Report - www.faproulette.co/36023/short-beta-denial/

Report Overview

Submitted URL

www.faproulette.co/36023/short-beta-denial/
IP

104.21.93.213

ASN

#13335 CLOUDFLARENET
Submitted

2022-10-01T05:31:33Z

Access
Website Title
Final URL
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

0

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
m.sancdn.net (2)	89507	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	858 B	24 kB	69.16.175.10
bam.nr-data.net (2)	630	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	1.0 kB	162.247.241.14
ocsp.pki.goog (13)	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	9.1 kB	142.250.74.3
hw-cdn2.adtng.com (1)	11917	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	17 kB	209.197.3.25
camschat.net (3)	64292	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	4.7 kB	66.230.180.98
galleryn11.awemdia.com (3)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	220 kB	93.93.51.190
js-agent.newrelic.com (1)	378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	19 kB	151.101.86.137
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	18.164.68.8
netdna.bootstrapcdn.com (2)	3413	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	905 B	86 kB	104.18.10.207
fonts.googleapis.com (3)	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	3.4 kB	142.250.74.10
cachew.camsoda.com (1)	163921	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	4.9 kB	64.210.135.112
pt-static1.ptlwmstc.com (1)	154690	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	8.8 kB	93.93.51.200
as.sexad.net (1)	86240	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	810 B	559 B	216.127.52.241
api-protected.protoawegw.com (1)	52858	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	544 B	74 kB	93.93.51.225
static-assets.highwebmedia.com (2)	16059	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	784 B	2.4 kB	104.16.94.42
a.adtng.com (2)	15165	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	10 kB	66.254.114.171
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.40.161.235
stats.g.doubleclick.net (1)	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	595 B	710 B	64.233.165.155
pt-static4.ptlwmstc.com (1)	280409	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	331 B	93.93.51.200
promos.camsoda.com (1)	100954	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	497 B	303 B	64.210.135.112
img.strpst.com (9)	12993	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	314 kB	104.16.61.52
ocsp.digicert.com (10)	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	14 kB	93.184.220.29
hw-cdn2.ang-content.com (4)	165651	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	118 kB	205.185.208.20
www.faproulette.co (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	174 kB	104.21.93.213
pt-static2.ptlwmstc.com (1)	188311	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	118 kB	93.93.51.200
img-getpocket.cdn.mozilla.net (6)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
code.jquery.com (2)	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	730 B	61 kB	69.16.175.42
fonts.gstatic.com (4)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	86 kB	142.250.74.163
pt-static5.ptlwmstc.com (1)	182291	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	188 kB	93.93.51.200
creative.xxxiijmp.com (3)	127961	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	1.8 kB	172.64.145.216
pt.wmptctl.com (3)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	1.1 kB	93.93.51.191
dss-relay-109-71-166-26.dditscdn.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	566 B	181 B	109.71.166.34
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	18.164.68.59
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
www.google-analytics.com (2)	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	21 kB	142.250.74.174
adserver.juicyads.com (1)	36249	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	485 B	2.1 kB	185.94.237.64
awmbed.com (1)	460738	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	668 B	271 B	93.93.51.191
r3.o.lencr.org (10)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	11 kB	23.36.77.32
www.google.com (1)	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	1.2 kB	142.250.74.164
ocsp.sectigo.com (3)	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	984 B	2.9 kB	104.18.32.68
chaturbate.com (2)	6807	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	34 kB	104.18.100.40

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

HTTP Transactions (111)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. Magic data Size 503 (503 B) Hash 6dd4587c98aef98ad0939030a6976a7f 92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF" Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10191 Expires: Sat, 01 Oct 2022 08:21:13 GMT Date: Sat, 01 Oct 2022 05:31:22 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	18.164.68.8	200 OK	939 B
URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/ IP 18.164.68.8:0 ASN #0 Magic JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 (939 B) Hash 2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sat, 01 Oct 2022 05:02:25 GMT X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 f6512440d57ffd5ad26662c2a1156906.cloudfront.net (CloudFront) X-Amz-Cf-Pop: LHR50-P4 X-Amz-Cf-Id: XcPXYgorW3v5Y2ukj6niOmrn5bWpjZ-kgMMpC9FXPYmJgL1FZqVGVw== Age: 1737

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain	18.164.68.59	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP 18.164.68.59:0 ASN #0 Magic PEM certificate\012- , ASCII text Size 5348 (5.3 kB) Hash 6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 10 Sep 2022 18:47:45 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sat, 01 Oct 2022 03:33:18 GMT etag: "6113f8408c59aebe188d6af273b90743" x-cache: Hit from cloudfront via: 1.1 d7a09e17a9797d15006b403215eeebe6.cloudfront.net (CloudFront) x-amz-cf-pop: LHR50-P4 x-amz-cf-id: QphYJt01hjid_ihtFAUhvhKf8Cf788H8G0hdPwr3dOsqX_OENqf_4w== age: 7086 X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE Magic JSON data\012- , ASCII text, with no line terminators Size 12 (12 B) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sat, 01 Oct 2022 05:31:22 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	ocsp.digicert.com/	93.184.220.29	200 OK	314 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST Magic data Size 314 (314 B) Hash d5f4a5cd1ae5fb3b32758fe313d29d53 837f0a1e820461124e86663ec178afaccc10c6a0 84d6b593bc5f7973429ce2165dbfe8283acd8528c136f3c242674f9823d0a778 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1860 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:22 GMT Last-Modified: Sat, 01 Oct 2022 05:00:22 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 314`

	ocsp.digicert.com/	93.184.220.29	200 OK	279 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST Magic data Size 279 (279 B) Hash 3890d0f6ba1a59218ec08e469bd7649c 26296c4cab5be8b3d8f3ebc8cf00ace3c270bef7 77f10f2b1f344f9bfa19316f16eea4f3ee7ca0f07a0129b50b2bc92f70a8fe48 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5745 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:22 GMT Last-Modified: Sat, 01 Oct 2022 03:55:38 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 279`

