r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11143
Expires: Tue, 29 Nov 2022 04:36:01 GMT
Date: Tue, 29 Nov 2022 01:30:18 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5803
Cache-Control: max-age=124665
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:18 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:08:03 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
redir.me/?https://www.redgifs.com/watch/criminalenlightenedpupfish
301 Moved Permanently 706 B URL HTTP/1.1 redir.me/?https://www.redgifs.com/watch/criminalenlightenedpupfish
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 67f3a5933c17b3ab044826d3927d0ba9
5957076d09bacaa6db8ddc832b4fd87ed8f05f8a
97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64
GET /?https://www.redgifs.com/watch/criminalenlightenedpupfish HTTP/1.1
Host: redir.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Tue, 29 Nov 2022 01:30:18 GMT
Server: LiteSpeed
Location: https://redir.me/?https://www.redgifs.com/watch/criminalenlightenedpupfish
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9804
Expires: Tue, 29 Nov 2022 04:13:42 GMT
Date: Tue, 29 Nov 2022 01:30:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 01:19:34 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 644
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tEFM1qRggb08eCLKQjnjQrQ1Ayvb9qiXEWV02yWMuG8mHMKeVGyUvfpHC1hSJJCAwPD8IDzQCkM=
x-amz-request-id: XMX1Q5EG4ZJQQ0E5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 00:45:14 GMT
age: 2704
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:30:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 01:11:12 GMT
cache-control: public,max-age=3600
age: 1146
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
redir.me/?https://www.redgifs.com/watch/criminalenlightenedpupfish
302 Found 0 B URL HTTP/2 redir.me/?https://www.redgifs.com/watch/criminalenlightenedpupfish
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?https://www.redgifs.com/watch/criminalenlightenedpupfish HTTP/1.1
Host: redir.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
location: https://www.redgifs.com/watch/criminalenlightenedpupfish
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
expires: Tue, 29 Nov 2022 01:31:18 GMT
content-length: 0
date: Tue, 29 Nov 2022 01:30:18 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash e2c4e834a8729e58d0bcd8e8c5cd2b84
0e9784c0f743d9f637039559827ec59f51099f73
33af64c205b6a55282766e5b20b8455ca26b718e76f3cc233d072709c5c9631f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2117
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:18 GMT
Last-Modified: Tue, 29 Nov 2022 00:55:02 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 471 B IP
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5105
Cache-Control: max-age=118901
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:19 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:32:00 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 278 B IP
Hash e2c4e834a8729e58d0bcd8e8c5cd2b84
0e9784c0f743d9f637039559827ec59f51099f73
33af64c205b6a55282766e5b20b8455ca26b718e76f3cc233d072709c5c9631f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2118
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:19 GMT
Last-Modified: Tue, 29 Nov 2022 00:55:02 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BsXOrm8PJHZR13YXQ5UvGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I7+/CBeIMAJM0MsFph1hiLgVE0k=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
200 OK 50 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
File type gzip compressed data, from Unix\012- data
Hash cc62c0c9ccecd2db6493f115cbb89731
3bf4c69c6af6677622f2a05314fc7bd614e4cb57
d88e039a0465b0bbfafe762bc29a256ab2e37e9e5bafa91dbcf9b7b707f99108
GET /s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 00:18:13 GMT
expires: Sat, 25 Nov 2023 00:18:13 GMT
cache-control: public, max-age=31536000
age: 349926
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7832, version 1.0\012- data
Hash f4f17fd53c7d040e56f91a3ecb692b22
1b51342175762634835645ba2f99cd3ab0ac615c
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
GET /s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 10:09:10 GMT
expires: Wed, 22 Nov 2023 10:09:10 GMT
cache-control: public, max-age=31536000
age: 573669
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 912 B IP
File type gzip compressed data, from Unix\012- data
Hash 1423ae24b3ca544f4faa48b9ff1f4a17
36b74f1b05329a0116f791d66423222a653b90f9
4d57ff1b87121f64bfbe3905c4c622b04ad16a0661f2e8d12651702bdfc62683
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.redgifs.com/v2/auth/temporary
200 OK 0 B URL HTTP/2 api.redgifs.com/v2/auth/temporary
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/auth/temporary HTTP/1.1
Host: api.redgifs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-customheader
Referer: https://www.redgifs.com/
Origin: https://www.redgifs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:19 GMT
content-length: 0
access-control-allow-methods: CONNECT, GET, HEAD, DELETE, PUT, OPTIONS, PATCH, TRACE, POST
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-headers: content-type,x-customheader
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.redgifs.com
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771793d08fc50afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 5.2 kB IP
ASN #20940 Akamai International B.V.
File type gzip compressed data, from Unix\012- data
Hash 7722b1b12f4cc167700bff0162b5166d
31a6d38d2a417469b4798fa0df6384fccd24a93e
11f285aead778200196359e255788a134450d8fd56945b473ab8f062056eac4f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FF94013E998C5B5EE73FCE81071EDBA0953B67F1508CC6113EF0F3928BDC8BA"
Last-Modified: Sun, 27 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4939
Expires: Tue, 29 Nov 2022 02:52:38 GMT
Date: Tue, 29 Nov 2022 01:30:19 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-5SCT9DN
200 OK 41 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5SCT9DN
IP
File type ASCII text, with very long lines (8436)
Hash ef8d5a060aea1329c3fbe713cea06710
74a67db05e8525f1a943bd3f44e0fa04f490198a
03a2d3b1799f5b5c2b81d6da5f8fc61e8469e85996a948e703b02457ba89c392
GET /gtm.js?id=GTM-5SCT9DN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 01:30:19 GMT
expires: Tue, 29 Nov 2022 01:30:19 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41432
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 40d759dc382f363b1395e4072c2de632
f7057dcead3e038c660c2a9f7b45924c5889639d
af8c869ed8331124b726412a3194d8b86c6901ac5120a28cd38de2cc9aec06ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF8C869ED8331124B726412A3194D8B86C6901AC5120A28CD38DE2CC9AEC06AD"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7939
Expires: Tue, 29 Nov 2022 03:42:38 GMT
Date: Tue, 29 Nov 2022 01:30:19 GMT
Connection: keep-alive
api.redgifs.com/v2/gifs/criminalenlightenedpupfish?views=yes&users=yes
200 OK 0 B URL HTTP/2 api.redgifs.com/v2/gifs/criminalenlightenedpupfish?views=yes&users=yes
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/gifs/criminalenlightenedpupfish?views=yes&users=yes HTTP/1.1
Host: api.redgifs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-customheader
Referer: https://www.redgifs.com/
Origin: https://www.redgifs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:20 GMT
content-length: 0
access-control-allow-headers: authorization,content-type,x-customheader
access-control-max-age: 3600
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.redgifs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, CONNECT, OPTIONS, PATCH, POST, HEAD, TRACE, DELETE
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771793d258260afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.redgifs.com/v2/recommend/tags/criminalenlightenedpupfish
200 OK 0 B URL HTTP/2 api.redgifs.com/v2/recommend/tags/criminalenlightenedpupfish
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/recommend/tags/criminalenlightenedpupfish HTTP/1.1
Host: api.redgifs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-customheader
Referer: https://www.redgifs.com/
Origin: https://www.redgifs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:20 GMT
content-length: 0
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Postman-Token
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH
access-control-allow-origin: https://www.redgifs.com
access-control-max-age: 86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771793d258270afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
v.vfgte.com/impression/d35e5c47-8e8d-4bcf-86e8-b285e231bf95?vlmi=1&vlm=1&vlmd=v.vfgte.com&vlmcid=d35e5c47-8e8d-4bcf-86e8-b285e231bf95&subID1=VGIL_999528998_REDG_CHHD_ALL&source=TS507-999528998&affiliateID=108124&Location_Alias=CHHD&livefeed=karolBeckham&providers=streamate&genders=f%252Cff&skin=1&canHide=1&containerAlignment=center&cols=4&rows=1&number=4&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=fdecb600-9bd9-11ec-b9c9-0fb5c35adf26&isLive=1
204 No Content 0 B URL HTTP/2 v.vfgte.com/impression/d35e5c47-8e8d-4bcf-86e8-b285e231bf95?vlmi=1&vlm=1&vlmd=v.vfgte.com&vlmcid=d35e5c47-8e8d-4bcf-86e8-b285e231bf95&subID1=VGIL_999528998_REDG_CHHD_ALL&source=TS507-999528998&affiliateID=108124&Location_Alias=CHHD&livefeed=karolBeckham&providers=streamate&genders=f%252Cff&skin=1&canHide=1&containerAlignment=center&cols=4&rows=1&number=4&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=fdecb600-9bd9-11ec-b9c9-0fb5c35adf26&isLive=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /impression/d35e5c47-8e8d-4bcf-86e8-b285e231bf95?vlmi=1&vlm=1&vlmd=v.vfgte.com&vlmcid=d35e5c47-8e8d-4bcf-86e8-b285e231bf95&subID1=VGIL_999528998_REDG_CHHD_ALL&source=TS507-999528998&affiliateID=108124&Location_Alias=CHHD&livefeed=karolBeckham&providers=streamate&genders=f%252Cff&skin=1&canHide=1&containerAlignment=center&cols=4&rows=1&number=4&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=fdecb600-9bd9-11ec-b9c9-0fb5c35adf26&isLive=1 HTTP/1.1
Host: v.vfgte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 29 Nov 2022 01:30:20 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: d35e5c47-8e8d-4bcf-86e8-b285e231bf95-osz-v4=DZ7hwEUXRNIzYCSjUaFMkjfk7lo8lHqR2_qZdkBnJOH-sPMdAVDs_7ZiYwxPZavrml00fwS0KrajGd01f0VmWJ5Zt7ZFwVUuRGxtTKbSlEDAMpTElOgIKXufdpjcesjjWItuBFodO4humc9NP6FHG4SAUIz6Ti0v6B268QZgw9JrgaPUiL_5OIZfOa1wx0WQh24YSs4E-c14CV6DfdaE0O8TkcUqQnTDpkUggVUa9fx-58Hql02YT5mzI50XACtvU8uX7G-CWTx3D40l_C9xUHxTiTzRtD8YIljVWgPg6TF0_dF2qfwmicsUqRd_mor_P4uwTJIUPGcN8sfwJ00lJGtRYjq25twdjSjYPHvZAk9j3dDtVaO453WL5q1YWrQkCZaNd7egUdGd1IvfLbQkT5D445vu-uX0QrzH7GaWXL02Q1OGaROljLOCum_K3h1kH43kpkRRngybhzL56TAKsxCMZ9HF1bk828BGOxCJMvfFL8I29h5KOSxAJC_NZOJ_ub3Taa2BNUG3uaJqNSc2X30h4qJSAE0MKghTP64Td8ss1STj7tmzW_Re1kjKsoaeBOEvE4mp79ai5ZtWqBDYenB2I_arwHYIldsjapqnjvx1T_qjvYB794BYGlbjXWftucEdjEBZ0T5xWzdANZR01PhjoPlihun_ofaPaISpHy0m__gmo6BeK2pKY4WaGYNrk7FRZIB5c1DqbQ5A-GAh42yCuRCdQGBAy6t-cwQ2azlgFJ-KmH2oBGKvF4OTUgRlkmRYkG33v32H0Mvnm0kGUQ3e6-aKz4TT3B_3YJnU_6a_e6IXYBks_OhjXUm5TrfPudt485vVl2HlsOxQH3iFXfsdmsdnI-Wv6r7Ic-QbH0wGEBS6mOJBdczbVB9nQi-2G-CNLCGlqGKpCM6ggv7qDqB0yhBvRBPmyOnUekKy5icpiZVRyySpuDoS-QdhICB3_2DxYNLD47MmMqQ3ChUdTzt6fFJr_nIi6xCuULBrruiLDx4fk5SqbssEByEh2LTkMtsBaszHzXtfRTEdzZaM-2DsekW21iZRVQzsVak9lAraLsopLgFIzrZqkOUb8LVFwLoXSbfXtJwUxVDogQxQqks0uI1G518T1qRDEizpHHT1CkgWKGqh_EbnmvylM4Kw; Domain=v.vfgte.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:20 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669685420.dop023.sk1.t,1669685420.cds252.sk1.hn,1669685420.cds210.sk1.c
X-Firefox-Spdy: h2
pixel.redgifs.com/px.gif?event=view®ion=main&gif=criminalenlightenedpupfish&position=
200 OK 43 B URL HTTP/2 pixel.redgifs.com/px.gif?event=view®ion=main&gif=criminalenlightenedpupfish&position=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?event=view®ion=main&gif=criminalenlightenedpupfish&position= HTTP/1.1
Host: pixel.redgifs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redgifs.com/
Origin: https://www.redgifs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:20 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: https://www.redgifs.com
access-control-expose-headers: accept, cdn-loop, cf-ray, accept-encoding, sec-fetch-mode, sec-fetch-site, x-forwarded-proto, cf-visitor, cf-ipcountry, sec-fetch-dest, origin, accept-language, x-forwarded-for, user-agent, host, cf-connecting-ip, referer, x-amzn-trace-id, x-forwarded-port
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771793d548f40afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9726
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:30:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9726
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:30:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9726
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:30:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9726
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:30:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae2e2986caa15a90b615147f229b51ec
c6dfd277cdbd057472e6df6ad1a200f50684d442
ec3799922c38ee6394601744ff4b2c405ee44c4718a2b90c104134657f8b480b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9015
x-amzn-requestid: 9f657586-a44e-46f0-8c38-f1bf26142486
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVOlEE6ZoAMFUPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852aed-1da2400f4165dd553418f8b9;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:41:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mqdz1NhVCqmSrhYLIF0miDzrBiS82SUU6ZRFzDMllbCwS70hC0rMRQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 13405
etag: "c6dfd277cdbd057472e6df6ad1a200f50684d442"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:38:02 GMT
age: 64338
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d574c4db20a68295dbd06cb08f5990b
433061bbb226048765a711deca3026ee3e52372f
8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lzXj01ht9kpuwONgKM0xM0QRu8G9M9oX6rwYzv_Q_sI09Y3-RIVF-A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 03:47:05 GMT
age: 78195
etag: "433061bbb226048765a711deca3026ee3e52372f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 04:45:02 GMT
age: 74718
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c808183085a429c53515508678fc7ab2
6567069d9f5199205ba1ca7a937fcb0a52f95d06
c7ca95730cbc97d7c243e05b23520166faefcd2dfe90f36f70fad1f7e4537e4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9162
x-amzn-requestid: f7fb3b99-6f1c-4ab3-9547-a337d54e8c9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVjI8E9poAMFaQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63854bd2-0679b83d1aa3b7c71aa6bf1c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 00:01:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DVS-FTO93p2gjrvMYzKgNjZmrPxmUuiJHWLuZqOMZzJFwEcWJbW35Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 00:36:14 GMT
etag: "6567069d9f5199205ba1ca7a937fcb0a52f95d06"
content-type: image/jpeg
age: 3246
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cd333c474420e235831d96ed881167e
5008d7344dd85ae61a598c17e7baf427def3e25d
2178a96e120661e43d8e8ed0df1fcf500caf4c58db9e1bedaf0706af0a80b286
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3944
x-amzn-requestid: 8a6732c1-72da-4a73-ba51-8533c6a01a9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNmfFgeIAMFjLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385295c-0c807d93277bfb7f6b13c2ee;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:20 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oW4xFfsPp-Jmf28Uc88iZ2jLgtMRjn2gW0orrJ4K201r6Y6OlHkacQ==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:51 GMT
age: 13409
etag: "5008d7344dd85ae61a598c17e7baf427def3e25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.redgifs.com/v2/recommend/tags/criminalenlightenedpupfish
200 OK 38 kB URL HTTP/2 api.redgifs.com/v2/recommend/tags/criminalenlightenedpupfish
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash d152752743748b79d7d8780b18ded112
94ad280586e25d0c356a18680167e7ff115f814d
7af74c1ce85492d24ba21869c94d33534ac78189fc65d5ffa7dc05d5b2bd2774
GET /v2/recommend/tags/criminalenlightenedpupfish HTTP/1.1
Host: api.redgifs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redgifs.com/
authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL3d3dy5yZWRnaWZzLmNvbS8iLCJpYXQiOjE2Njk2ODU0MTksImV4cCI6MTY2OTc3MTgxOSwic3ViIjoiY2xpZW50LzE4MjNjMzFmN2QzLTc0NWEtNjU4OS0wMDA1LWQ4ZThmZTBhNDRjMiIsInNjb3BlcyI6InJlYWQiLCJ2YWxpZF9hZGRyIjoiOTEuOTAuNDIuMTU0IiwidmFsaWRfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCJ9.ARU_AZlDBiWfMCAgf_n2ZxG4dUagD9AFRU13K0VXWfruwA9CNNuZTdwyFhFTeUVYadsEPQWZxO5g9NAlcrH9tpzJ_iRvNbARbGnHhLFYniHkuRFg3SdjW0xPa2GSkeH1f7ygKROqYoSzZ5Pvs-Se3tizVaTdfLxOxDG8YXJ58ti1atpw5rj7tF7X8AoxcfyqvRpL8F-kP7dMLZPAI4Tw4pSZ717tej65NLdxYCkqDIA10-Uy8jDQZgA0VB4IQPXAh1oqI5XoXemnlsMNyWJlAQwQxLNysb-MtWSjNw3uZ991HU63AGFJo1xCwk1flLusoUbwo8T36UK1KpMD0W4BTQ
content-type: application/json
x-customheader: https://www.redgifs.com/watch/criminalenlightenedpupfish
Origin: https://www.redgifs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:20 GMT
content-type: application/json
content-length: 38046
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Postman-Token
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH
access-control-allow-origin: https://www.redgifs.com
access-control-max-age: 86400
cache-control: no-store
content-encoding: gzip
x-compressed-length: 38046
x-handler-duration: 0.46113204956055
x-pmu: 51783992
x-source-length: 160308
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771793d308670afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0b9596963c66ec93ebd7db6765b8477f
3d82d0b9474570a43c31624c4f7062b541b14afc
56cc86078f6c4ff84cb5b4fa86dfa61bd8b457b3766fe60ea994a1b2bd3d136a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56CC86078F6C4FF84CB5B4FA86DFA61BD8B457B3766FE60EA994A1B2BD3D136A"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3487
Expires: Tue, 29 Nov 2022 02:28:27 GMT
Date: Tue, 29 Nov 2022 01:30:20 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 798c6088f000b3a2464e23a92271c24d
2a53b3d3bd4a9104c79595f664276db5b32b9bad
dcccfc9bb4da634286d08301fcf23be3ae26bb429b35349fb72dde530fdb3ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-74EJ74VZ0E&cid=2009047811.1669685420>m=2oeb90&aip=1&z=777057441
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-74EJ74VZ0E&cid=2009047811.1669685420>m=2oeb90&aip=1&z=777057441
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-74EJ74VZ0E&cid=2009047811.1669685420>m=2oeb90&aip=1&z=777057441 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 01:30:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-74EJ74VZ0E>m=2oeb90&_p=674610025&_gaz=1&cid=2009047811.1669685420&ul=en-us&sr=1280x1024&_s=1&sid=1669685419&sct=1&seg=0&dl=https%3A%2F%2Fwww.redgifs.com%2Fwatch%2Fcriminalenlightenedpupfish&dt=Big%20Tits%20Bra%20Hotwife%20Porn%20GIF%20by%20marcipan%20%7C%20RedGIFs&en=gif_view&_fv=1&_nsi=1&_ss=1&_c=1&ep.page_type=watch&ep.is_user_logged_in=false&ep.user_name=&ep.gif_id=criminalenlightenedpupfish&ep.tags=Big%20Tits%2CBra%2CHotwife
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-74EJ74VZ0E>m=2oeb90&_p=674610025&_gaz=1&cid=2009047811.1669685420&ul=en-us&sr=1280x1024&_s=1&sid=1669685419&sct=1&seg=0&dl=https%3A%2F%2Fwww.redgifs.com%2Fwatch%2Fcriminalenlightenedpupfish&dt=Big%20Tits%20Bra%20Hotwife%20Porn%20GIF%20by%20marcipan%20%7C%20RedGIFs&en=gif_view&_fv=1&_nsi=1&_ss=1&_c=1&ep.page_type=watch&ep.is_user_logged_in=false&ep.user_name=&ep.gif_id=criminalenlightenedpupfish&ep.tags=Big%20Tits%2CBra%2CHotwife
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-74EJ74VZ0E>m=2oeb90&_p=674610025&_gaz=1&cid=2009047811.1669685420&ul=en-us&sr=1280x1024&_s=1&sid=1669685419&sct=1&seg=0&dl=https%3A%2F%2Fwww.redgifs.com%2Fwatch%2Fcriminalenlightenedpupfish&dt=Big%20Tits%20Bra%20Hotwife%20Porn%20GIF%20by%20marcipan%20%7C%20RedGIFs&en=gif_view&_fv=1&_nsi=1&_ss=1&_c=1&ep.page_type=watch&ep.is_user_logged_in=false&ep.user_name=&ep.gif_id=criminalenlightenedpupfish&ep.tags=Big%20Tits%2CBra%2CHotwife HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.redgifs.com
date: Tue, 29 Nov 2022 01:30:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-74EJ74VZ0E&cid=2009047811.1669685420>m=2oeb90&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-74EJ74VZ0E&cid=2009047811.1669685420>m=2oeb90&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-74EJ74VZ0E&cid=2009047811.1669685420>m=2oeb90&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.redgifs.com
date: Tue, 29 Nov 2022 01:30:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hybridclient.naiadsystems.com/purecam?performer=karolBeckham&performerid=107226752&widescreen=true&muted=1
200 OK 751 B URL HTTP/1.1 hybridclient.naiadsystems.com/purecam?performer=karolBeckham&performerid=107226752&widescreen=true&muted=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1d40f9fe54b79bb9cb3824bf7e79d600
68916ca941787f995e73a8a4554f6feff8284440
809e17cb991bd79bae0d331576a9d26ea9ebb8bd9efcf16167ba822e1e348708
GET /purecam?performer=karolBeckham&performerid=107226752&widescreen=true&muted=1 HTTP/1.1
Host: hybridclient.naiadsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cwchmb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Origin
X-Response-Time: 1ms
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7844, version 1.0\012- data
Hash 93c0db9332c3f46d1842b36bcf89dac0
7d5057e994e405022a1bfa3c6c668028ac222532
e28d860a51754d183f6f97432fd94046cd31afb7ce65c8ea179b0ff63b3d84fa
GET /s/poppins/v15/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 12:33:47 GMT
expires: Sat, 25 Nov 2023 12:33:47 GMT
cache-control: public, max-age=31536000
age: 305794
last-modified: Thu, 05 Nov 2020 22:02:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 26eea2c299eabc89e371cc1da43dd8ac
849d1f2cdd54d241b389def576737978238bfab1
8b97266b71d44453bec6519042d71f945da7285813e380db61e7dd70914ecdf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B97266B71D44453BEC6519042D71F945DA7285813E380DB61E7DD70914ECDF3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16049
Expires: Tue, 29 Nov 2022 05:57:50 GMT
Date: Tue, 29 Nov 2022 01:30:21 GMT
Connection: keep-alive
go.goasrv.com/eactrl.go
200 OK 17 kB IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (31993)
Hash c224a1ace171f34872404460dee2460f
d4f3a6427a394d47a9a512c1ea3f93a2bff789f5
1f93c20ddea77881481dc139a23f9e967f551d76e936721a146dca7f827d3d2f
POST /eactrl.go HTTP/1.1
Host: go.goasrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1858
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: application/json;charset=utf-8
content-length: 16328
content-encoding: gzip
access-control-allow-origin: https://www.redgifs.com
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token,X-CSRFToken, Authorization
expires: Mon, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 29 11 2022 01:30:21 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
pragma: no-cache
x-backend-server: nl2-go-web-242
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash fef25a63021681c4d8c5cf4f8da8d2c2
502c95586b4c087817feed2e4459a16308417bda
06b2526516408f47a8bc2801c51d2c13b0db11de648598f51ee0d826d2bbbed2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6275
Cache-Control: max-age=88006
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:22 GMT
Etag: "6383fcf1-139"
Expires: Wed, 30 Nov 2022 01:57:08 GMT
Last-Modified: Mon, 28 Nov 2022 00:12:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
cdn.hybridclient.naiadsystems.com/dist/pure/2.4.3/pure.js
200 OK 312 kB URL HTTP/1.1 cdn.hybridclient.naiadsystems.com/dist/pure/2.4.3/pure.js
IP
File type ASCII text, with very long lines (32022)
Size 312 kB (312469 bytes)
Hash 995c742f66d385cb9f10057f39212554
1f8fc07532582687ec0d887e74e797f8155a4d7e
6b2d669e663d45d3652bf612992c77e632aae6e3375bb510a69ff58032dcc759
GET /dist/pure/2.4.3/pure.js HTTP/1.1
Host: cdn.hybridclient.naiadsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hybridclient.naiadsystems.com
Connection: keep-alive
Referer: https://hybridclient.naiadsystems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:30:22 GMT
Connection: Keep-Alive
ETag: "1669164934"
Content-Encoding: gzip
Content-Length: 312469
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 23 Nov 2022 00:55:34 GMT
Accept-Ranges: bytes
Server: nginx
Cache-Control: max-age=600
X-Response-Time: 10ms
X-HW: 1669685422.dop202.sk1.t,1669685422.cds208.sk1.shn,1669685422.dop202.sk1.t,1669685422.cds026.sk1.c
Access-Control-Allow-Origin: *
a.realsrv.com/iframe.php?idzone=4341126&size=300x250
200 OK 613 B URL HTTP/2 a.realsrv.com/iframe.php?idzone=4341126&size=300x250
IP
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1fb5f649e9d3f1a1d6785913ba035d2a
9e3c32b87da3b2ad711423a96ee186de630bb9c0
6cf68def2349fa22beeed526a62d9b48017cc93d8e32f3758274f10c87accadb
GET /iframe.php?idzone=4341126&size=300x250 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 29 Nov 2022 03:51:31 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694029
server: CDN77-Turbo
x-77-nzt: AblMCQ1DLjT/kQgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae60856314a5840e
x-cache: HIT
x-age: 2193
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 140dd90385b9635226c9d3542335a674
8258ebb58b8eac35d4b20ce53c4d950bda4bd847
8da09b359e46380372433e3c4d10d0528cdc0966323249dfee33b864b65b466f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6224
Cache-Control: max-age=87610
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:22 GMT
Etag: "6383fb98-117"
Expires: Wed, 30 Nov 2022 01:50:32 GMT
Last-Modified: Mon, 28 Nov 2022 00:06:48 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
a.realsrv.com/ad-provider.js
200 OK 22 kB URL HTTP/2 a.realsrv.com/ad-provider.js
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (51260)
Hash af50c3821377c97a2b77e59a8aad0b62
b2980dee49b4dfd62dc305230c42df037b39dfa6
b06e7bde7021e33f8e36f8ee65cb88707fc743912a54b4e9a3f0169197b28b8e
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341078&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: application/javascript
etag: W/"f26c91d131ffc1bbddb296d644e"
expires: Mon, 28 Nov 2022 15:50:38 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669693864
server: CDN77-Turbo
x-77-nzt: AblMCQ2FnnT/NgkAAA
x-77-nzt-ray: c0a4cc281fcdb472ae608563ede9ef11
x-cache: HIT
x-age: 2358
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
track.gpsecureads.com/ee1e1742-0db4-40f5-aeaa-6258e83a66f9
302 Found 0 B URL HTTP/2 track.gpsecureads.com/ee1e1742-0db4-40f5-aeaa-6258e83a66f9
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ee1e1742-0db4-40f5-aeaa-6258e83a66f9 HTTP/1.1
Host: track.gpsecureads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://tour.camsoda.com/promos/iframe/160x600g.php?id=redgntvsoda&vclid=wbk6vkmihvttm9qkit6qfkc2&ad_id=RedGifs_NTV_Json_160x600g&join_form=0&vidstop=2
pragma: no-cache
set-cookie: ee1e1742-0db4-40f5-aeaa-6258e83a66f9-v4=4X4gUeU0GhHO4d_RdMazekT5l7tClxrvehuqJ4ZnLFQ; Max-Age=86400; Expires=Wed, 30-Nov-2022 01:30:22 GMT; Domain=track.gpsecureads.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=TKAFP%2B9WyCp9PGygMc%2FP0F7iE53zQvZjmqlykXme4LcMdM5pr60txdJZiioEVhOH9Z3IzrvZEATiVOSFzOnuEYNDgH%2Fxefw4EXtZt9Q6NlJriTPv41R6bNEVD%2FCWaGX5H5ezjg4%2FhSaS0zIf5UNF9w%3D%3D; Max-Age=31536000; Expires=Wed, 29-Nov-2023 01:30:22 GMT; Domain=track.gpsecureads.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 961 B IP
ASN #20940 Akamai International B.V.
