Overview

URL www.faproulette.co/36023/short-beta-denial/
IP104.21.93.213
ASNCLOUDFLARENET
Location
Report completed2022-10-01 05:31:33 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (41)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-30 21:46:18 UTC 18.164.68.8
mnemonic passive DNS camschat.net (3) 64292 2014-07-22 23:32:18 UTC 2022-10-01 05:15:08 UTC 66.230.180.98
mnemonic passive DNS chaturbate.com (2) 6807 2012-05-22 23:11:36 UTC 2022-10-01 05:12:51 UTC 104.18.100.40
mnemonic passive DNS pt-static1.ptlwmstc.com (1) 154690 2021-08-02 14:02:38 UTC 2022-10-01 05:15:13 UTC 93.93.51.200
mnemonic passive DNS hw-cdn2.adtng.com (1) 11917 2020-02-20 16:50:17 UTC 2022-10-01 04:26:47 UTC 209.197.3.25
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-10-01 04:08:14 UTC 104.18.32.68
mnemonic passive DNS cachew.camsoda.com (1) 163921 2015-08-13 03:16:23 UTC 2022-09-30 14:52:34 UTC 64.210.135.112
mnemonic passive DNS dss-relay-109-71-166-26.dditscdn.com (1) 0 2020-02-27 16:29:27 UTC 2022-09-30 14:14:44 UTC 109.71.166.34 Domain (dditscdn.com) ranked at: 153809
mnemonic passive DNS code.jquery.com (2) 634 2012-05-21 17:28:02 UTC 2022-09-30 05:18:50 UTC 69.16.175.42
mnemonic passive DNS netdna.bootstrapcdn.com (2) 3413 2012-09-07 15:11:00 UTC 2022-09-30 09:12:17 UTC 104.18.10.207
mnemonic passive DNS as.sexad.net (1) 86240 2012-05-22 03:40:32 UTC 2022-09-30 14:52:34 UTC 216.127.52.241
mnemonic passive DNS pt.wmptctl.com (3) 0 2022-03-02 17:02:35 UTC 2022-10-01 05:15:11 UTC 93.93.51.191 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (13) 175 2017-06-14 07:23:31 UTC 2022-09-30 04:55:27 UTC 142.250.74.3
mnemonic passive DNS a.adtng.com (2) 15165 2018-07-26 19:17:41 UTC 2022-09-30 21:01:30 UTC 66.254.114.171
mnemonic passive DNS www.faproulette.co (1) 0 2017-02-16 07:48:38 UTC 2022-09-24 08:11:25 UTC 104.21.93.213 Unknown ranking
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-10-01 04:06:13 UTC 64.233.165.155
mnemonic passive DNS static-assets.highwebmedia.com (2) 16059 2021-01-19 21:46:26 UTC 2022-10-01 05:12:53 UTC 104.16.94.42
mnemonic passive DNS awmbed.com (1) 460738 2022-01-26 09:22:20 UTC 2022-09-29 11:36:12 UTC 93.93.51.191
mnemonic passive DNS api-protected.protoawegw.com (1) 52858 2019-04-02 12:45:46 UTC 2022-10-01 05:15:13 UTC 93.93.51.225
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-30 05:34:07 UTC 18.164.68.59
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-30 04:56:26 UTC 34.117.237.239
mnemonic passive DNS pt-static2.ptlwmstc.com (1) 188311 2021-08-02 14:02:38 UTC 2022-10-01 05:15:12 UTC 93.93.51.200
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-10-01 04:09:18 UTC 151.101.86.137
mnemonic passive DNS galleryn11.awemdia.com (3) 0 2022-05-12 11:08:22 UTC 2022-09-29 11:27:39 UTC 93.93.51.190 Domain (awemdia.com) ranked at: 26880
mnemonic passive DNS bam.nr-data.net (2) 630 2015-02-10 00:06:27 UTC 2022-09-30 21:38:45 UTC 162.247.241.14
mnemonic passive DNS r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-09-30 04:55:29 UTC 23.36.77.32
mnemonic passive DNS ocsp.digicert.com (10) 86 2012-05-21 07:02:23 UTC 2022-10-01 04:10:38 UTC 93.184.220.29
mnemonic passive DNS fonts.googleapis.com (3) 8877 2013-06-10 20:14:26 UTC 2022-10-01 02:25:13 UTC 142.250.74.10
mnemonic passive DNS img.strpst.com (9) 12993 2021-06-03 08:45:56 UTC 2022-09-30 21:16:40 UTC 104.16.61.52
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-30 16:35:12 UTC 142.250.74.164
mnemonic passive DNS www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-09-30 23:06:25 UTC 142.250.74.174
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-30 05:12:28 UTC 52.40.161.235
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-01 04:02:08 UTC 34.120.237.76
mnemonic passive DNS m.sancdn.net (2) 89507 2012-09-29 23:09:57 UTC 2022-09-30 14:52:35 UTC 69.16.175.10
mnemonic passive DNS pt-static5.ptlwmstc.com (1) 182291 2021-08-02 14:02:38 UTC 2022-09-29 23:01:47 UTC 93.93.51.200
mnemonic passive DNS hw-cdn2.ang-content.com (4) 165651 2019-03-25 22:41:04 UTC 2022-09-29 07:49:01 UTC 205.185.208.20
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-10-01 01:41:12 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS adserver.juicyads.com (1) 36249 2012-05-21 13:14:28 UTC 2022-09-29 19:56:45 UTC 185.94.237.64
mnemonic passive DNS creative.xxxiijmp.com (3) 127961 2021-07-02 10:22:52 UTC 2022-09-24 13:22:20 UTC 172.64.145.216
mnemonic passive DNS pt-static4.ptlwmstc.com (1) 280409 2021-08-02 14:02:38 UTC 2022-10-01 05:15:12 UTC 93.93.51.200
mnemonic passive DNS promos.camsoda.com (1) 100954 2015-07-14 17:55:11 UTC 2022-09-30 14:52:34 UTC 64.210.135.112


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.93.213

Date UQ / IDS / BL URL IP
2022-11-28 02:15:54 +0000
0 - 0 - 1 ultmobiletools.com/sportsquiz/1000randgift.html 104.21.93.213
2022-11-23 07:49:46 +0000
0 - 0 - 1 ultmobiletools.com/sportsquiz/10000randgift.html 104.21.93.213
2022-11-08 10:26:00 +0000
0 - 0 - 1 ultmobiletools.com/sportsquiz/offer2.html 104.21.93.213
2022-11-05 18:51:11 +0000
0 - 0 - 1 ultmobiletools.com/sportsquiz/offer8b.html 104.21.93.213
2022-10-01 05:39:51 +0000
0 - 0 - 0 www.faproulette.co/7167/slut-training/ 104.21.93.213

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-02 10:31:33 +0000
0 - 0 - 6 tei.ai/lHInJhR 104.21.12.229
2022-12-02 10:30:55 +0000
0 - 0 - 1 dormister.com/clatters/cGFub3JhbWljIGluZGlhbi (...) 104.21.76.165
2022-12-02 10:29:07 +0000
0 - 0 - 1 gigantichavoc.top/ 104.21.27.76
2022-12-02 10:28:46 +0000
0 - 0 - 1 fineclues.com/overhasten-retinned-disoxidate/ (...) 188.114.96.1
2022-12-02 10:27:40 +0000
0 - 0 - 2 iowin-download.net/dowl/network-magic.exe 172.67.168.182

Last 5 reports on domain: faproulette.co

Date UQ / IDS / BL URL IP
2022-10-01 05:39:51 +0000
0 - 0 - 0 www.faproulette.co/7167/slut-training/ 104.21.93.213
2022-10-01 05:38:59 +0000
0 - 0 - 0 www.faproulette.co/c/79/slut-training/ 172.67.215.76
2022-10-01 05:36:18 +0000
0 - 0 - 0 www.faproulette.co/124/ultra-slut-fap-roulette/ 172.67.215.76
2022-10-01 05:31:33 +0000
0 - 0 - 0 www.faproulette.co/36023/short-beta-denial/ 104.21.93.213
2022-10-01 05:27:48 +0000
0 - 0 - 0 www.faproulette.co/32113/on-the-phone/ 104.21.93.213