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 1384e669a9e259cccf32489be673e7c4 7f982ae66621ff7e5855f2b025e3ae034706ec33 eb462a28dbd7e93cd13a170acfcbf35babb3b7ef7e7d1ddeb30d377630ea30f8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 1384e669a9e259cccf32489be673e7c4 7f982ae66621ff7e5855f2b025e3ae034706ec33 eb462a28dbd7e93cd13a170acfcbf35babb3b7ef7e7d1ddeb30d377630ea30f8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 1384e669a9e259cccf32489be673e7c4 7f982ae66621ff7e5855f2b025e3ae034706ec33 eb462a28dbd7e93cd13a170acfcbf35babb3b7ef7e7d1ddeb30d377630ea30f8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	code.jquery.com/jquery-3.3.1.min.js	69.16.175.42	200 OK	30 kB
URL HTTP/2 code.jquery.com/jquery-3.3.1.min.js IP 69.16.175.42:0 ASN #20446 STACKPATH-CDN Magic ASCII text, with very long lines (65451) Size 30288 (30 kB) Hash d549b312f7a7d228b4ec229a6547dfdc 0766794582ad530ec0f8c2595f741086afffa312 f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44 HTTP Headers `GET /jquery-3.3.1.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.faproulette.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Sat, 01 Oct 2022 05:31:23 GMT content-encoding: gzip content-length: 30288 content-type: application/javascript; charset=utf-8 last-modified: Fri, 20 Aug 2021 17:47:53 GMT accept-ranges: bytes server: nginx etag: W/"611feac9-1538f" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1664602283.dop024.sk1.t,1664602283.cds240.sk1.hn,1664602283.cds072.sk1.c X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE Magic data Size 472 (472 B) Hash 102339c27bf38fcad96c5e3770390f7e 5659e8cdb740d70125a002f4808b26742133df7b 50702b9a98cf450498c52ad4887ed4e3f8a994f6bd25b6ff17c27d5af63b5e65 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	a.adtng.com/get/10007038?time=1562609948255	66.254.114.171	200 OK	9.1 kB
URL HTTP/2 a.adtng.com/get/10007038?time=1562609948255 IP 66.254.114.171:0 ASN #29789 REFLECTED Magic data Size 9067 (9.1 kB) Hash 4e8147c57993a4c063b3bb7b08e81db9 7f7550905712c6b6e1092a7cc925ef7c4eb0ac9e 1808ab20a06d7b8f228122b9680d7cd58d24877270a1b76af58be1fc625e1b50 HTTP Headers GET /get/10007038?time=1562609948255 HTTP/1.1 Host: a.adtng.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.faproulette.co/ Cookie: adtool_guid=Ch5KImM3zyQFXCWQtY6qAg== Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site `HTTP/2 200 OK server: openresty date: Sat, 01 Oct 2022 05:31:23 GMT content-type: text/html access-control-allow-credentials: true access-control-allow-methods: GET access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With content-encoding: gzip set-cookie: RNLBSERVERID=ded7077; path=/; HttpOnly; Secure; SameSite=None x-request-id: 6337D0AA-42FE72AB01BB4051-3C6530C X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 1384e669a9e259cccf32489be673e7c4 7f982ae66621ff7e5855f2b025e3ae034706ec33 eb462a28dbd7e93cd13a170acfcbf35babb3b7ef7e7d1ddeb30d377630ea30f8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/recaptcha/api.js	142.250.74.164	200 OK	555 B
URL HTTP/2 www.google.com/recaptcha/api.js IP 142.250.74.164:0 ASN #15169 GOOGLE Magic ASCII text, with very long lines (850), with no line terminators Size 555 (555 B) Hash e75e7b4c9bf71c4a14d5e1d1946b161a 36148f31ea702a23a3f0dafd907a9069234021e7 e43b40968f165ec7b121020103aa40529d891aa2d03ead26ed47adefc4d6ab6d HTTP Headers `GET /recaptcha/api.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.faproulette.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK expires: Sat, 01 Oct 2022 05:31:23 GMT date: Sat, 01 Oct 2022 05:31:23 GMT cache-control: private, max-age=300 content-type: text/javascript; charset=UTF-8 cross-origin-resource-policy: cross-origin content-encoding: gzip x-content-type-options: nosniff x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' x-xss-protection: 1; mode=block content-length: 555 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js	205.185.208.20	200 OK	5.0 kB
URL HTTP/1.1 hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js IP 205.185.208.20:0 ASN #20446 STACKPATH-CDN Magic ASCII text, with very long lines (5027), with no line terminators Size 5027 (5.0 kB) Hash 5e5817bcf4c82c7c85d1d88636d221ce b5c32cc6c931c33c1297884016e13d3b9a5bf261 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c HTTP Headers `GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1 Host: hw-cdn2.ang-content.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://a.adtng.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Date: Sat, 01 Oct 2022 05:31:23 GMT Connection: Keep-Alive ETag: "1541168231" Content-Length: 5027 Content-Type: application/javascript Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT Accept-Ranges: bytes Cache-Control: max-age=10372531 X-HW: 1664602283.dop229.sk1.t,1664602283.cds224.sk1.shn,1664602283.cds224.sk1.c Access-Control-Allow-Origin: *`

	hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js	209.197.3.25	200 OK	17 kB
URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js IP 209.197.3.25:0 ASN #20446 STACKPATH-CDN Magic ASCII text, with very long lines (16885), with no line terminators Size 16885 (17 kB) Hash 48c80c7c28b5b00a8b4ff94a22b72fe3 d57303c2ad2fd5cedc5cb20f264a6965a7819cee 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 HTTP Headers `GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1 Host: hw-cdn2.adtng.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://a.adtng.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Date: Sat, 01 Oct 2022 05:31:23 GMT Connection: Keep-Alive ETag: "1649192094" Content-Length: 16885 Content-Type: application/javascript Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT Accept-Ranges: bytes Cache-Control: max-age=10661532 X-HW: 1664602283.dop211.sk1.t,1664602283.cds243.sk1.shn,1664602283.cds243.sk1.c Access-Control-Allow-Origin: *`

	netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0	104.18.10.207	200 OK	77 kB
URL HTTP/2 netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP 104.18.10.207:0 ASN #13335 CLOUDFLARENET Magic Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data Size 77160 (77 kB) Hash af7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe HTTP Headers `GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 Host: netdna.bootstrapcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.faproulette.co Connection: keep-alive Referer: https://netdna.bootstrapcdn.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sat, 01 Oct 2022 05:31:23 GMT content-type: font/woff2 content-length: 77160 cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: SE cdn-edgestorageid: 601, 617, 617, 617 last-modified: Mon, 25 Jan 2021 22:04:55 GMT cdn-cachedat: 2021-03-10 20:26:23 cdn-requestpullsuccess: True cdn-requestpullcode: 200 cache-control: public, max-age=31919000 timing-allow-origin: * cross-origin-resource-policy: cross-origin access-control-allow-origin: * x-content-type-options: nosniff cdn-requestid: 96925c163e079ed3bedc1df54fe1dafe cdn-cache: HIT cf-cache-status: HIT age: 17661664 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7532cfcdad6b1c0e-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	hw-cdn2.ang-content.com/a7/creatives/1/49/812536/999836/999836_logo.png	205.185.208.20	200 OK	112 kB
URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/1/49/812536/999836/999836_logo.png IP 205.185.208.20:0 ASN #20446 STACKPATH-CDN Magic PNG image data, 160 x 600, 8-bit/color RGBA, non-interlaced\012- data Size 111488 (112 kB) Hash 346f149ec46af48a594a68ceee622fab 0a176530458b598d8e68d77a306213942961e2c0 21d4bdd98a3fe5f2e09456521f87504d08f194ca517af5e051be57ad1911c5f4 HTTP Headers `GET /a7/creatives/1/49/812536/999836/999836_logo.png HTTP/1.1 Host: hw-cdn2.ang-content.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://a.adtng.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Date: Sat, 01 Oct 2022 05:31:23 GMT Connection: Keep-Alive ETag: "1623330442" Content-Length: 111488 Content-Type: image/png Last-Modified: Thu, 10 Jun 2021 13:07:22 GMT Accept-Ranges: bytes Cache-Control: max-age=10701956 X-HW: 1664602283.dop067.sk1.t,1664602283.cds256.sk1.shn,1664602283.dop067.sk1.t,1664602283.cds258.sk1.c Access-Control-Allow-Origin: *`

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 9258de3968ca063250558ee06c75757b 56415f416ce29130b0a0b6fc919e2cdc0fd4d693 2474d99b3d10370e1efad3804a6f32452287e6b8e24d8254c69e8619a62624d0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.sectigo.com/	104.18.32.68	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET Magic data Size 472 (472 B) Hash f2b9c9777675ab5bae0889e619b71bd2 b353bf1223c7a3f1bf97c2426dfaca2175a4e728 e8f5fc0f1a4fe7b86b7c585f34a08621eb2a52ff2305b365e74880efae4d0688 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 01 Oct 2022 05:31:23 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Fri, 30 Sep 2022 19:08:28 GMT Expires: Fri, 07 Oct 2022 19:08:27 GMT Etag: "b353bf1223c7a3f1bf97c2426dfaca2175a4e728" Cache-Control: max-age=566823,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7532cfcd0e06b515-OSL`

	netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css	104.18.10.207	200 OK	7.4 kB
URL HTTP/2 netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP 104.18.10.207:0 ASN #13335 CLOUDFLARENET Magic ASCII text, with very long lines (30837) Size 7448 (7.4 kB) Hash fdce21a9171034de0319ad77f14be179 432aaa9ee98f926441b9e57176dc13b54a840bbc 602985c9e573e318cdf049a4981de7534a9c455d20c68b8d2c085eedfc615d78 HTTP Headers `GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 Host: netdna.bootstrapcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.faproulette.co/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sat, 01 Oct 2022 05:31:23 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: SE cdn-edgestorageid: 723, 617, 617, 617 last-modified: Mon, 25 Jan 2021 22:04:55 GMT cdn-cachedat: 2021-04-23 06:14:04 cdn-requestpullsuccess: True cdn-requestpullcode: 200 cache-control: public, max-age=31919000 timing-allow-origin: * cross-origin-resource-policy: cross-origin access-control-allow-origin: * x-content-type-options: nosniff cdn-requestid: 84b303cdf31a4af7425c3922307f8d93 cdn-cache: HIT cf-cache-status: HIT age: 12712591 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7532cfccd8b40b59-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 51e8be01fe1e4cf7fbec97f2268fe684 25edd63df37f972dbdd8d149b26c4be60179d32b d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 51e8be01fe1e4cf7fbec97f2268fe684 25edd63df37f972dbdd8d149b26c4be60179d32b d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 51e8be01fe1e4cf7fbec97f2268fe684 25edd63df37f972dbdd8d149b26c4be60179d32b d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2	142.250.74.163	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Size 15860 (16 kB) Hash e9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 HTTP Headers `GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.faproulette.co Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15860 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 28 Sep 2022 19:34:08 GMT expires: Thu, 28 Sep 2023 19:34:08 GMT cache-control: public, max-age=31536000 age: 208635 last-modified: Wed, 11 May 2022 19:24:42 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2	142.250.74.163	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size 15744 (16 kB) Hash 15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 HTTP Headers `GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.faproulette.co Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 28 Sep 2022 19:34:08 GMT expires: Thu, 28 Sep 2023 19:34:08 GMT cache-control: public, max-age=31536000 age: 208635 last-modified: Wed, 11 May 2022 19:24:48 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	fonts.gstatic.com/s/kaushanscript/v14/vm8vdRfvXFLG3OLnsO15WYS5DG74wNI.woff2	142.250.74.163	200 OK	35 kB
URL HTTP/2 fonts.gstatic.com/s/kaushanscript/v14/vm8vdRfvXFLG3OLnsO15WYS5DG74wNI.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic Web Open Font Format (Version 2), TrueType, length 34728, version 1.0\012- data Size 34728 (35 kB) Hash 9d8c616f488d1cbb3c235ae2a1679fb1 c56b4e0a9b2fc7973eb939bcb244f200f9508cfc cce6e5a4ccc41fd81d52d0802348827f4828bf7fc6b78e24002ed02a690d21b5 HTTP Headers `GET /s/kaushanscript/v14/vm8vdRfvXFLG3OLnsO15WYS5DG74wNI.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.faproulette.co Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 34728 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 29 Sep 2022 17:28:49 GMT expires: Fri, 29 Sep 2023 17:28:49 GMT cache-control: public, max-age=31536000 age: 129754 last-modified: Tue, 26 Apr 2022 15:00:48 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2	142.250.74.163	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data Size 15920 (16 kB) Hash 3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e HTTP Headers `GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.faproulette.co Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15920 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 01 Oct 2022 04:15:02 GMT expires: Sun, 01 Oct 2023 04:15:02 GMT cache-control: public, max-age=31536000 last-modified: Wed, 11 May 2022 19:24:45 GMT content-type: font/woff2 age: 4581 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 51e8be01fe1e4cf7fbec97f2268fe684 25edd63df37f972dbdd8d149b26c4be60179d32b d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.digicert.com/	93.184.220.29	200 OK	8.0 kB
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST Magic data Size 8042 (8.0 kB) Hash c3a75f0b2abf0a06b462a3170ff0e8c7 69d6f85a70bb8959ba32abe0ec82c6bf42111974 688ace32063670694437e64ecac4b816be748855b2bca8785a0b4b495bc414c7 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6388 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:23 GMT Last-Modified: Sat, 01 Oct 2022 03:44:56 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 471`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	18.164.68.8	200 OK	329 B
URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 18.164.68.8:0 ASN #0 Magic JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 (329 B) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT X-Content-Type-Options: nosniff Date: Sat, 01 Oct 2022 04:33:04 GMT Cache-Control: max-age=3600, max-age=3600 Expires: Sat, 01 Oct 2022 05:08:40 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 35f1076ba1ff613e428e9cf6a2f57580.cloudfront.net (CloudFront) X-Amz-Cf-Pop: LHR50-P4 X-Amz-Cf-Id: 9ErtWcLDVdeGIVW7J_dmafGcLlEQYYudahFjl3f9pVSz4S8HgeeAuA== Age: 3510

