86de9e9f770744b0b80ae65f08eae2a5952c4d

                                                Sha256: 17d8f5e3d61b280281d448cd7248ba5a7c74b49d5b912a3d212ca7a768c569db

                                        
                                            GET /metrika/advert.gif HTTP/1.1 

                                        
                                            
Host: mc.yandex.ru

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         77.88.21.119

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
content-length: 43 

                                        
                                            
date: Fri, 25 Nov 2022 04:34:33 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
etag: "637f41b2-2b" 

                                        
                                            
expires: Fri, 25 Nov 2022 05:34:33 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
last-modified: Thu, 24 Nov 2022 13:04:34 GMT 

                                        
                                            
cache-control: max-age=3600 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   43

                                                Md5:    df3e567d6f16d040326c7a0ea29a4f41

                                                Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736

                                                Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:33 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    d3d2d21ac304813a16da64921ce18ba4

                                                Sha1:   98b1762c675c61eeb18254986461e6b1074ebc92

                                                Sha256: af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:33 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    d3d2d21ac304813a16da64921ce18ba4

                                                Sha1:   98b1762c675c61eeb18254986461e6b1074ebc92

                                                Sha256: af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69" 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4088 

                                        
                                            
Expires: Fri, 25 Nov 2022 05:42:41 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:33 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    b75c00c21f5854618bc06d14b8d83c40

                                                Sha1:   ae14f585ae9682e6c2fad146c12c00ee4d83e8f3

                                                Sha256: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8006 

                                        
                                            
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cIB-AHSrIAMFvKw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ== 

                                        
                                            
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 24 Nov 2022 21:35:08 GMT 

                                        
                                            
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075" 

                                        
                                            
age: 25165 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8006

                                                Md5:    8b6ee13d43732f7c764a49500d092865

                                                Sha1:   5d15fd672e968d59b541e4d5d0d01cd5e69f4075

                                                Sha256: fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 4270 

                                        
                                            
x-amzn-requestid: 7327f8fb-804b-4d09-83dc-628e35ffa74b 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cIB8xFwXoAMFkqQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637fe384-33f83cea2c585279140f4f59;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: NLXTbS53l_c-lByM8Ym4_tfOlgP2lB-F1dYxOSfdeEfBSM41X0Cpug== 

                                        
                                            
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 24 Nov 2022 21:35:01 GMT 

                                        
                                            
etag: "6217a262002244ef3f2e8034076a735cafd9888a" 

                                        
                                            
age: 25172 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   4270

                                                Md5:    648677a7e7bab1896a190d2e5fb7243c

                                                Sha1:   6217a262002244ef3f2e8034076a735cafd9888a

                                                Sha256: 72f2913f7c0770ebab0f2683bdc1ec5a5db8872e8f2c62a8fd5c9178b95dbb06

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 3955 

                                        
                                            
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cCM9NGJHoAMF4sQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ== 

                                        
                                            
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 25 Nov 2022 02:07:28 GMT 

                                        
                                            
age: 8825 

                                        
                                            
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   3955

                                                Md5:    4006a9037ab5f28dca62b0aa7a704c41

                                                Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b

                                                Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d

                                        
                                            GET /stats HTTP/1.1 

                                        
                                            
Host: simplewebanalysis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://xfantazy.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         18.185.190.54

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
date: Fri, 25 Nov 2022 04:34:33 GMT 

                                        
                                            
content-length: 40 

                                        
                                            
server: fasthttp 

                                        
                                            
access-control-allow-origin: https://xfantazy.com 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
set-cookie: uid_id2=5ec3dee3-f9ea-424d-9c3b-07c9d3564787:2:1; expires=Mon, 22 Nov 2032 04:34:33 GMT; secure; SameSite=None 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   40

                                                Md5:    e499c89a7ed56bbc9ed84e86f71c907b

                                                Sha1:   bbd0ce2be91f544f014813c17379e9d26ed075aa

                                                Sha256: e5c980cce45df1a35d4bdb8a268997c712386321634d49ef1a4c2faca9fa7350

                                        
                                            GET /stats HTTP/1.1 

                                        
                                            
Host: simplewebanalysis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://xfantazy.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         18.185.190.54