No other reports with similar screenshot



JavaScript

Executed Scripts (54)


Executed Evals (3)

#1 JavaScript::Eval (size: 135, repeated: 1) - SHA256: 8b11862ea48988f8dc93832c51346c288be84b7bc2d776d74f50cb7d912ebc2a

                                        (function() {
    var a = google_tag_manager["GTM-WXTGF28"].macro(3);
    return srB = a.substr(a.indexOf(".com") + 4, a.length - a.indexOf(".com") - 4)
})();
                                    

#2 JavaScript::Eval (size: 84, repeated: 1) - SHA256: 44379bf89e3d499c6e5084c2762e92070d823eb0c3b4f20d8fa9adbafe954ba9

                                        (function() {
    var b = 23;
    return function(a) {
        a.set("dimension" + b, a.get("clientId"))
    }
})();
                                    

#3 JavaScript::Eval (size: 145, repeated: 1) - SHA256: a2bb9e7040697095a3076ee3136c7cff7dc38b1c78649fb5f6c6fb4145100030

                                        (function() {
    find = /G-(.*)/;
    gacode = "UA-86899934-6";
    return void 0 === gacode || "undefined" == gacode || "" == gacode ? "" : !0 === find.test(gacode) ? gacode : ""
})();
                                    

Executed Writes (0)



HTTP Transactions (111)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10191
Expires: Sat, 01 Oct 2022 08:21:13 GMT
Date: Sat, 01 Oct 2022 05:31:22 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.8
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 01 Oct 2022 05:02:25 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f6512440d57ffd5ad26662c2a1156906.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: XcPXYgorW3v5Y2ukj6niOmrn5bWpjZ-kgMMpC9FXPYmJgL1FZqVGVw==
Age: 1737


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.59
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 01 Oct 2022 03:33:18 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 d7a09e17a9797d15006b403215eeebe6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P4
x-amz-cf-id: QphYJt01hjid_ihtFAUhvhKf8Cf788H8G0hdPwr3dOsqX_OENqf_4w==
age: 7086
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 01 Oct 2022 05:31:22 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1860
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:31:22 GMT
Last-Modified: Sat, 01 Oct 2022 05:00:22 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5745
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:31:22 GMT
Last-Modified: Sat, 01 Oct 2022 03:55:38 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /jquery-3.3.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sat, 01 Oct 2022 05:31:23 GMT
content-encoding: gzip
content-length: 30288
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664602283.dop024.sk1.t,1664602283.cds240.sk1.hn,1664602283.cds072.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30288
Md5:    d549b312f7a7d228b4ec229a6547dfdc
Sha1:   0766794582ad530ec0f8c2595f741086afffa312
Sha256: f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /get/10007038?time=1562609948255 HTTP/1.1 
Host: a.adtng.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Cookie: adtool_guid=Ch5KImM3zyQFXCWQtY6qAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         66.254.114.171
HTTP/2 200 OK
content-type: text/html
                                        
server: openresty
date: Sat, 01 Oct 2022 05:31:23 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: RNLBSERVERID=ded7077; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 6337D0AA-42FE72AB01BB4051-3C6530C
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9067
Md5:    4e8147c57993a4c063b3bb7b08e81db9
Sha1:   7f7550905712c6b6e1092a7cc925ef7c4eb0ac9e
Sha256: 1808ab20a06d7b8f228122b9680d7cd58d24877270a1b76af58be1fc625e1b50
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Sat, 01 Oct 2022 05:31:23 GMT
date: Sat, 01 Oct 2022 05:31:23 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (850), with no line terminators
Size:   555
Md5:    e75e7b4c9bf71c4a14d5e1d1946b161a
Sha1:   36148f31ea702a23a3f0dafd907a9069234021e7
Sha256: e43b40968f165ec7b121020103aa40529d891aa2d03ead26ed47adefc4d6ab6d
                                        
                                            GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1 
Host: hw-cdn2.ang-content.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10372531
X-HW: 1664602283.dop229.sk1.t,1664602283.cds224.sk1.shn,1664602283.cds224.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (5027), with no line terminators
Size:   5027
Md5:    5e5817bcf4c82c7c85d1d88636d221ce
Sha1:   b5c32cc6c931c33c1297884016e13d3b9a5bf261
Sha256: 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
                                        
                                            GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1 
Host: hw-cdn2.adtng.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         209.197.3.25
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10661532
X-HW: 1664602283.dop211.sk1.t,1664602283.cds243.sk1.shn,1664602283.cds243.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (16885), with no line terminators
Size:   16885
Md5:    48c80c7c28b5b00a8b4ff94a22b72fe3
Sha1:   d57303c2ad2fd5cedc5cb20f264a6965a7819cee
Sha256: 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
                                        
                                            GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: netdna.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.faproulette.co
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Sat, 01 Oct 2022 05:31:23 GMT
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 617, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:23
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 96925c163e079ed3bedc1df54fe1dafe
cdn-cache: HIT
cf-cache-status: HIT
age: 17661664
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7532cfcdad6b1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
                                        
                                            GET /a7/creatives/1/49/812536/999836/999836_logo.png HTTP/1.1 
Host: hw-cdn2.ang-content.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.20
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Connection: Keep-Alive
ETag: "1623330442"
Content-Length: 111488
Last-Modified: Thu, 10 Jun 2021 13:07:22 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10701956
X-HW: 1664602283.dop067.sk1.t,1664602283.cds256.sk1.shn,1664602283.dop067.sk1.t,1664602283.cds258.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  PNG image data, 160 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size:   111488
Md5:    346f149ec46af48a594a68ceee622fab
Sha1:   0a176530458b598d8e68d77a306213942961e2c0
Sha256: 21d4bdd98a3fe5f2e09456521f87504d08f194ca517af5e051be57ad1911c5f4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 19:08:28 GMT
Expires: Fri, 07 Oct 2022 19:08:27 GMT
Etag: "b353bf1223c7a3f1bf97c2426dfaca2175a4e728"
Cache-Control: max-age=566823,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7532cfcd0e06b515-OSL

                                        
                                            GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 
Host: netdna.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Sat, 01 Oct 2022 05:31:23 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 723, 617, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-04-23 06:14:04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 84b303cdf31a4af7425c3922307f8d93
cdn-cache: HIT
cf-cache-status: HIT
age: 12712591
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7532cfccd8b40b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   7448
Md5:    fdce21a9171034de0319ad77f14be179
Sha1:   432aaa9ee98f926441b9e57176dc13b54a840bbc
Sha256: 602985c9e573e318cdf049a4981de7534a9c455d20c68b8d2c085eedfc615d78
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.faproulette.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 208635
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.faproulette.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 208635
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/kaushanscript/v14/vm8vdRfvXFLG3OLnsO15WYS5DG74wNI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.faproulette.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 17:28:49 GMT
expires: Fri, 29 Sep 2023 17:28:49 GMT
cache-control: public, max-age=31536000
age: 129754
last-modified: Tue, 26 Apr 2022 15:00:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 34728, version 1.0\012- data
Size:   34728
Md5:    9d8c616f488d1cbb3c235ae2a1679fb1
Sha1:   c56b4e0a9b2fc7973eb939bcb244f200f9508cfc
Sha256: cce6e5a4ccc41fd81d52d0802348827f4828bf7fc6b78e24002ed02a690d21b5
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.faproulette.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 04:15:02 GMT
expires: Sun, 01 Oct 2023 04:15:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
age: 4581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6388
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:31:23 GMT
Last-Modified: Sat, 01 Oct 2022 03:44:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   8042
Md5:    c3a75f0b2abf0a06b462a3170ff0e8c7
Sha1:   69d6f85a70bb8959ba32abe0ec82c6bf42111974
Sha256: 688ace32063670694437e64ecac4b816be748855b2bca8785a0b4b495bc414c7
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.8
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sat, 01 Oct 2022 04:33:04 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sat, 01 Oct 2022 05:08:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 35f1076ba1ff613e428e9cf6a2f57580.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: 9ErtWcLDVdeGIVW7J_dmafGcLlEQYYudahFjl3f9pVSz4S8HgeeAuA==
Age: 3510