	fonts.googleapis.com/icon?family=Material+Icons	142.250.74.10	200 OK	1.1 kB
URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons IP 142.250.74.10:0 ASN #15169 GOOGLE Magic data Size 1112 (1.1 kB) Hash 9cc39281c7fd9ffc293d000f4d84ba8e 2dea97ec7a67d6ec31f75fb89b82928a0fab0020 271aabaa2d59e7470841de9498d2350143698cb5a52f8adb6bc9201678d28d9b HTTP Headers `GET /icon?family=Material+Icons HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.faproulette.co/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 01 Oct 2022 05:31:23 GMT date: Sat, 01 Oct 2022 05:31:23 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	www.faproulette.co/36023/short-beta-denial/	104.21.93.213	200 OK	172 kB
URL HTTP/2 www.faproulette.co/36023/short-beta-denial/ IP 104.21.93.213:0 ASN #13335 CLOUDFLARENET Magic HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (12231), with CRLF line terminators Size 172127 (172 kB) Hash 061b79fbd0fb81eb3f689a0e9c5da725 2feabf70bcb8310fe3fd72f56f9a4b4a96922d4d a36bef0eac11b9f99560acc0c9da25001c3e86c5fb0b94b2b0faebc567fc9882 HTTP Headers GET /36023/short-beta-denial/ HTTP/1.1 Host: www.faproulette.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: filterData=eyJ2aWV3ZWRIZWxwIjowLCJwcmVzZXQiOiJteS1hY2NvdW50IiwiZW5hYmxlTmV3RmlsdGVycyI6MCwic2hvd0JhY2tncm91bmQiOjEsInNob3dBbW91bnRzIjowLCJqdW1wVG9Sb3VsZXR0ZXMiOjEsInNob3dFeGNsdWRlZCI6MSwiZGlzYWJsZUZpbHRlcnNBdXRvbWF0aWNhbGx5IjoxLCJoZWFkZXJzIjp7ImNhdGVnb3JpZXMiOjAsInRhc2tzIjowLCJtb3JlIjowfSwiZmlsdGVyIjp7ImNhdGVnb3JpZXMiOnsiaW5jbHVkZWQiOltdLCJleGNsdWRlZCI6WyJzaG9wcGluZyIsImN1Y2tvbGQiLCJjYXJkcyIsImZlbWFsZSIsImRpYXBlciIsImNvdXBsZXMiLCJydXNzaWFuIiwiZ2VybWFuIiwiZnJlbmNoIiwib3RoZXItbGFuZ3VhZ2VzIiwidmlkZW9nYW1lIiwiZmFudGFzeSIsInBvcm5zdGFyIl19LCJ0YXNrcyI6eyJpbmNsdWRlZCI6W10sImV4Y2x1ZGVkIjpbXX0sImNvbXBsZXhpdHkiOnsiaW5jbHVkZWQiOltdLCJleGNsdWRlZCI6W119LCJtb3JlIjp7Im1pbmltdW0iOjAsIm1heGltdW0iOjAsInJhdGluZyI6MCwic3BlY2lhbCI6MCwiZHVyYXRpb24iOjB9fX0%3D; _ga=GA1.2.154561603.1664601889; _gid=GA1.2.1096900610.1664601889 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 200 OK date: Sat, 01 Oct 2022 05:31:22 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding set-cookie: PHPSESSID=mcqc4jhq9npphrome81q43pja7; path=/ filterData=eyJ2aWV3ZWRIZWxwIjowLCJwcmVzZXQiOiJteS1hY2NvdW50IiwiZW5hYmxlTmV3RmlsdGVycyI6MCwic2hvd0JhY2tncm91bmQiOjEsInNob3dBbW91bnRzIjowLCJqdW1wVG9Sb3VsZXR0ZXMiOjEsInNob3dFeGNsdWRlZCI6MSwiZGlzYWJsZUZpbHRlcnNBdXRvbWF0aWNhbGx5IjoxLCJoZWFkZXJzIjp7ImNhdGVnb3JpZXMiOjAsInRhc2tzIjowLCJtb3JlIjowfSwiZmlsdGVyIjp7ImNhdGVnb3JpZXMiOnsiaW5jbHVkZWQiOltdLCJleGNsdWRlZCI6WyJzaG9wcGluZyIsImN1Y2tvbGQiLCJjYXJkcyIsImZlbWFsZSIsImRpYXBlciIsImNvdXBsZXMiLCJydXNzaWFuIiwiZ2VybWFuIiwiZnJlbmNoIiwib3RoZXItbGFuZ3VhZ2VzIiwidmlkZW9nYW1lIiwiZmFudGFzeSIsInBvcm5zdGFyIl19LCJ0YXNrcyI6eyJpbmNsdWRlZCI6W10sImV4Y2x1ZGVkIjpbXX0sImNvbXBsZXhpdHkiOnsiaW5jbHVkZWQiOltdLCJleGNsdWRlZCI6W119LCJtb3JlIjp7Im1pbmltdW0iOjAsIm1heGltdW0iOjAsInJhdGluZyI6MCwic3BlY2lhbCI6MCwiZHVyYXRpb24iOjB9fX0%3D; expires=Sat, 15-Oct-2022 05:31:22 GMT; Max-Age=1209600; path=/ expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache strict-transport-security: max-age=31536000; includeSubdomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1siJ0M7jkbRQa7QTWFPxjD7d2iXWULuuBn0evWdvotPIyfSeB89UVyAGKLgXP5s0LYTEQyASEFhqvxAhsQ4cGQOq23XZxNHmZrMavqnVpVfqv163TBstMKXQt7RUPKH9NlHSjPw%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7532cfc90d8fb506-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	www.google-analytics.com/analytics.js	142.250.74.174	200 OK	20 kB
URL HTTP/2 www.google-analytics.com/analytics.js IP 142.250.74.174:0 ASN #15169 GOOGLE Magic ASCII text, with very long lines (1325) Size 19826 (20 kB) Hash cae538dcce82598fbe43c0bf443e62dd cc68ac6be9c5e0087a0000e5735b83270ace30f5 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d HTTP Headers `GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.faproulette.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 19826 date: Sat, 01 Oct 2022 04:41:09 GMT expires: Sat, 01 Oct 2022 06:41:09 GMT cache-control: public, max-age=7200 age: 3014 last-modified: Sun, 11 Sep 2022 13:50:09 GMT content-type: text/javascript alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	push.services.mozilla.com/	52.40.161.235	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.40.161.235:0 ASN #16509 AMAZON-02 Magic Size 0 (0 B) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: LbABWC09kNq5GvA1gI8yGA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: Pk0+zG2HM1hEYpBMk8FYMgjc1zY=`

