xfantazy.com/video/60f75bbeed696b7119a7fac5
104.26.1.188302 Found 0 B URL HTTP/1.1 xfantazy.com/video/60f75bbeed696b7119a7fac5
IP 104.26.1.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/60f75bbeed696b7119a7fac5 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 21 Sep 2022 08:30:55 GMT
Content-Length: 0
Connection: keep-alive
location: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
cache-control: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwsoGY5pC3FoUDDMEul8xI8U6AVu1q9e1tKg876FWA8UTUVgcHXk1e%2Fj7ETAwADPSeA0q%2Bamaqb55qhfpthQa8nclwgbo3vVuHTe0xIgdWJ4xDjvcucuTCNX67KjNA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74e1710f481bb4f9-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 08:13:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: unOHmBNZcliTZbh8d2DBlA4eZBlbhdqB92TH2bO9fGxpleGizMdX7g==
Age: 1043
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BuMD7Zs9ra6GMoO23y_8EwEMUYe448l5-FyTt_-EPw8j7gqiWNCdvw==
age: 14143
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2491
Expires: Wed, 21 Sep 2022 09:12:27 GMT
Date: Wed, 21 Sep 2022 08:30:56 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 08:30:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 08:03:22 GMT
Expires: Wed, 21 Sep 2022 08:40:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CnuiIivMsmY5dSFiAOhW0K_PCZKs6s22CERUUiJAglsRq_aI8IlmQA==
Age: 1654
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4459
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:30:56 GMT
Last-Modified: Wed, 21 Sep 2022 07:16:37 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.242.32.27101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.32.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OGieqxkfL98SSImZu5B2eg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EOCcsAoNQjNYgMrDDGos76/cb3U=
xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js
104.26.1.188200 OK 26 kB URL HTTP/2 xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5ee34dfc8ca6562aba6c777998ca6209
4414b599b52d4b0d7e87d653108bc8fce8fc4d34
24eac932ff38261056e7f0856e3bb38457ee0e7c6bc10841b5ee431a14645718
GET /_next/static/runtime/main-8daa673a54696bb62abb.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cf-bgj: minify
cache-control: public, max-age=31536000, immutable
etag: W/"11cd7-179fb717a09"
last-modified: Fri, 11 Jun 2021 14:19:48 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 30206125
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLH36d6EQ%2F2klEd7%2FP0B1R3xrRt0d1ivEH2Xxh9XBa8tbDjgX%2FL6DgC5EzfyQXjs50yz4Kt%2BBdT2OCp7ThHpolT8my6s12Ce%2FyuAe%2FItpxfyv1ugGyYwAwxydIc7tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1711dbe810b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16956
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 08:30:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16956
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 08:30:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:25:17 GMT
age: 36341
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e3MMA-NVstIsR7M9_JGH05i1e8pK17RsjyERrSMlC3uoHsWw_7ABtA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 19:18:32 GMT
age: 47546
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29be3958-30ed-4b26-8320-662d71b90880.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29be3958-30ed-4b26-8320-662d71b90880.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34c353f713d6d470480fdeeb5175a123
f073fc7f24465b76b3681c462c60cd047ed67a6a
0449daa32ab4ec32fa999551cc9ab634c46e15891299162cbb4bbaad6ffa4753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29be3958-30ed-4b26-8320-662d71b90880.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7700
x-amzn-requestid: 70bc75e2-b2ac-46b1-872d-1527bddf7726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCkEHMCoAMFsGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e19-7da4b1595f325bc864d1cc27;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zL6ZurGjH8nArpKRNenog0dn5IIAyWirefe-WA6YulwYhrtTTn0V4A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:36:39 GMT
age: 35659
etag: "f073fc7f24465b76b3681c462c60cd047ed67a6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4eb6d1b35f680bfec656941b6167fd23
344c6000dbdafdb5105edc93a082d640c3e95ddc
67fc85fa0f1a55d57ab9db6f4c723fb9116ef3b2c5282dbdd42d9c37396bd7b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8826