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /icon?family=Material+Icons HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 01 Oct 2022 05:31:23 GMT
date: Sat, 01 Oct 2022 05:31:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1112
Md5:    9cc39281c7fd9ffc293d000f4d84ba8e
Sha1:   2dea97ec7a67d6ec31f75fb89b82928a0fab0020
Sha256: 271aabaa2d59e7470841de9498d2350143698cb5a52f8adb6bc9201678d28d9b
                                        
                                            GET /36023/short-beta-denial/ HTTP/1.1 
Host: www.faproulette.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: filterData=eyJ2aWV3ZWRIZWxwIjowLCJwcmVzZXQiOiJteS1hY2NvdW50IiwiZW5hYmxlTmV3RmlsdGVycyI6MCwic2hvd0JhY2tncm91bmQiOjEsInNob3dBbW91bnRzIjowLCJqdW1wVG9Sb3VsZXR0ZXMiOjEsInNob3dFeGNsdWRlZCI6MSwiZGlzYWJsZUZpbHRlcnNBdXRvbWF0aWNhbGx5IjoxLCJoZWFkZXJzIjp7ImNhdGVnb3JpZXMiOjAsInRhc2tzIjowLCJtb3JlIjowfSwiZmlsdGVyIjp7ImNhdGVnb3JpZXMiOnsiaW5jbHVkZWQiOltdLCJleGNsdWRlZCI6WyJzaG9wcGluZyIsImN1Y2tvbGQiLCJjYXJkcyIsImZlbWFsZSIsImRpYXBlciIsImNvdXBsZXMiLCJydXNzaWFuIiwiZ2VybWFuIiwiZnJlbmNoIiwib3RoZXItbGFuZ3VhZ2VzIiwidmlkZW9nYW1lIiwiZmFudGFzeSIsInBvcm5zdGFyIl19LCJ0YXNrcyI6eyJpbmNsdWRlZCI6W10sImV4Y2x1ZGVkIjpbXX0sImNvbXBsZXhpdHkiOnsiaW5jbHVkZWQiOltdLCJleGNsdWRlZCI6W119LCJtb3JlIjp7Im1pbmltdW0iOjAsIm1heGltdW0iOjAsInJhdGluZyI6MCwic3BlY2lhbCI6MCwiZHVyYXRpb24iOjB9fX0%3D; _ga=GA1.2.154561603.1664601889; _gid=GA1.2.1096900610.1664601889
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.21.93.213
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sat, 01 Oct 2022 05:31:22 GMT
vary: Accept-Encoding
set-cookie: PHPSESSID=mcqc4jhq9npphrome81q43pja7; path=/ filterData=eyJ2aWV3ZWRIZWxwIjowLCJwcmVzZXQiOiJteS1hY2NvdW50IiwiZW5hYmxlTmV3RmlsdGVycyI6MCwic2hvd0JhY2tncm91bmQiOjEsInNob3dBbW91bnRzIjowLCJqdW1wVG9Sb3VsZXR0ZXMiOjEsInNob3dFeGNsdWRlZCI6MSwiZGlzYWJsZUZpbHRlcnNBdXRvbWF0aWNhbGx5IjoxLCJoZWFkZXJzIjp7ImNhdGVnb3JpZXMiOjAsInRhc2tzIjowLCJtb3JlIjowfSwiZmlsdGVyIjp7ImNhdGVnb3JpZXMiOnsiaW5jbHVkZWQiOltdLCJleGNsdWRlZCI6WyJzaG9wcGluZyIsImN1Y2tvbGQiLCJjYXJkcyIsImZlbWFsZSIsImRpYXBlciIsImNvdXBsZXMiLCJydXNzaWFuIiwiZ2VybWFuIiwiZnJlbmNoIiwib3RoZXItbGFuZ3VhZ2VzIiwidmlkZW9nYW1lIiwiZmFudGFzeSIsInBvcm5zdGFyIl19LCJ0YXNrcyI6eyJpbmNsdWRlZCI6W10sImV4Y2x1ZGVkIjpbXX0sImNvbXBsZXhpdHkiOnsiaW5jbHVkZWQiOltdLCJleGNsdWRlZCI6W119LCJtb3JlIjp7Im1pbmltdW0iOjAsIm1heGltdW0iOjAsInJhdGluZyI6MCwic3BlY2lhbCI6MCwiZHVyYXRpb24iOjB9fX0%3D; expires=Sat, 15-Oct-2022 05:31:22 GMT; Max-Age=1209600; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1siJ0M7jkbRQa7QTWFPxjD7d2iXWULuuBn0evWdvotPIyfSeB89UVyAGKLgXP5s0LYTEQyASEFhqvxAhsQ4cGQOq23XZxNHmZrMavqnVpVfqv163TBstMKXQt7RUPKH9NlHSjPw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7532cfc90d8fb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (12231), with CRLF line terminators
Size:   172127
Md5:    061b79fbd0fb81eb3f689a0e9c5da725
Sha1:   2feabf70bcb8310fe3fd72f56f9a4b4a96922d4d
Sha256: a36bef0eac11b9f99560acc0c9da25001c3e86c5fb0b94b2b0faebc567fc9882
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sat, 01 Oct 2022 04:41:09 GMT
expires: Sat, 01 Oct 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 3014
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LbABWC09kNq5GvA1gI8yGA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.40.161.235
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Pk0+zG2HM1hEYpBMk8FYMgjc1zY=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?v=1&_v=j97&a=1347570785&t=pageview&_s=1&dl=https%3A%2F%2Fwww.faproulette.co%2F36023%2Fshort-beta-denial%2F&ul=en-us&de=UTF-8&dt=Short%20beta%20denial%20-%20Fap%20Roulette&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=AACAAEABAAAAAC~&jid=2136908038&gjid=2119275741&cid=154561603.1664601889&tid=UA-48334271-1&_gid=1096900610.1664601889&_r=1&_slc=1&z=2021754934 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.faproulette.co
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.faproulette.co
date: Sat, 01 Oct 2022 05:31:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    9e92e190700c1af4539b40c2171320a9
Sha1:   209bcdb79e6067b51091ce8586d4b977f25b67d8
Sha256: aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-48334271-1&cid=154561603.1664601889&jid=2136908038&gjid=2119275741&_gid=1096900610.1664601889&_u=AACAAEAAAAAAAC~&z=13740071 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.faproulette.co
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         64.233.165.155
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.faproulette.co
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 01 Oct 2022 05:31:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /adshow.php?adzone=461528 HTTP/1.1 
Host: adserver.juicyads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.94.237.64
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sat, 01 Oct 2022 05:31:24 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=49f82f0932d2d698d9590ed868dc5ea0; expires=Sun, 01-Oct-2023 05:31:23 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com juicy_data_1=YTowOnt9; expires=Tue, 04-Oct-2022 05:31:23 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 04-Oct-2022 05:31:23 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1368
Md5:    7fbf703ab6b832b4c0a365eaf3be278c
Sha1:   43485fe4beddb1dc0d0af378cc6fde52af913f67
Sha256: 8210bdfaecf0daf268cb9eabec79a10b243f756e8e9da87309cab405576b79c7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4271046983D92B71F87C4FDC7B5F2D788268FB57E1EAC19495B2946F802DF0B3"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8571
Expires: Sat, 01 Oct 2022 07:54:15 GMT
Date: Sat, 01 Oct 2022 05:31:24 GMT
Connection: keep-alive

                                        
                                            GET /adxad160x600/cbate-fap.html HTTP/1.1 
Host: camschat.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/adxad160x600/faproulette.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         66.230.180.98
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx
date: Sat, 01 Oct 2022 05:31:24 GMT
content-length: 448
last-modified: Sat, 23 Apr 2022 22:01:11 GMT
etag: "62647727-1c0"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   448
Md5:    9d83b1becc3f254f38cc598c383d7770
Sha1:   57cf9d28b910601d13b43e18d605872d47fc7c87
Sha256: 04f645ca81a18b1188b8b1f4189bdde5057455997dd2feda1d79e137b6421bee
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:24 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 02:40:06 GMT
Expires: Thu, 06 Oct 2022 02:40:05 GMT
Etag: "3b94a1b6ad9a419e14e7884e579f80e5f6c30177"
Cache-Control: max-age=421120,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7532cfd73d78b515-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3B953E092A71570CA63C4B4B6029DEF2BEC50A0F0C499020F792CC0B8993A27A"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10799
Expires: Sat, 01 Oct 2022 08:31:23 GMT
Date: Sat, 01 Oct 2022 05:31:24 GMT
Connection: keep-alive