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 2601db85aa6894ea41f37fc0c1f2594a afc9de950cf648d720a78467582b26346b8d53bc 3211c5c61098100152ea682c86ec84f3a80229b8d709e5cbe0022caba7dc9e24 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google-analytics.com/j/collect?v=1&_v=j97&a=1347570785&t=pageview&_s=1&dl=https%3A%2F%2Fwww.faproulette.co%2F36023%2Fshort-beta-denial%2F&ul=en-us&de=UTF-8&dt=Short%20beta%20denial%20-%20Fap%20Roulette&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=AACAAEABAAAAAC~&jid=2136908038&gjid=2119275741&cid=154561603.1664601889&tid=UA-48334271-1&_gid=1096900610.1664601889&_r=1&_slc=1&z=2021754934	142.250.74.174	200 OK	4 B
URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=1347570785&t=pageview&_s=1&dl=https%3A%2F%2Fwww.faproulette.co%2F36023%2Fshort-beta-denial%2F&ul=en-us&de=UTF-8&dt=Short%20beta%20denial%20-%20Fap%20Roulette&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=AACAAEABAAAAAC~&jid=2136908038&gjid=2119275741&cid=154561603.1664601889&tid=UA-48334271-1&_gid=1096900610.1664601889&_r=1&_slc=1&z=2021754934 IP 142.250.74.174:0 ASN #15169 GOOGLE Magic ASCII text, with no line terminators Size 4 (4 B) Hash 9e92e190700c1af4539b40c2171320a9 209bcdb79e6067b51091ce8586d4b977f25b67d8 aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 HTTP Headers POST /j/collect?v=1&_v=j97&a=1347570785&t=pageview&_s=1&dl=https%3A%2F%2Fwww.faproulette.co%2F36023%2Fshort-beta-denial%2F&ul=en-us&de=UTF-8&dt=Short%20beta%20denial%20-%20Fap%20Roulette&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=AACAAEABAAAAAC~&jid=2136908038&gjid=2119275741&cid=154561603.1664601889&tid=UA-48334271-1&_gid=1096900610.1664601889&_r=1&_slc=1&z=2021754934 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://www.faproulette.co Connection: keep-alive Referer: https://www.faproulette.co/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK access-control-allow-origin: https://www.faproulette.co date: Sat, 01 Oct 2022 05:31:23 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE Magic data Size 472 (472 B) Hash 7e9ce4f67540be7dc1efdf5cec1ea9d7 a34d70d3a259c0042b32053db9b84340fda551f3 30986769ce7f866e0f8e9c4733512ad9b83acb983663b0d9ef49bd0871e9cfb3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-48334271-1&cid=154561603.1664601889&jid=2136908038&gjid=2119275741&_gid=1096900610.1664601889&_u=AACAAEAAAAAAAC~&z=13740071	64.233.165.155	200 OK	1 B
URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-48334271-1&cid=154561603.1664601889&jid=2136908038&gjid=2119275741&_gid=1096900610.1664601889&_u=AACAAEAAAAAAAC~&z=13740071 IP 64.233.165.155:0 ASN #15169 GOOGLE Magic very short file (no magic) Size 1 (1 B) Hash c4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b HTTP Headers POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-48334271-1&cid=154561603.1664601889&jid=2136908038&gjid=2119275741&_gid=1096900610.1664601889&_u=AACAAEAAAAAAAC~&z=13740071 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://www.faproulette.co Connection: keep-alive Referer: https://www.faproulette.co/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK access-control-allow-origin: https://www.faproulette.co strict-transport-security: max-age=10886400; includeSubDomains; preload date: Sat, 01 Oct 2022 05:31:24 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 1 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE Magic data Size 472 (472 B) Hash 7e9ce4f67540be7dc1efdf5cec1ea9d7 a34d70d3a259c0042b32053db9b84340fda551f3 30986769ce7f866e0f8e9c4733512ad9b83acb983663b0d9ef49bd0871e9cfb3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 05:31:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	adserver.juicyads.com/adshow.php?adzone=461528	185.94.237.64	200 OK	1.4 kB
URL HTTP/1.1 adserver.juicyads.com/adshow.php?adzone=461528 IP 185.94.237.64:0 ASN #42567 Mojohost B.v. Magic HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size 1368 (1.4 kB) Hash 7fbf703ab6b832b4c0a365eaf3be278c 43485fe4beddb1dc0d0af378cc6fde52af913f67 8210bdfaecf0daf268cb9eabec79a10b243f756e8e9da87309cab405576b79c7 HTTP Headers `GET /adshow.php?adzone=461528 HTTP/1.1 Host: adserver.juicyads.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.faproulette.co/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Server: nginx Date: Sat, 01 Oct 2022 05:31:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/5.6.40 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA" Set-Cookie: surferid=49f82f0932d2d698d9590ed868dc5ea0; expires=Sun, 01-Oct-2023 05:31:23 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com juicy_data_1=YTowOnt9; expires=Tue, 04-Oct-2022 05:31:23 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 04-Oct-2022 05:31:23 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com Content-Encoding: gzip

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. Magic data Size 503 (503 B) Hash d52c8c9cca1b29bc6b5d2efdc33dfa36 aa403aa2483cc28dc0fe71b825e0f9b7c32e4228 4271046983d92b71f87c4fdc7b5f2d788268fb57e1eac19495b2946f802df0b3 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "4271046983D92B71F87C4FDC7B5F2D788268FB57E1EAC19495B2946F802DF0B3" Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8571 Expires: Sat, 01 Oct 2022 07:54:15 GMT Date: Sat, 01 Oct 2022 05:31:24 GMT Connection: keep-alive`

	camschat.net/adxad160x600/cbate-fap.html	66.230.180.98	200 OK	448 B
URL HTTP/2 camschat.net/adxad160x600/cbate-fap.html IP 66.230.180.98:0 ASN #30602 ISPRIME Magic HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 448 (448 B) Hash 9d83b1becc3f254f38cc598c383d7770 57cf9d28b910601d13b43e18d605872d47fc7c87 04f645ca81a18b1188b8b1f4189bdde5057455997dd2feda1d79e137b6421bee HTTP Headers GET /adxad160x600/cbate-fap.html HTTP/1.1 Host: camschat.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://camschat.net/adxad160x600/faproulette.php Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Sat, 01 Oct 2022 05:31:24 GMT content-type: text/html content-length: 448 last-modified: Sat, 23 Apr 2022 22:01:11 GMT etag: "62647727-1c0" accept-ranges: bytes X-Firefox-Spdy: h2`