File type gzip compressed data, from Unix\012- data
Hash 06766fb6c2dd5a529dbf74110712a93b
719dd292cbde605c88cdbd2614db43ce39379190
86080c0ec31ef68c4b3898ec7a11d1d6d084d5bd756a7fed45dd5fda9acaba61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB880A01060C42F973F6BC80EF18D2AFDC65E8BF55C4A2DBB2E865663D89C424"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10071
Expires: Tue, 29 Nov 2022 04:18:13 GMT
Date: Tue, 29 Nov 2022 01:30:22 GMT
Connection: keep-alive
a.realsrv.com/iframe.js?idzone=4341124
200 OK 1.3 kB URL HTTP/2 a.realsrv.com/iframe.js?idzone=4341124
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (1810), with no line terminators
Hash a2f2e3e4b569e9343a4cdd6653738f4e
0dd21682c8df1999690be48ab03692dbeaffee34
d794eacd3b5ea7ba189ec7d5d83970a1d5fa892186912e76196d3078740cd543
GET /iframe.js?idzone=4341124 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341124&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: application/javascript
etag: W/"2ad63d3a1db60855e2aae8b0622"
expires: Mon, 28 Nov 2022 15:50:41 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694040
server: CDN77-Turbo
x-77-nzt: AblMCQ0Rvmz/hggAAA
x-77-nzt-ray: c0a4cc281fcdb472ae608563e4d20918
x-cache: HIT
x-age: 2182
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
data.goasrv.com/data/creatives/390/37092.webp
200 OK 261 kB URL HTTP/2 data.goasrv.com/data/creatives/390/37092.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 261 kB (261000 bytes)
Hash d3e87752d6c90dc7b120f0d9ab4858eb
0bf3e0033173600a314bab59f5308d4069a6dd8e
44e97c9d9fa178c5d4d6d93c463f805e1c94e0570093d6353f065b9617aa3f78
GET /data/creatives/390/37092.webp HTTP/1.1
Host: data.goasrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: image/webp
content-length: 261000
last-modified: Tue, 22 Nov 2022 13:27:01 GMT
etag: "637cce25-3fb88"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-backend-server: nl2-static-223
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash fef25a63021681c4d8c5cf4f8da8d2c2
502c95586b4c087817feed2e4459a16308417bda
06b2526516408f47a8bc2801c51d2c13b0db11de648598f51ee0d826d2bbbed2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6275
Cache-Control: max-age=88006
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:22 GMT
Etag: "6383fcf1-139"
Expires: Wed, 30 Nov 2022 01:57:08 GMT
Last-Modified: Mon, 28 Nov 2022 00:12:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 279 B IP
Hash 140dd90385b9635226c9d3542335a674
8258ebb58b8eac35d4b20ce53c4d950bda4bd847
8da09b359e46380372433e3c4d10d0528cdc0966323249dfee33b864b65b466f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6224
Cache-Control: max-age=87610
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:22 GMT
Etag: "6383fb98-117"
Expires: Wed, 30 Nov 2022 01:50:32 GMT
Last-Modified: Mon, 28 Nov 2022 00:06:48 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
a.realsrv.com/iframe.js?idzone=4341074
200 OK 1.1 kB URL HTTP/2 a.realsrv.com/iframe.js?idzone=4341074
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (1810), with no line terminators
Hash c1a1a50730822017bfef2640e2e5d833
17bfb62a1179ebbcbc1dd8d7fe09b43f35293342
dc53d9752fcf7cf2d5890a775e33d85493cbfbea25d0c555b1b7c44b2fa003f1
GET /iframe.js?idzone=4341074 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341074&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: application/javascript
etag: W/"2dd1f9a6e759a2c71e8df5918bd"
expires: Mon, 28 Nov 2022 15:50:46 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669693970
server: CDN77-Turbo
x-77-nzt: AblMCQ3L1EP/zAgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae608563f321d01a
x-cache: HIT
x-age: 2252
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash e2313735949bf794d49f73944f751d82
86eebae47db907ab6ffe346f057abe00b1f93af3
8d59d1492f0e0e36c96fb023b1468cebbc9f4519803c8ac34d22202306335465
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8D59D1492F0E0E36C96FB023B1468CEBBC9F4519803C8AC34D22202306335465"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5276
Expires: Tue, 29 Nov 2022 02:58:18 GMT
Date: Tue, 29 Nov 2022 01:30:22 GMT
Connection: keep-alive
afgtrwd1.com/en/us/about?zid=15242&pid=0&custom1=VGIL_999529072_REDG_SQU&custom2=108124&custom3=TS507-999529072&custom5=SQU&Bnr={BanName}&custom8=v.vfgte.com&custom9=52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad
200 OK 1.0 kB URL HTTP/1.1 afgtrwd1.com/en/us/about?zid=15242&pid=0&custom1=VGIL_999529072_REDG_SQU&custom2=108124&custom3=TS507-999529072&custom5=SQU&Bnr={BanName}&custom8=v.vfgte.com&custom9=52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (1027), with CRLF, LF line terminators
Hash cc73a6d1c924ac04bee689eac7d09f58
b22f609a9bd604fcf4eda18473108fbfb177eefc
03bd1ef2b15db2599a67ba4e9cd79a8d14c4a407fd4a238a7795c915fddd7766
GET /en/us/about?zid=15242&pid=0&custom1=VGIL_999529072_REDG_SQU&custom2=108124&custom3=TS507-999529072&custom5=SQU&Bnr={BanName}&custom8=v.vfgte.com&custom9=52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad HTTP/1.1
Host: afgtrwd1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.15.7
Date: Tue, 29 Nov 2022 01:30:22 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 31 Dec 1998 11:59:59 GMT
X-Robots-Tag: none
P3P: CP="NOI DSP COR NID"
Set-Cookie: AVPUID=02d22377cc10a818aa7c801155e62bd4; Expires=Wed, 29-Nov-2023 01:30:22 GMT; Path=/; Secure; HttpOnly; SameSite=None
Content-Encoding: gzip
syndication.realsrv.com/v1/api.php
200 OK 2.8 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5467)
Hash 171616016c1baf210c7e8f09c9660cd9
18f47a47cf2b4652b7ab7c5cc090c700175e949a
116601d2fbecd84719a6b02e7b17e97280c5aa9460c52f4bb5b71da99c403ddc
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae742f43.142256111855184562%22%3B%7D; expires=Thu, 28-Nov-2024 01:30:22 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/v1/api.php
200 OK 2.5 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5461), with no line terminators
Hash 4577c680a4f1dcbfa22ddd3ccc4bbb42
84455f446e1ace2d720bc40955e849a59e7df766
cb58f07deb21a4afa002fdb3f4bc02aa6dd8336cad526a5dba4a5e34613f1a6a
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae756035.899076791754275121%22%3B%7D; expires=Thu, 28-Nov-2024 01:30:22 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
afgtrwd1.com/en/us/about?zid=15246&pid=0&custom1=VGIL_999529071_REDG_UPL&custom2=108124&custom3=TS507-999529071&custom5=UPL&Bnr={BanName}&custom8=v.vfgte.com&custom9=a2b90567-4b77-4988-bbac-625e003ba282
200 OK 1.0 kB URL HTTP/1.1 afgtrwd1.com/en/us/about?zid=15246&pid=0&custom1=VGIL_999529071_REDG_UPL&custom2=108124&custom3=TS507-999529071&custom5=UPL&Bnr={BanName}&custom8=v.vfgte.com&custom9=a2b90567-4b77-4988-bbac-625e003ba282
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (1027), with CRLF, LF line terminators
Hash 73b10db62e9a389a74cd2269353512a8
7db201041fb0fd3f5edc2ac6adcf512537e7ae28
ab0647e0cdf411ffd05d3fc5862f44d622efc7475881efc2b125616c23332bef
GET /en/us/about?zid=15246&pid=0&custom1=VGIL_999529071_REDG_UPL&custom2=108124&custom3=TS507-999529071&custom5=UPL&Bnr={BanName}&custom8=v.vfgte.com&custom9=a2b90567-4b77-4988-bbac-625e003ba282 HTTP/1.1
Host: afgtrwd1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.15.7
Date: Tue, 29 Nov 2022 01:30:22 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 31 Dec 1998 11:59:59 GMT
X-Robots-Tag: none
P3P: CP="NOI DSP COR NID"
Set-Cookie: AVPUID=711b88f4663fe8af6d2c0d180c2860a1; Expires=Wed, 29-Nov-2023 01:30:22 GMT; Path=/; Secure; HttpOnly; SameSite=None
Content-Encoding: gzip
syndication.realsrv.com/v1/api.php
200 OK 2.5 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5468), with no line terminators
Hash ff01d3c5d5ccdf215ccd3fd093f88928
b8eba03c29d5722ccfa2bfd68dec7e61e517e462
6d7a262651b6a041fdb7ed9c367479f7537dcc8521eb023c0091912e8105d8ef
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae77f588.627391291910248869%22%3B%7D; expires=Thu, 28-Nov-2024 01:30:22 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
a.realsrv.com/iframe.js?idzone=4341118
200 OK 1.8 kB URL HTTP/2 a.realsrv.com/iframe.js?idzone=4341118
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (1810), with no line terminators
Hash cf6c7f959049fa9fa3f562c9384fb804
00f45539a0c9c0ead014a388f80cd2daf3a0671c
dc2665733060cd6e0867559f87b5f8ffc00511ef1479f71ccb6cfc49236f6c5d
GET /iframe.js?idzone=4341118 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341118&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: application/javascript
etag: W/"e2f06d7e9e22aac719a49d0a8ee"
expires: Mon, 28 Nov 2022 15:50:41 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694108
server: CDN77-Turbo
x-77-nzt: AblMCQ3W9HH/QggAAA
x-77-nzt-ray: c0a4cc281fcdb472ae608563f0509112
x-cache: HIT
x-age: 2114
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
syndication.realsrv.com/v1/api.php
200 OK 2.5 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5470), with no line terminators
Hash b3be76ec6a4ace04f2523bf37fbd5b67
5dc9f5e7544543d794d462c7c4420e1d28801d05
8dfdb19aa58d9bfaaabad48e49afd63631d577f4e756447a985d9097421fed95
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae7d5904.307211583146775193%22%3B%7D; expires=Thu, 28-Nov-2024 01:30:22 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7388897e1c1b85b71389512eab7c6566
d6313c23249aa06649e753bdebc010b881d09d4f
4499a9663d336b9acf5b3ee63198782c9a136964e1aa4b617dc78c692a15858b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4499A9663D336B9ACF5B3EE63198782C9A136964E1AA4B617DC78C692A15858B"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3068
Expires: Tue, 29 Nov 2022 02:21:30 GMT
Date: Tue, 29 Nov 2022 01:30:22 GMT
Connection: keep-alive
a.realsrv.com/iframe.js?idzone=4341078
200 OK 1.8 kB URL HTTP/2 a.realsrv.com/iframe.js?idzone=4341078
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (1810), with no line terminators
Hash cb204e83a3d829e6b15ff4c9b79be9bd
6394d44dfa9b3d7bccafe42cbf88811097368991
f1eaf8705af3cfacdffa529e4b2dc6ffbe6622976b3d8383efc1b02d43e421fd
GET /iframe.js?idzone=4341078 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341078&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: application/javascript
etag: W/"cc024d378e39b2973e0664f05a0"
expires: Mon, 28 Nov 2022 15:50:41 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694059
server: CDN77-Turbo
x-77-nzt: AblMCQ18VrT/cwgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae60856383bf4312
x-cache: HIT
x-age: 2163
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.realsrv.com/iframe.php?idzone=4341124&size=300x250
200 OK 3.3 kB URL HTTP/2 a.realsrv.com/iframe.php?idzone=4341124&size=300x250
IP
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6b4914802f0998dd1ed2b0578d6843c9
ec29de796887298f7726f1a2b2e6c9bf8dbc82b3
7ef6c2d7e144c1f4cafcb14a36604b1ea714f303d50d3c15e51eb2e4346c8bb9
GET /iframe.php?idzone=4341124&size=300x250 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 29 Nov 2022 03:51:56 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694019
server: CDN77-Turbo
x-77-nzt: AblMCQ3SSJ3/mwgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae6085631e5b7e0e
x-cache: HIT
x-age: 2203
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 672 B IP
ASN #20940 Akamai International B.V.
Hash 9996811e6dda57704c06c3dd66eb8fde
fa9f81e71e393468c2faa53735300d4f4b545bc4
07017747b7f70867ad5d3ff537a7ce8b81c838b8578a63d546fb60428be04aae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8D59D1492F0E0E36C96FB023B1468CEBBC9F4519803C8AC34D22202306335465"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5276
Expires: Tue, 29 Nov 2022 02:58:18 GMT
Date: Tue, 29 Nov 2022 01:30:22 GMT
Connection: keep-alive
syndication.realsrv.com/v1/api.php
200 OK 1.1 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1411), with no line terminators
Hash 59ec9d13def7a64e4432333361fb2c7a
d470378e06476b8c890b6b50b5b617d7142d3df4
a82763f7395fdf612c7bb23db1d22c83e4c54b268710fc450579ee8b2fb3632c
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae7d5904.307211583146775193%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
v.vfgte.com/impression/52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad?subID1=VGIL_999529072_REDG_SQU&affiliateID=108124&source=TS507-999529072&subID2=ADV15242_33537_89799;&Location_Alias=SQU&Pub=&Target=&cost=&Bnr=012069A&FileID=581193
204 No Content 0 B URL HTTP/2 v.vfgte.com/impression/52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad?subID1=VGIL_999529072_REDG_SQU&affiliateID=108124&source=TS507-999529072&subID2=ADV15242_33537_89799;&Location_Alias=SQU&Pub=&Target=&cost=&Bnr=012069A&FileID=581193
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /impression/52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad?subID1=VGIL_999529072_REDG_SQU&affiliateID=108124&source=TS507-999529072&subID2=ADV15242_33537_89799;&Location_Alias=SQU&Pub=&Target=&cost=&Bnr=012069A&FileID=581193 HTTP/1.1
Host: v.vfgte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afgtrwd1.com/
Cookie: d35e5c47-8e8d-4bcf-86e8-b285e231bf95-osz-v4=DZ7hwEUXRNIzYCSjUaFMkjfk7lo8lHqR2_qZdkBnJOH-sPMdAVDs_7ZiYwxPZavrml00fwS0KrajGd01f0VmWJ5Zt7ZFwVUuRGxtTKbSlEDAMpTElOgIKXufdpjcesjjWItuBFodO4humc9NP6FHG4SAUIz6Ti0v6B268QZgw9JrgaPUiL_5OIZfOa1wx0WQh24YSs4E-c14CV6DfdaE0O8TkcUqQnTDpkUggVUa9fx-58Hql02YT5mzI50XACtvU8uX7G-CWTx3D40l_C9xUHxTiTzRtD8YIljVWgPg6TF0_dF2qfwmicsUqRd_mor_P4uwTJIUPGcN8sfwJ00lJGtRYjq25twdjSjYPHvZAk9j3dDtVaO453WL5q1YWrQkCZaNd7egUdGd1IvfLbQkT5D445vu-uX0QrzH7GaWXL02Q1OGaROljLOCum_K3h1kH43kpkRRngybhzL56TAKsxCMZ9HF1bk828BGOxCJMvfFL8I29h5KOSxAJC_NZOJ_ub3Taa2BNUG3uaJqNSc2X30h4qJSAE0MKghTP64Td8ss1STj7tmzW_Re1kjKsoaeBOEvE4mp79ai5ZtWqBDYenB2I_arwHYIldsjapqnjvx1T_qjvYB794BYGlbjXWftucEdjEBZ0T5xWzdANZR01PhjoPlihun_ofaPaISpHy0m__gmo6BeK2pKY4WaGYNrk7FRZIB5c1DqbQ5A-GAh42yCuRCdQGBAy6t-cwQ2azlgFJ-KmH2oBGKvF4OTUgRlkmRYkG33v32H0Mvnm0kGUQ3e6-aKz4TT3B_3YJnU_6a_e6IXYBks_OhjXUm5TrfPudt485vVl2HlsOxQH3iFXfsdmsdnI-Wv6r7Ic-QbH0wGEBS6mOJBdczbVB9nQi-2G-CNLCGlqGKpCM6ggv7qDqB0yhBvRBPmyOnUekKy5icpiZVRyySpuDoS-QdhICB3_2DxYNLD47MmMqQ3ChUdTzt6fFJr_nIi6xCuULBrruiLDx4fk5SqbssEByEh2LTkMtsBaszHzXtfRTEdzZaM-2DsekW21iZRVQzsVak9lAraLsopLgFIzrZqkOUb8LVFwLoXSbfXtJwUxVDogQxQqks0uI1G518T1qRDEizpHHT1CkgWKGqh_EbnmvylM4Kw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: 52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad-osz-v4=2Br88ljtdc2WrFd4CGQXdPc0B4y58l_jOAMTFP-uUvDL9X6w5BV2KOqmARaqdJKdurFF71LG-ldqWH77iUp9kna45I_IjhftAWx4unfvA5_9TnAfYflZqEmR17CPvd3xfkBcdMElk1YqyQ8Q8C9IMnENDt_YOe0cH6IJrAf2QPM7_ktI2o_vbqHl083hziRx3LvHOSoAGPYtSQL2CYhP_ssZn4hTvCeS1eKog5D7Kt6WsPKYJb4rJiNqViCtP1vrBPLHeMtL7juR_j5FcFWCfiB1S7Vjh_I8ShPrwEZ-nmbnh7ohhjoiWC4-XttOxFirFnNNAvMVsFv6AnLO_xKe7aGG0dCgmMNzHrLoH23BPxmRJh7lKMLRRQTknH_8DAljBv_BBU2H3XzUs5DuwfR-n8oeas3pERyylgHPWCTGoLOsYPodc7yMW2XR-uYGKnriYpa50aQiw6slh9sAxePEtX8ac0GEwRvBip1SvmdRwVp355aWbQlfT15FeM8uqZAWRoNzFULhSlng9gpgoNKjS_ZfruNfddpVfyfJ2cM-k7elmhqFS7n9E8FlUbDLiIOsUNQsPdVawzYgk3ijHwSRP0WzDE6p79VMaL0mH8rGmmMDHbIq46TIx8CLY5RkMIDIqTzo35-f70KszKNIRUJs3J_5irNuvlUoL4cyE3T_O2lxeMcaSLHTv38vN1tkGCnoPejt2FEEWeRDjqlAhIIkKw; Domain=v.vfgte.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
v.vfgte.com/impression/a2b90567-4b77-4988-bbac-625e003ba282?subID1=VGIL_999529071_REDG_UPL&affiliateID=108124&source=TS507-999529071&subID2=ADV15246_33628_88247;&Location_Alias=UPL&Pub=&Target=&cost=&Bnr=010481B&FileID=560332
204 No Content 0 B URL HTTP/2 v.vfgte.com/impression/a2b90567-4b77-4988-bbac-625e003ba282?subID1=VGIL_999529071_REDG_UPL&affiliateID=108124&source=TS507-999529071&subID2=ADV15246_33628_88247;&Location_Alias=UPL&Pub=&Target=&cost=&Bnr=010481B&FileID=560332
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /impression/a2b90567-4b77-4988-bbac-625e003ba282?subID1=VGIL_999529071_REDG_UPL&affiliateID=108124&source=TS507-999529071&subID2=ADV15246_33628_88247;&Location_Alias=UPL&Pub=&Target=&cost=&Bnr=010481B&FileID=560332 HTTP/1.1
Host: v.vfgte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afgtrwd1.com/