x-amzn-requestid: cf0c711e-4ec9-4f87-a60f-41374262a114
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYweUHIyoAMFYQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202df5-17ad5d4e25a754586e531d05;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:15:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OEbpCQXLpTCDZH4OlzVvvsc-bSgbsIoXRgX6f-nKVwJTL5-SVTCHeA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:48:37 GMT
age: 38541
etag: "344c6000dbdafdb5105edc93a082d640c3e95ddc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/video.js
104.26.1.188200 OK 18 kB URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/video.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (22910), with no line terminators
Hash ad531a54a14cd3edb807640f7e2b84bc
1a198a59c57d2017ab3599a0617645baf60188e4
7be686d074180a02ac0056a7a57663caf85eeda54c3d88a798f8bd64ef44bdd0
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/video.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"597e-18350163506"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 252775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uBDNYsk5QAGsPcPGyooXoZJCKaWCn0ghAuvnwR%2FlQFefyxIyN0jSjUd6TE9DqoBgEPbTIrQT1qKVnhIuOcH98x8rsdNnI8aCnaMKSIv0IgNbhRyq3%2FuRlpQnpxAuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1711dbe740b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
age: 36961
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX
142.250.74.72200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX
IP 142.250.74.72:0
File type ASCII text, with very long lines (15971)
Hash 8f2754c758a3cea62761828f0a20427b
7175fb6ded4ea94612d34defac365b3ad2f17e64
600a8e3e0efc3cd20587191fd9f6f06985dc4069ac30b87be4d0e7ccc8f767f7
GET /gtm.js?id=GTM-PLKQLTX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 08:30:58 GMT
expires: Wed, 21 Sep 2022 08:30:58 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53047
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xfantazy.com/_next/static/runtime/webpack-f4d22593ad73f080a168.js
104.26.1.188200 OK 5.4 kB URL HTTP/2 xfantazy.com/_next/static/runtime/webpack-f4d22593ad73f080a168.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (12210), with no line terminators
Hash fbb06624980b2f91a8510cb929a19fca
33eafc401180988b2da204316c44350e0dfd8af7
c2877523ab6d4d7ce1a7bc50a280a6689de4294affcc90be377375ba4d7009a8
GET /_next/static/runtime/webpack-f4d22593ad73f080a168.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"2fb2-1826d2b92c0"
last-modified: Fri, 05 Aug 2022 08:42:28 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 4059999
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7YWiGywMfE%2BVN07BSaH0GvUfzGat0pWNk6pKGX%2BzFbGpUPCGW%2FcjAAE3WoETJKRY%2Bt%2FVB2GcS1Vh9YLfRllF19qF82R3ty0klDoSJGE0Ya64OefiP48X1CSHlqu1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1711dbe800b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 02:02:22 GMT
expires: Sun, 17 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 368916
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 565010
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 565010
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash bfcf21dc7df8c672d9cc209982b29500
481b4efd27b2308f773bc920a3d9bb6d0a1b8c23
818df66e0e75afd76e6609ba788e8d1608353c18437f5d5d9884baa8c3bfb917
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:30:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 15:14:20 GMT
Expires: Tue, 27 Sep 2022 15:14:19 GMT
Etag: "481b4efd27b2308f773bc920a3d9bb6d0a1b8c23"
Cache-Control: max-age=542000,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e1711f58c70b31-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
151.101.85.229200 OK 84 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP 151.101.85.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 93da68520075687596d7c4a0cb3c93a0
677e814d36fb09115d31b029c55b920c2b78f7aa
7ae325ea4d6de04c789cf4e147f9a334e8feb936d2d785ef48be82c5bbe3621d
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.244.0
x-jsd-version-type: version
etag: W/"3392e-Qi3gEcZr1l3TqINcJ23fMrDsrI8"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 21 Sep 2022 08:30:58 GMT
age: 40811
x-served-by: cache-fra19174-FRA, cache-bma1660-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 83683