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
date: Fri, 25 Nov 2022 04:34:34 GMT 

                                        
                                            
content-length: 40 

                                        
                                            
server: fasthttp 

                                        
                                            
access-control-allow-origin: https://xfantazy.com 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
set-cookie: uid_id2=d0595856-e3f8-48d6-a6d3-a9c57ab29ee2:2:1; expires=Mon, 22 Nov 2032 04:34:34 GMT; secure; SameSite=None 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   40

                                                Md5:    639dac7fab97701f3d099ce28969563c

                                                Sha1:   04ac4f5f541515e6aa88d95320e2d425f73730f7

                                                Sha256: c861f1710e050ee6a555055b56422809892e238a2d47ded41f2087ee0395e970

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 345 

                                        
                                            
ETag: "3D745FBF6D7563DEEAC08EC38DE8DB388536FF113A89FD20E8E51D9FD6F200D1" 

                                        
                                            
Last-Modified: Tue, 22 Nov 2022 20:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=11863 

                                        
                                            
Expires: Fri, 25 Nov 2022 07:52:18 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:35 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   345

                                                Md5:    daedbf6ef8bc447ac2d08a42d4c4bf9f

                                                Sha1:   2864128c9304bd42925932eda5b14ab62f805081

                                                Sha256: 3d745fbf6d7563deeac08ec38de8db388536ff113a89fd20e8e51d9fd6f200d1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 345 

                                        
                                            
ETag: "0AD073449CDC28013C246EF309C9C3792F582172D4686AF74F0B737CB68DF6F1" 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 18:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14757 

                                        
                                            
Expires: Fri, 25 Nov 2022 08:40:32 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:35 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   345

                                                Md5:    4f86e152e080297ee8cba39a80a13e38

                                                Sha1:   f916875bce604836a95a022234321e02b375bb67

                                                Sha256: 0ad073449cdc28013c246ef309c9c3792f582172d4686af74f0b737cb68df6f1

                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F6051542a4ce90e0b3a572b0b%3F&charset=utf-8&hittoken=1669350873_73ef624b1d644b5e2cfedad7294766650f23c2227fe97e18941e4b5ad51202e4&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1311919842147%3Ahid%3A65875391%3Az%3A0%3Ai%3A20221125043434%3Aet%3A1669350874%3Ac%3A1%3Arn%3A73931272%3Arqn%3A2%3Au%3A1669350873358294287%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669350870843%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669350874&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)rqnt(2)aw(1)rqnl(1)ti(2) HTTP/1.1 

                                        
                                            
Host: mc.yandex.ru

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/x-www-form-urlencoded 

                                        
                                            
Content-Length: 45 

                                        
                                            
Origin: https://xfantazy.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         77.88.21.119

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
content-length: 43 

                                        
                                            
date: Fri, 25 Nov 2022 04:34:35 GMT 

                                        
                                            
access-control-allow-origin: https://xfantazy.com 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
pragma: no-cache 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
expires: Fri, 25-Nov-2022 04:34:35 GMT 

                                        
                                            
last-modified: Fri, 25-Nov-2022 04:34:35 GMT 

                                        
                                            
cache-control: private, no-cache, no-store, must-revalidate, max-age=0 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   43

                                                Md5:    df3e567d6f16d040326c7a0ea29a4f41

                                                Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736

                                                Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

                                        
                                            GET /sfp.js HTTP/1.1 

                                        
                                            
Host: friendshipmale.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.64.202.23

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8

                                        

                                        
                                            
date: Fri, 25 Nov 2022 04:34:33 GMT 

                                        
                                            
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
expires: Thu, 01 Jan 1970 00:00:01 GMT 

                                        
                                            
cache-control: max-age=14400 

                                        
                                            
x-request-id: abee5be725b4c2dc8d34ca6b926cfd80 

                                        
                                            
strict-transport-security: max-age=0; includeSubdomains 

                                        
                                            
cf-cache-status: EXPIRED 

                                        
                                            
last-modified: Fri, 25 Nov 2022 04:34:33 GMT 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xnuN%2FpeI23Bxoc3riqoxzEnfyflhgE0OJuXcUOba0evFFTmAJ3d3NFeWm2bllL4x3jyd8wS6kHUXdMnZpONJ1Zwg7kijZDy%2BCP5wZWmHhb4WczqTl0QdJeLlWEFmIYn8Yh0dpE%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f7ac31cbc60079-LHR 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators

                                                Size:   27162

                                                Md5:    e7e03604b3ce4c388d505f30039573e3

                                                Sha1:   c38b5b26be9648732efa959e9aa80858ceac27e7

                                                Sha256: 6b029a6aabd032aa6389a5b91acb466611397e0ed4e2bf8891d5543db6e177df

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 345 

                                        
                                            
ETag: "0AD073449CDC28013C246EF309C9C3792F582172D4686AF74F0B737CB68DF6F1" 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 18:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14757 

                                        
                                            
Expires: Fri, 25 Nov 2022 08:40:32 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:35 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   345

                                                Md5:    4f86e152e080297ee8cba39a80a13e38

                                                Sha1:   f916875bce604836a95a022234321e02b375bb67

                                                Sha256: 0ad073449cdc28013c246ef309c9c3792f582172d4686af74f0b737cb68df6f1

                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F6051542a4ce90e0b3a572b0b%3F&charset=utf-8&hittoken=1669350873_73ef624b1d644b5e2cfedad7294766650f23c2227fe97e18941e4b5ad51202e4&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1311919842147%3Ahid%3A65875391%3Az%3A0%3Ai%3A20221125043434%3Aet%3A1669350874%3Ac%3A1%3Arn%3A15246786%3Arqn%3A9%3Au%3A1669350873358294287%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669350870843%3Anp%3ATGludXggeDg2XzY0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669350874&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)rqnt(9)aw(1)rqnl(1)ti(2) HTTP/1.1 

                                        
                                            
Host: mc.yandex.ru

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/x-www-form-urlencoded 

                                        
                                            
Content-Length: 39 

                                        
                                            
Origin: https://xfantazy.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         77.88.21.119

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
content-length: 43 

                                        
                                            
date: Fri, 25 Nov 2022 04:34:35 GMT 

                                        
                                            
access-control-allow-origin: https://xfantazy.com 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
pragma: no-cache 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
expires: Fri, 25-Nov-2022 04:34:35 GMT 

                                        
                                            
last-modified: Fri, 25-Nov-2022 04:34:35 GMT 

                                        
                                            
cache-control: private, no-cache, no-store, must-revalidate, max-age=0 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   43

                                                Md5:    df3e567d6f16d040326c7a0ea29a4f41

                                                Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736

                                                Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "3BCDE7EF68F8D91EA51C79994968AB6A41B5594055D71823CBF13EB16CDAD69C" 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3846 

                                        
                                            
Expires: Fri, 25 Nov 2022 05:38:41 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:35 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    70f8773d7c1eccf4306ad3d53cae01e6

                                                Sha1:   1b2756900ae188b5b8c0eadab8527389ec2c9d2f

                                                Sha256: 3bcde7ef68f8d91ea51c79994968ab6a41b5594055d71823cbf13eb16cdad69c

                                        
                                            GET /cUdkZ3YQJQcKSRB6BkEDAytZQkQ3YlYhEkB+VhVDHX9cEAQfIFNJFR0oEQMQAygKE1gfIhBCRDceBlcOOyYsIjs4PgcoIhk0CCsgJw4zP0NEEDEpPDstCy8+CX4cIDIwNTwlQkUKMD4SNT4iKDQjEgsDMBkfJR5GHwNUHzw6FAcrIjdyFSw3BhMxCR4HDzYlJTgUPTQxMAoDLDNAAy8/Gh8QIjUSFwAhATEwAgstHkkENwlDRAUDMT0XKQg9JyQBXAUwAj03CUNEDxwANBQpVSknGHYUAkcWDTM/HgIQHik9FykPBjRBN0FVMDIBCCUhHA1RNiAjIwIkW0UJIQAnGyUiCEUpHxxTITQBAQE+GQk1Vk4ADiYIIzIUKR8iJAoUAS4dIzxWTwAXIjE3Vy0XCBgBejU/LEIVFT4xAwQM HTTP/1.1 