Cookie: d35e5c47-8e8d-4bcf-86e8-b285e231bf95-osz-v4=DZ7hwEUXRNIzYCSjUaFMkjfk7lo8lHqR2_qZdkBnJOH-sPMdAVDs_7ZiYwxPZavrml00fwS0KrajGd01f0VmWJ5Zt7ZFwVUuRGxtTKbSlEDAMpTElOgIKXufdpjcesjjWItuBFodO4humc9NP6FHG4SAUIz6Ti0v6B268QZgw9JrgaPUiL_5OIZfOa1wx0WQh24YSs4E-c14CV6DfdaE0O8TkcUqQnTDpkUggVUa9fx-58Hql02YT5mzI50XACtvU8uX7G-CWTx3D40l_C9xUHxTiTzRtD8YIljVWgPg6TF0_dF2qfwmicsUqRd_mor_P4uwTJIUPGcN8sfwJ00lJGtRYjq25twdjSjYPHvZAk9j3dDtVaO453WL5q1YWrQkCZaNd7egUdGd1IvfLbQkT5D445vu-uX0QrzH7GaWXL02Q1OGaROljLOCum_K3h1kH43kpkRRngybhzL56TAKsxCMZ9HF1bk828BGOxCJMvfFL8I29h5KOSxAJC_NZOJ_ub3Taa2BNUG3uaJqNSc2X30h4qJSAE0MKghTP64Td8ss1STj7tmzW_Re1kjKsoaeBOEvE4mp79ai5ZtWqBDYenB2I_arwHYIldsjapqnjvx1T_qjvYB794BYGlbjXWftucEdjEBZ0T5xWzdANZR01PhjoPlihun_ofaPaISpHy0m__gmo6BeK2pKY4WaGYNrk7FRZIB5c1DqbQ5A-GAh42yCuRCdQGBAy6t-cwQ2azlgFJ-KmH2oBGKvF4OTUgRlkmRYkG33v32H0Mvnm0kGUQ3e6-aKz4TT3B_3YJnU_6a_e6IXYBks_OhjXUm5TrfPudt485vVl2HlsOxQH3iFXfsdmsdnI-Wv6r7Ic-QbH0wGEBS6mOJBdczbVB9nQi-2G-CNLCGlqGKpCM6ggv7qDqB0yhBvRBPmyOnUekKy5icpiZVRyySpuDoS-QdhICB3_2DxYNLD47MmMqQ3ChUdTzt6fFJr_nIi6xCuULBrruiLDx4fk5SqbssEByEh2LTkMtsBaszHzXtfRTEdzZaM-2DsekW21iZRVQzsVak9lAraLsopLgFIzrZqkOUb8LVFwLoXSbfXtJwUxVDogQxQqks0uI1G518T1qRDEizpHHT1CkgWKGqh_EbnmvylM4Kw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: a2b90567-4b77-4988-bbac-625e003ba282-osz-v4=G02fyyExpETDjeXyn_BAkk6mNtJ7TNDRHPuVtsQzTxZ_ahYEWqNU0F-NvPqNE2vx6W98w9xucNQu1Z-_gGnkgOL8ywZahb8uVNt7VxBgbf8VsVyCF2xVIMc87id_rHfnd6R0rFk6eo2ACA5cBioyOR_20ea0NKe1tJwFwTiqgnOOaHFPv-fAWrwJnSsixBoUoYchUF9eRL0Yrk6CXYxspLwWT75uadWqYpKtSHeANOF32YAXEBJ1q_qqd5Dm1S0ZFZ8UqfBZKjSyR1pWXYXxBCXmvTuMtA8JR8S9vzrw3B5WV2RNYt0JZ9fWZeBDh3i4n4z-b7rk1u1oC4HFTj4D-QyJy5SslvwbLYGa5gyxAgFOE3ragA_8zWYBiuEcBaEmUXoeSnUdII2E0QXtV4tIaiWlFi0Mn1ygnjxLQ6FjBqgt6s3pLD_1U0MY1JCG5eCVp4VuUC0FYuoet04QoEalWZTNN8Aa_OPpma6V9tImXxOC5ZaEVR-O-7qtDQgcTDW41QpEV3bs7z_v39hzxlASnuyOJN96hGrrluxwLuzYGiUFb4Y1ApU8hymmoMPrdXmlStCfFbNY-4BDM_gHoktZ0QSGxws7c--kldMXc1ZcpIV1SHeqKYA6kOULQS_okPmNon5bvQ8-BMdA0LuNkfn3UCfHmnQ_4uwWCQ4lqaHA0_ENYaHT2r9n17EL2RVJIxTQ_3rIFaLeCz-x9Pby9dOQng; Domain=v.vfgte.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
syndication.realsrv.com/v1/api.php
200 OK 2.4 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5342), with no line terminators
Hash a3638bfc1fff1c6591ddf269def23660
8ff0c617b51d984a62fe137efa7c35d13fea663d
8920ecf69bb396b36ee962ede7f3eda18c3d6f6cbea2d64c97fd3ab0d44df850
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae7d5904.307211583146775193%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/v1/api.php
200 OK 2.4 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5334), with no line terminators
Hash 716636510e9fc27a5858cbd854390b70
0c91765435dd8abbf114f009f6bafb63b198a5c7
5a00dd38fcc2559d72e67926ea30381a2583be70f7e5334527be8a567abd90c2
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae7d5904.307211583146775193%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/v1/api.php
200 OK 1.1 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1396), with no line terminators
Hash 6325651b3bed4b844f4ee27a27c06e15
d39cef9d4b617968b11eaf9e7cd392512d6c1405
df0cfa82ecb07b82b01cbfe59b257cb7bc0f4055bca1ee5ca20fefada7e646e5
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22638560ae905057.24475050550525390%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
www.imglnke.com/5643/010481B_JRKM_18_ALL_EN_71_L.gif
200 OK 16 kB URL HTTP/1.1 www.imglnke.com/5643/010481B_JRKM_18_ALL_EN_71_L.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Hash 8348f985faa43a24505b33495e5a6fe2
9fb40bacaaa545c0b7ea68e07d4087d6cc9cac7a
b98aa1c81ee4eafd235aff9a43ddae150f157bc816d44488a98709d311c4b82f
GET /5643/010481B_JRKM_18_ALL_EN_71_L.gif HTTP/1.1
Host: www.imglnke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afgtrwd1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:30:22 GMT
Connection: Keep-Alive
ETag: "1632412617"
Cache-Control: max-age=3382
Content-Length: 15744
Content-Type: image/gif
Last-Modified: Thu, 23 Sep 2021 15:56:57 GMT
Accept-Ranges: bytes
X-HW: 1669685422.dop012.sk1.t,1669685422.cds012.sk1.shn,1669685422.cds012.sk1.c
www.imglnke.com/5643/012069A_JRKM_18_ALL_EN_71_L.jpg
200 OK 41 kB URL HTTP/1.1 www.imglnke.com/5643/012069A_JRKM_18_ALL_EN_71_L.jpg
IP
File type JPEG image data, progressive, precision 8, 300x250, components 3\012- data
Hash faa37cfad9203de88a47ecc7eba7c531
b53195ccfd09876811c093ae00053e515d37f6c1
41008d982c629be2e598ad017e52ccd29003d48a1d36637774ebd7963d66abf4
GET /5643/012069A_JRKM_18_ALL_EN_71_L.jpg HTTP/1.1
Host: www.imglnke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afgtrwd1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:30:22 GMT
Connection: Keep-Alive
ETag: "1669134891"
Cache-Control: max-age=2094
Content-Length: 40996
Content-Type: image/jpeg
Last-Modified: Tue, 22 Nov 2022 16:34:51 GMT
Accept-Ranges: bytes
X-HW: 1669685422.dop216.sk1.t,1669685422.cds018.sk1.shn,1669685422.dop216.sk1.t,1669685422.cds206.sk1.c
go.goasrv.com/eactrl.go
200 OK 2 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /eactrl.go HTTP/1.1
Host: go.goasrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 15666
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: https://www.redgifs.com
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token,X-CSRFToken, Authorization
expires: Mon, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 29 11 2022 01:30:22 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
pragma: no-cache
x-backend-server: nl2-go-web-242
X-Firefox-Spdy: h2
afgtrwd1.com/js/interactive2.js
200 OK 11 kB URL HTTP/1.1 afgtrwd1.com/js/interactive2.js
IP
File type ASCII text, with very long lines (11195), with no line terminators
Hash 905f3ddae4774c92242e4813407cdbd5
f698ad7ba5a4a0d2093d6def137d55bca54bd030
94a16af23f5b8c309dc7fa05d0ea2de49f6da7de105159b46241a046e407e056
GET /js/interactive2.js HTTP/1.1
Host: afgtrwd1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afgtrwd1.com/en/us/about?zid=15242&pid=0&custom1=VGIL_999529072_REDG_SQU&custom2=108124&custom3=TS507-999529072&custom5=SQU&Bnr={BanName}&custom8=v.vfgte.com&custom9=52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad
Cookie: AVPUID=711b88f4663fe8af6d2c0d180c2860a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.15.7
Date: Tue, 29 Nov 2022 01:30:22 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=86400
Expires: Tue, 29 Nov 2022 13:53:14 GMT
Vary: Accept-Encoding
Last-Modified: Fri, 14 Feb 2020 21:12:20 GMT
syndication.realsrv.com/v1/api.php
200 OK 3.1 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4070)
Hash ceb61ac5ec0adad6de25e34928c81fa9
517d169c30f902151cb5f64995dfe8259d413bab
39293b936a71312a7029b38de3b09a29a8cab731f86ecfbfeefcb793002bbe61
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
a.medfoodsafety.com/loader?a=4789805&v=2&t=1&s=4779152&p=11473&if=false&url=https%3A%2F%2Fwww.redgifs.com%2Fwatch%2Fcriminalenlightenedpupfish&title=Big%20Tits%20Bra%20Hotwife%20Porn%20GIF%20by%20marcipan%20%7C%20RedGIFs
200 OK 383 B URL HTTP/2 a.medfoodsafety.com/loader?a=4789805&v=2&t=1&s=4779152&p=11473&if=false&url=https%3A%2F%2Fwww.redgifs.com%2Fwatch%2Fcriminalenlightenedpupfish&title=Big%20Tits%20Bra%20Hotwife%20Porn%20GIF%20by%20marcipan%20%7C%20RedGIFs
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 46136b9e435a7f991ec49299f61c10c7
df9b06c505f31ddfe3042386e0d64f5aaa83c37e
f70198f37f2f6e64175e6147e5b19a4e4ac21add5d915892df8afc0fb9cff14c
GET /loader?a=4789805&v=2&t=1&s=4779152&p=11473&if=false&url=https%3A%2F%2Fwww.redgifs.com%2Fwatch%2Fcriminalenlightenedpupfish&title=Big%20Tits%20Bra%20Hotwife%20Porn%20GIF%20by%20marcipan%20%7C%20RedGIFs HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7bc4CoN5LNuJH8ZhRzQ04muqzUPBrRmMROqWaRYhzxJ1ljuOCc5ghBD5lM1A%2BojguGrXDeaZk7kyBqoYAom3yjTrQAf8YVPb6WszkiZcZBKdjE2wBI1Rkykpt%2FxNrRWx9WADMTu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771793e3593b7744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.realsrv.com/iframe.js?idzone=4341126
200 OK 11 kB URL HTTP/2 a.realsrv.com/iframe.js?idzone=4341126
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (1810), with no line terminators
Hash 65ce67c20e56f9646712052c872c96fb
56d7ed7951626571ed2054a0716a74bb4a724d97
44ea8e0bda5af59418846eac0c48ac4f488b8a0ee80699b9000e14fea74a5161
GET /iframe.js?idzone=4341126 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341126&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: application/javascript
etag: W/"f9b2ca4e3eaa66ea00feffd4127"
expires: Mon, 28 Nov 2022 15:50:41 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694029
server: CDN77-Turbo
x-77-nzt: AblMCQ2mkjr/kQgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae6085633aa61718
x-cache: HIT
x-age: 2193
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash fc1d108391971e683afbad5019a3c4c8
51904a92c5aa9f1a6b9cd211e5f1bc156c62781a
72a9cb05a598dc775cefc4834b39157902d61b1e26f1f097159f4742b1f583ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 794
Cache-Control: max-age=147677
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:22 GMT
Etag: "6384fb71-118"
Expires: Wed, 30 Nov 2022 18:31:39 GMT
Last-Modified: Mon, 28 Nov 2022 18:18:25 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
v.vfgte.com/impression/52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad?subID1=VGIL_999529072_REDG_SQU&affiliateID=108124&source=TS507-999529072&subID2=ADV15242_33537_89799;&Location_Alias=SQU&Pub=&Target=&cost=&Bnr=012069A&FileID=581193
204 No Content 0 B URL HTTP/2 v.vfgte.com/impression/52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad?subID1=VGIL_999529072_REDG_SQU&affiliateID=108124&source=TS507-999529072&subID2=ADV15242_33537_89799;&Location_Alias=SQU&Pub=&Target=&cost=&Bnr=012069A&FileID=581193
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /impression/52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad?subID1=VGIL_999529072_REDG_SQU&affiliateID=108124&source=TS507-999529072&subID2=ADV15242_33537_89799;&Location_Alias=SQU&Pub=&Target=&cost=&Bnr=012069A&FileID=581193 HTTP/1.1
Host: v.vfgte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afgtrwd1.com/
Cookie: d35e5c47-8e8d-4bcf-86e8-b285e231bf95-osz-v4=DZ7hwEUXRNIzYCSjUaFMkjfk7lo8lHqR2_qZdkBnJOH-sPMdAVDs_7ZiYwxPZavrml00fwS0KrajGd01f0VmWJ5Zt7ZFwVUuRGxtTKbSlEDAMpTElOgIKXufdpjcesjjWItuBFodO4humc9NP6FHG4SAUIz6Ti0v6B268QZgw9JrgaPUiL_5OIZfOa1wx0WQh24YSs4E-c14CV6DfdaE0O8TkcUqQnTDpkUggVUa9fx-58Hql02YT5mzI50XACtvU8uX7G-CWTx3D40l_C9xUHxTiTzRtD8YIljVWgPg6TF0_dF2qfwmicsUqRd_mor_P4uwTJIUPGcN8sfwJ00lJGtRYjq25twdjSjYPHvZAk9j3dDtVaO453WL5q1YWrQkCZaNd7egUdGd1IvfLbQkT5D445vu-uX0QrzH7GaWXL02Q1OGaROljLOCum_K3h1kH43kpkRRngybhzL56TAKsxCMZ9HF1bk828BGOxCJMvfFL8I29h5KOSxAJC_NZOJ_ub3Taa2BNUG3uaJqNSc2X30h4qJSAE0MKghTP64Td8ss1STj7tmzW_Re1kjKsoaeBOEvE4mp79ai5ZtWqBDYenB2I_arwHYIldsjapqnjvx1T_qjvYB794BYGlbjXWftucEdjEBZ0T5xWzdANZR01PhjoPlihun_ofaPaISpHy0m__gmo6BeK2pKY4WaGYNrk7FRZIB5c1DqbQ5A-GAh42yCuRCdQGBAy6t-cwQ2azlgFJ-KmH2oBGKvF4OTUgRlkmRYkG33v32H0Mvnm0kGUQ3e6-aKz4TT3B_3YJnU_6a_e6IXYBks_OhjXUm5TrfPudt485vVl2HlsOxQH3iFXfsdmsdnI-Wv6r7Ic-QbH0wGEBS6mOJBdczbVB9nQi-2G-CNLCGlqGKpCM6ggv7qDqB0yhBvRBPmyOnUekKy5icpiZVRyySpuDoS-QdhICB3_2DxYNLD47MmMqQ3ChUdTzt6fFJr_nIi6xCuULBrruiLDx4fk5SqbssEByEh2LTkMtsBaszHzXtfRTEdzZaM-2DsekW21iZRVQzsVak9lAraLsopLgFIzrZqkOUb8LVFwLoXSbfXtJwUxVDogQxQqks0uI1G518T1qRDEizpHHT1CkgWKGqh_EbnmvylM4Kw; 52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad-osz-v4=2Br88ljtdc2WrFd4CGQXdPc0B4y58l_jOAMTFP-uUvDL9X6w5BV2KOqmARaqdJKdurFF71LG-ldqWH77iUp9kna45I_IjhftAWx4unfvA5_9TnAfYflZqEmR17CPvd3xfkBcdMElk1YqyQ8Q8C9IMnENDt_YOe0cH6IJrAf2QPM7_ktI2o_vbqHl083hziRx3LvHOSoAGPYtSQL2CYhP_ssZn4hTvCeS1eKog5D7Kt6WsPKYJb4rJiNqViCtP1vrBPLHeMtL7juR_j5FcFWCfiB1S7Vjh_I8ShPrwEZ-nmbnh7ohhjoiWC4-XttOxFirFnNNAvMVsFv6AnLO_xKe7aGG0dCgmMNzHrLoH23BPxmRJh7lKMLRRQTknH_8DAljBv_BBU2H3XzUs5DuwfR-n8oeas3pERyylgHPWCTGoLOsYPodc7yMW2XR-uYGKnriYpa50aQiw6slh9sAxePEtX8ac0GEwRvBip1SvmdRwVp355aWbQlfT15FeM8uqZAWRoNzFULhSlng9gpgoNKjS_ZfruNfddpVfyfJ2cM-k7elmhqFS7n9E8FlUbDLiIOsUNQsPdVawzYgk3ijHwSRP0WzDE6p79VMaL0mH8rGmmMDHbIq46TIx8CLY5RkMIDIqTzo35-f70KszKNIRUJs3J_5irNuvlUoL4cyE3T_O2lxeMcaSLHTv38vN1tkGCnoPejt2FEEWeRDjqlAhIIkKw; a2b90567-4b77-4988-bbac-625e003ba282-osz-v4=G02fyyExpETDjeXyn_BAkk6mNtJ7TNDRHPuVtsQzTxZ_ahYEWqNU0F-NvPqNE2vx6W98w9xucNQu1Z-_gGnkgOL8ywZahb8uVNt7VxBgbf8VsVyCF2xVIMc87id_rHfnd6R0rFk6eo2ACA5cBioyOR_20ea0NKe1tJwFwTiqgnOOaHFPv-fAWrwJnSsixBoUoYchUF9eRL0Yrk6CXYxspLwWT75uadWqYpKtSHeANOF32YAXEBJ1q_qqd5Dm1S0ZFZ8UqfBZKjSyR1pWXYXxBCXmvTuMtA8JR8S9vzrw3B5WV2RNYt0JZ9fWZeBDh3i4n4z-b7rk1u1oC4HFTj4D-QyJy5SslvwbLYGa5gyxAgFOE3ragA_8zWYBiuEcBaEmUXoeSnUdII2E0QXtV4tIaiWlFi0Mn1ygnjxLQ6FjBqgt6s3pLD_1U0MY1JCG5eCVp4VuUC0FYuoet04QoEalWZTNN8Aa_OPpma6V9tImXxOC5ZaEVR-O-7qtDQgcTDW41QpEV3bs7z_v39hzxlASnuyOJN96hGrrluxwLuzYGiUFb4Y1ApU8hymmoMPrdXmlStCfFbNY-4BDM_gHoktZ0QSGxws7c--kldMXc1ZcpIV1SHeqKYA6kOULQS_okPmNon5bvQ8-BMdA0LuNkfn3UCfHmnQ_4uwWCQ4lqaHA0_ENYaHT2r9n17EL2RVJIxTQ_3rIFaLeCz-x9Pby9dOQng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: 52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad-osz-v4=9BOH5DydMd9UPEQkwdQXPaSUDCF_K5l-gPTHg10I-4ys7Is_pvsAVDTgCFnZ0yzU9vx0tgV8pbEgRUwQ0DrElSD2cxGPW-zJT7iKCfusphH8BrDZyjOSUK3sr5XBAC928rVr39JRRv6P4QHipG-YQvwJSK0mGpv-gvbGf7-71Y-zKyYo08qBACUX1-PAyXTjwHn5tzwoMUhkei96XRI6AYemFvKLhqjaWJNn4NG2VpewuEO1qrGTiESSzemvcQoDyWs8dL5ps4wsI8xG4ak3sM0oA-5j7wCg2I4Va9s3-K936hPMlzq_SKMjbiYKdvNdiTYmJIY29ARPO4v1rBnySu0ktKy2ONJ-jLHX_z7I2chFodQvclDWd3YE4pwhIQn8YbZuZu97kHEmAnggouK8reJcNDUMKxIN-GCDetMT3dKFJAX0VAoehuvyKyVy_oHzEGncrv972ZsQhmcEXJV4UbC82pwEHmPqfukP-Muqp0CSnt4GvSgvPZ1rSvvijI90nMWLfO9z4MyIs4hxcRRsr6IoM3kzRStdm9wv5ws14fMc5eoEDYPgaMUq0JvE2xmAV6wxA9_2PGKfXWMQvdT0MAOxCjhMWyjR7AvGbKzCNTdRKpnirDyXsHjDR3TgNiGbWb5RJzNz4ZBoUEia94FRDmdzM5hqozp_9GR7V5HHJuauIdStKbzW43GATb5wr6aAnklPOxRyZI9DXs9DES-iEw; Domain=v.vfgte.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
a.realsrv.com/iframe.js?idzone=4341110
200 OK 819 B URL HTTP/2 a.realsrv.com/iframe.js?idzone=4341110
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (1810), with no line terminators
Hash 3a90fdb9caa12d037006de88d89bd34f
6fb6fb51eabc3c0de7aa55629f4682780d00b215
28ba19a79bd8e879ce7fb51c0b69dbd55fbc4cde489f536466357598cec56705
GET /iframe.js?idzone=4341110 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341110&size=300x250
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae7d5904.307211583146775193%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: application/javascript
etag: W/"d26c6daa00666d7200c7ccc830f"
expires: Mon, 28 Nov 2022 15:50:40 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669696222
server: CDN77-Turbo
x-77-nzt: AblMCQ3CrfXe5jAAAA
x-77-nzt-ray: c0a4cc281fcdb472ae608563d4c1e92a
x-cache: REVALIDATED
x-age: 12518
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
v.vfgte.com/impression/a2b90567-4b77-4988-bbac-625e003ba282?subID1=VGIL_999529071_REDG_UPL&affiliateID=108124&source=TS507-999529071&subID2=ADV15246_33628_88247;&Location_Alias=UPL&Pub=&Target=&cost=&Bnr=010481B&FileID=560332
204 No Content 0 B URL HTTP/2 v.vfgte.com/impression/a2b90567-4b77-4988-bbac-625e003ba282?subID1=VGIL_999529071_REDG_UPL&affiliateID=108124&source=TS507-999529071&subID2=ADV15246_33628_88247;&Location_Alias=UPL&Pub=&Target=&cost=&Bnr=010481B&FileID=560332
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /impression/a2b90567-4b77-4988-bbac-625e003ba282?subID1=VGIL_999529071_REDG_UPL&affiliateID=108124&source=TS507-999529071&subID2=ADV15246_33628_88247;&Location_Alias=UPL&Pub=&Target=&cost=&Bnr=010481B&FileID=560332 HTTP/1.1
Host: v.vfgte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afgtrwd1.com/