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 209208530a3a3cece82156f3f2bc9249
17f5dabd8f4bc096f81cb8b1c0a774a9b52e31ac
e97bcd84eec62546839e3d8638d5b2013219ca82e975fd47b04c20498b00aa43
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:30:58 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "4DEC7F50ECE9F37DE19EB934FC0AC5C917E45EAA"
Expires: Wed, 21 Sep 2022 19:00:00 GMT
Last-Modified: Wed, 21 Sep 2022 07:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2746
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e171208b01b511-OSL
static-cache.k2s.cc/thumbnail/3a14a04f42d99/main/0.jpeg
188.72.235.185200 OK 102 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/3a14a04f42d99/main/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 1920x1080, components 3\012- data
Size 102 kB (101594 bytes)
Hash f0cc4ab106fad8f8cdc9b20c19da1736
67c60a78d274307afd2c8dd914b890d3db6a6530
cb4e239df05462cc0c0b376a4b2d69d544b73c5dbc0dfe53ed01c88f2771379d
GET /thumbnail/3a14a04f42d99/main/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: image/jpeg
content-length: 101594
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: MISS
X-Firefox-Spdy: h2
xfantazy.com/static/xf-small.png
104.26.1.188200 OK 1.2 kB URL HTTP/2 xfantazy.com/static/xf-small.png
IP 104.26.1.188:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 73788af337ff4a5e7c8d8ea19dba155f
e0bd72878475603f40ebd05077c626816ed3285c
be4a320fd44fdaaced2a2056ff7a4c0765a6ed0996c9b4c94a0cb2458967e8df
GET /static/xf-small.png HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: image/png
content-length: 1153
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Sun, 18 Sep 2022 10:07:53 GMT
etag: W/"481-18350119794"
cf-cache-status: HIT
age: 4023
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dG3kqIc8YHMKRabA5ZH2SbuHmzE9UjT1Od98O8qGZVXh5URxZ5oWDNcRxnJdKlLdStszIFYLlIETytahRb0kpqRYHRAVptgGaEISxgTjCF9KcpJd3tloXSdRJpLNRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e17120a9190b4d-OSL
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 21 Sep 2022 06:41:12 GMT
expires: Wed, 21 Sep 2022 08:41:12 GMT
cache-control: public, max-age=7200
age: 6586
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/_app.js
104.26.1.188200 OK 38 kB URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/_app.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3ab040cbf2bd400718bc382d9f746f18
d296eebcc7f816552fe6736f265b3b0ebd70aff0
e5d1ee3778da35d813912a1a334382e70b22caee0719ca257541a49e883a6962
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/_app.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"20e2f-18350163502"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 252775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SV1XsNQ9odr9vHGKuBl8mJhSISDPFWq5257%2FanYXhrciOdnUvqCz4TmgIXSYucRWpAycPRKo0%2FKPPzle6bZFwmK5mJkJNoqyWokuGCOVlZUITVsqjw1jTKZFeqHfPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1711dbe7c0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.focusde.info/5qpfbg7.js
135.181.208.216200 OK 34 kB URL HTTP/2 a.focusde.info/5qpfbg7.js
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (37787), with NEL line terminators
Hash 92a34128721b26541b784fc8e7c4cf29
0b97412171de36e5a4cdfba28a69341e0fe6b0de
93f6ba12753327849a8da02eb5b2b1698b8e7058486b5b3bde40c3053e7ca0b8
GET /5qpfbg7.js HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 08:30:59 GMT
content-type: application/javascript
content-length: 34366
expires: Tue, 19 Sep 2023 11:44:01 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 11:41:48 GMT
etag: "6328557c-863e"
cache-control: max-age=315360000, public
x-hw: 1663587841.dop143.am5.t,1663587841.cds267.am5.c
access-control-allow-origin: *
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/70.aeba4e9e28ccf1bae13a.js
104.26.1.188200 OK 805 B URL HTTP/2 xfantazy.com/_next/static/chunks/70.aeba4e9e28ccf1bae13a.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (1389), with no line terminators
Hash be30d94d7cf869f40fcbc95643655ca5
a8a77fd5b1ed8ce33781a4e44d760064ab030ded
34e7865137d7296801630cf66bac4b4483f30b654e20440723b8106aa4a3d963
GET /_next/static/chunks/70.aeba4e9e28ccf1bae13a.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"56d-181397f9e5d"
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 9195321