                                        
                                            
Host: pemainedperio.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         54.230.111.124

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
content-length: 1173 

                                        
                                            
date: Fri, 25 Nov 2022 04:34:35 GMT 

                                        
                                            
server: openresty/1.17.8.2 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate, no-transform 

                                        
                                            
pragma: no-cache 

                                        
                                            
p3p: CP="NID DSP ALL COR" 

                                        
                                            
content-encoding: gzip 

                                        
                                            
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: x6kzgJG8fXvja2Zhiqj0HVfhs7Ss8FGVj8COfJSp-V6ZHePFC0t8UQ== 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators

                                                Size:   1173

                                                Md5:    527c16188e73dceab8a9f4b3b71edb8d

                                                Sha1:   647f75fb9d5f3e167113e1cdac331e46946a17a2

                                                Sha256: eafe788b69e0e60ba963388c84af9c11f93feb3f1a1913b88646dca9c42016c5

                                        
                                            GET /QW1vUUxuUgwicSQqACgdFlQlCSsxXDlhfRUsJxcbEDtXECkHGkklJSVQVmd9eFhZdzwoCVJifmceGzA4NB5SYGooAwk+cWcbUmFieUNeY2JxSxpsfWcZHzArfFxJITg1AVJgendUXGR8eVpcZHpw HTTP/1.1 

                                        
                                            
Host: engingsecondu.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.21.55.224

                                        
                                            HTTP/2 204 No Content

                                        

                                        
                                            
date: Fri, 25 Nov 2022 04:34:35 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6svrCzp5Fl7AEMCqzJiwmFO4v0c5c4DAKxcMv3L9Q926ylVFIZFrJ9Cw8BroO%2F4niKJO9NElCcO5DyaYuVehph3B0LPpWhrN6Ci2b5UW9WzxmWP9GXWpQzDKctDOBSZK8y12w%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f7ac3999f80b59-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /OWVBcDQWWiIDCV0yCyVgUiMCJllrUiQlemoHCRgBaDMXGFFhBmcEXV1YeEYGCVR1VkRQAXxBEkoRIARBSlhwVl1XAy5NEk9YcF4HDUtyQRoIQzRNBR8RMRFTBFRnAEBNCXxBAg9cckUEAVJyRgUP HTTP/1.1 

                                        
                                            
Host: engingsecondu.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.21.55.224

                                        
                                            HTTP/2 204 No Content

                                        

                                        
                                            
date: Fri, 25 Nov 2022 04:34:35 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2Z4TI5hKGJxttNqE0miefwU5pzNc6InZyYIEOZez%2BCyC2uEJIJKFXhkE%2FcumRNNXs6WjHEElMFLMra4TmILQ8srBekpwcfMTnD54h7dNc2PPkcWXCIs9QUorRZN4x3Yh0wsVw%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f7ac3999fa0b59-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /TXlKdHRiRikHSQMUJjciCSgCLCw9Hg41OhwaDSU6CUgyAxYcGmwAHSlEc0JFdEx8UgQkHXdHRmsKPhUAOAp3RkR9TmwdGisWd0VSO0R6WkxjSHhaRGsMd0VSOQkrE0l8XzoAACFEe0JCdEp/REx6TXxCRA HTTP/1.1 

                                        
                                            
Host: engingsecondu.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://xfantazy.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Content-Length: 0 

                                        
                                            
TE: trailers

                                         104.21.55.224

                                        
                                            HTTP/2 204 No Content

                                        

                                        
                                            
date: Fri, 25 Nov 2022 04:34:35 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Chcct3FWzZyQLeWIFpzwL5jKK4vT%2BO7M24NT3jGbbEz62fNOJdl7EWkpjXCGi%2BD4oWPkFgG0t2m87AevOYkjwoSLUZIry7L4qMvR1CpSjtsI3ClNsIeoloV9GK1WiFGU49%2FK%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f7ac39ba010b59-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /Yb0xJaHEMIycOThslLVVIWX55WUNJJjoHHx9xGDArXB44MTYdDyFOBRUodFhXAy0nD0xJKScLTF5qKAwTUnhvHRBSISYSGAMgKE1DKXlnWFRdfGEfGAEoJh8CSn55BgVKfnlZQUF8bFszSn55HxgBen1NQi1pe1gJWXhsWzNKfnkaB0p/CFlBWmJ5QVRdfC-4NEgQjbFo3XXx4WEFefHhNQ18qIBoUCSMxTUMpfXldX19qPFVA HTTP/1.1 