                                        
                                            GET /assets/img/camsoda-logo-160x50.png HTTP/1.1 
Host: cachew.camsoda.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promos.camsoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         64.210.135.112
HTTP/2 200 OK
content-type: image/png
                                        
date: Sat, 01 Oct 2022 05:31:24 GMT
content-length: 4520
last-modified: Mon, 02 May 2022 15:02:15 GMT
etag: "626ff277-11a8"
expires: Sun, 22 May 2022 14:47:25 GMT
access-control-allow-origin: *
cache-control: max-age=1296000, public, no-transform
accept-ranges: bytes
x-cdn-diag: ams5-7619-3-51815-h-0-0---;6249-22-21482----0-0-0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 160 x 50, 8-bit colormap, non-interlaced\012- data
Size:   4520
Md5:    a26f6cb889250cca822d07ed1fa17020
Sha1:   20b51a9dbe0928016d917e71b809c4f01a13d16f
Sha256: fb6f54664e2adec6f304d47e544629a3ae46b0fdeb9ac1daab247f817ef2be13
                                        
                                            GET /widgets/v4/MobileSlider/?buttonColor=&campaignId=juicy-faproulette&creativeId=&domain=stripchat&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=0&showTitle=1&sound=off&sourceId=&tag=females&targetDomain=&trackOff=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd HTTP/1.1 
Host: creative.xxxiijmp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://camschat.net/
Connection: keep-alive
Cookie: __cflb=02DiuDfsBaY2bRYJiCeRhAptQvDh5wz7mpyhBkSq64pyr
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.64.145.216
HTTP/2 200 OK
content-type: text/html
                                        
date: Sat, 01 Oct 2022 05:31:24 GMT
last-modified: Mon, 26 Sep 2022 07:31:44 GMT
expires: Sat, 01 Oct 2022 05:31:28 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status: HIT
age: 5
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532cfd76bf1b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   335
Md5:    1177105b3d23cfdfd280c63b9e7a1ca1
Sha1:   9f408c4c2a2e86874a879985c6b9c47e18383390
Sha256: 62c577797051e1e0362e92280a248988a80c6bee7a0e1b0c4b085db50e85820e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "70ED38D5E87CF71642E3A7F614463392A86B918EC87FAAA2C54F3431DDF2042A"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9959
Expires: Sat, 01 Oct 2022 08:17:23 GMT
Date: Sat, 01 Oct 2022 05:31:24 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   2202
Md5:    57606c4f57d6d105230e2e8e10a39ced
Sha1:   44efd526e481793e96554295a63234c9c618bf24
Sha256: f9c318824e34afaa6fae1b7c542848601623f379474ca52030e4ab989ea50d3f
                                        
                                            GET /tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0 HTTP/1.1 
Host: chaturbate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://camschat.net/
Connection: keep-alive
Cookie: __cf_bm=EAJlOc3egZIGh3l3Ti8i6QHuBNaYlYJVU7mqYhXmZ5U-1664601893-0-AQrVvBvQ+hk/D0e0UAKeIwPGdD/DBCaXnBoEGDbW9GKIiI3UF9oUQelOX2XZ1oK9PgohFKBfZ03ZKFFns2HXG70=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.100.40
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
vary: Accept-Encoding, Accept-Language, Cookie
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
set-cookie: stcki="pOtSwZ=0\054FqPd9a=0\0546pduSG=0\054aDBbcK=1"; expires=Mon, 31-Oct-2022 05:31:24 GMT; Max-Age=2592000; Path=/ affkey="eJyrVipSslJQyigpKSi20tdPTswtTs5ILNHLSy3RV6oFAJUzCgA="; Domain=.chaturbate.com; expires=Mon, 31-Oct-2022 05:31:24 GMT; Max-Age=2592000; Path=/ sbr=sec:sbr2d308c38-866e-4865-b4d2-3ffcbbe0d021:1oeV5w:dQFp0cs8nR1Xa11TKyTlZrbv2EI; Domain=.chaturbate.com; expires=Thu, 26-Jun-2025 05:31:24 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7532cfd87b7cb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (31162)
Size:   23044
Md5:    22adc69013f02c77bc024315cb710223
Sha1:   27890e6ab85ebaf50fdc5293db5a2db6e98fdac0
Sha256: dc36472b02787d28514003c91194211e4cc1a91cf5076aa98b30eca1ef48e761
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EE61B3C36BF3526865612DDAAC4107FE3E36B810CFC5986E985AB51B1D64D4A"
Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11087
Expires: Sat, 01 Oct 2022 08:36:12 GMT
Date: Sat, 01 Oct 2022 05:31:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EE61B3C36BF3526865612DDAAC4107FE3E36B810CFC5986E985AB51B1D64D4A"
Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11087
Expires: Sat, 01 Oct 2022 08:36:12 GMT
Date: Sat, 01 Oct 2022 05:31:25 GMT
Connection: keep-alive

                                        
                                            GET /npe/_common/script/adblock/advertisement-v932169.js HTTP/1.1 
Host: pt-static4.ptlwmstc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.200
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 21
last-modified: Fri, 30 Sep 2022 11:19:11 GMT
etag: "6336d0af-15"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   21
Md5:    01c6e7ecb819ef28b0c9b962513a1596
Sha1:   1a49f493db7b91ed34a7040d36732352b9a5dc39
Sha256: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12424
Expires: Sat, 01 Oct 2022 08:58:29 GMT
Date: Sat, 01 Oct 2022 05:31:25 GMT
Connection: keep-alive

                                        
                                            GET /npe/ba/fklf/script/fk.lf-v932169.js HTTP/1.1 
Host: pt-static2.ptlwmstc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.200
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
last-modified: Fri, 30 Sep 2022 11:19:12 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6336d0b0-4ff3b"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   117647
Md5:    de2816e5518608c31cce75d674b0be7a
Sha1:   932615d1f95756c7a2bd6611d85f0cdbad47fd1e
Sha256: 1f8feb2778f1a0a56674a8d57b55dd4564de405612bebd30df5754b618af94c2
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12424
Expires: Sat, 01 Oct 2022 08:58:29 GMT
Date: Sat, 01 Oct 2022 05:31:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12424
Expires: Sat, 01 Oct 2022 08:58:29 GMT
Date: Sat, 01 Oct 2022 05:31:25 GMT
Connection: keep-alive