Cookie: d35e5c47-8e8d-4bcf-86e8-b285e231bf95-osz-v4=DZ7hwEUXRNIzYCSjUaFMkjfk7lo8lHqR2_qZdkBnJOH-sPMdAVDs_7ZiYwxPZavrml00fwS0KrajGd01f0VmWJ5Zt7ZFwVUuRGxtTKbSlEDAMpTElOgIKXufdpjcesjjWItuBFodO4humc9NP6FHG4SAUIz6Ti0v6B268QZgw9JrgaPUiL_5OIZfOa1wx0WQh24YSs4E-c14CV6DfdaE0O8TkcUqQnTDpkUggVUa9fx-58Hql02YT5mzI50XACtvU8uX7G-CWTx3D40l_C9xUHxTiTzRtD8YIljVWgPg6TF0_dF2qfwmicsUqRd_mor_P4uwTJIUPGcN8sfwJ00lJGtRYjq25twdjSjYPHvZAk9j3dDtVaO453WL5q1YWrQkCZaNd7egUdGd1IvfLbQkT5D445vu-uX0QrzH7GaWXL02Q1OGaROljLOCum_K3h1kH43kpkRRngybhzL56TAKsxCMZ9HF1bk828BGOxCJMvfFL8I29h5KOSxAJC_NZOJ_ub3Taa2BNUG3uaJqNSc2X30h4qJSAE0MKghTP64Td8ss1STj7tmzW_Re1kjKsoaeBOEvE4mp79ai5ZtWqBDYenB2I_arwHYIldsjapqnjvx1T_qjvYB794BYGlbjXWftucEdjEBZ0T5xWzdANZR01PhjoPlihun_ofaPaISpHy0m__gmo6BeK2pKY4WaGYNrk7FRZIB5c1DqbQ5A-GAh42yCuRCdQGBAy6t-cwQ2azlgFJ-KmH2oBGKvF4OTUgRlkmRYkG33v32H0Mvnm0kGUQ3e6-aKz4TT3B_3YJnU_6a_e6IXYBks_OhjXUm5TrfPudt485vVl2HlsOxQH3iFXfsdmsdnI-Wv6r7Ic-QbH0wGEBS6mOJBdczbVB9nQi-2G-CNLCGlqGKpCM6ggv7qDqB0yhBvRBPmyOnUekKy5icpiZVRyySpuDoS-QdhICB3_2DxYNLD47MmMqQ3ChUdTzt6fFJr_nIi6xCuULBrruiLDx4fk5SqbssEByEh2LTkMtsBaszHzXtfRTEdzZaM-2DsekW21iZRVQzsVak9lAraLsopLgFIzrZqkOUb8LVFwLoXSbfXtJwUxVDogQxQqks0uI1G518T1qRDEizpHHT1CkgWKGqh_EbnmvylM4Kw; 52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad-osz-v4=2Br88ljtdc2WrFd4CGQXdPc0B4y58l_jOAMTFP-uUvDL9X6w5BV2KOqmARaqdJKdurFF71LG-ldqWH77iUp9kna45I_IjhftAWx4unfvA5_9TnAfYflZqEmR17CPvd3xfkBcdMElk1YqyQ8Q8C9IMnENDt_YOe0cH6IJrAf2QPM7_ktI2o_vbqHl083hziRx3LvHOSoAGPYtSQL2CYhP_ssZn4hTvCeS1eKog5D7Kt6WsPKYJb4rJiNqViCtP1vrBPLHeMtL7juR_j5FcFWCfiB1S7Vjh_I8ShPrwEZ-nmbnh7ohhjoiWC4-XttOxFirFnNNAvMVsFv6AnLO_xKe7aGG0dCgmMNzHrLoH23BPxmRJh7lKMLRRQTknH_8DAljBv_BBU2H3XzUs5DuwfR-n8oeas3pERyylgHPWCTGoLOsYPodc7yMW2XR-uYGKnriYpa50aQiw6slh9sAxePEtX8ac0GEwRvBip1SvmdRwVp355aWbQlfT15FeM8uqZAWRoNzFULhSlng9gpgoNKjS_ZfruNfddpVfyfJ2cM-k7elmhqFS7n9E8FlUbDLiIOsUNQsPdVawzYgk3ijHwSRP0WzDE6p79VMaL0mH8rGmmMDHbIq46TIx8CLY5RkMIDIqTzo35-f70KszKNIRUJs3J_5irNuvlUoL4cyE3T_O2lxeMcaSLHTv38vN1tkGCnoPejt2FEEWeRDjqlAhIIkKw; a2b90567-4b77-4988-bbac-625e003ba282-osz-v4=G02fyyExpETDjeXyn_BAkk6mNtJ7TNDRHPuVtsQzTxZ_ahYEWqNU0F-NvPqNE2vx6W98w9xucNQu1Z-_gGnkgOL8ywZahb8uVNt7VxBgbf8VsVyCF2xVIMc87id_rHfnd6R0rFk6eo2ACA5cBioyOR_20ea0NKe1tJwFwTiqgnOOaHFPv-fAWrwJnSsixBoUoYchUF9eRL0Yrk6CXYxspLwWT75uadWqYpKtSHeANOF32YAXEBJ1q_qqd5Dm1S0ZFZ8UqfBZKjSyR1pWXYXxBCXmvTuMtA8JR8S9vzrw3B5WV2RNYt0JZ9fWZeBDh3i4n4z-b7rk1u1oC4HFTj4D-QyJy5SslvwbLYGa5gyxAgFOE3ragA_8zWYBiuEcBaEmUXoeSnUdII2E0QXtV4tIaiWlFi0Mn1ygnjxLQ6FjBqgt6s3pLD_1U0MY1JCG5eCVp4VuUC0FYuoet04QoEalWZTNN8Aa_OPpma6V9tImXxOC5ZaEVR-O-7qtDQgcTDW41QpEV3bs7z_v39hzxlASnuyOJN96hGrrluxwLuzYGiUFb4Y1ApU8hymmoMPrdXmlStCfFbNY-4BDM_gHoktZ0QSGxws7c--kldMXc1ZcpIV1SHeqKYA6kOULQS_okPmNon5bvQ8-BMdA0LuNkfn3UCfHmnQ_4uwWCQ4lqaHA0_ENYaHT2r9n17EL2RVJIxTQ_3rIFaLeCz-x9Pby9dOQng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: a2b90567-4b77-4988-bbac-625e003ba282-osz-v4=vnxxdks4eaqEIctpP1dM49QRoafh1oh1Q7IYSa1Jz1sN-4154PUQqTyWLSBn9pKCBanxVORWeTdsh4KbDPZjm4llVit_YYzpBG4E3JBBC12gWkXEyYtiVkC8hRZHx0H6CF9xzmW0yBqIp0ZLAKYyco7AflDeIsOa6eAnHzJC--qKmCeuaANb-5wEPy-cVYi1XoyC8Bc70lz1wQnrutekBuYQym9em8cuUv6IkNLb-wEcR1gulzPb5-zm0t4eB3dQIdCqVF9aRRu648hwNS9VlF51rmZ1OxU0_YxPhyDhN1waHOeaKH_BWTvLG_jZOvdUsH2r9gINu2sIoNuf-0YF3F7BPy-hyRma5toAwsmxSQM1tEfbd93ESei3krKVlpKNZpFjegke3sHIgmNZazZo1YDfYJaTx1JRjqQ5Fj9upW3S5BQIwyuY55WRjSQiXFTJo1zq1utGfVTfxznWlj8LthBa91QqdUrBGtGgFZYSYCT_Ws1QIrcPIq0m9H8yfnvVI7EmqM7zi09rtDj937atInJou-YhMRjmA_HRxzfQpmHjU_lvkLgnJ-32QRfbute7PcAkFkxh_CFgkh9mdowUDZTOoBj088S5znqir3lPPVJpR-vEHnNrk6wHLThF-2_NwftcjN9QKfI7c0qnaqKNjiqQznqprQepKDHMm2MfcRwU90ZjVbsK5SwiqoOFLQfLDEuY_5LEsTOW7w1ZOutJRA; Domain=v.vfgte.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
a.bestcontentfood.top/warp/4789803?r=92527
200 OK 657 kB URL HTTP/2 a.bestcontentfood.top/warp/4789803?r=92527
IP
File type ASCII text, with very long lines (4179), with no line terminators
Size 657 kB (656674 bytes)
Hash 519cdc82be5a22a9e9b1347676cf054b
9bdb8a59b0ada0a217174e7bf6307093918a4c2d
430843c05b751a3101aee905e6311ccd45aaeceed059b6f2653ac0d25156a8af
Analyzer Verdict Alert fortinet Phishing
GET /warp/4789803?r=92527 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6U%2FOlBqqFw89rqh%2Bhs2pujn2PjYmqdLLzU0NcymW2iTShvdmTTjQZab5ginQb2BsSOxS1PE3b2zTwPt3djduMNz2H4tc%2FwF6%2FI5CEkjBVVNC7Uv2Mouq0IW86A5qgBxTf8NygQMv4Us%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771793e1baf1746c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.realsrv.com/iframe.php?idzone=4341110&size=300x250
200 OK 171 B URL HTTP/2 a.realsrv.com/iframe.php?idzone=4341110&size=300x250
IP
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e3f238a1f1a27f7585957a5fcb2a0e94
0cd6bb98efcba98e07c77b2e5dbeddca2a67917e
f18a31bf5b982cbfb8a762dea40fa54f6e032415c6409ac875488cc8b88b5818
GET /iframe.php?idzone=4341110&size=300x250 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 29 Nov 2022 03:52:04 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669696222
server: CDN77-Turbo
x-77-nzt: AblMCQ1mZwTb5zAAAA
x-77-nzt-ray: c0a4cc281fcdb472ae608563c134cd0e
x-cache: EXPIRED
x-age: 12519
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PQW7DMAz7yj4QQ6Lk2O55u25Ahz7ASd2hwIoCKTD0wMfPSdGKB9MmJVMQYFAdkN8gO5MdwKKhSHAEjc7Prz1dubTjz/l0C/P1wgxzB5NHR+7umCF0c1U4o2RGH2Ofy5TUYk5dFBqlA7G3riyIKJPx8P3Oj8OeGsSQngdoIndEoW4BqJneudzXIa0l83REFXjRFlPzUnSaW7Q251pXI2tYWv29LX9bZHkgSI/WZTwfaOqGvsygr4uzl3CTz6elXhr58j+Qti+M6r5G5KRtrin55MdpGqcZkFpRSjWto9n4D7hisFNmAQAA
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PQW7DMAz7yj4QQ6Lk2O55u25Ahz7ASd2hwIoCKTD0wMfPSdGKB9MmJVMQYFAdkN8gO5MdwKKhSHAEjc7Prz1dubTjz/l0C/P1wgxzB5NHR+7umCF0c1U4o2RGH2Ofy5TUYk5dFBqlA7G3riyIKJPx8P3Oj8OeGsSQngdoIndEoW4BqJneudzXIa0l83REFXjRFlPzUnSaW7Q251pXI2tYWv29LX9bZHkgSI/WZTwfaOqGvsygr4uzl3CTz6elXhr58j+Qti+M6r5G5KRtrin55MdpGqcZkFpRSjWto9n4D7hisFNmAQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PQW7DMAz7yj4QQ6Lk2O55u25Ahz7ASd2hwIoCKTD0wMfPSdGKB9MmJVMQYFAdkN8gO5MdwKKhSHAEjc7Prz1dubTjz/l0C/P1wgxzB5NHR+7umCF0c1U4o2RGH2Ofy5TUYk5dFBqlA7G3riyIKJPx8P3Oj8OeGsSQngdoIndEoW4BqJneudzXIa0l83REFXjRFlPzUnSaW7Q251pXI2tYWv29LX9bZHkgSI/WZTwfaOqGvsygr4uzl3CTz6elXhr58j+Qti+M6r5G5KRtrin55MdpGqcZkFpRSjWto9n4D7hisFNmAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 280 B IP
Hash fc1d108391971e683afbad5019a3c4c8
51904a92c5aa9f1a6b9cd211e5f1bc156c62781a
72a9cb05a598dc775cefc4834b39157902d61b1e26f1f097159f4742b1f583ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 795
Cache-Control: max-age=147677
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:23 GMT
Etag: "6384fb71-118"
Expires: Wed, 30 Nov 2022 18:31:40 GMT
Last-Modified: Mon, 28 Nov 2022 18:18:25 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
a.realsrv.com/iframe.php?idzone=4341118&size=300x250
200 OK 130 B URL HTTP/2 a.realsrv.com/iframe.php?idzone=4341118&size=300x250
IP
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6bb869297a16a19e977f966f1f5d1c5f
b6c30a2ac2b048a391c54b58aaef6a48c3461a55
aa4cf7603d3abdec72d4309ec4ce021cca5065957970cdece3b3efc020e5eaf7
GET /iframe.php?idzone=4341118&size=300x250 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 29 Nov 2022 03:52:08 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669693944
server: CDN77-Turbo
x-77-nzt: AblMCQ1wd87/5ggAAA
x-77-nzt-ray: c0a4cc281fcdb472ae60856366944d0e
x-cache: HIT
x-age: 2278
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/676799/cd5710823e62b921a06dc0045d7f2b1b663076c9.jpg
200 OK 19 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/676799/cd5710823e62b921a06dc0045d7f2b1b663076c9.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash e14b72a35908bf1d0aa5be9f877917e1
cd5710823e62b921a06dc0045d7f2b1b663076c9
ace2d7b48d4ce56f5df3d44e08dacb1ee3251c631af636a3ca793005309a31b3
GET /library/676799/cd5710823e62b921a06dc0045d7f2b1b663076c9.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: image/jpeg
content-length: 18726
last-modified: Fri, 29 May 2020 12:09:23 GMT
etag: "5ed0fb73-4926"
expires: Fri, 30 Jun 2023 18:47:20 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195208
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ2bv6L/p8PGAA
x-77-nzt-ray: c0a4cc288dd44876af6085635eb4df05
x-cache: HIT
x-age: 13026215
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PS2oEIRS8Si7Q8n7+Zp11Agk5gN1qGMgQ6IGQRR0+amAsSkqsZ5VCIhvzJulJ6KJ0EUFml8mZOPaGl9c3GONs9fPa7+74viHEEHNGNG+ShtsnIZgaMyd4mpQYUkLknAYNRlDQgHg1m8oRMaLi4/15kQfGK2OfgVPa0PS7hiy3noR71Zp4aFZroqXWtnfROo0o7mzl637+rIoEL0EJTBRmoGNhnRGrxYSyqZhg48fBMBZhXV/7WW4NePj/ayOuMAHb+BMDhwSvscheulXrO4vt1hIpHd5i9H9G7XtbYAEAAA==
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PS2oEIRS8Si7Q8n7+Zp11Agk5gN1qGMgQ6IGQRR0+amAsSkqsZ5VCIhvzJulJ6KJ0EUFml8mZOPaGl9c3GONs9fPa7+74viHEEHNGNG+ShtsnIZgaMyd4mpQYUkLknAYNRlDQgHg1m8oRMaLi4/15kQfGK2OfgVPa0PS7hiy3noR71Zp4aFZroqXWtnfROo0o7mzl637+rIoEL0EJTBRmoGNhnRGrxYSyqZhg48fBMBZhXV/7WW4NePj/ayOuMAHb+BMDhwSvscheulXrO4vt1hIpHd5i9H9G7XtbYAEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PS2oEIRS8Si7Q8n7+Zp11Agk5gN1qGMgQ6IGQRR0+amAsSkqsZ5VCIhvzJulJ6KJ0EUFml8mZOPaGl9c3GONs9fPa7+74viHEEHNGNG+ShtsnIZgaMyd4mpQYUkLknAYNRlDQgHg1m8oRMaLi4/15kQfGK2OfgVPa0PS7hiy3noR71Zp4aFZroqXWtnfROo0o7mzl637+rIoEL0EJTBRmoGNhnRGrxYSyqZhg48fBMBZhXV/7WW4NePj/ayOuMAHb+BMDhwSvscheulXrO4vt1hIpHd5i9H9G7XtbYAEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PQWoEIRD8Sj4w0t22drvnnBNIyAOcGQ0LWQKzEHKox0cnsBYlJZZdpZDIwryIPwldIl1EUDgUCiqBk+Ll9Q3KONr+ee33sH3fkC1bKTBNKj7cyYWgUZnMkWhSLLvDuPigQgkRNCApqk4ViBgW8fH+fJIHxpSxz8ApdWj6nY9crZruObM6sfbNRLaeeqe99bT6NKKGo9Wv+/FzViQkyZHARHkGBuYiM+JsMRFZo6hg4cdBMRbhvL72o94a8PD/14adYWOUjj8xUK1ZbG2lVnKv0mpT8231rZesVeMfMRjQ+2ABAAA=
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PQWoEIRD8Sj4w0t22drvnnBNIyAOcGQ0LWQKzEHKox0cnsBYlJZZdpZDIwryIPwldIl1EUDgUCiqBk+Ll9Q3KONr+ee33sH3fkC1bKTBNKj7cyYWgUZnMkWhSLLvDuPigQgkRNCApqk4ViBgW8fH+fJIHxpSxz8ApdWj6nY9crZruObM6sfbNRLaeeqe99bT6NKKGo9Wv+/FzViQkyZHARHkGBuYiM+JsMRFZo6hg4cdBMRbhvL72o94a8PD/14adYWOUjj8xUK1ZbG2lVnKv0mpT8231rZesVeMfMRjQ+2ABAAA=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PQWoEIRD8Sj4w0t22drvnnBNIyAOcGQ0LWQKzEHKox0cnsBYlJZZdpZDIwryIPwldIl1EUDgUCiqBk+Ll9Q3KONr+ee33sH3fkC1bKTBNKj7cyYWgUZnMkWhSLLvDuPigQgkRNCApqk4ViBgW8fH+fJIHxpSxz8ApdWj6nY9crZruObM6sfbNRLaeeqe99bT6NKKGo9Wv+/FzViQkyZHARHkGBuYiM+JsMRFZo6hg4cdBMRbhvL72o94a8PD/14adYWOUjj8xUK1ZbG2lVnKv0mpT8231rZesVeMfMRjQ+2ABAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/823442/794fe4db09942bbcd0f811a3af04fef96264fc5e.mp4
206 Partial Content 289 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/823442/794fe4db09942bbcd0f811a3af04fef96264fc5e.mp4
IP
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 289 kB (288663 bytes)
Hash 83ce08a491c2d4359a900084c73ba022
794fe4db09942bbcd0f811a3af04fef96264fc5e
3aaa3b9881aeb00f73b38cf93461da274dfaa783055475cb96dddccfe28d0502
GET /library/823442/794fe4db09942bbcd0f811a3af04fef96264fc5e.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: video/mp4
content-length: 288663
last-modified: Fri, 18 Nov 2022 09:40:10 GMT
etag: "637752fa-46797"
expires: Sat, 18 Nov 2023 09:59:48 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1700649253
server: CDN77-Turbo
x-77-nzt: AblMCQ2mU+j/CrsIAA
x-77-nzt-ray: c0a4cc288dd44876af6085638866c108
x-cache: HIT
x-age: 572170
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-288662/288663
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1Py2rDMBD8lf5AxL5krXNury2k5ANkWyqBhoADJYf5+G4cEs1hV5rZ2ZGQyI55J/4mtFfai2DkNFIySZwNn18HGGNty8+pX9N8OcNFzQTFsomHOrsQTI05aiZHtiGHL0phzV6CJCgoIDlG710iYhTF8fsdH8cDOJFKeRaBEt0kE3gLAHZY9HS7m2jrbZymvNhgsy86dy2NsvXe6qKxP4SoaW3197r+bZHpgUR50KDl+QBlU4nP7Ph1McQhbPSpr/XcgJf+gbKtCCeze0RM4qXXWudlWobZx8HZe+U+lql7ZPsH6zfkTmYBAAA=
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1Py2rDMBD8lf5AxL5krXNury2k5ANkWyqBhoADJYf5+G4cEs1hV5rZ2ZGQyI55J/4mtFfai2DkNFIySZwNn18HGGNty8+pX9N8OcNFzQTFsomHOrsQTI05aiZHtiGHL0phzV6CJCgoIDlG710iYhTF8fsdH8cDOJFKeRaBEt0kE3gLAHZY9HS7m2jrbZymvNhgsy86dy2NsvXe6qKxP4SoaW3197r+bZHpgUR50KDl+QBlU4nP7Ph1McQhbPSpr/XcgJf+gbKtCCeze0RM4qXXWudlWobZx8HZe+U+lql7ZPsH6zfkTmYBAAA=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1Py2rDMBD8lf5AxL5krXNury2k5ANkWyqBhoADJYf5+G4cEs1hV5rZ2ZGQyI55J/4mtFfai2DkNFIySZwNn18HGGNty8+pX9N8OcNFzQTFsomHOrsQTI05aiZHtiGHL0phzV6CJCgoIDlG710iYhTF8fsdH8cDOJFKeRaBEt0kE3gLAHZY9HS7m2jrbZymvNhgsy86dy2NsvXe6qKxP4SoaW3197r+bZHpgUR50KDl+QBlU4nP7Ph1McQhbPSpr/XcgJf+gbKtCCeze0RM4qXXWudlWobZx8HZe+U+lql7ZPsH6zfkTmYBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/623611/ed0885e8288645e4cca003a57f3a486611122606.jpg
200 OK 29 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/623611/ed0885e8288645e4cca003a57f3a486611122606.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash de65c02764f5d04b7ac0a815d366c969
ed0885e8288645e4cca003a57f3a486611122606
05e417d7c0294dfb542e9de1f1f8c763d8bbfe3f08316fd1b0c78ebb1c22e7f9
GET /library/623611/ed0885e8288645e4cca003a57f3a486611122606.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: image/jpeg
content-length: 28796
last-modified: Mon, 25 May 2020 13:58:36 GMT
etag: "5ecbcf0c-707c"
expires: Fri, 30 Jun 2023 11:10:15 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195204
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ1Yidn/q8PGAA
x-77-nzt-ray: c0a4cc288dd44876af608563b36e180c
x-cache: HIT
x-age: 13026219
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PWUoEMRS8ihfo8LZs8+23guIB0llkwEHoAfGjDm/SwqSoUCGvUhUhkY15k/QkdFG6iCCzy+RMHHvDy+sbjHH09nkdd1e/bwgxxJwRzZukOe2TEEyNmQ2e0qTEkBIi5zRpMIKCJsSr2VKOiBEVH+/PJ3livjL3FbikTU2/y+RDDrXVYVS9TznaiHstreRiuVVaVkJxRy9f9+PnrDhNEpTARGEFOhbzK+JssaBsKibY+HEwzEU4r6/jKLcOPOb/ayOeYQK2+ScGLI9eRtC9pujHsL1rC1Gabz1o1/0Pqxf7dGABAAA=
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PWUoEMRS8ihfo8LZs8+23guIB0llkwEHoAfGjDm/SwqSoUCGvUhUhkY15k/QkdFG6iCCzy+RMHHvDy+sbjHH09nkdd1e/bwgxxJwRzZukOe2TEEyNmQ2e0qTEkBIi5zRpMIKCJsSr2VKOiBEVH+/PJ3livjL3FbikTU2/y+RDDrXVYVS9TznaiHstreRiuVVaVkJxRy9f9+PnrDhNEpTARGEFOhbzK+JssaBsKibY+HEwzEU4r6/jKLcOPOb/ayOeYQK2+ScGLI9eRtC9pujHsL1rC1Gabz1o1/0Pqxf7dGABAAA=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PWUoEMRS8ihfo8LZs8+23guIB0llkwEHoAfGjDm/SwqSoUCGvUhUhkY15k/QkdFG6iCCzy+RMHHvDy+sbjHH09nkdd1e/bwgxxJwRzZukOe2TEEyNmQ2e0qTEkBIi5zRpMIKCJsSr2VKOiBEVH+/PJ3livjL3FbikTU2/y+RDDrXVYVS9TznaiHstreRiuVVaVkJxRy9f9+PnrDhNEpTARGEFOhbzK+JssaBsKibY+HEwzEU4r6/jKLcOPOb/ayOeYQK2+ScGLI9eRtC9pujHsL1rC1Gabz1o1/0Pqxf7dGABAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.03940399%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/823442/794fe4db09942bbcd0f811a3af04fef96264fc5e.mp4
206 Partial Content 289 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/823442/794fe4db09942bbcd0f811a3af04fef96264fc5e.mp4
IP
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 289 kB (288663 bytes)
Hash 83ce08a491c2d4359a900084c73ba022
794fe4db09942bbcd0f811a3af04fef96264fc5e
3aaa3b9881aeb00f73b38cf93461da274dfaa783055475cb96dddccfe28d0502
GET /library/823442/794fe4db09942bbcd0f811a3af04fef96264fc5e.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: video/mp4
content-length: 288663
last-modified: Fri, 18 Nov 2022 09:40:10 GMT
etag: "637752fa-46797"
expires: Sat, 18 Nov 2023 09:59:48 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1700649253
server: CDN77-Turbo
x-77-nzt: AblMCQ1YOED/CrsIAA
x-77-nzt-ray: c0a4cc288dd44876af608563d941540c
x-cache: HIT
x-age: 572170
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-288662/288663
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2oEIRC8Si4w0i8d3e98J5CQAzgzGhayBGYh5KMOnx6HrIVSdldbpZDIxDxJfhK6KF1EUDgUCiaBo+Hl9Q3G2Nv2ee33sH7fkEQTM2aLJtnVMQvB1JglIVKGeq2k7HN51tEkKMghUc0OFohIMCs+3p/HZocr/TwcD2rO6XdMSZd1K7UY25Lc1HpU7mq1WbU+H0LUsLf6dd9/RkY6ETzSePm/AGVTMcHEj4vBF2G0r32vtwY89GdcnB4HGIi1W8nC2iOVRG2JW0q1Nf/crGte/gCF7IAoVQEAAA==
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2oEIRC8Si4w0i8d3e98J5CQAzgzGhayBGYh5KMOnx6HrIVSdldbpZDIxDxJfhK6KF1EUDgUCiaBo+Hl9Q3G2Nv2ee33sH7fkEQTM2aLJtnVMQvB1JglIVKGeq2k7HN51tEkKMghUc0OFohIMCs+3p/HZocr/TwcD2rO6XdMSZd1K7UY25Lc1HpU7mq1WbU+H0LUsLf6dd9/RkY6ETzSePm/AGVTMcHEj4vBF2G0r32vtwY89GdcnB4HGIi1W8nC2iOVRG2JW0q1Nf/crGte/gCF7IAoVQEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2oEIRC8Si4w0i8d3e98J5CQAzgzGhayBGYh5KMOnx6HrIVSdldbpZDIxDxJfhK6KF1EUDgUCiaBo+Hl9Q3G2Nv2ee33sH7fkEQTM2aLJtnVMQvB1JglIVKGeq2k7HN51tEkKMghUc0OFohIMCs+3p/HZocr/TwcD2rO6XdMSZd1K7UY25Lc1HpU7mq1WbU+H0LUsLf6dd9/RkY6ETzSePm/AGVTMcHEj4vBF2G0r32vtwY89GdcnB4HGIi1W8nC2iOVRG2JW0q1Nf/crGte/gCF7IAoVQEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.03940399%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2oDMQy8Si+wRi9L3nz3u4WWHsCxvSXQUNhA6YcOX3lD48FiJI00iIBoQVyoPBGcGE5EvmJaIQklzOIvr28u6Pvon5ftltr31ZVYEd0kC5VQ50LgwoII6hmKc9RWLTFXjI8mODsEKLPIZAkAyI394/35+BgIZcTpOKkEh19w5ZIV6rCeV5DEYIThyShqlnFlb9QqjkZnaasMHsMw8iqiPdu56FzkNe2jft32n+MGuCMhZZrO/wWPtUxCvuAjEY8HfrQv216vw/2hv5/jdnhMoMfYVrQRd+uGpW/WukI/b9soXXvVP4hiwad1AQAA
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2oDMQy8Si+wRi9L3nz3u4WWHsCxvSXQUNhA6YcOX3lD48FiJI00iIBoQVyoPBGcGE5EvmJaIQklzOIvr28u6Pvon5ftltr31ZVYEd0kC5VQ50LgwoII6hmKc9RWLTFXjI8mODsEKLPIZAkAyI394/35+BgIZcTpOKkEh19w5ZIV6rCeV5DEYIThyShqlnFlb9QqjkZnaasMHsMw8iqiPdu56FzkNe2jft32n+MGuCMhZZrO/wWPtUxCvuAjEY8HfrQv216vw/2hv5/jdnhMoMfYVrQRd+uGpW/WukI/b9soXXvVP4hiwad1AQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2oDMQy8Si+wRi9L3nz3u4WWHsCxvSXQUNhA6YcOX3lD48FiJI00iIBoQVyoPBGcGE5EvmJaIQklzOIvr28u6Pvon5ftltr31ZVYEd0kC5VQ50LgwoII6hmKc9RWLTFXjI8mODsEKLPIZAkAyI394/35+BgIZcTpOKkEh19w5ZIV6rCeV5DEYIThyShqlnFlb9QqjkZnaasMHsMw8iqiPdu56FzkNe2jft32n+MGuCMhZZrO/wWPtUxCvuAjEY8HfrQv216vw/2hv5/jdnhMoMfYVrQRd+uGpW/WukI/b9soXXvVP4hiwad1AQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.03940399%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1Py2rDMBD8lf5AxD4lOef22kJKPkC25RJoCDhQcpiP78ZpozlotLvamRES2THvpL4I7ZX2Ihg4DZRMErvh/eMAY6x9/jot1zRdzqiiZoJiblJj2qsQTI2ZDE4VbtljL0ph9VqiSVBQQDy+3lkiYhTF8fMVb8cDOJFK+b8ESnQTJ/BmAFxhwelGyFo9U+tl9oEsKRXhsKBsuRTnQdHncZp781Fa94VprHmcfGlFKUpZ74vQ0trb93X92SLRA4ly2OfQ/ysg1qpE2B0/H4Y4hK19WtZ27sBz/oGySYSQ2T0C5rnpNHaZbKzmw2w8yMRUlyCuuf0Crg4BmoYBAAA=