                                        
                                            
Host: d192r5l88wrng7.cloudfront.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://pemainedperio.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         54.230.245.16

                                        
                                            HTTP/2 200 OK

                                        

                                        
                                            
content-length: 186 

                                        
                                            
date: Fri, 25 Nov 2022 04:34:35 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: max-age=31556926 

                                        
                                            
content-encoding: gzip 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: onngDEFOVnyzh3HeFQwRjGLtSsvhBEvpwrF3zZeTHBkBF_PyPMCPKA== 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   186

                                                Md5:    e0a207ef3d36a204d24734ce085f1379

                                                Sha1:   55ee3db01569c5e3825dfddb4f27f1f503bcacc7

                                                Sha256: c825e813d8728f5c56841c931885d1513c0759ccca22ec0e46eac50fc5df89b1

                                        
                                            GET /ZejRwcE4ZWx4WcQ5dFE13TAZAQXpcXgMfIAoJIRU8Hl87PSsoAFYENB4JQFYiG1oXTWgfWhNNf1xVFBJzThIEACERCQQdJRtZBwovCUJWBS9HWR8KJxZYEVV8PAFeQGtIBFgHJxRQHwc9XwZAHjpfBkBBflQEVUMMXwZABycUAkRVfTgRQkA2TABVQwxfBk-ACOF8HMUF+TxpAWWtIBBcVLRFbVUIISARBQH5LBEFVfEpSGQIrHFsIVXw8BUBFYEoSBU1/ HTTP/1.1 

                                        
                                            
Host: d192r5l88wrng7.cloudfront.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://pemainedperio.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         54.230.245.16

                                        
                                            HTTP/2 200 OK

                                        

                                        
                                            
content-length: 594 

                                        
                                            
date: Fri, 25 Nov 2022 04:34:35 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: max-age=31556926 

                                        
                                            
content-encoding: gzip 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: WFm3n3Opnq6P2uLm3gOvCSRPBcWmfZFU1JxyPWP5MTu6-xfb5n8srA== 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (818), with no line terminators

                                                Size:   594

                                                Md5:    9ac2709f84aed4fe2a3bda8766c2c331

                                                Sha1:   36950dd4b6e56da45f69a5460faa16aca8400d66

                                                Sha256: beff21e9130511bff124036ac13b1797023608c1bd76663263b1b12ed9017656

                                        
                                            GET /api/spots/380873?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid= HTTP/1.1 

                                        
                                            
Host: a.naturalhealthsource.club

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         135.181.208.216

                                        
                                            HTTP/2 200 OK

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Fri, 25 Nov 2022 04:34:35 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
set-cookie: nauid=ZMfKcJkOobCykmcyHSzJ; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None 

                                        
                                            
cache-control: private 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /api/spots/406858?host=xfantazy.com&ev=197&wh=939&ww=1280&uuid= HTTP/1.1 

                                        
                                            
Host: a.naturalhealthsource.club

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         135.181.208.216

                                        
                                            HTTP/2 200 OK

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Fri, 25 Nov 2022 04:34:35 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
set-cookie: nauid=KPnC3FUMOHbRfXMilo2d; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None 

                                        
                                            
cache-control: private 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "94A7BD6AC9BD7809AFD8615A15A598F0BD81C00D65739193A7D26A1E0B400B49" 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=2054 

                                        
                                            
Expires: Fri, 25 Nov 2022 05:08:50 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:36 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    d363aefd1a49a8d1bee47992e20e469c

                                                Sha1:   c6f6d65427abcb94cf47475bcc5eeba92dc5eb88

                                                Sha256: 94a7bd6ac9bd7809afd8615a15a598f0bd81c00d65739193a7d26a1e0b400b49

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "9D1088838A00C0D99333FB0E41C67616E11F6DF0169D4337A38AC3384E66ACA4" 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=10886 