	ocsp.sectigo.com/	104.18.32.68	200 OK	471 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET Magic data Size 471 (471 B) Hash 177c6172e42db823ec7ade3c13f344bf 3b94a1b6ad9a419e14e7884e579f80e5f6c30177 db16376b06ecdaefacaba14087503f2f28f1fec1a6450089d7d5eff27c642375 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 01 Oct 2022 05:31:24 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Thu, 29 Sep 2022 02:40:06 GMT Expires: Thu, 06 Oct 2022 02:40:05 GMT Etag: "3b94a1b6ad9a419e14e7884e579f80e5f6c30177" Cache-Control: max-age=421120,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7532cfd73d78b515-OSL`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. Magic data Size 503 (503 B) Hash 31bfdcfaa4189ef42cf8e6755e903e54 2f34e7b82bf5d4a30b0ad3c9b15e1caea5ebca3f 3b953e092a71570ca63c4b4b6029def2bec50a0f0c499020f792cc0b8993a27a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3B953E092A71570CA63C4B4B6029DEF2BEC50A0F0C499020F792CC0B8993A27A" Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10799 Expires: Sat, 01 Oct 2022 08:31:23 GMT Date: Sat, 01 Oct 2022 05:31:24 GMT Connection: keep-alive`

	cachew.camsoda.com/assets/img/camsoda-logo-160x50.png	64.210.135.112	200 OK	4.5 kB
URL HTTP/2 cachew.camsoda.com/assets/img/camsoda-logo-160x50.png IP 64.210.135.112:0 ASN #30361 SWIFTWILL2 Magic PNG image data, 160 x 50, 8-bit colormap, non-interlaced\012- data Size 4520 (4.5 kB) Hash a26f6cb889250cca822d07ed1fa17020 20b51a9dbe0928016d917e71b809c4f01a13d16f fb6f54664e2adec6f304d47e544629a3ae46b0fdeb9ac1daab247f817ef2be13 HTTP Headers `GET /assets/img/camsoda-logo-160x50.png HTTP/1.1 Host: cachew.camsoda.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://promos.camsoda.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK date: Sat, 01 Oct 2022 05:31:24 GMT content-type: image/png content-length: 4520 last-modified: Mon, 02 May 2022 15:02:15 GMT etag: "626ff277-11a8" expires: Sun, 22 May 2022 14:47:25 GMT access-control-allow-origin: * cache-control: max-age=1296000, public, no-transform accept-ranges: bytes x-cdn-diag: ams5-7619-3-51815-h-0-0---;6249-22-21482----0-0-0 X-Firefox-Spdy: h2`

	creative.xxxiijmp.com/widgets/v4/MobileSlider/?buttonColor=&campaignId=juicy-faproulette&creativeId=&domain=stripchat&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=0&showTitle=1&sound=off&sourceId=&tag=females&targetDomain=&trackOff=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd	172.64.145.216	200 OK	335 B
URL HTTP/2 creative.xxxiijmp.com/widgets/v4/MobileSlider/?buttonColor=&campaignId=juicy-faproulette&creativeId=&domain=stripchat&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=0&showTitle=1&sound=off&sourceId=&tag=females&targetDomain=&trackOff=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd IP 172.64.145.216:0 ASN #13335 CLOUDFLARENET Magic HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 335 (335 B) Hash 1177105b3d23cfdfd280c63b9e7a1ca1 9f408c4c2a2e86874a879985c6b9c47e18383390 62c577797051e1e0362e92280a248988a80c6bee7a0e1b0c4b085db50e85820e HTTP Headers GET /widgets/v4/MobileSlider/?buttonColor=&campaignId=juicy-faproulette&creativeId=&domain=stripchat&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=0&showTitle=1&sound=off&sourceId=&tag=females&targetDomain=&trackOff=1&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd HTTP/1.1 Host: creative.xxxiijmp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://camschat.net/ Connection: keep-alive Cookie: __cflb=02DiuDfsBaY2bRYJiCeRhAptQvDh5wz7mpyhBkSq64pyr Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK date: Sat, 01 Oct 2022 05:31:24 GMT content-type: text/html last-modified: Mon, 26 Sep 2022 07:31:44 GMT expires: Sat, 01 Oct 2022 05:31:28 GMT cache-control: max-age=10 strict-transport-security: max-age=15768000 pragma: public report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 } cf-cache-status: HIT age: 5 vary: Accept-Encoding server: cloudflare cf-ray: 7532cfd76bf1b4fd-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	2.2 kB
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. Magic data Size 2202 (2.2 kB) Hash 57606c4f57d6d105230e2e8e10a39ced 44efd526e481793e96554295a63234c9c618bf24 f9c318824e34afaa6fae1b7c542848601623f379474ca52030e4ab989ea50d3f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "70ED38D5E87CF71642E3A7F614463392A86B918EC87FAAA2C54F3431DDF2042A" Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9959 Expires: Sat, 01 Oct 2022 08:17:23 GMT Date: Sat, 01 Oct 2022 05:31:24 GMT Connection: keep-alive`

	chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0	104.18.100.40	200 OK	23 kB
URL HTTP/2 chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0 IP 104.18.100.40:0 ASN #13335 CLOUDFLARENET Magic HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (31162) Size 23044 (23 kB) Hash 22adc69013f02c77bc024315cb710223 27890e6ab85ebaf50fdc5293db5a2db6e98fdac0 dc36472b02787d28514003c91194211e4cc1a91cf5076aa98b30eca1ef48e761 HTTP Headers GET /tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0 HTTP/1.1 Host: chaturbate.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://camschat.net/ Connection: keep-alive Cookie: __cf_bm=EAJlOc3egZIGh3l3Ti8i6QHuBNaYlYJVU7mqYhXmZ5U-1664601893-0-AQrVvBvQ+hk/D0e0UAKeIwPGdD/DBCaXnBoEGDbW9GKIiI3UF9oUQelOX2XZ1oK9PgohFKBfZ03ZKFFns2HXG70= Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Sat, 01 Oct 2022 05:31:25 GMT content-type: text/html; charset=utf-8 vary: Accept-Encoding, Accept-Language, Cookie p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" content-language: en content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.mmcdn.com https://.highwebmedia.com https://.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://.mmcdn.com https://.highwebmedia.com https://.stream.highwebmedia.com https://.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://.mmcdn.com https://.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://.mmcdn.com wss://.mmcdn.com wss://.mmcdn.com:8443 https://.highwebmedia.com wss://.highwebmedia.com wss://.highwebmedia.com:8443 https://.nr-data.net https://.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://.hotjar.com: https://.hotjar.com: https://vc.hotjar.io:* https://surveystats.hotjar.io wss://.hotjar.com ; media-src 'self' https://.mmcdn.com https://.highwebmedia.com https://.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://.mmcdn.com https://.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://.mmcdn.com https://.chaturbate.com https://chaturbate.com https://.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://.chaturbate.com https://chaturbate.com https://.stream.highwebmedia.com https://www.coinpayments.net https://.wnu.com https://wnu.com https://devportal.cb.dev https://.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce; report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true} nel: {"report_to":"default","max_age":2592000,"include_subdomains":true} cache-control: no-cache x-content-type-options: nosniff x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce referrer-policy: strict-origin-when-cross-origin via: 1.1 google alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 set-cookie: stcki="pOtSwZ=0\054FqPd9a=0\0546pduSG=0\054aDBbcK=1"; expires=Mon, 31-Oct-2022 05:31:24 GMT; Max-Age=2592000; Path=/ affkey="eJyrVipSslJQyigpKSi20tdPTswtTs5ILNHLSy3RV6oFAJUzCgA="; Domain=.chaturbate.com; expires=Mon, 31-Oct-2022 05:31:24 GMT; Max-Age=2592000; Path=/ sbr=sec:sbr2d308c38-866e-4865-b4d2-3ffcbbe0d021:1oeV5w:dQFp0cs8nR1Xa11TKyTlZrbv2EI; Domain=.chaturbate.com; expires=Thu, 26-Jun-2025 05:31:24 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure cf-cache-status: DYNAMIC strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7532cfd87b7cb4e8-OSL content-encoding: br X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. Magic data Size 503 (503 B) Hash 10998c87057ea8acdb4d879655a65b5b 49987ea8795b0981f974cc78e4e42341a31e536f 8ee61b3c36bf3526865612ddaac4107fe3e36b810cfc5986e985ab51b1d64d4a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "8EE61B3C36BF3526865612DDAAC4107FE3E36B810CFC5986E985AB51B1D64D4A" Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11087 Expires: Sat, 01 Oct 2022 08:36:12 GMT Date: Sat, 01 Oct 2022 05:31:25 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. Magic data Size 503 (503 B) Hash 10998c87057ea8acdb4d879655a65b5b 49987ea8795b0981f974cc78e4e42341a31e536f 8ee61b3c36bf3526865612ddaac4107fe3e36b810cfc5986e985ab51b1d64d4a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "8EE61B3C36BF3526865612DDAAC4107FE3E36B810CFC5986E985AB51B1D64D4A" Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11087 Expires: Sat, 01 Oct 2022 08:36:12 GMT Date: Sat, 01 Oct 2022 05:31:25 GMT Connection: keep-alive`

	pt-static4.ptlwmstc.com/npe/_common/script/adblock/advertisement-v932169.js	93.93.51.200	200 OK	21 B
URL HTTP/2 pt-static4.ptlwmstc.com/npe/_common/script/adblock/advertisement-v932169.js IP 93.93.51.200:0 ASN #34655 DuoDecad IT Services Luxembourg S.a r.l. Magic ASCII text, with no line terminators Size 21 (21 B) Hash 01c6e7ecb819ef28b0c9b962513a1596 1a49f493db7b91ed34a7040d36732352b9a5dc39 e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5 HTTP Headers `GET /npe/_common/script/adblock/advertisement-v932169.js HTTP/1.1 Host: pt-static4.ptlwmstc.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pt.wmptctl.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Sat, 01 Oct 2022 05:31:25 GMT content-type: application/javascript content-length: 21 last-modified: Fri, 30 Sep 2022 11:19:11 GMT etag: "6336d0af-15" access-control-allow-origin: * server: unknown x-cdn-node: sesto x-cache-status: R-HIT accept-ranges: bytes X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (57)

#1 JS:Script (size: 664)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#2 JS:Script (size: 21)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#3 JS:Script (size: 1893)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#4 JS:Script (size: 3666)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#5 JS:Script (size: 6244)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#6 JS:Script (size: 31122)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#7 JS:Script (size: 253)

URL

IP

ASN

Introduced by

Inline HTML

Observations