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tR8g7JjwVfKTZaJYrqRwv55wmiVj8DLNer9zRpO3YJPSDq7H2ltpOSI3Go%2BkSQtDfVR0oG2xUs3G3icQ1mRL7UH7nqX39MmYy8KcCF484B7Da%2BRlhA3xhcg%2FBNCaDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e17121b9e70b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash d01eb881b50e9124ee3306cd450c30c7
dd02c898cf8e40bb1c6103a3899bf62bd516ffc5
acb45e966fd4868e51feee7df0b7f734805e88c347bd85e31f504c1c9077e557
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:30:59 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sun, 25 Sep 2022 03:55:04 GMT
ETag: "dd02c898cf8e40bb1c6103a3899bf62bd516ffc5"
Last-Modified: Wed, 21 Sep 2022 03:55:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2602
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e171244825b511-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c0b0e5cfd6a5516524bbcf65a57d29bb
2b1e891cea702fdd291fab305210fa3b76f2aa05
16481ad83fb09b49732eb25c77e76c63aaf5a8fce0fccbf35609b439a4e129fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16481AD83FB09B49732EB25C77E76C63AAF5A8FCE0FCCBF35609B439A4E129FE"
Last-Modified: Mon, 19 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6837
Expires: Wed, 21 Sep 2022 10:24:56 GMT
Date: Wed, 21 Sep 2022 08:30:59 GMT
Connection: keep-alive
mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A2637%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749059%3Ac%3A1%3Arn%3A134132088%3Arqn%3A1%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C30%2C2047%2C0%2C247%2C0%2C%2C194%2C6%2C%2C%2C%2C2647%3Ans%3A1663749055784%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663749059%3At%3AOnline%20Victoria%20Carvalho%2C%20Yago%20Ribeiro%20Study%20Break%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
77.88.21.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A2637%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749059%3Ac%3A1%3Arn%3A134132088%3Arqn%3A1%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C30%2C2047%2C0%2C247%2C0%2C%2C194%2C6%2C%2C%2C%2C2647%3Ans%3A1663749055784%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663749059%3At%3AOnline%20Victoria%20Carvalho%2C%20Yago%20Ribeiro%20Study%20Break%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 28a8f49ede815660513b14e664dd2db1
8c79dace4bc3ac1ed0350178e345af9a7935b124
62e8a81f49cabe1aa7e6700c041e9bee7c5c5a3ef559f6b03c82cf82732d0a3e
GET /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A2637%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749059%3Ac%3A1%3Arn%3A134132088%3Arqn%3A1%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C30%2C2047%2C0%2C247%2C0%2C%2C194%2C6%2C%2C%2C%2C2647%3Ans%3A1663749055784%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663749059%3At%3AOnline%20Victoria%20Carvalho%2C%20Yago%20Ribeiro%20Study%20Break%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Wed, 21 Sep 2022 08:30:59 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 08:30:59 GMT
last-modified: Wed, 21-Sep-2022 08:30:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/7.38d845e9473548212694.js
104.26.1.188200 OK 24 kB URL HTTP/2 xfantazy.com/_next/static/chunks/7.38d845e9473548212694.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (38842), with no line terminators
Hash 82b21378fab2faacb31df1f0eae11e0f
d17740ab56f4c51c722287708b21cddce1252233
8b798fcc71c365c829f549eb6f88032bb1b376f67de98c746d9e18edde454726
GET /_next/static/chunks/7.38d845e9473548212694.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"97ba-181397f9e55"
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 9189451
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUnC%2FfZtk1kiypK14TfBROo13FvrUJo%2FaKaSoAd1JmnQ8OBAR9j5Pk2aWx6WuRyQk2obZ5ZyIPZr6eNqa5JMuRE2t2P%2FwfJJXOpSlyAOSmKlPTOKZf6LwKHnZwCRPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1711dbe7e0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0528286dace12ef154588bb423e5877c
01494fb0d18b32da2d1f80d37cef4420c0506c5d
39c8eb46e99b438b8c912728eb96977e932ef6ff8da39294beaa2fa8df1921b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6283
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:30:59 GMT
Last-Modified: Wed, 21 Sep 2022 06:46:16 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash f4c9b7ff62fa66a4f516525d8c8ca467
6c113f795d7ca72bacf3c1712d0d6dd2ad86c274
300442f861166c3ba6bdc82beaea50023343d05c1ba38f90450107870e63511b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 08:30:59 GMT