                                        
                                            
Expires: Fri, 25 Nov 2022 07:36:02 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:36 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    f46bbbaed40ddd7d66dc07a510d128e6

                                                Sha1:   63f0c610a767c70c337b06cfaa01a7a152249196

                                                Sha256: 9d1088838a00c0d99333fb0e41c67616e11f6df0169d4337a38ac3384e66aca4

                                        
                                            GET /sb/chat/mob/ssp/v2/new/3/img/close.png HTTP/1.1 

                                        
                                            
Host: cdn.creative-bars1.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         172.64.109.13

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
date: Fri, 25 Nov 2022 04:34:36 GMT 

                                        
                                            
content-length: 5982 

                                        
                                            
last-modified: Tue, 05 Jul 2022 10:43:39 GMT 

                                        
                                            
etag: "62c415db-175e" 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: public, max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Date 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 830616 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYtV%2BtcwRMcYtGCPPBwhwjpuNIE4PNszFeTJTPTlB6LR3puFWX06UKolIci6yl8NdPAxOtMQ6opZOeoE1LeBaKPwY7G9hKmkBfAV3FOv7ov4mvSxfIttYUXKluPUNcb2o0sCHJH1vduL"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f7ac4129cbd188-LHR 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   5982

                                                Md5:    c489ce2c491a22ee37a55e26a92dfd73

                                                Sha1:   2fa588ab09e94dd902e5bd24b48f98ad1949c9d6

                                                Sha256: 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:36 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    e61028bc752671cea11924bc1a42a422

                                                Sha1:   b2555d630c063dda53f0e5a84324759e42b48352

                                                Sha256: 23c45f9941b1a476fe0cd4650c9ea13a22e05e5640025e380b13faa4997109ca

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5019 

                                        
                                            
Cache-Control: max-age=93334 

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:36 GMT 

                                        
                                            
Etag: "637efbd7-1d7" 

                                        
                                            
Expires: Sat, 26 Nov 2022 06:30:10 GMT 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT 

                                        
                                            
Server: ECS (ska/F714) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    670dda5fda45a89db08867e9109f65b7

                                                Sha1:   2a64bc381f8e795fe7a46a98c3e8add2f1ade404

                                                Sha256: 7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 344 

                                        
                                            
ETag: "6428E7F877DC58C23C7AC0D9597D40DB3548026B8E5AA5F5C58706841B45BD1C" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4656 

                                        
                                            
Expires: Fri, 25 Nov 2022 05:52:12 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 04:34:36 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   344

                                                Md5:    3f4a7fb0a46243afcdef495930802d62

                                                Sha1:   979a0675885be263f28e6b3cf9a699c8cdd69f04

                                                Sha256: 6428e7f877dc58c23c7ac0d9597d40db3548026b8e5aa5f5c58706841b45bd1c

                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1 

                                        
                                            
Host: accounts.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.237

                                        
                                            HTTP/2 302 Found 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
x-frame-options: DENY 

                                        
                                            
cache-control: no-cache, no-store, max-age=0, must-revalidate 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Mon, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
date: Fri, 25 Nov 2022 04:34:36 GMT 

                                        
                                            
location: https://accounts.google.com/v3/signin/identifier?dsh=S1762565696%3A1669350876466042&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAuKMlINnnegAqSXpfj8W88ojcwPz27-HzrCAie94nhNxLSE2E5j3VtvSDx3UTDPFROsC_90sw 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-UaaWqGLSrrtZMDt2_VMGUQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport 

                                        
                                            
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} 

                                        
                                            
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" 

                                        
                                            
content-encoding: gzip 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
content-length: 392 

                                        
                                            
server: GSE 

                                        
                                            
set-cookie: __Host-GAPS=1:fNqUNbEuAWvsKZ_1pIhMTnTo1STK6g:_85rVteaVpIB6k0a;Path=/;Expires=Sun, 24-Nov-2024 04:34:36 GMT;Secure;HttpOnly;Priority=HIGH 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)