                                        
                                            GET /adxad160x600/faproulette.php HTTP/1.1 
Host: camschat.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         66.230.180.98
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sat, 01 Oct 2022 05:31:24 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.3
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1286), with CRLF, LF line terminators
Size:   3616
Md5:    544f78f5427ce6610d59d15aa8e4e3e7
Sha1:   0c168f2f102941ee9c8c801441f3cefd856807cf
Sha256: ce0ff60e45713bc69a7b72f7af7461ce124fa82651627fd25fb4d759496bd854
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a3fdfee-41fa-48e2-a92a-744050d16fbe.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13384
x-amzn-requestid: c643d8db-041f-4e98-888d-63375dde9721
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZM65TEujIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63350b6e-232161f74a65138a122f7cf7;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 03:05:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0qGoRJUOZ5pSfaO1f7DWFB-oRI7zkyIFFfAcbOWNhy3p2EKCD1VdwA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 03:52:25 GMT
age: 5940
etag: "8b72969c2c5cff7c8200e8c8a4b3d504565a97fd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13384
Md5:    1d55a4b7e79062b396f5fd06b44cd637
Sha1:   8b72969c2c5cff7c8200e8c8a4b3d504565a97fd
Sha256: 338682591e594c0cf51fd671a43ff1b0d265b2713dc8504f05b00f93ddf5c57e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0222b19-e28d-42f0-b085-23b2b665419f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5845
x-amzn-requestid: 5f7a3d43-3c65-4cde-9b7f-fcb6223200c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLEEchIAMFTjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-027b8cc4272f027521eea8c7;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gsT8eVPGsaXk-982_8xS2qNOhEG6lWsrXtJf3AD9VsgZVtyOQHjPvg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:00:47 GMT
age: 27038
etag: "aad835c1f25a742cc8f3b8f695ddc2a8a83220b9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5845
Md5:    bf40d5ad9837589adb9464463083ed29
Sha1:   aad835c1f25a742cc8f3b8f695ddc2a8a83220b9
Sha256: 9883621d6a4802c1d12e6c8c4dd5a194a81ee84bbede42da853a9e23027aaa09
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7a423b5-e320-4013-8cd9-2455b244e410.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3069
x-amzn-requestid: 957bbcc7-0ce0-42b6-bec6-588f9e1c6369
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCH6DoAMFaHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-5a514967208e92343e0f3778;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tnGcmRZcp0_ckYfYvD37C_1Vswk5FoLIhno4dWw39OJ3fqmhIMss2Q==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:15:59 GMT
age: 26126
etag: "069a451b50182aed754301cbc2eb776abe469a52"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3069
Md5:    e22123802c6c1a89ff2b12b8ebb4478a
Sha1:   069a451b50182aed754301cbc2eb776abe469a52
Sha256: 4edccb57b366cf6460219d86ea13dd54cb0bcf3581604a5139859bf809df2b13
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: f0791b53-3c5f-4d94-954d-992a529ebb60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPnunF35oAMFYbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63361ff6-2adb303349153ced73ccecf6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 22:45:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RGS_T9Cwl5Vjs_bxngHRomiYppE5fLe0SnH19VEfc5-PCT5tb5ku1A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 04:40:52 GMT
age: 3033
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8299
x-amzn-requestid: 91eed6b6-632f-472b-93d7-4192425fcdfd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLDF0SoAMFWgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-17bb04894cc786555d693ec3;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8JvNUZRyYeZjd4ZxOrGMCbJxVf46NRhiHXsFvCAZn2QeUkdCzKoYbw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:15:58 GMT
age: 26127
etag: "2df7db53629c7adda2c0a4dfe9c17791b73a75e1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8299
Md5:    0d31a422078d02bda318c693c05a58dc
Sha1:   2df7db53629c7adda2c0a4dfe9c17791b73a75e1
Sha256: a07fe4e135b52da6dfa9d8a55684f0a3bf5f5ce52c4064c8ab37836a939902a9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff75296c6-86fa-46e7-b1f9-5afb645a7a08.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11252
x-amzn-requestid: 53406cae-6d5f-4700-ac5a-c26bb7762252
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPtTgEsHoAMF53w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633628e3-5a23515e02caea594e05e6a9;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 23:23:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sZ9hZoWRNQHI7VbLr5ygsJeXKr0OsnbSSas1v0O_vXKSEUK6canMKA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 16:23:58 GMT
age: 47247
etag: "feafba2465f9b352eef2a2dc57e7c52446ff2cc0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11252
Md5:    6d5dcd5bfb41659d9b347d19af17853b
Sha1:   feafba2465f9b352eef2a2dc57e7c52446ff2cc0
Sha256: 10904009b4b7b80c6931ea54981bc5ee51b5b71b5407da20e2d22962d9fab32e
                                        
                                            GET /nr-spa-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 01 Oct 2022 05:31:25 GMT
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 1395
x-timer: S1664602285.392311,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32010)
Size:   18216
Md5:    6561a2403142205f966207d61576f1a6
Sha1:   1310e72f494e12ab63a4280fc1600a2c89dc9bb8
Sha256: 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
                                        
                                            GET /npe/image/smilies_ex.png HTTP/1.1 
Host: pt-static1.ptlwmstc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.93.51.200
HTTP/2 200 OK
content-type: image/png
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 8533
last-modified: Tue, 27 Sep 2022 12:38:37 GMT
etag: "6332eecd-2155"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 536 x 138, 8-bit colormap, non-interlaced\012- data
Size:   8533
Md5:    53fc00ebf44066190d5faea2a7931e7c
Sha1:   21178ac1ffb10f958d26d17a0fe49d5d31a00720
Sha256: 63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c
                                        
                                            GET /jquery-2.1.3.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-encoding: gzip
content-length: 29507
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-14960"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664602285.dop024.sk1.t,1664602285.cds240.sk1.hn,1664602285.cds215.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32180)
Size:   29507
Md5:    de4fdb8e2e5d9b9624bad7ed2b726525
Sha1:   053a31e8e83b261e3863c4f9e652caba910a2b89
Sha256: f44c9556d0ecebc0716a7fce2899c0b40ed96394bebafb2937f4305bf3b118f3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1364
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:31:25 GMT
Last-Modified: Sat, 01 Oct 2022 05:08:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ff268cab8d9fbae1ed7506f97496274f19/96463f2d8b0d41a6e98522a8ed8e0ddf_glamour_896x504.jpg HTTP/1.1 
Host: galleryn11.awemdia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.190
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 86886
last-modified: Sun, 28 Aug 2022 15:46:16 GMT
etag: "fd76da4395fa41bae84990bfb3e5acfa"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 15 Oct 2022 05:31:25 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Size:   86886
Md5:    fd76da4395fa41bae84990bfb3e5acfa
Sha1:   68f871b6f0735ff90673e46ab8b29060bdb64311
Sha256: baa0224eac091090870acbc3fe6d7f50d6531ff5be7262deda5db440498c54db
                                        
                                            GET /common/fontawesome-430/font-awesome.min.css HTTP/1.1 
Host: m.sancdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 01 Oct 2022 05:31:25 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 23685
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1664602285.dop207.sk1.t,1664602285.cds071.sk1.shn,1664602285.cds071.sk1.c


--- Additional Info ---
Magic:  ASCII text, with very long lines (23523)
Size:   23685
Md5:    3738ef90dad175977dc8a695809bb71a
Sha1:   98aa676ba7987caa86d49ab1b71f73896d08ad13
Sha256: c86f7b62a894d5799f1aa0a535efb34ed6f914447f901f1da50c837dee13fa72
                                        
                                            GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=774&ck=1&ref=https://chaturbate.com/tours/3/&ap=37&be=433&fe=618&dc=504&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664602281235,%22n%22:0,%22r%22:2,%22re%22:210,%22f%22:210,%22dn%22:210,%22dne%22:210,%22c%22:210,%22s%22:210,%22ce%22:210,%22rq%22:217,%22rp%22:408,%22rpe%22:408,%22dl%22:417,%22di%22:504,%22ds%22:504,%22de%22:506,%22dc%22:617,%22l%22:617,%22le%22:619%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFMKB1pXBQkOA1UABlcDARh4Yy8TFUMhJTshCU0XAwdZHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwsFUVNcAFUBGAEHV1QUVVpVUU4EDVELHFJXXwIAAQFTAgkHCBNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEZaWQBFFw8HF0tBShtHXEAUVEoVPQ4BFw5WURsLQ3Z8NUBPRhMfTV1WXz5HXBMRCgsNRAMXCh9WExVDFwI7BwNPXFpUPldYDAsPHUFcG3pNWQRDG01AFgU8AlxDUFIEbk0YEgZGWURdUEpaFV5JQ05BEQI5VkZmVwBcUA0bQV5BKlBbTElDHRsUAzwLEDlPUEtCCF5XQ1hBRk9ETFRmUxNeThIHETsFB1RcVUhDCxsnCxEBBQlBFxUTFFBmAxAMExADS2pPVBNCUA4MQV5BXw8bCRNNE0wAPRAQEQ9XUhsLQ3xWGwsPCAJJDBsJEUlpCFBZQygKCExNGUlZB2ZXVlhEERADDA8fURgZJgcADwxJCwUIAVEACVBCJQ0RA19aQR5YBxdRQE9GBA9NalpeDFxQFUBZRgJQWAUMAwNQDVZVB0ZPRElUS1AMQhtbQBg4QRJWQEttQwsZPUAbVTECZRcVET0TWgAPEwUKAVdpGwtBbRsVAywXITobGRltQ1JlQ1hDOEFXZRcVET0TST1AWUQ/RAlpGx1BbRsGBw0ABhRlFwMRPRNfPUBPRD9EXVxKUANdXD4RDBENAmUXAxE9Ewk9QB5GT0RcWVBWCFNVBD0QFA8PTWpNVBJFSkNYQUQnFVpDS3NQEX0SARUWIVQZcUpSF0N7UkInFwAQS3cNEUMdGwQOCgMKBFVQZkIRXVAVPRcBEBJKaldCQwsbQQYKFwAJT1BLSD5BWAYHQ0ZPRFhWTVgXVGYSEg8NFzlNUEpFEhMDQ0InFwAQS3cNEUMdGwABFw0VA2ZGSV0IRWYVBxAQEDlXRhsLQxFdCBEACxUDS0xmQQBWXEFAHhk%3D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Sat, 01 Oct 2022 05:31:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7532cfdc2b3dfac8-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=6db7d62ab6cb8669; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            GET /px.gif?stno=3-937-fap247.com-0-5106-0-0-3003-4398-5&p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=160&adHeight=120&niche=female&fontSize=12&font_color=%23fff&background_color=%23000000&hn=fap247.com&AFNO=1-406&cam=0&adv=0&ctry=NO&lang=en&dev=Other HTTP/1.1 
Host: as.sexad.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=160&adHeight=120&niche=female&fontSize=12&font_color=%23fff&background_color=%23000000&hn=fap247.com&AFNO=1-406
Cookie: iid=5598-1664602285; ust=1664601894
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.127.52.241
HTTP/1.1 200
Content-Type: image/gif
                                        