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1Py2rDMBD8lf5AxD4lOef22kJKPkC25RJoCDhQcpiP78ZpozlotLvamRES2THvpL4I7ZX2Ihg4DZRMErvh/eMAY6x9/jot1zRdzqiiZoJiblJj2qsQTI2ZDE4VbtljL0ph9VqiSVBQQDy+3lkiYhTF8fMVb8cDOJFK+b8ESnQTJ/BmAFxhwelGyFo9U+tl9oEsKRXhsKBsuRTnQdHncZp781Fa94VprHmcfGlFKUpZ74vQ0trb93X92SLRA4ly2OfQ/ysg1qpE2B0/H4Y4hK19WtZ27sBz/oGySYSQ2T0C5rnpNHaZbKzmw2w8yMRUlyCuuf0Crg4BmoYBAAA=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1Py2rDMBD8lf5AxD4lOef22kJKPkC25RJoCDhQcpiP78ZpozlotLvamRES2THvpL4I7ZX2Ihg4DZRMErvh/eMAY6x9/jot1zRdzqiiZoJiblJj2qsQTI2ZDE4VbtljL0ph9VqiSVBQQDy+3lkiYhTF8fMVb8cDOJFK+b8ESnQTJ/BmAFxhwelGyFo9U+tl9oEsKRXhsKBsuRTnQdHncZp781Fa94VprHmcfGlFKUpZ74vQ0trb93X92SLRA4ly2OfQ/ysg1qpE2B0/H4Y4hK19WtZ27sBz/oGySYSQ2T0C5rnpNHaZbKzmw2w8yMRUlyCuuf0Crg4BmoYBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.03940399%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
tour.camsoda.com/promos/iframe/live-button.png
200 OK 3.1 kB URL HTTP/1.1 tour.camsoda.com/promos/iframe/live-button.png
IP
File type PNG image data, 199 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 5049e6d89317d54795c2a71fa34cef1b
4add7099413a9361e2f446c9ca71c7fc2b443379
1e91b1fc4ee4bbbfcc3f07d8273a38df53f8a5d0b511f25e8ceae63be4d2033d
GET /promos/iframe/live-button.png HTTP/1.1
Host: tour.camsoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tour.camsoda.com/promos/iframe/160x600g.php?id=redgntvsoda&vclid=wbk6vkmihvttm9qkit6qfkc2&ad_id=RedGifs_NTV_Json_160x600g&join_form=0&vidstop=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: image/png
content-length: 3140
last-modified: Sat, 21 May 2022 00:50:01 GMT
etag: "62883739-c44"
expires: Thu, 01 Dec 2022 01:30:23 GMT
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
set-cookie: RNLBSERVERID=ded3238; path=/
ocsp.sectigo.com/
200 OK 471 B IP
Hash 3ae3b32c5f9e28928a792bf230fbdbfa
d923dba5a6a5af52d0268851cd0632171c438c42
4f1a08641a5eb607112585ea2f208cb0023cd9c10d32fb9650c6b4f89269823e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:13:20 GMT
Expires: Mon, 05 Dec 2022 00:13:19 GMT
Etag: "d923dba5a6a5af52d0268851cd0632171c438c42"
Cache-Control: max-age=513175,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771793e6fb76b4eb-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 3ae3b32c5f9e28928a792bf230fbdbfa
d923dba5a6a5af52d0268851cd0632171c438c42
4f1a08641a5eb607112585ea2f208cb0023cd9c10d32fb9650c6b4f89269823e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:13:20 GMT
Expires: Mon, 05 Dec 2022 00:13:19 GMT
Etag: "d923dba5a6a5af52d0268851cd0632171c438c42"
Cache-Control: max-age=513175,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771793e6f847b515-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 3ae3b32c5f9e28928a792bf230fbdbfa
d923dba5a6a5af52d0268851cd0632171c438c42
4f1a08641a5eb607112585ea2f208cb0023cd9c10d32fb9650c6b4f89269823e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:13:20 GMT
Expires: Mon, 05 Dec 2022 00:13:19 GMT
Etag: "d923dba5a6a5af52d0268851cd0632171c438c42"
Cache-Control: max-age=513175,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771793e6fbf5b518-OSL
s3t3d2y8.afcdn.net/library/823442/7484a10379d3aa453002876fd3c72642bf4b9be5.mp4
206 Partial Content 211 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/823442/7484a10379d3aa453002876fd3c72642bf4b9be5.mp4
IP
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 211 kB (211266 bytes)
Hash b8539eaa05ec3c67ee10796819b2b793
7484a10379d3aa453002876fd3c72642bf4b9be5
726eef529190c11e3cffb0b93778efb9337ed3f41dd969e256ce7e90833de22b
GET /library/823442/7484a10379d3aa453002876fd3c72642bf4b9be5.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: video/mp4
content-length: 211266
last-modified: Fri, 18 Nov 2022 09:40:08 GMT
etag: "637752f8-33942"
expires: Tue, 21 Nov 2023 19:46:20 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1700649095
server: CDN77-Turbo
x-77-nzt: AblMCQ0vWVX/qLsIAA
x-77-nzt-ray: c0a4cc288dd44876af608563ade5f00f
x-cache: HIT
x-age: 572328
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-211265/211266
X-Firefox-Spdy: h2
media.livemediahost.com/thumbs/528/marshmallow-princess-420.jpg?cb=1669685400
200 OK 9.3 kB URL HTTP/2 media.livemediahost.com/thumbs/528/marshmallow-princess-420.jpg?cb=1669685400
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 1b4cfa66003435290d0327a8d318f8aa
c9dd0dff756778add05bd0c9fd2a610746a1e7b5
2711cf87f28dd1b1b4ad2b726b5f8c64c4b1c059afdca3e27cfca9be908c7020
GET /thumbs/528/marshmallow-princess-420.jpg?cb=1669685400 HTTP/1.1
Host: media.livemediahost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tour.camsoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: image/jpeg
content-length: 9315
last-modified: Tue, 29 Nov 2022 01:29:15 GMT
etag: "6385606b-2463"
expires: Wed, 14 Dec 2022 01:29:54 GMT
cache-control: max-age=1296000
access-control-allow-origin: *
accept-ranges: bytes
x-cdn-diag: ams5-6249-2-10239-h-0-0---;7619-30-29543----0-0-1
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2rDMBC8Si9gsS9ppXz3u4WWHkCxnRJoKDhQ+jGH78qm0SCxj9kdjZDIxDxJfRI6KZ1E0Dg1SiaJs+Hl9Q3G2Nbl83q5p/n7hiJamOGWTWqwcxWCqTF5QaYKjVorNeaq694kKCggWc1GlIhI4IqP9+f9ciCY8Q7FEVrE9EsoWnOhvvqSG1lScuHQVLbinrkpQtqqL52II49v2CKrirH3s5TZxyL0tK3967797B7oQGLVPJT/C4i1MSmY+JEY4hD29vWy9dsKPPiHHRwaAwx48ZL7nM+tCUvpcsnSScKCe3XvfybYrCV1AQAA
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2rDMBC8Si9gsS9ppXz3u4WWHkCxnRJoKDhQ+jGH78qm0SCxj9kdjZDIxDxJfRI6KZ1E0Dg1SiaJs+Hl9Q3G2Nbl83q5p/n7hiJamOGWTWqwcxWCqTF5QaYKjVorNeaq694kKCggWc1GlIhI4IqP9+f9ciCY8Q7FEVrE9EsoWnOhvvqSG1lScuHQVLbinrkpQtqqL52II49v2CKrirH3s5TZxyL0tK3967797B7oQGLVPJT/C4i1MSmY+JEY4hD29vWy9dsKPPiHHRwaAwx48ZL7nM+tCUvpcsnSScKCe3XvfybYrCV1AQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2rDMBC8Si9gsS9ppXz3u4WWHkCxnRJoKDhQ+jGH78qm0SCxj9kdjZDIxDxJfRI6KZ1E0Dg1SiaJs+Hl9Q3G2Nbl83q5p/n7hiJamOGWTWqwcxWCqTF5QaYKjVorNeaq694kKCggWc1GlIhI4IqP9+f9ciCY8Q7FEVrE9EsoWnOhvvqSG1lScuHQVLbinrkpQtqqL52II49v2CKrirH3s5TZxyL0tK3967797B7oQGLVPJT/C4i1MSmY+JEY4hD29vWy9dsKPPiHHRwaAwx48ZL7nM+tCUvpcsnSScKCe3XvfybYrCV1AQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.03940399%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0490099501%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
media.livemediahost.com/thumbs/1832/dakotablare.jpg?cb=1669685400
200 OK 7.2 kB URL HTTP/2 media.livemediahost.com/thumbs/1832/dakotablare.jpg?cb=1669685400
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash e1dd33962f261cfaeed92e73ceb90141
5b1bce57c3f5011cea91fc49fbd5f84f3450c7e6
32b91dab1d42d6c6c289a50398fea68762894528d7dd9f03100405066cebd707
GET /thumbs/1832/dakotablare.jpg?cb=1669685400 HTTP/1.1
Host: media.livemediahost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tour.camsoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: image/jpeg
content-length: 7197
last-modified: Tue, 29 Nov 2022 01:29:02 GMT
etag: "6385605e-1c1d"
expires: Wed, 14 Dec 2022 01:29:54 GMT
cache-control: max-age=1296000
access-control-allow-origin: *
accept-ranges: bytes
x-cdn-diag: ams5-7619-2-65210-h-0-0---;7619-30-29543----0-0-0
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2oDMQy8Si8Qo6flzXf720JKDuBs7BJoCGyg5GMOX29C4jFoZEkjj5DIhnkj5U1oq7QVwcRpomSS2A2fXzsYY2nHn1O/pvlyRhE1E4S5SRndXoRgakxhcCpwyz50EcHqJRcYQUED4mN0ZYmIEYr99zs+9jtwIpV4BoES3cQJfP8AeGgMTjdC1uKZapvIySOJWfhKxx3qE6F3J4vejLvGVHOeo4xcD+XYD3ONVQc1La3+Xpe/uyN6IJGXaZTl+QBlUxleN/xKDOMQ7uVTX+q5Aa/+Bx4rFGy2OkCjKUc9qLL0LGw1euEe87E2qtX6P1OljYmFAQAA
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2oDMQy8Si8Qo6flzXf720JKDuBs7BJoCGyg5GMOX29C4jFoZEkjj5DIhnkj5U1oq7QVwcRpomSS2A2fXzsYY2nHn1O/pvlyRhE1E4S5SRndXoRgakxhcCpwyz50EcHqJRcYQUED4mN0ZYmIEYr99zs+9jtwIpV4BoES3cQJfP8AeGgMTjdC1uKZapvIySOJWfhKxx3qE6F3J4vejLvGVHOeo4xcD+XYD3ONVQc1La3+Xpe/uyN6IJGXaZTl+QBlUxleN/xKDOMQ7uVTX+q5Aa/+Bx4rFGy2OkCjKUc9qLL0LGw1euEe87E2qtX6P1OljYmFAQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2oDMQy8Si8Qo6flzXf720JKDuBs7BJoCGyg5GMOX29C4jFoZEkjj5DIhnkj5U1oq7QVwcRpomSS2A2fXzsYY2nHn1O/pvlyRhE1E4S5SRndXoRgakxhcCpwyz50EcHqJRcYQUED4mN0ZYmIEYr99zs+9jtwIpV4BoES3cQJfP8AeGgMTjdC1uKZapvIySOJWfhKxx3qE6F3J4vejLvGVHOeo4xcD+XYD3ONVQc1La3+Xpe/uyN6IJGXaZTl+QBlUxleN/xKDOMQ7uVTX+q5Aa/+Bx4rFGy2OkCjKUc9qLL0LGw1euEe87E2qtX6P1OljYmFAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.03940399%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0490099501%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
a.realsrv.com/iframe.js?idzone=4341106
200 OK 30 kB URL HTTP/2 a.realsrv.com/iframe.js?idzone=4341106
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (1810), with no line terminators
Hash ecd8daa2d0592fe413db54c939f41df1
4c98c18300ef4b67c06991a374e74d030768120e
3f26cc8814266d3739416e6f641c22855074dd71a54a613331217a6f69b60047
GET /iframe.js?idzone=4341106 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341106&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: application/javascript
etag: W/"8b550755d9bd822b8a50205352c"
expires: Mon, 28 Nov 2022 15:51:02 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694058
server: CDN77-Turbo
x-77-nzt: AblMCQ3hJ+L/dAgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae60856340e97e1a
x-cache: HIT
x-age: 2164
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2oDMQy8Si8Qo6cl57vfKbT0AOuNtwQaChso+dDhq92UeDCM0DAzIiA6IB7IXwiODEeiaFgaFKGCKnF6ew/BWMf567LcyvxzDREXxTBRIU+1OkEICyJCKHgomjlAKqiioYRAcECClEU2VgDQWBrXMI7Pj9f9Y4KCAe6kkHwLj808OdwhKrtWmEarU1UuyljNyKhZ9bTKnn3uVQSygXesOnDui46q4lzVkTajmMo6pu/b+rufAw8UUN/j/+dgFCahOOBzkMgHsa8vyzpdR8RT/4DtCVk4WySN3oY0XAxn9HGeTCYejNC70+ji7Q9fHSWtgQEAAA==
200 OK 19 kB URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2oDMQy8Si8Qo6cl57vfKbT0AOuNtwQaChso+dDhq92UeDCM0DAzIiA6IB7IXwiODEeiaFgaFKGCKnF6ew/BWMf567LcyvxzDREXxTBRIU+1OkEICyJCKHgomjlAKqiioYRAcECClEU2VgDQWBrXMI7Pj9f9Y4KCAe6kkHwLj808OdwhKrtWmEarU1UuyljNyKhZ9bTKnn3uVQSygXesOnDui46q4lzVkTajmMo6pu/b+rufAw8UUN/j/+dgFCahOOBzkMgHsa8vyzpdR8RT/4DtCVk4WySN3oY0XAxn9HGeTCYejNC70+ji7Q9fHSWtgQEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash f09083dd1ac07eb1b812c74e377a1b24
3069e5fb99c079fa84497965e22cbe895723079d
8d0e4892837311b8c51b2ed8ac6d45a1c69a7db88fd09a0293ddaa27d9bae97c
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2oDMQy8Si8Qo6cl57vfKbT0AOuNtwQaChso+dDhq92UeDCM0DAzIiA6IB7IXwiODEeiaFgaFKGCKnF6ew/BWMf567LcyvxzDREXxTBRIU+1OkEICyJCKHgomjlAKqiioYRAcECClEU2VgDQWBrXMI7Pj9f9Y4KCAe6kkHwLj808OdwhKrtWmEarU1UuyljNyKhZ9bTKnn3uVQSygXesOnDui46q4lzVkTajmMo6pu/b+rufAw8UUN/j/+dgFCahOOBzkMgHsa8vyzpdR8RT/4DtCVk4WySN3oY0XAxn9HGeTCYejNC70+ji7Q9fHSWtgQEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.03940399%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0490099501%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc260296807cf86244d1c3214f5e3465
9ecf570b22daa18bcc570591d09808f5e37f4260
4c6b201e824de38bf38166a28da335134b4fa0bede2f12f672f2e9cdd0d08f38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C6B201E824DE38BF38166A28DA335134B4FA0BEDE2F12F672F2E9CDD0D08F38"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3481
Expires: Tue, 29 Nov 2022 02:28:24 GMT
Date: Tue, 29 Nov 2022 01:30:23 GMT
Connection: keep-alive
tour.camsoda.com/promos/iframe/load-more-button-blue.png
200 OK 6.3 kB URL HTTP/1.1 tour.camsoda.com/promos/iframe/load-more-button-blue.png
IP
File type PNG image data, 426 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 292e92098aeba3a15ad6121c14299441
ad8041203107459bfda4e6b5a319706c5729fcb7
4481d8625d654e38c693adcc02e63892131c59420da0f9f9bcd717125ef3643a
GET /promos/iframe/load-more-button-blue.png HTTP/1.1
Host: tour.camsoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tour.camsoda.com/promos/iframe/160x600g.php?id=redgntvsoda&vclid=wbk6vkmihvttm9qkit6qfkc2&ad_id=RedGifs_NTV_Json_160x600g&join_form=0&vidstop=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: image/png
content-length: 6296
last-modified: Mon, 23 May 2022 15:45:03 GMT
etag: "628babff-1898"
expires: Thu, 01 Dec 2022 01:30:23 GMT
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
set-cookie: RNLBSERVERID=ded3241; path=/
chaturbate.com/topembed/female/?join_overlay=1&tour=6o0b&campaign=YBj6k&disable_sound=1&mobileRedirect=auto&embed_video_only=1
302 Found 8.2 kB URL HTTP/2 chaturbate.com/topembed/female/?join_overlay=1&tour=6o0b&campaign=YBj6k&disable_sound=1&mobileRedirect=auto&embed_video_only=1
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash b1f40321cea200ac50c0aaefd5f248e6
3472d7430c2842c0a4b3e841d91f7bb43282e901
fc91b4ab49eb999ed5c0bcac2739bc607e637d8637b78de5921d5b01b0c0bcb6
GET /topembed/female/?join_overlay=1&tour=6o0b&campaign=YBj6k&disable_sound=1&mobileRedirect=auto&embed_video_only=1 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redgifs.com/
Connection: keep-alive
Cookie: __cf_bm=B_9AxdiGVhcACUvx0S6BhKh9WMmwEyPrtd8FXPSAHO8-1669685422-0-AfBozom8T99ZR7jxPwpZvw4SqzRJ985ZK6eDhdKwyO63Ly5qjVKKbbs3UMyszmqZW4yhrRZfO8oj4AWGPggufV8=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html; charset=utf-8
location: /embed/bitter_moon/?join_overlay=1&tour=6o0b&campaign=YBj6k&disable_sound=1&mobileRedirect=auto&embed_video_only=1
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
set-cookie: affkey="eJyrVipSslJQyigpKSi20tcvLy/XK0pNSc9MK9ZLzs/VV6oFALc5Cys="; Domain=.chaturbate.com; expires=Thu, 29-Dec-2022 01:30:22 GMT; Max-Age=2592000; Path=/
sbr=sec:sbr3f0a0092-1fb6-43d1-b058-0420d5b00c94:1ozpS2:ansoWIRPfOZqSOscrHKlk43k7Lc; Domain=.chaturbate.com; expires=Sun, 24-Aug-2025 01:30:22 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 771793e28e7fb50f-OSL
X-Firefox-Spdy: h2
manifest-server.naiadsystems.com/live/s:karolBeckham.json?last=load&format=webrtc
200 OK 1.4 kB URL HTTP/1.1 manifest-server.naiadsystems.com/live/s:karolBeckham.json?last=load&format=webrtc
IP
File type JSON data\012- , ASCII text, with very long lines (7174), with no line terminators
Hash fd4c22f3aa5f6fb5a8348e9bff70d66c
6bf36b33e6b3d24f13cbf831bed47752989c8ceb
5e13b6149298c738632f18d7162a7b953c6254fd7b30394ffbc77bf0212541b4
GET /live/s:karolBeckham.json?last=load&format=webrtc HTTP/1.1
Host: manifest-server.naiadsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hybridclient.naiadsystems.com
Connection: keep-alive
Referer: https://hybridclient.naiadsystems.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: max-age=1, public
etag: W/"1c06-xTzBHGEvPPtH1CmISqFKjGX8ZaM"
Content-Encoding: gzip
a.realsrv.com/iframe.php?idzone=4341074&size=300x250
200 OK 26 kB URL HTTP/2 a.realsrv.com/iframe.php?idzone=4341074&size=300x250
IP
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a6be214ef36ee0e0cbd7786580838469
65e6fe6ff0a93c6706438fba584c433214d774b5
44b057f1d5a437a5e9fdea5973775707db4bd8307c497b36510a448ade088af2
GET /iframe.php?idzone=4341074&size=300x250 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 29 Nov 2022 03:51:56 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669693970
server: CDN77-Turbo
x-77-nzt: AblMCQ3CX/X/zAgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae6085638a47180f
x-cache: HIT
x-age: 2252
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.realsrv.com/iframe.php?idzone=4341078&size=300x250
200 OK 19 kB URL HTTP/2 a.realsrv.com/iframe.php?idzone=4341078&size=300x250
IP
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 22f7955c44ad8efe09acc0e5ceb9c7dc
0b80809fb36032c690a1551ad2f70ae7d6f4991e
dd25b2b692144c74cc2e34ec1f862e80424f94cd7b77ca689d171f40a8c02a8b
GET /iframe.php?idzone=4341078&size=300x250 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 29 Nov 2022 03:51:59 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669693976
server: CDN77-Turbo
x-77-nzt: AblMCQ2CPzj/xggAAA
x-77-nzt-ray: c0a4cc281fcdb472ae60856335b63c0e
x-cache: HIT
x-age: 2246
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=bitter_moon&f=0.2840420412664372
200 OK 26 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=bitter_moon&f=0.2840420412664372
IP
ASN #50389 Phoenix Nap, LLC.