Last-Modified: Wed, 21 Sep 2022 07:07:44 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NUteLmt6AWE481eefCYEtZRZ8HEN5V3mRzqVkyi7ipV5L-Osx6ZWNg==
Age: 4995
simplewebanalysis.com/stats
35.158.153.212200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.158.153.212:0
File type ASCII text, with no line terminators
Hash 1f5f5b364eaa07fea666640c67ffc59a
8c47f892056cef2f6d96e47bd4908493a8372795
228037f838b64f96e2a4f79682d04899460ee426898d98156a5a7e89e65d9f57
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
set-cookie: uid_id2=50f43b0d-64f1-4026-8df9-320953ee0baa:3:1; expires=Sat, 18 Sep 2032 08:30:59 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0528286dace12ef154588bb423e5877c
01494fb0d18b32da2d1f80d37cef4420c0506c5d
39c8eb46e99b438b8c912728eb96977e932ef6ff8da39294beaa2fa8df1921b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6283
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:30:59 GMT
Last-Modified: Wed, 21 Sep 2022 06:46:16 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
creepingbrings.com/sfp.js
172.64.104.16200 OK 23 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 172.64.104.16:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 600fafa90a357ba59de46876312dbd3e
2b8fdd50e545689f3cae01f97f4a9144114541ba
a0bc242e3b0275fa378fbd23c2ff4dfb7e42728fc7dc606c5475491786b0d412
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:59 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 02c07ca32d2a9ec6bf729ea7978bba8a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 21 Sep 2022 08:30:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YimjwCVIEfdvck%2Bv%2BxYzRt4PpC3FM0TkitP4K2kk2CoFKp7kW76f5NTW2WqYIx7hiT2ey%2F1R7%2B8uC55tGanUmwTKPhNcDdmTm2zM6Rz35quQRnYIJL7kuuPt2MD8Ahy9RtqE%2BXU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e171276c54770e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749060%3Ac%3A1%3Arn%3A68938229%3Arqn%3A4%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663749055784%3Arqnl%3A1%3Ast%3A1663749060&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(4)rqnl(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749060%3Ac%3A1%3Arn%3A68938229%3Arqn%3A4%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663749055784%3Arqnl%3A1%3Ast%3A1663749060&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(4)rqnl(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749060%3Ac%3A1%3Arn%3A68938229%3Arqn%3A4%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663749055784%3Arqnl%3A1%3Ast%3A1663749060&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(4)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 21 Sep 2022 08:31:00 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 08:31:00 GMT
last-modified: Wed, 21-Sep-2022 08:31:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749060%3Ac%3A1%3Arn%3A808364861%3Arqn%3A2%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663749055784%3Arqnl%3A1%3Ast%3A1663749060&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749060%3Ac%3A1%3Arn%3A808364861%3Arqn%3A2%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663749055784%3Arqnl%3A1%3Ast%3A1663749060&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749060%3Ac%3A1%3Arn%3A808364861%3Arqn%3A2%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663749055784%3Arqnl%3A1%3Ast%3A1663749060&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 45
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 21 Sep 2022 08:31:00 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 08:31:00 GMT
last-modified: Wed, 21-Sep-2022 08:31:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749060%3Ac%3A1%3Arn%3A957609048%3Arqn%3A6%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663749055784%3Arqnl%3A1%3Ast%3A1663749060&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(6)rqnl(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749060%3Ac%3A1%3Arn%3A957609048%3Arqn%3A6%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663749055784%3Arqnl%3A1%3Ast%3A1663749060&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(6)rqnl(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749060%3Ac%3A1%3Arn%3A957609048%3Arqn%3A6%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663749055784%3Arqnl%3A1%3Ast%3A1663749060&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(6)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 21 Sep 2022 08:31:00 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 08:31:00 GMT