Server: nginx/1.18.0
Date: Sat, 01 Oct 2022 05:31:25 GMT
Content-Length: 35
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Access-Control-Allow-Origin: *
Set-Cookie: ust=1664601894; expires=Tue, 28-Sep-2032 05:31:25 GMT; Max-Age=315360000; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1\012- data
Size:   35
Md5:    729c3007a8ed0597531b0c76d54a94bb
Sha1:   90fe9b8a8142548fdfab29f59cb0a164a0eaef81
Sha256: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
                                        
                                            GET /ff268cab8d9fbae1ed7506f97496274f10/01aabdd22a59787bc4eb897b5451cf15_glamour_896x504.jpg HTTP/1.1 
Host: galleryn11.awemdia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.93.51.190
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 93594
last-modified: Thu, 18 Aug 2022 09:48:12 GMT
etag: "4f61f64d2075e84c883d1c64a1b0cd7f"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 15 Oct 2022 05:31:25 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Size:   93594
Md5:    4f61f64d2075e84c883d1c64a1b0cd7f
Sha1:   314c7cd5060ae3cfe06dc00776f3c92df1440ed2
Sha256: cb0472c6f813fab73690d735a5803789644d7ff495cc99e30f0614a58397bfff
                                        
                                            GET /ff268cab8d9fbae1ed7506f97496274f17/73381569e189a81e26d0996c0ba2c628_glamour_896x504.jpg HTTP/1.1 
Host: galleryn11.awemdia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.93.51.190
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 38137
last-modified: Tue, 27 Sep 2022 06:38:13 GMT
etag: "7218391e5c322e9fc5764b62d939252b"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 15 Oct 2022 05:31:25 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPCM), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Size:   38137
Md5:    7218391e5c322e9fc5764b62d939252b
Sha1:   1570e34e56475006d9fafb04f1780353fe95b157
Sha256: 488ad8cf7d1a2cc37fe430ab86031330d614c2f2d8e2305b2f725c1f497c0e38
                                        
                                            GET /MQqUC/8bC.gif?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=319_1&psprogram=cbrnd&campaign_id=121218&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net HTTP/1.1 
Host: pt.wmptctl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=319_1&psprogram=cbrnd&campaign_id=121218&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         93.93.51.191
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 31-Oct-22 05:31:25 GMT; SameSite=None; Secure
expires: Sat, 01 Oct 2022 05:31:24 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST /events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1053&ck=1&ref=https://chaturbate.com/tours/3/ HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1899
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sat, 01 Oct 2022 05:31:25 GMT
Content-Length: 24
Connection: keep-alive
CF-Ray: 7532cfddbbbffac8-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   24
Md5:    bc32ed98d624acb4008f986349a20d26
Sha1:   2d3df8c11d2168ce2c27e0937421d11d85016361
Sha256: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4727
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:31:25 GMT
Last-Modified: Sat, 01 Oct 2022 04:12:38 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 301
Cache-Control: max-age=171284
Date: Sat, 01 Oct 2022 05:31:25 GMT
Etag: "6337c994-117"
Expires: Mon, 03 Oct 2022 05:06:09 GMT
Last-Modified: Sat, 01 Oct 2022 05:01:08 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5676
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:31:25 GMT
Last-Modified: Sat, 01 Oct 2022 03:56:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 301
Cache-Control: max-age=171284
Date: Sat, 01 Oct 2022 05:31:25 GMT
Etag: "6337c994-117"
Expires: Mon, 03 Oct 2022 05:06:09 GMT
Last-Modified: Sat, 01 Oct 2022 05:01:08 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6355
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:31:25 GMT
Last-Modified: Sat, 01 Oct 2022 03:45:30 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /thumbs/1664601893/23338175 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 57783
cf-bgj: imgq:100,h2pri
cf-polished: origSize=60107, status=webp_bigger
etag: "b635faf01032cbe4dcd8abd11e7bd6ac"
last-modified: Sat, 01 Oct 2022 05:25:02 GMT
cf-cache-status: HIT
age: 329
expires: Sat, 01 Oct 2022 05:36:25 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532cfdf1f041c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Size:   57783
Md5:    c7d5b8d5bf621b05a8a1273a3c99a7af
Sha1:   381478d7e2baad1834fdb0a18a0632fbe6073900
Sha256: 91911ded3b0369bae49f35831ea03466a716b1cff55c0ca29592c7a2edc70898
                                        
                                            GET /thumbs/1664601885/4826075 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 45904
cf-bgj: imgq:100,h2pri
cf-polished: origSize=47168, status=webp_bigger
etag: "5749633b0a45e082ab04e45c5d2a8c28"
last-modified: Sat, 01 Oct 2022 05:25:34 GMT
cf-cache-status: HIT
age: 294
expires: Sat, 01 Oct 2022 05:36:25 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532cfdf1f021c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Size:   45904
Md5:    bc243b74c592e3b714ec00506333c62b
Sha1:   4734dcafbbbe89e0d9fe935930675959f87a9fd2
Sha256: 794dfc86c080c4d5c70bb9550c1fa1dcb80989df35a0a6e90358f2fdc8eb9395
                                        
                                            GET /thumbs/1664601883/34946535 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 28274
cf-bgj: imgq:100,h2pri
cf-polished: origSize=29587, status=webp_bigger
etag: "b8d28899609a3708b543c7645c1cac8e"
last-modified: Sat, 01 Oct 2022 05:25:04 GMT
cf-cache-status: HIT
age: 329
expires: Sat, 01 Oct 2022 05:36:25 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532cfdf1f051c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Size:   28274
Md5:    43c7cf113ff54e169d61d8f347ec7043
Sha1:   3150eedf3b29a838e31b1e445ee00ce87870f424
Sha256: 20fee4926b91f851279a36a2e53751d9c399fafdb21c8fb5f11108dd8e333f7a
                                        
                                            GET /thumbs/1664601893/88788993 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 38303
cf-bgj: imgq:100,h2pri
cf-polished: origSize=40048, status=webp_bigger
etag: "190fc3f5d34c794418cb9eef9fe6b3ce"
last-modified: Sat, 01 Oct 2022 05:28:09 GMT
cf-cache-status: HIT
age: 170
expires: Sat, 01 Oct 2022 05:36:25 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532cfdf1f081c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Size:   38303
Md5:    5649de6649155125bc21091c7ef03bd6
Sha1:   742a60d62f6a5c519462acdf7b8d00a95e1bd765
Sha256: d250fd6acf6685f449b4044106569560b5afb9305fd96441a98fb204a3b1f7b2
                                        