Hash 3380b347a1a2ffea87955484b4e45310
31df2059cdd67614fecdaf37f54a7579d22251fe
990f8419ae6ef8463d4d2fa4ab07fef02b8be22c84920f297764a7bbc2294bff
GET /stream?room=bitter_moon&f=0.2840420412664372 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=F4.uI2PBQf2HBWSk2ZTYha25_.y4AJuISWRRKUvHido-1669685423361-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:30:24 GMT
content-type: image/jpeg
content-length: 25772
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/cachebust/theatermode-react-e43317773f2b.js
200 OK 65 kB URL HTTP/2 static-assets.highwebmedia.com/cachebust/theatermode-react-e43317773f2b.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7cea1c8651618b8e943d43b224f5dcfd
9763c0aabdfb0e2a3ed5eb8e130d021ae9055297
35953f1d2f8ddc84937983ff1c87ec95935a744099dd6d8b3c733bed2db89599
GET /cachebust/theatermode-react-e43317773f2b.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=218857
etag: W/"9c63cab4b9e913e2d602e0ea0a63e286"
last-modified: Mon, 28 Nov 2022 21:57:21 GMT
x-amz-id-2: k5GSN442Lm5/+Q8/yOV+nJFj05Y61Me8UC+YEwHVbKv1ipTGd4wQmsiQqYUpi2j/JmMqMIvQbtA=
x-amz-meta-s3cmd-attrs: md5:9c63cab4b9e913e2d602e0ea0a63e286
x-amz-request-id: YDQ8033MF3Z9SAXR
cf-cache-status: HIT
age: 12634
expires: Thu, 29 Dec 2022 01:30:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZcht%2Fv1bh2qI244Kz%2BjsV7D0%2F9nKH2s32z4hYFd2AG6tzrXVFBobknb3s3utLx%2FWqWKTPUcNy0%2FcUk0p2htUgppOm70ccZXmyTsG81crtMEOwelcJl0LouZveGnalGmXdmXIL0hu6Bzt6pqBBTUxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=SRzMuXZ2kqFRL6PShBbZjPGr6ZI4oPvESJgnd2N9Ct0-1669685423362-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 771793e7fa37fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sfu-ue1-76.naiadsystems.com/sfu/sfu-ue1-76/v3/56b70e3b-a831-4afa-9e2c-ea4362a97882?support=ov&t=noauth&client_name=AIW&client_version=5.5.1&rsrc=windeagle%3A8307&xkey=56b70e3b-a831-4afa-9e2c-ea4362a97882&bpeerId=108F20C06F6C11EDBD3255A78922FC61&udata=true
101 Switching Protocols 0 B URL HTTP/1.1 sfu-ue1-76.naiadsystems.com/sfu/sfu-ue1-76/v3/56b70e3b-a831-4afa-9e2c-ea4362a97882?support=ov&t=noauth&client_name=AIW&client_version=5.5.1&rsrc=windeagle%3A8307&xkey=56b70e3b-a831-4afa-9e2c-ea4362a97882&bpeerId=108F20C06F6C11EDBD3255A78922FC61&udata=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfu/sfu-ue1-76/v3/56b70e3b-a831-4afa-9e2c-ea4362a97882?support=ov&t=noauth&client_name=AIW&client_version=5.5.1&rsrc=windeagle%3A8307&xkey=56b70e3b-a831-4afa-9e2c-ea4362a97882&bpeerId=108F20C06F6C11EDBD3255A78922FC61&udata=true HTTP/1.1
Host: sfu-ue1-76.naiadsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://hybridclient.naiadsystems.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BVFHcASy8wmL/Mcb7UIarA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Tue, 29 Nov 2022 01:30:24 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: R/rfIFEQKV/QFpXhHk4uJkQxfeM=
cbjpeg.stream.highwebmedia.com/stream?room=bitter_moon&f=0.4656169002374787
200 OK 25 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=bitter_moon&f=0.4656169002374787
IP
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 4029a24237d9e66af2f3f90a73f9f793
b52d2baacaaba0f41a85bc1b936927bdeb3e296f
160859a1b333f16670561c916ff58b53920a519205e7f63259dc407e87d090bb
GET /stream?room=bitter_moon&f=0.4656169002374787 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=F4.uI2PBQf2HBWSk2ZTYha25_.y4AJuISWRRKUvHido-1669685423361-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:30:25 GMT
content-type: image/jpeg
content-length: 25061
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash 07ab0b5d68f2487481977366e8e41c0b
d5c8549c93944e4f7d954b6cb6b2596e02de3183
c49905b27d10ae6f8709ab9d2fbc270dd6615f315e4550a9fdb42bc159087125
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4899
Cache-Control: max-age=163347
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:30:25 GMT
Etag: "638528a1-138"
Expires: Wed, 30 Nov 2022 22:52:52 GMT
Last-Modified: Mon, 28 Nov 2022 21:31:13 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312
realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=24827004300350708
204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=24827004300350708
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /keys/KSKw2g.L36ISg/requestToken?rnd=24827004300350708 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: ably-agent,content-type,x-ably-version
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Content-Length,Accept,Authorization,X-Ably-Version,X-Ably-Lib,X-Ably-ClientId,Ably-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://chaturbate.com
access-control-max-age: 3600
date: Tue, 29 Nov 2022 01:30:25 GMT
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sfkwlyXB8irMj__rjiumW-0WhiJiJt5tr8wvafiu5jEkzoXri9zMxA==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=24827004300350708
201 Created 388 B URL HTTP/2 realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=24827004300350708
IP
File type JSON data\012- , ASCII text
Hash 3ab96600bbfee24539396c15562755bc
50f7047a0474a5ce8d9c8a614277ed0a4c37f15f
19fa1eaf0940d36e89cd8b87048ff9bf4b6442c4e9460aaa7c08c17126b8de00
POST /keys/KSKw2g.L36ISg/requestToken?rnd=24827004300350708 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: application/json
X-Ably-Version: 1.2
Ably-Agent: ably-js/1.2.13 browser
Content-Length: 361
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
content-length: 388
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 29 Nov 2022 01:30:25 GMT
vary: Origin
x-ably-serverid: frontend.b752.7.eu-central-1-A.i-09a62fa8e03c566a6.e91yI5JcQBIZ55
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yUp_6LqbGlIFaTgYFh-ES9jA7tVPmtvdrFi3_3VcLsJqZGVk1bhUlg==
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
200 OK 19 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP
Hash 7f83d39254070bb7c301b98ebe9007a0
c483ce681cf534be80c86ce26e8ec20597298909
d7977cd1a2fab54bf424d878cdc3a9f908cc5ac1d13ef891814cd4f3f51f423e
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 01:30:25 GMT
via: 1.1 varnish
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 691
x-timer: S1669685426.554727,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4350e99260aff70f5a6bb92aff2ceece
5f20ee312337072f90d75c49a26a3a4413860efc
f21724ccdc83317e251b73e67e5cbfc11cc3eeebd8a7e0f59d0321e4c72540a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F21724CCDC83317E251B73E67E5CBFC11CC3EEEBD8A7E0F59D0321E4C72540A5"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11895
Expires: Tue, 29 Nov 2022 04:48:40 GMT
Date: Tue, 29 Nov 2022 01:30:25 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4350e99260aff70f5a6bb92aff2ceece
5f20ee312337072f90d75c49a26a3a4413860efc
f21724ccdc83317e251b73e67e5cbfc11cc3eeebd8a7e0f59d0321e4c72540a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F21724CCDC83317E251B73E67E5CBFC11CC3EEEBD8A7E0F59D0321E4C72540A5"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11877
Expires: Tue, 29 Nov 2022 04:48:22 GMT
Date: Tue, 29 Nov 2022 01:30:25 GMT
Connection: keep-alive
realtime.pa.highwebmedia.com/comet/connect?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=19228842928038914
200 OK 544 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/connect?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=19228842928038914
IP
File type JSON data\012- , ASCII text
Hash 8ab3f68190d6f0c36b03b4a673ba805f
2fb238a2ea7dc3469e19a8ba624f2c1a77c1067b
29012148145675dd7bbfdf28101f95693e11b8495396deff3f27debe60b66b88
GET /comet/connect?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=19228842928038914 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 544
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 29 Nov 2022 01:30:25 GMT
vary: Origin
x-ably-serverid: frontend.7c0a.4.eu-central-1-A.i-02b0ee627758e0a3b.e91edBo8wBIZir
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: e23ob4Ph_IaqFB529ygCLM3Qikbcwt8gLzGWsur9mUuKTnZW9pVwCQ==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/send?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=9920172173048074
204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/send?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=9920172173048074
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/send?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=9920172173048074 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Content-Length,Accept,Authorization,X-Ably-Version,X-Ably-Lib,X-Ably-ClientId,Ably-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://chaturbate.com
access-control-max-age: 3600
date: Tue, 29 Nov 2022 01:30:25 GMT
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oSAQ1K91wck4uIH1vl1mVhdZrLPXh4_gE0tPp6QhFQ2sM2VJe_jYUg==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/send?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=9920172173048074
201 Created 2 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/send?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=9920172173048074
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/send?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=9920172173048074 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: application/json
Content-Length: 74
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 29 Nov 2022 01:30:25 GMT
vary: Origin
x-ably-serverid: frontend.7c0a.4.eu-central-1-A.i-02b0ee627758e0a3b.e91edBo8wBIZir
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0n7WY5p_OxyJ1x7KkR44oNqqV_9FWyjCB8WwBX6A4E03neWiUj_DOw==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/recv?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=8973104061552089
200 OK 143 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/recv?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=8973104061552089
IP
File type JSON data\012- , ASCII text
Hash 26e821e4e619597a97efe8eb9d9f806c
fdeaac41a7b86840e5475caf6058384a7401f96f
a2ad8e78b37a3d44e5159b2116fcd5e06dc9b75a8f6ea94538604c43d96ef9af
GET /comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/recv?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=8973104061552089 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 143
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 29 Nov 2022 01:30:25 GMT
vary: Origin
x-ably-serverid: frontend.7c0a.4.eu-central-1-A.i-02b0ee627758e0a3b.e91edBo8wBIZir
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ICYgGJN2exg7kcoDDyI7AhdcgI3PQR7ovjPk3GRKHuHBdfIGO6GSvw==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&upgrade=e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4&format=json&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0
101 Switching Protocols 0 B URL HTTP/1.1 realtime.pa.highwebmedia.com/?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&upgrade=e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4&format=json&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&upgrade=e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4&format=json&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://chaturbate.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G0Qt357Kieubim8fccezbw==
Connection: keep-alive, Upgrade
Cookie: _cfuvid=F4.uI2PBQf2HBWSk2ZTYha25_.y4AJuISWRRKUvHido-1669685423361-0-604800000
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 29 Nov 2022 01:30:25 GMT
Connection: upgrade
Sec-Websocket-Accept: BykoyqecTl3nOUr9CuqC7r0AXr4=
Upgrade: websocket
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bRNKZ4tbf4PzLFDs_Td8QxTZyxEht4BXnLn6ApbjVV0AkS1PPFaMaw==
bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3417&ck=1&ref=https://chaturbate.com/embed/bitter_moon/&ap=67&be=1096&fe=2842&dc=1685&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669685421454,%22n%22:0,%22r%22:1,%22re%22:798,%22f%22:798,%22dn%22:798,%22dne%22:798,%22c%22:798,%22s%22:798,%22ce%22:798,%22rq%22:841,%22rp%22:1069,%22rpe%22:1071,%22dl%22:1081,%22di%22:1672,%22ds%22:1685,%22de%22:1690,%22dc%22:2841,%22l%22:2841,%22le%22:2843%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEIAgACBARcA1pUBlZWWxh4Yy8TFUMhJTshCU0XAwhTHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlMIRU0EEDwJDAlXGhsdQ0ZVPgoMFxdEAxdaWQBFTBMAAhAGSFpaVBNNE0oIFgY7CgIbDwgdQ0JQFQc8AAwLWFxXE1sTWgkDFxERBFhBXB8CXlRDTkEWBhdMUEpFPllWEhZBXkEFUVRNRBNTWBUHTQcMCxsZG1MTXk4SBxE7CgIbDxsCUgRdAFoBVU5eWAQJHFVVC1JPAgYFABRUCVdYBFtVVFBTB14bGRtDBFdcEwcRRllEUUFNQRILFk4VFBNNFFxRXlgHQhcCDQ5LQUobR1xAFFRKFT0OARcOVlEbC0N2fDVAT0YTH01dVl8%2BR1wTEQoLDUQDFwofVhMVQxcCOwcDT1xaVD5XWAwLDx1BXBt6TVkEQxtNQBYFPAJcQ1BSBG5NGBIGRllEXVBKWhVeSUNOQRECOVZGZlcAXFANG0FeQTFQW11eFkIbTUAWBTwJSmpPVBNCUA4MQV5BVwkXFRMUUGYDEAwTEANLal9QDFhVGEBZRiUPS1BfXhkTFUMXAjsBFFZCSlQTbk8EEBANDAgbDxsAUQQXUUBPRhYHZkZNQwhfXkNYQSkMHFBZVVBOBBdRQkszCghdWk5CQX9tQVNTSlNdGWJQX1cFAkEaVVBYRktDAwBRBBdRS0MjBgVSWhYDUQAJUVNTVUMgUEdcVw5JFlBSVkpTRBUXXlgVbloODw4NF0QDF1wFUgIIVlVUVwVUWxcVExFQSwAPEEZZREJpG1sOWFc%2BDRUBEQpYTGUTWxFlQ1M/Rk9GZRdNXhRDZUNYQzhBUFYFW21DHRk9QAAFDhZYXF5fPRMDQT5BPSEMD15lE00RZUMGChcCBFVQZkIORFcFPkFeQzobBGUTTRFlQw8MBgoKXGdcVQhDXAIWP0ZZRmUXWEQVXmVDTkM4QQNUV1xVPkdQBQcMOwwIVUxlE1sRZUNTP0YeRBUXWlAMbk0ABUFeQRZMV1VYAhMVQwEMCAwUZlhWVQQTA0MOCgMLElRaXVRDHRsTDQwJPBVNVE1EEhMDQw4KEgZEREg%3D&jsonp=NREUM.setToken
200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3417&ck=1&ref=https://chaturbate.com/embed/bitter_moon/&ap=67&be=1096&fe=2842&dc=1685&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669685421454,%22n%22:0,%22r%22:1,%22re%22:798,%22f%22:798,%22dn%22:798,%22dne%22:798,%22c%22:798,%22s%22:798,%22ce%22:798,%22rq%22:841,%22rp%22:1069,%22rpe%22:1071,%22dl%22:1081,%22di%22:1672,%22ds%22:1685,%22de%22:1690,%22dc%22:2841,%22l%22:2841,%22le%22:2843%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEIAgACBARcA1pUBlZWWxh4Yy8TFUMhJTshCU0XAwhTHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlMIRU0EEDwJDAlXGhsdQ0ZVPgoMFxdEAxdaWQBFTBMAAhAGSFpaVBNNE0oIFgY7CgIbDwgdQ0JQFQc8AAwLWFxXE1sTWgkDFxERBFhBXB8CXlRDTkEWBhdMUEpFPllWEhZBXkEFUVRNRBNTWBUHTQcMCxsZG1MTXk4SBxE7CgIbDxsCUgRdAFoBVU5eWAQJHFVVC1JPAgYFABRUCVdYBFtVVFBTB14bGRtDBFdcEwcRRllEUUFNQRILFk4VFBNNFFxRXlgHQhcCDQ5LQUobR1xAFFRKFT0OARcOVlEbC0N2fDVAT0YTH01dVl8%2BR1wTEQoLDUQDFwofVhMVQxcCOwcDT1xaVD5XWAwLDx1BXBt6TVkEQxtNQBYFPAJcQ1BSBG5NGBIGRllEXVBKWhVeSUNOQRECOVZGZlcAXFANG0FeQTFQW11eFkIbTUAWBTwJSmpPVBNCUA4MQV5BVwkXFRMUUGYDEAwTEANLal9QDFhVGEBZRiUPS1BfXhkTFUMXAjsBFFZCSlQTbk8EEBANDAgbDxsAUQQXUUBPRhYHZkZNQwhfXkNYQSkMHFBZVVBOBBdRQkszCghdWk5CQX9tQVNTSlNdGWJQX1cFAkEaVVBYRktDAwBRBBdRS0MjBgVSWhYDUQAJUVNTVUMgUEdcVw5JFlBSVkpTRBUXXlgVbloODw4NF0QDF1wFUgIIVlVUVwVUWxcVExFQSwAPEEZZREJpG1sOWFc%2BDRUBEQpYTGUTWxFlQ1M/Rk9GZRdNXhRDZUNYQzhBUFYFW21DHRk9QAAFDhZYXF5fPRMDQT5BPSEMD15lE00RZUMGChcCBFVQZkIORFcFPkFeQzobBGUTTRFlQw8MBgoKXGdcVQhDXAIWP0ZZRmUXWEQVXmVDTkM4QQNUV1xVPkdQBQcMOwwIVUxlE1sRZUNTP0YeRBUXWlAMbk0ABUFeQRZMV1VYAhMVQwEMCAwUZlhWVQQTA0MOCgMLElRaXVRDHRsTDQwJPBVNVE1EEhMDQw4KEgZEREg%3D&jsonp=NREUM.setToken
IP
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3417&ck=1&ref=https://chaturbate.com/embed/bitter_moon/&ap=67&be=1096&fe=2842&dc=1685&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669685421454,%22n%22:0,%22r%22:1,%22re%22:798,%22f%22:798,%22dn%22:798,%22dne%22:798,%22c%22:798,%22s%22:798,%22ce%22:798,%22rq%22:841,%22rp%22:1069,%22rpe%22:1071,%22dl%22:1081,%22di%22:1672,%22ds%22:1685,%22de%22:1690,%22dc%22:2841,%22l%22:2841,%22le%22:2843%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEIAgACBARcA1pUBlZWWxh4Yy8TFUMhJTshCU0XAwhTHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlMIRU0EEDwJDAlXGhsdQ0ZVPgoMFxdEAxdaWQBFTBMAAhAGSFpaVBNNE0oIFgY7CgIbDwgdQ0JQFQc8AAwLWFxXE1sTWgkDFxERBFhBXB8CXlRDTkEWBhdMUEpFPllWEhZBXkEFUVRNRBNTWBUHTQcMCxsZG1MTXk4SBxE7CgIbDxsCUgRdAFoBVU5eWAQJHFVVC1JPAgYFABRUCVdYBFtVVFBTB14bGRtDBFdcEwcRRllEUUFNQRILFk4VFBNNFFxRXlgHQhcCDQ5LQUobR1xAFFRKFT0OARcOVlEbC0N2fDVAT0YTH01dVl8%2BR1wTEQoLDUQDFwofVhMVQxcCOwcDT1xaVD5XWAwLDx1BXBt6TVkEQxtNQBYFPAJcQ1BSBG5NGBIGRllEXVBKWhVeSUNOQRECOVZGZlcAXFANG0FeQTFQW11eFkIbTUAWBTwJSmpPVBNCUA4MQV5BVwkXFRMUUGYDEAwTEANLal9QDFhVGEBZRiUPS1BfXhkTFUMXAjsBFFZCSlQTbk8EEBANDAgbDxsAUQQXUUBPRhYHZkZNQwhfXkNYQSkMHFBZVVBOBBdRQkszCghdWk5CQX9tQVNTSlNdGWJQX1cFAkEaVVBYRktDAwBRBBdRS0MjBgVSWhYDUQAJUVNTVUMgUEdcVw5JFlBSVkpTRBUXXlgVbloODw4NF0QDF1wFUgIIVlVUVwVUWxcVExFQSwAPEEZZREJpG1sOWFc%2BDRUBEQpYTGUTWxFlQ1M/Rk9GZRdNXhRDZUNYQzhBUFYFW21DHRk9QAAFDhZYXF5fPRMDQT5BPSEMD15lE00RZUMGChcCBFVQZkIORFcFPkFeQzobBGUTTRFlQw8MBgoKXGdcVQhDXAIWP0ZZRmUXWEQVXmVDTkM4QQNUV1xVPkdQBQcMOwwIVUxlE1sRZUNTP0YeRBUXWlAMbk0ABUFeQRZMV1VYAhMVQwEMCAwUZlhWVQQTA0MOCgMLElRaXVRDHRsTDQwJPBVNVE1EEhMDQw4KEgZEREg%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:30:25 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 771793f67833b517-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=a640aac8d5198f02; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
realtime.pa.highwebmedia.com/comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/send?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=5418605880354499
204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/send?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=5418605880354499
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/send?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=5418605880354499 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Content-Length,Accept,Authorization,X-Ably-Version,X-Ably-Lib,X-Ably-ClientId,Ably-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://chaturbate.com
access-control-max-age: 3600
date: Tue, 29 Nov 2022 01:30:25 GMT
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JghgljgEa3kQIpU798H1E283jlOLbiO_UWx3I2mIVOUx3GNqhty2wA==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/send?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=5418605880354499
201 Created 2 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/send?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=5418605880354499
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/send?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=5418605880354499 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: application/json
Content-Length: 164
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 29 Nov 2022 01:30:25 GMT
vary: Origin
x-ably-serverid: frontend.7c0a.4.eu-central-1-A.i-02b0ee627758e0a3b.e91edBo8wBIZir
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 62insGiMWc_i8oNfHvLfW_d_FTs7McuaUKIRfhUoqY8uZIP39Vl0cQ==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/recv?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=4038279464986696
200 OK 22 kB URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/recv?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=4038279464986696
IP
Hash 9ba37ad26f5d68de13ce656c10d1b29f
80036fb5944e2a38382a1bb8e80e164faa1ac6b4
edc2f2066996002eba88da2575b430698ce279436727196ac8fd03a09d49a7fd
GET /comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/recv?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=4038279464986696 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 301
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 29 Nov 2022 01:30:25 GMT
vary: Origin
x-ably-serverid: frontend.7c0a.4.eu-central-1-A.i-02b0ee627758e0a3b.e91edBo8wBIZir
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eCTIbDzdzJWKksl4Bt58zIcGFa4OWZAhE7JRWvd8XfhE2iOCV8xIBg==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/disconnect?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=792947295355639