                                                Size:   392

                                                Md5:    bef9b31187c7c02e6af3f254a1d9c849

                                                Sha1:   774aafcf706244abe3ce5b85e598960446443f9e

                                                Sha256: c64725807d7f2be93eeeea16935fbce56991d078408786e19b351bcec84f5d37

                                        
                                            GET /utx?cb=WecJwUDqzXJa&top=xfantazy.com&tid=962014 HTTP/1.1 

                                        
                                            
Host: pemainedperio.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://xfantazy.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         54.230.111.124

                                        
                                            HTTP/2 204 No Content

                                        

                                        
                                            
date: Fri, 25 Nov 2022 04:34:36 GMT 

                                        
                                            
server: openresty/1.17.8.2 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-origin: https://xfantazy.com 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate, no-transform 

                                        
                                            
pragma: no-cache 

                                        
                                            
p3p: CP="NID DSP ALL COR" 

                                        
                                            
set-cookie: ut=x; Expires=Fri, 25 Nov 2022 04:35:36 GMT; Max-Age=60 

                                        
                                            
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: OcyCLi_61ZVNhUTOHiVeYNjParJsLXIux4ui5rqTgkXbzCTGdQadog== 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1 

                                        
                                            
Host: cdn.creative-bars1.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://xfantazy.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://xfantazy.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         172.64.109.13

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css

                                        

                                        
                                            
date: Fri, 25 Nov 2022 04:34:36 GMT 

                                        
                                            
last-modified: Fri, 27 Aug 2021 12:19:14 GMT 

                                        
                                            
etag: W/"6128d842-18be" 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: public, max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Date 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 830574 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0Mhwrv%2FnOa3JrAEWr9zitF5088VkjOhT92lWPakLx37eMmwnOsc6%2BW9r%2FeeATyMGHHvTpCNh2%2BkghGgdksL8g2cmfBUdlQORN14HglsoEHIufaL4Q0HGLWIjXnQbapnoYLwK%2BN85K4r"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f7ac40e982d188-LHR 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   1482

                                                Md5:    908dce303e802b45f99455bfa3c26ef2

                                                Sha1:   2f064693d34a6eac3903455fc3de8477c4554e40

                                                Sha256: 60eed66130c70fbeb214c6ab5a7f747cfaaad001a5f10d33d3da7d57f70d6f98

                                        
                                            GET /si/e2/d0/7c/e2d07cfc54a4a2629ecb06a4ac9d023c/1658144633.jpg HTTP/1.1 

                                        
                                            
Host: cdn.cloudimagesb.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         45.133.44.10

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
date: Fri, 25 Nov 2022 04:34:36 GMT 

                                        
                                            
content-length: 12632 

                                        
                                            
server: nginx/1.17.6 

                                        
                                            
last-modified: Mon, 18 Jul 2022 11:44:01 GMT 

                                        
                                            
etag: "62d54781-3158" 

                                        
                                            
expires: Sun, 27 Nov 2022 04:34:36 GMT 

                                        
                                            
cache-control: max-age=172800 

                                        
                                            
x-proxy-cache: HIT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data

                                                Size:   12632

                                                Md5:    9a26092fd440aa10142a9e87e8370c2c

                                                Sha1:   b1c33219c136dc2ee76d081d02f0cb9c15032f41

                                                Sha256: ef6e3d4a4df9d2c4f104857ab7b5b545e6f3e6c0dda989d6fcd0707513136445

URL	xfantazy.com/video/6051542a4ce90e0b3a572b0b?
IP	172.64.163.22 (United States)
ASN	#13335 CLOUDFLARENET
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-25 04:34:43 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	27
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (68)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.64.163.22

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: xfantazy.com

No other reports with similar screenshot

JavaScript

Executed Scripts (111)

Executed Evals (1)

#1 JavaScript::Eval (size: 125) - SHA256: 920d80e57685294073e6844ab22908618709844b22774b5e6c29e260c3a62799

Executed Writes (12)

#1 JavaScript::Write (size: 8490) - SHA256: 7fabd3cd7d802021df00e0014b4259008f3478a4c825d7e503420ff6a40a04c5

#2 JavaScript::Write (size: 247) - SHA256: 5dfb479f3f624925ecab5e143b028a0ae8bb6ff3c555faff0a5831e8fa105c44