                                            GET /thumbs/1664601899/72718184 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 26773
cf-bgj: imgq:100,h2pri
cf-polished: origSize=28002, status=webp_bigger
etag: "f146035e8e6545bd8a2f6ca29e1fef1e"
last-modified: Sat, 01 Oct 2022 05:28:06 GMT
cf-cache-status: HIT
age: 170
expires: Sat, 01 Oct 2022 05:36:25 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532cfdf2f0d1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Size:   26773
Md5:    6696e423d315e51f7ed4f9e371fa7375
Sha1:   34e00dc99c8314661c1a6735b561e964885cefd2
Sha256: b79069692d17938c79184e458c552a647b445fbe3b768bcde0dc806afed61c67
                                        
                                            GET /thumbs/1664601895/7598957 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 16894
cf-bgj: imgq:100,h2pri
cf-polished: origSize=17601, status=webp_bigger
etag: "27eeac42d954a78df4cfa4c26abacd3e"
last-modified: Sat, 01 Oct 2022 05:24:44 GMT
cf-cache-status: HIT
age: 345
expires: Sat, 01 Oct 2022 05:36:25 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532cfdf2f0c1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Size:   16894
Md5:    47b87fc8ff0e2e8409f7c5712b68ce80
Sha1:   e7c499ed512c5f8ab484d5e9ae63a2ff1f8b53ac
Sha256: ed42ed0592f64bc9804698b652ae690454989247e22ccc6cb4b6e2e9de951ae3
                                        
                                            GET /thumbs/1664601883/90182656 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 22090
cf-bgj: imgq:100,h2pri
cf-polished: origSize=23362, status=webp_bigger
etag: "e8c235f2db842e4f09b1088f2ecb26fd"
last-modified: Sat, 01 Oct 2022 05:25:10 GMT
cf-cache-status: HIT
age: 329
expires: Sat, 01 Oct 2022 05:36:25 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532cfdf6f2a1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Size:   22090
Md5:    d39e0b79c04dacf528bec17b24364583
Sha1:   4b2224359224753809eb8087777cf0b979c22e35
Sha256: 3f7546f06b753144f2a56729ed6f13da43cbc6e01cf1c288427c0bbe7c4e7a41
                                        
                                            GET /thumbs/1664601893/68029226 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 24684
cf-bgj: imgq:100,h2pri
cf-polished: origSize=25760, status=webp_bigger
etag: "9f317bc4b2f16adee9f520820c011c1f"
last-modified: Sat, 01 Oct 2022 05:25:06 GMT
cf-cache-status: HIT
age: 329
expires: Sat, 01 Oct 2022 05:36:25 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532cfdf6f271c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Size:   24684
Md5:    39e43527d66f079a76d3294e60a4e745
Sha1:   42bc03b83a852f8b593e2ac8f32e040af28bd835
Sha256: f023179a0a8c419c9d6c8677ec20a83485e414ff22c6492c5ad99d22763ea305
                                        
                                            GET /thumbs/1664601885/17085196 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
content-length: 48258
cf-bgj: imgq:100,h2pri
cf-polished: origSize=50148, status=webp_bigger
etag: "bea9ddc8255934ed410115d6b9bedaaa"
last-modified: Sat, 01 Oct 2022 05:25:01 GMT
cf-cache-status: HIT
age: 329
expires: Sat, 01 Oct 2022 05:36:25 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532cfdf6f2e1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Size:   48258
Md5:    77a35b5b1583a109ffebed0a148e25ca
Sha1:   c2c5574fea3d1d05c59955539fd010453dc7e2cc
Sha256: 4f4bf698f3dad6e7bd51210c77d6184de2cf748bef8cb06da5df0e11dbcff514
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5677
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 05:31:26 GMT
Last-Modified: Sat, 01 Oct 2022 03:56:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B71777E4EC4588DE203A1AE82D3A5634E324D7E97ED4A16E3C6A8A4EC06CF4B6"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14923
Expires: Sat, 01 Oct 2022 09:40:09 GMT
Date: Sat, 01 Oct 2022 05:31:26 GMT
Connection: keep-alive

                                        
                                            GET /npe/ba/elf/script/elf-v932169.js HTTP/1.1 
Host: pt-static5.ptlwmstc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.93.51.200
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 01 Oct 2022 05:31:26 GMT
last-modified: Fri, 30 Sep 2022 11:19:12 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6336d0b0-8a372"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   187955
Md5:    0504f66e487b0acc98d4442e6c1ff478
Sha1:   35a3dda48a72c83b11ed2ce1dcf8f30582f9e712
Sha256: 1025519cc34cc183a3c5b9e46e85ff2d3d44377543b9441aa5b3dbb648c88946
                                        
                                            GET /v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&product=livejasmin&presets=&certified=0&streamType=rtmp&category=girl&performerIds[]=HarleyJim HTTP/1.1 
Host: api-protected.protoawegw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pt.wmptctl.com/
Origin: https://pt.wmptctl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.225
HTTP/2 200 OK
content-type: application/json
                                        
date: Sat, 01 Oct 2022 05:31:26 GMT
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE, PATCH
server: unknown
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   73212
Md5:    d05451faaeb77f3c8e56b63f4121304d
Sha1:   c1b4dcb1ecc9793275217136abee5c07664ff231
Sha256: cd0e208152374103c9638c81ae0f00ebd68b17ba5ef3958a647956d1bd52f0f8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 05:31:26 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 19:51:04 GMT
Expires: Fri, 07 Oct 2022 19:51:03 GMT
Etag: "cbbe1668607d908eb9d6313959c491dc291e5d84"
Cache-Control: max-age=569376,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7532cfe42e4db515-OSL

                                        
                                            GET /?psid=&pstool= HTTP/1.1 
Host: dss-relay-109-71-166-26.dditscdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://pt.wmptctl.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ERwW4DKclYa4URSw7lVp8w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         109.71.166.34
HTTP/1.1 101 Switching Protocols
                                        
Server: unknown
Date: Sat, 01 Oct 2022 05:31:26 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GRVk5zUjZPN0DJSCdhK5tiH4N4M=