204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/disconnect?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=792947295355639
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comet/e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4/disconnect?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&rnd=792947295355639 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 29 Nov 2022 01:30:25 GMT
vary: Origin
x-ably-serverid: frontend.7c0a.4.eu-central-1-A.i-02b0ee627758e0a3b.e91edBo8wBIZir
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DWjERNFHHYo9uQhXu8tj3_1jZ1u0zuKYU8BTTYUgQaS1OMsvIMTZSw==
X-Firefox-Spdy: h2
chatw-62.stream.highwebmedia.com/ws/825/sh0cporj/websocket
101 Switching Protocols 0 B URL HTTP/1.1 chatw-62.stream.highwebmedia.com/ws/825/sh0cporj/websocket
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/825/sh0cporj/websocket HTTP/1.1
Host: chatw-62.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://chaturbate.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: htQOHC3EgY1lauy3cCJBxw==
Connection: keep-alive, Upgrade
Cookie: _cfuvid=F4.uI2PBQf2HBWSk2ZTYha25_.y4AJuISWRRKUvHido-1669685423361-0-604800000
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 29 Nov 2022 01:30:25 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uueTflTMOqnXNIoZX0/Hm5zdW98=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewKsB8q7zRg5pZu1ZtG7X%2BJqCbiVhm%2BWlkk2rD8o1n3FSv%2FsqL0VLHC2OstFWTchXEEQPMBc9VITVwCqCtd7we1e5Q%2FhEBWRwhlH93J9h%2Bubwv1aD%2BzDuV9QshsAH19QwNz%2BxnGS6LE3GJbzLRVcHd7%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771793f46b74b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
bam.nr-data.net/ins/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3657&ck=1&ref=https://chaturbate.com/embed/bitter_moon/&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEIAgACBARcA1pUBlZWWxh4Yy8TFUMhJTshCU0XAwhTHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlMIRU0EEDwJDAlXGhsdQ0ZVPgoMFxdEAxdaWQBFTBMAAhAGSFpaVBNNE0oIFgY7CgIbDwgdQ0JQFQc8AAwLWFxXE1sTWgkDFxERBFhBXB8CXlRDTkEWBhdMUEpFPllWEhZBXkEFUVRNRBNTWBUHTQcMCxsZG1MTXk4SBxE7CgIbDxsCUgRdAFoBVU5eWAQJHFVVC1JPAgYFABRUCVdYBFtVVFBTB14bGRtDBFdcEwcRRllEUUFNQRILFk4VFBNNFFxRXlgHQhcCDQ5LQUobR1xAFFRKFT0OARcOVlEbC0N2fDVAT0YTH01dVl8%2BR1wTEQoLDUQDFwofVhMVQxcCOwcDT1xaVD5XWAwLDx1BXBt6TVkEQxtNQBYFPAJcQ1BSBG5NGBIGRllEXVBKWhVeSUNOQRECOVZGZlcAXFANG0FeQTFQW11eFkIbTUAWBTwJSmpPVBNCUA4MQV5BVwkXFRMUUGYDEAwTEANLal9QDFhVGEBZRiUPS1BfXhkTFUMXAjsBFFZCSlQTbk8EEBANDAgbDxsAUQQXUUBPRhYHZkZNQwhfXkNYQSkMHFBZVVBOBBdRQkszCghdWk5CQX9tQVNTSlNdGWJQX1cFAkEaVVBYRktDAwBRBBdRS0MjBgVSWhYDUQAJUVNTVUMgUEdcVw5JFlBSVkpTRBUXXlgVbloODw4NF0QDF1wFUgIIVlVUVwVUWxcVExFQSwAPEEZZREJpG1sOWFc%2BDRUBEQpYTGUTWxFlQ1M/Rk9GZRdNXhRDZUNYQzhBUFYFW21DHRk9QAAFDhZYXF5fPRMDQT5BPSEMD15lE00RZUMGChcCBFVQZkIORFcFPkFeQzobBGUTTRFlQw8MBgoKXGdcVQhDXAIWP0ZZRmUXWEQVXmVDTkM4QQNUV1xVPkdQBQcMOwwIVUxlE1sRZUNTP0YeRBUXWlAMbk0ABUFeQRZMV1VYAhMVQwEMCAwUZlhWVQQTA0MOCgMLElRaXVRDHRsTDQwJPBVNVE1EEhMDQw4KEgZEREg%3D
204 No Content 0 B URL HTTP/1.1 bam.nr-data.net/ins/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3657&ck=1&ref=https://chaturbate.com/embed/bitter_moon/&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEIAgACBARcA1pUBlZWWxh4Yy8TFUMhJTshCU0XAwhTHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlMIRU0EEDwJDAlXGhsdQ0ZVPgoMFxdEAxdaWQBFTBMAAhAGSFpaVBNNE0oIFgY7CgIbDwgdQ0JQFQc8AAwLWFxXE1sTWgkDFxERBFhBXB8CXlRDTkEWBhdMUEpFPllWEhZBXkEFUVRNRBNTWBUHTQcMCxsZG1MTXk4SBxE7CgIbDxsCUgRdAFoBVU5eWAQJHFVVC1JPAgYFABRUCVdYBFtVVFBTB14bGRtDBFdcEwcRRllEUUFNQRILFk4VFBNNFFxRXlgHQhcCDQ5LQUobR1xAFFRKFT0OARcOVlEbC0N2fDVAT0YTH01dVl8%2BR1wTEQoLDUQDFwofVhMVQxcCOwcDT1xaVD5XWAwLDx1BXBt6TVkEQxtNQBYFPAJcQ1BSBG5NGBIGRllEXVBKWhVeSUNOQRECOVZGZlcAXFANG0FeQTFQW11eFkIbTUAWBTwJSmpPVBNCUA4MQV5BVwkXFRMUUGYDEAwTEANLal9QDFhVGEBZRiUPS1BfXhkTFUMXAjsBFFZCSlQTbk8EEBANDAgbDxsAUQQXUUBPRhYHZkZNQwhfXkNYQSkMHFBZVVBOBBdRQkszCghdWk5CQX9tQVNTSlNdGWJQX1cFAkEaVVBYRktDAwBRBBdRS0MjBgVSWhYDUQAJUVNTVUMgUEdcVw5JFlBSVkpTRBUXXlgVbloODw4NF0QDF1wFUgIIVlVUVwVUWxcVExFQSwAPEEZZREJpG1sOWFc%2BDRUBEQpYTGUTWxFlQ1M/Rk9GZRdNXhRDZUNYQzhBUFYFW21DHRk9QAAFDhZYXF5fPRMDQT5BPSEMD15lE00RZUMGChcCBFVQZkIORFcFPkFeQzobBGUTTRFlQw8MBgoKXGdcVQhDXAIWP0ZZRmUXWEQVXmVDTkM4QQNUV1xVPkdQBQcMOwwIVUxlE1sRZUNTP0YeRBUXWlAMbk0ABUFeQRZMV1VYAhMVQwEMCAwUZlhWVQQTA0MOCgMLElRaXVRDHRsTDQwJPBVNVE1EEhMDQw4KEgZEREg%3D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ins/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3657&ck=1&ref=https://chaturbate.com/embed/bitter_moon/&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEIAgACBARcA1pUBlZWWxh4Yy8TFUMhJTshCU0XAwhTHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlMIRU0EEDwJDAlXGhsdQ0ZVPgoMFxdEAxdaWQBFTBMAAhAGSFpaVBNNE0oIFgY7CgIbDwgdQ0JQFQc8AAwLWFxXE1sTWgkDFxERBFhBXB8CXlRDTkEWBhdMUEpFPllWEhZBXkEFUVRNRBNTWBUHTQcMCxsZG1MTXk4SBxE7CgIbDxsCUgRdAFoBVU5eWAQJHFVVC1JPAgYFABRUCVdYBFtVVFBTB14bGRtDBFdcEwcRRllEUUFNQRILFk4VFBNNFFxRXlgHQhcCDQ5LQUobR1xAFFRKFT0OARcOVlEbC0N2fDVAT0YTH01dVl8%2BR1wTEQoLDUQDFwofVhMVQxcCOwcDT1xaVD5XWAwLDx1BXBt6TVkEQxtNQBYFPAJcQ1BSBG5NGBIGRllEXVBKWhVeSUNOQRECOVZGZlcAXFANG0FeQTFQW11eFkIbTUAWBTwJSmpPVBNCUA4MQV5BVwkXFRMUUGYDEAwTEANLal9QDFhVGEBZRiUPS1BfXhkTFUMXAjsBFFZCSlQTbk8EEBANDAgbDxsAUQQXUUBPRhYHZkZNQwhfXkNYQSkMHFBZVVBOBBdRQkszCghdWk5CQX9tQVNTSlNdGWJQX1cFAkEaVVBYRktDAwBRBBdRS0MjBgVSWhYDUQAJUVNTVUMgUEdcVw5JFlBSVkpTRBUXXlgVbloODw4NF0QDF1wFUgIIVlVUVwVUWxcVExFQSwAPEEZZREJpG1sOWFc%2BDRUBEQpYTGUTWxFlQ1M/Rk9GZRdNXhRDZUNYQzhBUFYFW21DHRk9QAAFDhZYXF5fPRMDQT5BPSEMD15lE00RZUMGChcCBFVQZkIORFcFPkFeQzobBGUTTRFlQw8MBgoKXGdcVQhDXAIWP0ZZRmUXWEQVXmVDTkM4QQNUV1xVPkdQBQcMOwwIVUxlE1sRZUNTP0YeRBUXWlAMbk0ABUFeQRZMV1VYAhMVQwEMCAwUZlhWVQQTA0MOCgMLElRaXVRDHRsTDQwJPBVNVE1EEhMDQw4KEgZEREg%3D HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 3169
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 29 Nov 2022 01:30:26 GMT
Connection: keep-alive
CF-Ray: 771793f798b4b517-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3664&ck=1&ref=https://chaturbate.com/embed/bitter_moon/
200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3664&ck=1&ref=https://chaturbate.com/embed/bitter_moon/
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=3664&ck=1&ref=https://chaturbate.com/embed/bitter_moon/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 3030
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:30:26 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 771793f7ad50b4fa-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
cbjpeg.stream.highwebmedia.com/stream?room=bitter_moon&f=0.16248163836518525
200 OK 25 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=bitter_moon&f=0.16248163836518525
IP
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash de6754a38515950a5d2ca68ae5cface5
ef370e1db45928d2bb1bd6db87c5233e7d862c20
5850f60201b0a0a55587517ab0d937130eece26419f1fe5305280fdc54aa2b2c
GET /stream?room=bitter_moon&f=0.16248163836518525 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=F4.uI2PBQf2HBWSk2ZTYha25_.y4AJuISWRRKUvHido-1669685423361-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:30:26 GMT
content-type: image/jpeg
content-length: 25049
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
www.redgifs.com/watch/criminalenlightenedpupfish
200 OK 0 B URL HTTP/2 www.redgifs.com/watch/criminalenlightenedpupfish
IP
GET /watch/criminalenlightenedpupfish HTTP/1.1
Host: www.redgifs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:19 GMT
content-type: text/html; charset=utf-8
expires: Tue, 29 Nov 2022 01:40:19 GMT
cache-control: max-age=600
last-modified: Tue, 29 Nov 2022 01:30:19 GMT
cf-cache-status: MISS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771793cc8d7bb4ed-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
chaturbate.com/in/?track=embed&tour=6o0b&campaign=YBj6k&disable_sound=1&mobileRedirect=auto&embed_video_only=1
302 Found 0 B URL HTTP/2 chaturbate.com/in/?track=embed&tour=6o0b&campaign=YBj6k&disable_sound=1&mobileRedirect=auto&embed_video_only=1
IP
GET /in/?track=embed&tour=6o0b&campaign=YBj6k&disable_sound=1&mobileRedirect=auto&embed_video_only=1 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html; charset=utf-8
location: /topembed/female/?join_overlay=1&tour=6o0b&campaign=YBj6k&disable_sound=1&mobileRedirect=auto&embed_video_only=1
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_6o0b=1; expires=Sun, 04-Dec-2022 01:30:22 GMT; Max-Age=432000; Path=/
us_6o0b=1; Path=/
affkey="eJyrVipRslJQMss3SFLSUVBKzi0AcSOdssyyQfySomwQPzU3KTUFxC8C8TJKSgqKrfT1y8vL9YpSU9Iz04r1kvNz9UEKEtPSQEqgwiARsIFGhkq1ADLmHdQ="; Domain=.chaturbate.com; expires=Thu, 29-Dec-2022 01:30:22 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Tue, 29-Nov-2022 07:30:22 GMT; Max-Age=21600; Path=/
sbr=sec:sbrc343f717-a465-46fc-aa77-671e54b8a4a2:1ozpS2:tUMsc4TQVGlcqbUtMDm1vU3dAok; Domain=.chaturbate.com; expires=Sun, 24-Aug-2025 01:30:22 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
__cf_bm=B_9AxdiGVhcACUvx0S6BhKh9WMmwEyPrtd8FXPSAHO8-1669685422-0-AfBozom8T99ZR7jxPwpZvw4SqzRJ985ZK6eDhdKwyO63Ly5qjVKKbbs3UMyszmqZW4yhrRZfO8oj4AWGPggufV8=; path=/; expires=Tue, 29-Nov-22 02:00:22 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 771793e16dfdb50f-OSL
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/jsi18n/en/djangojs.js?hash=e43317773f2b
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/jsi18n/en/djangojs.js?hash=e43317773f2b
IP
GET /jsi18n/en/djangojs.js?hash=e43317773f2b HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=3271
etag: W/"32cad827f4958bb8450fc33065ba4b42"
last-modified: Thu, 28 Apr 2022 02:42:35 GMT
x-amz-id-2: h8EdmFf/YIv4tyWE4uWkUBIubIw+eS5lEkpyqTq1JXu54+c5eyJ1CzfztwIDl7fVzq9jlqOHtY6JL/v7TcRMag==
x-amz-meta-s3cmd-attrs: md5:32cad827f4958bb8450fc33065ba4b42
x-amz-request-id: H4ZRJX35HQS79X0F
cf-cache-status: HIT
age: 12638
expires: Thu, 29 Dec 2022 01:30:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxibBkJKtPSD2%2BKpNbsEnEXaR%2BjIv%2BGPAGNzB9OV5Jq4NUpS4OJGdDYpm3sLE%2Fw9s8VhdicBFrjVqP%2F6OZOnpk%2BKp7u8OdwrZxB0M8bjpbN9zQcS%2BDrNucdqW3%2FWpYtbiAXkQZG3ZenGlzxfMp3CsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=lmCLieIiRuh0rGO0L.SOGh4YKb3KixsbIupcwCFC.JA-1669685423368-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 771793e7fa3afac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/css/output.b6d19c592c88.css
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.b6d19c592c88.css
IP
GET /CACHE/css/output.b6d19c592c88.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=83857
etag: W/"d755237c08a8c63b8df2a4027c94dfd8"
last-modified: Mon, 28 Nov 2022 17:26:57 GMT
x-amz-id-2: vQQsXxIHYR9GwKqqEYXu/TjUHF43TWkW6kEhWOMzifsXmxen27h/UzuKEthRkCaJlsLqLW2+60Y=
x-amz-meta-s3cmd-attrs: md5:d755237c08a8c63b8df2a4027c94dfd8
x-amz-request-id: F41WYDCVFJTCMYV9
cf-cache-status: HIT
age: 28853
expires: Thu, 29 Dec 2022 01:30:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5A1C9K3bH4YenPUM4DRCzlRkAnbraaVb1uAdTJllsE3qa3yMiiWnrad6zat%2FG25ae4a2S%2FDMcpyCfeYTX1bmuVgntRKxHOkpy%2Bsp77c3uiB1X8qR04m%2Fzvqeji5FKH9MljT%2BTZgITkJ%2BpEOuLYtVNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=VxirnGKehxVIN.How2LhR7oFfAx3g..eREESC.edb5U-1669685423370-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 771793e7fa3bfac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
chatw-62.stream.highwebmedia.com/ws/info?t=1669685424380
200 OK 0 B URL HTTP/2 chatw-62.stream.highwebmedia.com/ws/info?t=1669685424380
IP
GET /ws/info?t=1669685424380 HTTP/1.1
Host: chatw-62.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Cookie: _cfuvid=F4.uI2PBQf2HBWSk2ZTYha25_.y4AJuISWRRKUvHido-1669685423361-0-604800000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:25 GMT
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eu%2B5ZqPvOv1BdqmQLFr8bMxJZsVfg5l%2F%2BQcpii2iNmfYSTzw2vOO6WMg93I4pOeDYRr%2BnFS9jvRoDWe9ZczjhKo740S75zyyv%2B9o6UFU6W04KxFyWfCuFX3yrVgCoanf87kijgV6GEvMgpL0kYLYibwp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771793f32880b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/connect?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&upgrade=e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=5707888943189194
200 OK 0 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/connect?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&upgrade=e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=5707888943189194
IP
GET /comet/connect?access_token=KSKw2g.AL36ISgfsLz1t3jUPSRtzabjpa1bvyIfgrj4dyQoQdjX7Rr8DI&upgrade=e91edBo8wBIZir!zATKrX6MUWagfp6b-1a9b4&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=5707888943189194 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 29 Nov 2022 01:30:25 GMT
vary: Origin
x-ably-serverid: frontend.7c0a.4.eu-central-1-A.i-02b0ee627758e0a3b.e91edBo8wBIZir
x-content-type-options: nosniff
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: D-D5oFBR2CKDSD9uEi5Ze2OApMoYbwe2xf0YUoQHuOPH9i_EBm9b9g==
X-Firefox-Spdy: h2
api.redgifs.com/v2/auth/temporary
200 OK 0 B URL HTTP/2 api.redgifs.com/v2/auth/temporary
IP
GET /v2/auth/temporary HTTP/1.1
Host: api.redgifs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redgifs.com/
content-type: application/json
x-customheader: https://www.redgifs.com/watch/criminalenlightenedpupfish
Origin: https://www.redgifs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:19 GMT
content-type: application/json
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: no-store
access-control-expose-headers: x-service, cache-control, access-control-allow-origin, content-type
access-control-allow-origin: https://www.redgifs.com
access-control-allow-credentials: true
x-service: gifs
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771793d13fe80afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.realsrv.com/iframe.js?idzone=4341104
200 OK 0 B URL HTTP/2 a.realsrv.com/iframe.js?idzone=4341104
IP
ASN #60068 Datacamp Limited
GET /iframe.js?idzone=4341104 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341104&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: application/javascript
etag: W/"1b90307c6aef08da335064903f3"
expires: Mon, 28 Nov 2022 15:51:02 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694059
server: CDN77-Turbo
x-77-nzt: AblMCQ0Ezmz/cwgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae6085639bde3619
x-cache: HIT
x-age: 2163
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.realsrv.com/iframe.php?idzone=4341104&size=300x250
200 OK 0 B URL HTTP/2 a.realsrv.com/iframe.php?idzone=4341104&size=300x250
IP
ASN #60068 Datacamp Limited
GET /iframe.php?idzone=4341104&size=300x250 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 29 Nov 2022 03:53:57 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694059
server: CDN77-Turbo
x-77-nzt: AblMCQ1MNsf/cwgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae60856328ef920e
x-cache: HIT
x-age: 2163
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Fredoka+One&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Fredoka+One&display=swap
IP
GET /css2?family=Fredoka+One&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tour.camsoda.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 01:30:23 GMT
date: Tue, 29 Nov 2022 01:30:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.9b823bb2f723.js
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.9b823bb2f723.js
IP
GET /CACHE/js/output.9b823bb2f723.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"1360376b8f5657814f662391b765d655"
last-modified: Tue, 24 May 2022 17:14:17 GMT
x-amz-id-2: KTWJY/HCZAzfCN7zvoTtoCRDkjCDtsx43npe+RSp0Ebo2HF6WHgess4Ct9QL7Zi8XExzaRuhmCw=
x-amz-meta-s3cmd-attrs: md5:1360376b8f5657814f662391b765d655
x-amz-request-id: M1HHWCFNA8C6CV81
cf-cache-status: HIT
age: 2166996
expires: Thu, 29 Dec 2022 01:30:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwFe7R98vZOvEWnwdrPYPZmrQGXzbtYeL5HEsZh0m8puEl%2F3yeadwETY4nourR4f%2FauMIZKBANVzTdYSIVsBvyVeKku94UddJ28Y0KMLp0W23AUXZIj9jG%2F9Ozw%2BZ%2BHcgpXWSl35J9Q%2BwcD2JMM9zw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=F4.uI2PBQf2HBWSk2ZTYha25_.y4AJuISWRRKUvHido-1669685423361-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 771793e7fa33fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.21e4d7885076.js
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.21e4d7885076.js
IP
GET /CACHE/js/output.21e4d7885076.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=114830
etag: W/"b4ad9510a310ef8a83f71a5f317f091d"
last-modified: Wed, 02 Nov 2022 16:55:42 GMT
x-amz-id-2: PsN3iv65Njn7hNZwOdYd1oAvY+pAIQWUXN9tndhJWmeM1MvoPlyG8vIpgAHr+IS5kjdZ1+l3zUY=
x-amz-meta-s3cmd-attrs: md5:b4ad9510a310ef8a83f71a5f317f091d
x-amz-request-id: QXPZJGZRTB4AE79K
cf-cache-status: HIT
age: 2277131
expires: Thu, 29 Dec 2022 01:30:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5BNUU00IEsWdN1%2BoYDFVVmPegnBexzv3X1CiotYzu%2FZY2ho%2Bl38T1dsy6rteUrnR0mYWAm74KE2Lz2rW%2FtQGIr0RHljq3KBB2zHxMo59kgv8CmyFQ9kipsvWc%2B4zu1luGOHkzKi2MXsFD9PX0Npow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=lmCLieIiRuh0rGO0L.SOGh4YKb3KixsbIupcwCFC.JA-1669685423368-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 771793e7fa3cfac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.bestcontentfood.top/warp/4789805?r=76560
200 OK 0 B URL HTTP/2 a.bestcontentfood.top/warp/4789805?r=76560
IP
Analyzer Verdict Alert fortinet Phishing
GET /warp/4789805?r=76560 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvVgEj3TCXeY98QXVn0XrYCOdtP7T3zkip1zPiNlbFE4EKqWfHCIirdog6eqftHxRetmz1lBKNjgd2RDeuG5NhLC75CzMNaie7yRr36m5yR42%2FJA2SceYPDaDvV3mQQFI3idayAAT6c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771793e1aaec746c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.realsrv.com/iframe.php?idzone=4341114&size=300x250
200 OK 0 B URL HTTP/2 a.realsrv.com/iframe.php?idzone=4341114&size=300x250
IP
ASN #60068 Datacamp Limited
GET /iframe.php?idzone=4341114&size=300x250 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 29 Nov 2022 03:52:07 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694016
server: CDN77-Turbo
x-77-nzt: AblMCQ1+65H/nggAAA
x-77-nzt-ray: c0a4cc281fcdb472ae608563b3a3450e
x-cache: HIT
x-age: 2206
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.realsrv.com/iframe.php?idzone=4341116&size=300x250
200 OK 0 B URL HTTP/2 a.realsrv.com/iframe.php?idzone=4341116&size=300x250
IP
ASN #60068 Datacamp Limited
GET /iframe.php?idzone=4341116&size=300x250 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 29 Nov 2022 03:52:04 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669693970
server: CDN77-Turbo
x-77-nzt: AblMCQ3zkID/zAgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae6085630ac5490e
x-cache: HIT
x-age: 2252
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.90a7a6687776.js
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.90a7a6687776.js
IP
GET /CACHE/js/output.90a7a6687776.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"eba6018c1d2ab593c234e5750506e38a"
last-modified: Mon, 17 Oct 2022 21:37:31 GMT
x-amz-id-2: MuRi9INFlyZ8s0MfpOqtyosRRye3EDr/cdpWTRrQUKKo6PNFSGfohJwm10zs48bLswjVhUc8b0Z/eZ9oVm3U4Q==
x-amz-meta-s3cmd-attrs: md5:eba6018c1d2ab593c234e5750506e38a
x-amz-request-id: VR1ABN9AAN3FB4KK
cf-cache-status: HIT
age: 1050624