#3 JavaScript::Write (size: 247) - SHA256: 69984ec6754fbc302d4482c2b176db1f5607f0cf9a1374288a190f67c26ff64b

#4 JavaScript::Write (size: 8309) - SHA256: 705c4eabc61f32fb8e57d5d4a0765370028c8c4bcb8b448e2cb8e6a805f9f511

#5 JavaScript::Write (size: 46) - SHA256: de73a926a8381f11229c3f788149919c2b1e9620adcdf9c657c1df31971b423f

#6 JavaScript::Write (size: 46) - SHA256: b7c224bd318e210fb3724a686d2e6fdff03e16ced4163e2e207bd2468a998f0a

#7 JavaScript::Write (size: 731) - SHA256: 873c68a39794c6ab36e4ea21c71618e1e7d12767ac2cf722994533fe17228b55

#8 JavaScript::Write (size: 484) - SHA256: 17d94e96963dd14c2da602a6073d5af159c974cddf5e1526eaaf2725ec1bf6df

#9 JavaScript::Write (size: 8261) - SHA256: 692535f2f230ac98666e2b219c1eb82c87e18292c95bea8ac190d570fa128ddc

#10 JavaScript::Write (size: 264) - SHA256: f3320d7a93b4107b884eba8624ede6ddd50f11586e46787b216f1eaa5cd7e0ae

#11 JavaScript::Write (size: 275) - SHA256: cbc71a4cb9daeaddc65be3f883d53fcc2cecee43aef8609f87eaf7503f999352

#12 JavaScript::Write (size: 1056) - SHA256: f16ae4f9310cc2dce19f79a05e9f41df29cb00dd9728a1c2663108d654534890

HTTP Transactions (263)

Overview

Domain Summary (68)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.64.163.22

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: xfantazy.com

No other reports with similar screenshot

JavaScript

Executed Scripts (111)

Executed Evals (1)

#1 JavaScript::Eval (size: 125) - SHA256: 920d80e57685294073e6844ab22908618709844b22774b5e6c29e260c3a62799

Executed Writes (12)

#1 JavaScript::Write (size: 8490) - SHA256: 7fabd3cd7d802021df00e0014b4259008f3478a4c825d7e503420ff6a40a04c5

#2 JavaScript::Write (size: 247) - SHA256: 5dfb479f3f624925ecab5e143b028a0ae8bb6ff3c555faff0a5831e8fa105c44

#3 JavaScript::Write (size: 247) - SHA256: 69984ec6754fbc302d4482c2b176db1f5607f0cf9a1374288a190f67c26ff64b

#4 JavaScript::Write (size: 8309) - SHA256: 705c4eabc61f32fb8e57d5d4a0765370028c8c4bcb8b448e2cb8e6a805f9f511

#5 JavaScript::Write (size: 46) - SHA256: de73a926a8381f11229c3f788149919c2b1e9620adcdf9c657c1df31971b423f

#6 JavaScript::Write (size: 46) - SHA256: b7c224bd318e210fb3724a686d2e6fdff03e16ced4163e2e207bd2468a998f0a

#7 JavaScript::Write (size: 731) - SHA256: 873c68a39794c6ab36e4ea21c71618e1e7d12767ac2cf722994533fe17228b55

#8 JavaScript::Write (size: 484) - SHA256: 17d94e96963dd14c2da602a6073d5af159c974cddf5e1526eaaf2725ec1bf6df

#9 JavaScript::Write (size: 8261) - SHA256: 692535f2f230ac98666e2b219c1eb82c87e18292c95bea8ac190d570fa128ddc

#10 JavaScript::Write (size: 264) - SHA256: f3320d7a93b4107b884eba8624ede6ddd50f11586e46787b216f1eaa5cd7e0ae

#11 JavaScript::Write (size: 275) - SHA256: cbc71a4cb9daeaddc65be3f883d53fcc2cecee43aef8609f87eaf7503f999352

#12 JavaScript::Write (size: 1056) - SHA256: f16ae4f9310cc2dce19f79a05e9f41df29cb00dd9728a1c2663108d654534890

HTTP Transactions (263)

Network Intrusion Detection Systems