                                        
                                            GET /adxad160x600/awe.php HTTP/1.1 
Host: camschat.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/adxad160x600/faproulette.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         66.230.180.98
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sat, 01 Oct 2022 05:31:24 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.3
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /in/?track=juicyads-faproulette&tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f HTTP/1.1 
Host: chaturbate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Cookie: __cf_bm=EAJlOc3egZIGh3l3Ti8i6QHuBNaYlYJVU7mqYhXmZ5U-1664601893-0-AQrVvBvQ+hk/D0e0UAKeIwPGdD/DBCaXnBoEGDbW9GKIiI3UF9oUQelOX2XZ1oK9PgohFKBfZ03ZKFFns2HXG70=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.18.100.40
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Sat, 01 Oct 2022 05:31:24 GMT
location: /tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
set-cookie: u_x1Rd=1; expires=Thu, 06-Oct-2022 05:31:24 GMT; Max-Age=432000; Path=/ us_x1Rd=1; Path=/ affkey="eJwdzDsKgDAQhOGryNZq0NLSCwjeYF0TfEVDMoIi3l3W8udj5iFQk9FV9SPlGYkPmuAutdqIq/ZyznLzmArHIR7nZgGrHBUnIKTGGGGfZGKUu4VRZefU5R5s9PP6L/77uqL3A5fXJBI="; Domain=.chaturbate.com; expires=Mon, 31-Oct-2022 05:31:24 GMT; Max-Age=2592000; Path=/ fromaffiliate=1; Domain=.chaturbate.com; Path=/ noads=1; expires=Sat, 01-Oct-2022 11:31:24 GMT; Max-Age=21600; Path=/ stcki="pOtSwZ=0\054FqPd9a=1\0546pduSG=0\054aDBbcK=0"; expires=Mon, 31-Oct-2022 05:31:24 GMT; Max-Age=2592000; Path=/ sbr=sec:sbrbb6a3bc8-2ab4-4937-b07b-f1db010fc5d1:1oeV5w:VkbUW-afAHzuLwex4jTNGL6_iH8; Domain=.chaturbate.com; expires=Thu, 26-Jun-2025 05:31:24 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7532cfd76ac6b4e8-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /CACHE/css/output.5c1e955e3832.css HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.94.42
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=63849
etag: W/"03c072147fa475d9bd57bcc9b73d3260"
last-modified: Thu, 22 Sep 2022 16:22:00 GMT
x-amz-id-2: src6WemkBrmxeGDZVP+4ipre01PPVsPb7jxfzfVQ0ssDy7l2IzQ439zT3Wf7YWS5u4ixFo+mPb4=
x-amz-meta-s3cmd-attrs: md5:03c072147fa475d9bd57bcc9b73d3260
x-amz-request-id: 12Q62S61BDK4RBY8
cf-cache-status: HIT
age: 738385
expires: Mon, 31 Oct 2022 05:31:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88nOdOyTTCnXK9OJYPWPHqF3e3FCtch16CW%2Bf6zAJ%2BT1%2BzSpMNAroqtN2kGuMHNNPI9IlkVrUZHPWakhuL%2F%2F5VRFazcb0qP4fP8MrXOMBJANyIlTHVOwRVejvTfFH7Fo%2FK4zOdEi4RG76W7ekIUlCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=dw.TZbLDM2FAqxID6cuYVmAajgtjZq0jyV8546NQg4c-1664602285122-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7532cfd9fea0b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /CACHE/js/output.6f6724a00cb8.js HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.94.42
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 01 Oct 2022 05:31:25 GMT
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"a708027bfbbde438a72a93082d4bc4b5"
last-modified: Thu, 24 Jun 2021 21:24:05 GMT
x-amz-id-2: JSy2VAlm3gAahvlCm5/iqNOQuasckcIrq13CGup8iDmNjJ/I2mSXsAw6q4OzSeK3RH88h3oFZ3U=
x-amz-meta-s3cmd-attrs: md5:a708027bfbbde438a72a93082d4bc4b5
x-amz-request-id: 2D5V5B3Y2TWH6PZC
cf-cache-status: HIT
age: 1152244
expires: Mon, 31 Oct 2022 05:31:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmXNAiOyEjuimhu99wyd6xXiIk%2B5iWZnyXPLU7%2BBgS5Hv0VMvXbZrxXlmCDXWb1imFXbqyuua5cgwin4jb4T9rAOgAl6eZz3ER15GHtTUF6a0EcyP30x3vEPBgZoovHFjtxPEzemYLgZyWVN984zBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=L56RJO3u0Py2UFnU7YX1BxHuRxT30ZVFi09Roat733Y-1664602285130-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7532cfd9fea1b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /a7/creatives/1/49/812536/999836/999836_video.mp4 HTTP/1.1 
Host: hw-cdn2.ang-content.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.20
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Connection: Keep-Alive
ETag: "1623330580"
Content-Length: 368333
Content-Range: bytes 0-368332/368333
Last-Modified: Thu, 10 Jun 2021 13:09:40 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10753816
X-HW: 1664602283.dop067.sk1.t,1664602283.cds256.sk1.shn,1664602283.dop067.sk1.t,1664602283.cds021.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
                                        
                                            GET /css?family=Kaushan+Script HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 01 Oct 2022 05:31:23 GMT
date: Sat, 01 Oct 2022 05:31:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /embed/?id=cybermike2&page=new&cmp=faproulette HTTP/1.1 
Host: promos.camsoda.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         64.210.135.112
HTTP/2 200 OK
content-type: text/html
                                        
date: Sat, 01 Oct 2022 05:31:24 GMT
x-powered-by: PHP/5.4.45-0reflected3+deb8u1
cache-control: public, max-age=20
expires: Sat, 01 Oct 2022 05:31:33 GMT
vary: Accept-Encoding
x-cdn-diag: ams5-7846-3-59349-h-0-0---;6249-23-21482----0-0-0
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /live-feed?c=object_container&amp;site=wl3&amp;cobrandId=240622&amp;psid=cybermike&amp;pstool=302_1&amp;psprogram=cbrnd&amp;campaign_id=121218&amp;vp%5BshowChat%5D=false&amp;vp%5BchatAutoHide%5D=false&amp;vp%5BshowCallToAction%5D=false&amp;vp%5BshowPerformerName%5D=false&amp;vp%5BshowPerformerStatus%5D=false&amp;subAffId=%7BSUBAFFID%7D&amp;categoryName=girl&amp;embedTool=1&amp;origin=camschat.net&amp;rrc=3 HTTP/1.1 
Host: pt.wmptctl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=319_1&psprogram=cbrnd&campaign_id=121218&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         93.93.51.191
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
vary: Accept-Encoding
cache-control: no-cache
date: Sat, 01 Oct 2022 05:31:25 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 31-Oct-22 05:31:25 GMT; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1 
Host: m.sancdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://as.sexad.net
Connection: keep-alive
Referer: https://m.sancdn.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Date: Sat, 01 Oct 2022 05:31:25 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 56780
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1664602285.dop020.sk1.t,1664602285.cds203.sk1.shn,1664602285.dop020.sk1.t,1664602285.cds252.sk1.c


--- Additional Info ---
                                        
                                            GET /css?family=Cookie&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 01 Oct 2022 05:31:23 GMT
date: Sat, 01 Oct 2022 05:31:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /a7/creatives/1/49/812536/999836/999836_video.mp4 HTTP/1.1 
Host: hw-cdn2.ang-content.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.20
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
Date: Sat, 01 Oct 2022 05:31:23 GMT
Connection: Keep-Alive
ETag: "1623330580"
Content-Length: 368333
Content-Range: bytes 0-368332/368333
Last-Modified: Thu, 10 Jun 2021 13:09:40 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10753816
X-HW: 1664602283.dop229.sk1.t,1664602283.cds224.sk1.shn,1664602283.dop229.sk1.t,1664602283.cds021.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
                                        
                                            GET /widgets/v4/MobileSlider/main.5108d12ec48755490779.css HTTP/1.1 
Host: creative.xxxiijmp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/widgets/v4/MobileSlider/?buttonColor=&campaignId=juicy-faproulette&creativeId=&domain=stripchat&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=0&showTitle=1&sound=off&sourceId=&tag=females&targetDomain=&trackOff=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd
Cookie: __cflb=02DiuDfsBaY2bRYJiCeRhAptQvDh5wz7mpyhBkSq64pyr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.216
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 01 Oct 2022 05:31:24 GMT
last-modified: Mon, 26 Sep 2022 07:37:43 GMT
etag: W/"633156c7-1cca"
expires: Sat, 01 Oct 2022 05:31:19 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 5
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532cfd79c07b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /embed/fk?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=319_1&psprogram=cbrnd&campaign_id=121218&category=girl&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=false&vp[showPerformerStatus]=false&ms_notrack=1&subAffId={SUBAFFID} HTTP/1.1 
Host: awmbed.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.191
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
date: Sat, 01 Oct 2022 05:31:24 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 31-Oct-22 05:31:24 GMT; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /get/10007038?time=1562609948255 HTTP/1.1 
Host: a.adtng.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.faproulette.co/
Cookie: adtool_guid=Ch5KImM3zyQFXCWQtY6qAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         66.254.114.171
HTTP/2 200 OK
content-type: text/html
                                        
server: openresty
date: Sat, 01 Oct 2022 05:31:23 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: RNLBSERVERID=ded7040; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 6337D0AB-42FE72AB01BB4051-3C6531D
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /widgets/v4/MobileSlider/main.5108d12ec48755490779.js HTTP/1.1 
Host: creative.xxxiijmp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxiijmp.com/widgets/v4/MobileSlider/?buttonColor=&campaignId=juicy-faproulette&creativeId=&domain=stripchat&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=0&showTitle=1&sound=off&sourceId=&tag=females&targetDomain=&trackOff=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd
Cookie: __cflb=02DiuDfsBaY2bRYJiCeRhAptQvDh5wz7mpyhBkSq64pyr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.216
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sat, 01 Oct 2022 05:31:24 GMT
last-modified: Mon, 26 Sep 2022 07:37:43 GMT
etag: W/"633156c7-4303a"
expires: Sat, 01 Oct 2022 05:31:19 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 5
vary: Accept-Encoding
server: cloudflare
cf-ray: 7532cfd79c09b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=319_1&psprogram=cbrnd&campaign_id=121218&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net HTTP/1.1 
Host: pt.wmptctl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.191
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
vary: Accept-Encoding
cache-control: no-cache
date: Sat, 01 Oct 2022 05:31:25 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 31-Oct-22 05:31:25 GMT; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---