expires: Thu, 29 Dec 2022 01:30:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WW3MOBdd7lEqYHO02XDbKXIWFimmchHL6cq3T%2FxpTctSPuYfKxrGR5zRYjwmbEbSl1BdiiPT2GNUcawNXHX%2BdCe5O3W%2Bsy%2FWt%2F2mEQToWq6kiT02gpTZiNhiJfEeDdtqenYHmE7CpgPxzg2%2BJGprZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=oDJjLrs109A5bF1mj49GFfGBnkxYPfe_H93aH2Vujiw-1669685423360-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 771793e7fa36fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.medfoodsafety.com/loader?a=4789803&v=2&t=1&s=4779152&p=11473&if=false&url=https%3A%2F%2Fwww.redgifs.com%2Fwatch%2Fcriminalenlightenedpupfish&title=Big%20Tits%20Bra%20Hotwife%20Porn%20GIF%20by%20marcipan%20%7C%20RedGIFs
200 OK 0 B URL HTTP/2 a.medfoodsafety.com/loader?a=4789803&v=2&t=1&s=4779152&p=11473&if=false&url=https%3A%2F%2Fwww.redgifs.com%2Fwatch%2Fcriminalenlightenedpupfish&title=Big%20Tits%20Bra%20Hotwife%20Porn%20GIF%20by%20marcipan%20%7C%20RedGIFs
IP
GET /loader?a=4789803&v=2&t=1&s=4779152&p=11473&if=false&url=https%3A%2F%2Fwww.redgifs.com%2Fwatch%2Fcriminalenlightenedpupfish&title=Big%20Tits%20Bra%20Hotwife%20Porn%20GIF%20by%20marcipan%20%7C%20RedGIFs HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmShmVa7XTtm92gGZwrb2HSxf9%2Fx8TyBKOh9WCm2Yol1KRkcWj0pIAzLQzQ820m%2BC828Al8hhtb1pzMmtWYUVV7MvIGslUplv36ZLGWN%2FCbeRiSb%2FhzCQnGNywAebYu9BA7YZuda"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771793e3593d7744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.97a5db11ca63.js
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.97a5db11ca63.js
IP
GET /CACHE/js/output.97a5db11ca63.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=827275
etag: W/"692ec922d2a39b4037073f70286968b3"
last-modified: Fri, 13 May 2022 09:09:46 GMT
x-amz-id-2: VZ8ol5gj9DR4cR1Ys+gd3EdgeEH8vduV/GWCX0hMYtqbtTyLc8wtgelbUHUwXR/km7ekid2PJdA=
x-amz-meta-s3cmd-attrs: md5:692ec922d2a39b4037073f70286968b3
x-amz-request-id: WKBNH94P832M1DR9
cf-cache-status: HIT
age: 1699902
expires: Thu, 29 Dec 2022 01:30:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEFn1IOGx0bv2iEF5AyeLZsu%2F%2F9OankFvFPda19LHNaVWbCMklMt3H7M0QwirLjGKCPW2HItoRjNqGmOLuibUhacN%2BD%2Fs7jFXaCF1VV9vUiNM8dE38v3AoOJlH6Odw9POl3lbp2QyU5SzeqOwAvmyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=F4.uI2PBQf2HBWSk2ZTYha25_.y4AJuISWRRKUvHido-1669685423361-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 771793e7fa35fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.redgifs.com/v2/gifs/criminalenlightenedpupfish?views=yes&users=yes
200 OK 0 B URL HTTP/2 api.redgifs.com/v2/gifs/criminalenlightenedpupfish?views=yes&users=yes
IP
GET /v2/gifs/criminalenlightenedpupfish?views=yes&users=yes HTTP/1.1
Host: api.redgifs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redgifs.com/
authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL3d3dy5yZWRnaWZzLmNvbS8iLCJpYXQiOjE2Njk2ODU0MTksImV4cCI6MTY2OTc3MTgxOSwic3ViIjoiY2xpZW50LzE4MjNjMzFmN2QzLTc0NWEtNjU4OS0wMDA1LWQ4ZThmZTBhNDRjMiIsInNjb3BlcyI6InJlYWQiLCJ2YWxpZF9hZGRyIjoiOTEuOTAuNDIuMTU0IiwidmFsaWRfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCJ9.ARU_AZlDBiWfMCAgf_n2ZxG4dUagD9AFRU13K0VXWfruwA9CNNuZTdwyFhFTeUVYadsEPQWZxO5g9NAlcrH9tpzJ_iRvNbARbGnHhLFYniHkuRFg3SdjW0xPa2GSkeH1f7ygKROqYoSzZ5Pvs-Se3tizVaTdfLxOxDG8YXJ58ti1atpw5rj7tF7X8AoxcfyqvRpL8F-kP7dMLZPAI4Tw4pSZ717tej65NLdxYCkqDIA10-Uy8jDQZgA0VB4IQPXAh1oqI5XoXemnlsMNyWJlAQwQxLNysb-MtWSjNw3uZ991HU63AGFJo1xCwk1flLusoUbwo8T36UK1KpMD0W4BTQ
content-type: application/json
x-customheader: https://www.redgifs.com/watch/criminalenlightenedpupfish
Origin: https://www.redgifs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:20 GMT
content-type: application/json
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: no-store
access-control-allow-credentials: true
access-control-expose-headers: cf-ipcountry, origin, cf-visitor, sec-fetch-site, cdn-loop, x-forwarded-port, host, x-forwarded-proto, sec-fetch-dest, cf-ray, sec-fetch-mode, authorization, connection, referer, x-amzn-trace-id, x-forwarded-for, content-type, user-agent, x-customheader, accept-encoding, accept, cf-connecting-ip, accept-language
access-control-allow-origin: https://www.redgifs.com
x-service: gifs
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771793d308660afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/823442/794fe4db09942bbcd0f811a3af04fef96264fc5e.mp4
206 Partial Content 0 B URL HTTP/2 s3t3d2y8.afcdn.net/library/823442/794fe4db09942bbcd0f811a3af04fef96264fc5e.mp4
IP
ASN #60068 Datacamp Limited
GET /library/823442/794fe4db09942bbcd0f811a3af04fef96264fc5e.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: video/mp4
content-length: 288663
last-modified: Fri, 18 Nov 2022 09:40:10 GMT
etag: "637752fa-46797"
expires: Sat, 18 Nov 2023 09:59:48 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1700649253
server: CDN77-Turbo
x-77-nzt: AblMCQ29EYT/CrsIAA
x-77-nzt-ray: c0a4cc288dd44876af608563271ddb05
x-cache: HIT
x-age: 572170
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-288662/288663
X-Firefox-Spdy: h2
www.cwchmb.com/im_jerky?vlmi=1&vlm=1&vlmd=v.vfgte.com&vlmcid=d35e5c47-8e8d-4bcf-86e8-b285e231bf95&subID1=VGIL_999528998_REDG_CHHD_ALL&source=TS507-999528998&affiliateID=108124&Location_Alias=CHHD&livefeed={performerName}&providers=streamate&genders=f%2Cff&skin=1&canHide=1&containerAlignment=center&cols=4&rows=1&number=4&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=fdecb600-9bd9-11ec-b9c9-0fb5c35adf26&isLive=1
200 OK 0 B URL HTTP/2 www.cwchmb.com/im_jerky?vlmi=1&vlm=1&vlmd=v.vfgte.com&vlmcid=d35e5c47-8e8d-4bcf-86e8-b285e231bf95&subID1=VGIL_999528998_REDG_CHHD_ALL&source=TS507-999528998&affiliateID=108124&Location_Alias=CHHD&livefeed={performerName}&providers=streamate&genders=f%2Cff&skin=1&canHide=1&containerAlignment=center&cols=4&rows=1&number=4&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=fdecb600-9bd9-11ec-b9c9-0fb5c35adf26&isLive=1
IP
GET /im_jerky?vlmi=1&vlm=1&vlmd=v.vfgte.com&vlmcid=d35e5c47-8e8d-4bcf-86e8-b285e231bf95&subID1=VGIL_999528998_REDG_CHHD_ALL&source=TS507-999528998&affiliateID=108124&Location_Alias=CHHD&livefeed={performerName}&providers=streamate&genders=f%2Cff&skin=1&canHide=1&containerAlignment=center&cols=4&rows=1&number=4&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=fdecb600-9bd9-11ec-b9c9-0fb5c35adf26&isLive=1 HTTP/1.1
Host: www.cwchmb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.10
date: Tue, 29 Nov 2022 01:30:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, elastic-apm-traceparent
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-apm-trace-id: 00-643b6a00037ed44ac0fbba91d60b5a46-b079789466d99d77-01
content-encoding: gzip
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.bc85e791cb2f.js
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.bc85e791cb2f.js
IP
GET /CACHE/js/output.bc85e791cb2f.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=202270
etag: W/"7d90e856406997eee24123ea8a61c92d"
last-modified: Fri, 10 Sep 2021 01:29:44 GMT
x-amz-id-2: HJqgrzmpP8NIgQA+YW8wx4YmDeOFkE860/zZrYgEfEOOhSRenFjn4mxx7ChaQYvyWjZAxImMIY8=
x-amz-meta-s3cmd-attrs: md5:7d90e856406997eee24123ea8a61c92d
x-amz-request-id: EVKN10SQAKNB8VZG
cf-cache-status: HIT
age: 2166997
expires: Thu, 29 Dec 2022 01:30:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dea4eUlO9M5rlQr0%2FBCGCYPCupjbxS%2BcElxWjNWshfTSDjMZnZRgnZOllbrQap3BAzM8owrev8iwyF3ZeuozbDKOM%2BdagzxlbxlDlvUBv1whROV5uyNxB7lQ%2BTNLj2%2FsYKAXBY1S4r1VdN3M2XLQoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=oDJjLrs109A5bF1mj49GFfGBnkxYPfe_H93aH2Vujiw-1669685423360-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 771793e7fa38fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.realsrv.com/iframe.php?idzone=4341106&size=300x250
200 OK 0 B URL HTTP/2 a.realsrv.com/iframe.php?idzone=4341106&size=300x250
IP
ASN #60068 Datacamp Limited
GET /iframe.php?idzone=4341106&size=300x250 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 29 Nov 2022 00:55:15 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694058
server: CDN77-Turbo
x-77-nzt: AblMCQ3RqPz/dAgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae60856387c1ad0e
x-cache: HIT
x-age: 2164
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.caee332d326d.js
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.caee332d326d.js
IP
GET /CACHE/js/output.caee332d326d.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"b61e15511bf0db70d0d422e98c465403"
last-modified: Thu, 24 Jun 2021 21:24:08 GMT
x-amz-id-2: gAJe87IyJM0OkbaBgua73HTcoEANURYYk4wpsNNClr414DBIRL/v+K+9hxRFHrgcwnw38qlmXmM=
x-amz-meta-s3cmd-attrs: md5:b61e15511bf0db70d0d422e98c465403
x-amz-request-id: 2D5TZ021KE4200HB
cf-cache-status: HIT
age: 1051380
expires: Thu, 29 Dec 2022 01:30:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7vKnVFiwNayCJ9i5qOl%2BwmbYP90SsOKA5F0pF5kyJlhQpy6a%2B4m1utveemLyMvhhKntkOORgwh8WV32C7Ka%2BgzG7f0%2BG1%2FilF52eg3AMAuDAf7%2Buc6Mrh6ewBTwOZyUE9T9Z5kJv7uYY8MxvVppNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=lmCLieIiRuh0rGO0L.SOGh4YKb3KixsbIupcwCFC.JA-1669685423368-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 771793e80a3dfac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.cwchmb.com/cams_widget_css.css?skin=0&verticalSpace=10px&horizontalSpace=10px&infoTopLeftContent=-&infoTopRightContent=-&infoBottomLeftContent=-&infoBottomRightContent=-&infoWritePos=after&infoPos=inside&infoBackgroundColor=rgba(0,%200,%200,%20.6)&infoTextColor=%23fff&infoHeight=1.2em&infoTopWritePos=after&infoTopPos=inside&infoTopBackgroundColor=rgba(0,%200,%200,%20.6)&infoTopTextColor=%23fff&infoTopHeight=1.2em&infoTopLineHeight=1.2em&infoBottomWritePos=after&infoBottomPos=inside&infoBottomBackgroundColor=rgba(0,%200,%200,%20.6)&infoBottomTextColor=%23fff&infoBottomHeight=1.2em&infoBottomLineHeight=1.2em&fontFamily=sans-serif&fontFamilyQuery=&fontSize=12px&showOnline=false&background=none&ratio=-1&targetResponsiveWidth=200&thumbsWidth=&thumbsHeight=&containerAlignment=&iframeWidth=&iframeHeight=&cardsBorderTop=0px&cardsBorderLeft=0px&cardsBorderRight=0px&cardsBorderBottom=0px&cardsBorderRadius=0px&cardsBorderColor=rgba(0,%200,%200,%200)&thumbsBorderTop=0px&thumbsBorderLeft=0px&thumbsBorderRight=0px&thumbsBorderBottom=0px&thumbsBorderRadius=0px&thumbsBorderColor=rgba(0,%200,%200,%200)&CTAContent=&CTABottom=&CTABackground=&CTAColor=&CTABackgroundHover=&CTAColorHover=&CTABorderRadius=&CTAWidth=&CTAHeight=&CTAFontSize=&CTAFontWeight=&genderStyle=long&bubblePos=0.75&desktopsz=60&tabletsz=60&mobilesz=60&desktopy=-1&tablety=0.75&mobiley=0.75&canHide=false&msg1=Hey%20there!&msg2=I%27m%20live%20now!%20Join%20my%20room%20if%20you%20want%20to%20talk%20with%20me&genderColor=%23fff&useFeed=true&animateFeed=true&smoothAnimation=true&animationSpeed=500&colorFilter=false&colorFilterStrength=0.1&providers=&refererFile=0%2Fhtml.ejs&muted=1&vlm=false&vlmi=false&vlmd=v.vfgta.com&vlmcid=&isLive=true&fileID=undefined&url=http%3A%2F%2Fwww.cwchmb.com&pid=streamate_107226752&autoReloadChaturbate=false&cols=1&rows=1&number=1&categories=%5B%5D&genders=f&generator=camswidget&token=fdecb600-9bd9-11ec-b9c9-0fb5c35adf26&referer=www.redgifs.com&aff_sub2=PUB_unspecified%3BBLOC_CamsWidget
200 OK 0 B URL HTTP/2 www.cwchmb.com/cams_widget_css.css?skin=0&verticalSpace=10px&horizontalSpace=10px&infoTopLeftContent=-&infoTopRightContent=-&infoBottomLeftContent=-&infoBottomRightContent=-&infoWritePos=after&infoPos=inside&infoBackgroundColor=rgba(0,%200,%200,%20.6)&infoTextColor=%23fff&infoHeight=1.2em&infoTopWritePos=after&infoTopPos=inside&infoTopBackgroundColor=rgba(0,%200,%200,%20.6)&infoTopTextColor=%23fff&infoTopHeight=1.2em&infoTopLineHeight=1.2em&infoBottomWritePos=after&infoBottomPos=inside&infoBottomBackgroundColor=rgba(0,%200,%200,%20.6)&infoBottomTextColor=%23fff&infoBottomHeight=1.2em&infoBottomLineHeight=1.2em&fontFamily=sans-serif&fontFamilyQuery=&fontSize=12px&showOnline=false&background=none&ratio=-1&targetResponsiveWidth=200&thumbsWidth=&thumbsHeight=&containerAlignment=&iframeWidth=&iframeHeight=&cardsBorderTop=0px&cardsBorderLeft=0px&cardsBorderRight=0px&cardsBorderBottom=0px&cardsBorderRadius=0px&cardsBorderColor=rgba(0,%200,%200,%200)&thumbsBorderTop=0px&thumbsBorderLeft=0px&thumbsBorderRight=0px&thumbsBorderBottom=0px&thumbsBorderRadius=0px&thumbsBorderColor=rgba(0,%200,%200,%200)&CTAContent=&CTABottom=&CTABackground=&CTAColor=&CTABackgroundHover=&CTAColorHover=&CTABorderRadius=&CTAWidth=&CTAHeight=&CTAFontSize=&CTAFontWeight=&genderStyle=long&bubblePos=0.75&desktopsz=60&tabletsz=60&mobilesz=60&desktopy=-1&tablety=0.75&mobiley=0.75&canHide=false&msg1=Hey%20there!&msg2=I%27m%20live%20now!%20Join%20my%20room%20if%20you%20want%20to%20talk%20with%20me&genderColor=%23fff&useFeed=true&animateFeed=true&smoothAnimation=true&animationSpeed=500&colorFilter=false&colorFilterStrength=0.1&providers=&refererFile=0%2Fhtml.ejs&muted=1&vlm=false&vlmi=false&vlmd=v.vfgta.com&vlmcid=&isLive=true&fileID=undefined&url=http%3A%2F%2Fwww.cwchmb.com&pid=streamate_107226752&autoReloadChaturbate=false&cols=1&rows=1&number=1&categories=%5B%5D&genders=f&generator=camswidget&token=fdecb600-9bd9-11ec-b9c9-0fb5c35adf26&referer=www.redgifs.com&aff_sub2=PUB_unspecified%3BBLOC_CamsWidget
IP
GET /cams_widget_css.css?skin=0&verticalSpace=10px&horizontalSpace=10px&infoTopLeftContent=-&infoTopRightContent=-&infoBottomLeftContent=-&infoBottomRightContent=-&infoWritePos=after&infoPos=inside&infoBackgroundColor=rgba(0,%200,%200,%20.6)&infoTextColor=%23fff&infoHeight=1.2em&infoTopWritePos=after&infoTopPos=inside&infoTopBackgroundColor=rgba(0,%200,%200,%20.6)&infoTopTextColor=%23fff&infoTopHeight=1.2em&infoTopLineHeight=1.2em&infoBottomWritePos=after&infoBottomPos=inside&infoBottomBackgroundColor=rgba(0,%200,%200,%20.6)&infoBottomTextColor=%23fff&infoBottomHeight=1.2em&infoBottomLineHeight=1.2em&fontFamily=sans-serif&fontFamilyQuery=&fontSize=12px&showOnline=false&background=none&ratio=-1&targetResponsiveWidth=200&thumbsWidth=&thumbsHeight=&containerAlignment=&iframeWidth=&iframeHeight=&cardsBorderTop=0px&cardsBorderLeft=0px&cardsBorderRight=0px&cardsBorderBottom=0px&cardsBorderRadius=0px&cardsBorderColor=rgba(0,%200,%200,%200)&thumbsBorderTop=0px&thumbsBorderLeft=0px&thumbsBorderRight=0px&thumbsBorderBottom=0px&thumbsBorderRadius=0px&thumbsBorderColor=rgba(0,%200,%200,%200)&CTAContent=&CTABottom=&CTABackground=&CTAColor=&CTABackgroundHover=&CTAColorHover=&CTABorderRadius=&CTAWidth=&CTAHeight=&CTAFontSize=&CTAFontWeight=&genderStyle=long&bubblePos=0.75&desktopsz=60&tabletsz=60&mobilesz=60&desktopy=-1&tablety=0.75&mobiley=0.75&canHide=false&msg1=Hey%20there!&msg2=I%27m%20live%20now!%20Join%20my%20room%20if%20you%20want%20to%20talk%20with%20me&genderColor=%23fff&useFeed=true&animateFeed=true&smoothAnimation=true&animationSpeed=500&colorFilter=false&colorFilterStrength=0.1&providers=&refererFile=0%2Fhtml.ejs&muted=1&vlm=false&vlmi=false&vlmd=v.vfgta.com&vlmcid=&isLive=true&fileID=undefined&url=http%3A%2F%2Fwww.cwchmb.com&pid=streamate_107226752&autoReloadChaturbate=false&cols=1&rows=1&number=1&categories=%5B%5D&genders=f&generator=camswidget&token=fdecb600-9bd9-11ec-b9c9-0fb5c35adf26&referer=www.redgifs.com&aff_sub2=PUB_unspecified%3BBLOC_CamsWidget HTTP/1.1
Host: www.cwchmb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cwchmb.com/?pid=streamate_107226752&token=fdecb600-9bd9-11ec-b9c9-0fb5c35adf26&sound=off
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.10
date: Tue, 29 Nov 2022 01:30:20 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, elastic-apm-traceparent
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-apm-trace-id: 00-9c0979934bf06d68c47006482ec22e38-ee458ec170d1e40f-00
content-encoding: gzip
X-Firefox-Spdy: h2
a.realsrv.com/iframe.php?idzone=4341120&size=300x250
200 OK 0 B URL HTTP/2 a.realsrv.com/iframe.php?idzone=4341120&size=300x250
IP
ASN #60068 Datacamp Limited
GET /iframe.php?idzone=4341120&size=300x250 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 29 Nov 2022 03:51:56 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669693970
server: CDN77-Turbo
x-77-nzt: AblMCQ1ZuaX/zAgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae6085634de7520e
x-cache: HIT
x-age: 2252
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.realsrv.com/iframe.js?idzone=4341116
200 OK 0 B URL HTTP/2 a.realsrv.com/iframe.js?idzone=4341116
IP
ASN #60068 Datacamp Limited
GET /iframe.js?idzone=4341116 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341116&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: application/javascript
etag: W/"1121989a590740f8a8d5efb756e"
expires: Mon, 28 Nov 2022 15:50:41 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669693970
server: CDN77-Turbo
x-77-nzt: AblMCQ3Y/cz/zAgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae608563c30a8612
x-cache: HIT
x-age: 2252
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.realsrv.com/iframe.php?idzone=4341076&size=300x250
200 OK 0 B URL HTTP/2 a.realsrv.com/iframe.php?idzone=4341076&size=300x250
IP
ASN #60068 Datacamp Limited
GET /iframe.php?idzone=4341076&size=300x250 HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:22 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 29 Nov 2022 03:51:59 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669693970
server: CDN77-Turbo
x-77-nzt: AblMCQ3DurP/zAgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae6085634b0ca80e
x-cache: HIT
x-age: 2252
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/css/output.7b655e24a2cc.css
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.7b655e24a2cc.css
IP
GET /CACHE/css/output.7b655e24a2cc.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=213749
etag: W/"4298472bde8bd8c68d1f658ec91c6921"
last-modified: Mon, 28 Nov 2022 21:57:16 GMT
x-amz-id-2: gBxTip9ZH892FrZs2qvYU9dW1b4xnrOfoXULfoGlS5J0ixrur3keuL2lw+oGRiLQbX8jLJnPIZU=
x-amz-meta-s3cmd-attrs: md5:4298472bde8bd8c68d1f658ec91c6921
x-amz-request-id: YDQAEEY66MVSE6RK
cf-cache-status: HIT
age: 12634
expires: Thu, 29 Dec 2022 01:30:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWjvOJVyXxa1eOoJ1wgiBw17GpaP%2B6azoqhdT%2Bu7553NWc%2FGIJq3y0jsrmFKtGG4pYGsENHymw7JYqkCIMe8K30S5qmEmcZBgrNDubSeRnPFKZv9Ztym0anhEeG0NajRGqbo80f%2BxmRuB9c9VPx3mA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=I6kehaGP7ztzLTT7cHVJN5ui7ufIcD6MjzYf7RkS.MQ-1669685423359-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 771793e7ea32fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.e1067846ea15.js
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.e1067846ea15.js
IP
GET /CACHE/js/output.e1067846ea15.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:30:23 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=108152
etag: W/"97a23c5e27826ee4bed1dbcfe0601da8"
last-modified: Thu, 24 Jun 2021 21:24:09 GMT
x-amz-id-2: gJdq637yDaGW5b/k/xLZcaVgKR2zPrz11wa1iwf3/kEEAF2JWIngCVC4T9LIrDSnBaklrTBcytM=
x-amz-meta-s3cmd-attrs: md5:97a23c5e27826ee4bed1dbcfe0601da8
x-amz-request-id: C8A0N4S7KE12CYZQ
cf-cache-status: HIT
age: 1051374
expires: Thu, 29 Dec 2022 01:30:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJM2V1zJ76EJDUSvtV6k8N%2FrfPxM7YE4exa5MKhXkwkbNvd%2BS%2Bj%2BCTsssa2%2F0o%2FPmQxMMaE%2FIQ2Wm%2BsHI4upiFmM%2Fuyf%2FaQfwF0ZtbZXFWvcnBASieYwijS6ivy4ZD8OXMbaGLEDPbXPVzgULlQkiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=oDJjLrs109A5bF1mj49GFfGBnkxYPfe_H93aH2Vujiw-1669685423360-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 771793e7fa34fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
184.154.206.203
23.36.77.32
192.99.16.68
217.22.19.195
104.19.242.83
185.76.9.14
18.193.146.82
93.184.220.29