last-modified: Wed, 21-Sep-2022 08:31:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749060%3Ac%3A1%3Arn%3A927332739%3Arqn%3A5%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663749055784%3Arqnl%3A1%3Ast%3A1663749060&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(5)rqnl(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749060%3Ac%3A1%3Arn%3A927332739%3Arqn%3A5%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663749055784%3Arqnl%3A1%3Ast%3A1663749060&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(5)rqnl(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083059%3Aet%3A1663749060%3Ac%3A1%3Arn%3A927332739%3Arqn%3A5%3Au%3A1663749059904946911%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663749055784%3Arqnl%3A1%3Ast%3A1663749060&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(5)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 99
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 21 Sep 2022 08:31:00 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 08:31:00 GMT
last-modified: Wed, 21-Sep-2022 08:31:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9af5834dec743e9d0f8c77e7ee9c9bde
6888fbcbb467e20e108ff79ede7148bc7f58ebfa
56aa935cbb2f7760e55a65cb99aa1ffba102cff9c81a4a43234ae92e43a4d728
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56AA935CBB2F7760E55A65CB99AA1FFBA102CFF9C81A4A43234AE92E43A4D728"
Last-Modified: Mon, 19 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4554
Expires: Wed, 21 Sep 2022 09:46:54 GMT
Date: Wed, 21 Sep 2022 08:31:00 GMT
Connection: keep-alive
a.focusde.info/api/spots/395190?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/395190?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/spots/395190?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 08:31:00 GMT
content-length: 0
set-cookie: nauid=RCC9b1Vv2aj52OKi1PLu; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
X-Firefox-Spdy: h2
astonishedmule.com/4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js
192.243.59.13200 OK 29 kB URL HTTP/1.1 astonishedmule.com/4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 83616fef0c2078e68abd54bf7ee6ef03
f9c4af701fff5f661e9d718e274cdef6849d8749
a7d66a03d86ec9e39588884e0aba0a6d17f826fc25d638a210995d86cc02d26d
Analyzer Verdict Alert quad9 Sinkholed
GET /4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js HTTP/1.1
Host: astonishedmule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 21 Sep 2022 08:31:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e1019a216791013a0000ce5aea1ef466
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b2494aa6483ac8a65bf0e6bcb2d8c554
894888054ce1647c8ae1f2afefe4faeecebaa95d
63a85091d4a67a58e301d159e3c330d37264929824c1de55d6af76f308093013
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "63A85091D4A67A58E301D159E3C330D37264929824C1DE55D6AF76F308093013"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15400
Expires: Wed, 21 Sep 2022 12:47:40 GMT
Date: Wed, 21 Sep 2022 08:31:00 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b2494aa6483ac8a65bf0e6bcb2d8c554
894888054ce1647c8ae1f2afefe4faeecebaa95d
63a85091d4a67a58e301d159e3c330d37264929824c1de55d6af76f308093013
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "63A85091D4A67A58E301D159E3C330D37264929824C1DE55D6AF76F308093013"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15400
Expires: Wed, 21 Sep 2022 12:47:40 GMT
Date: Wed, 21 Sep 2022 08:31:00 GMT
Connection: keep-alive
astonishedmule.com/sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2&uuid=50f43b0d-64f1-4026-8df9-320953ee0baa%3A3%3A1
192.243.59.13200 OK 4.1 kB URL HTTP/1.1 astonishedmule.com/sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2&uuid=50f43b0d-64f1-4026-8df9-320953ee0baa%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5662), with no line terminators
Hash d96783eb1da59a09745f28068335a441
a55c4b3347cf13dd0ff259d2fa6f9bff80c19328
8639546840c0ed37a27d4dc03fe0dbd358ccb69bb71a45b40ccb5c933c06bea3
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2&uuid=50f43b0d-64f1-4026-8df9-320953ee0baa%3A3%3A1 HTTP/1.1
Host: astonishedmule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 21 Sep 2022 08:31:00 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://xfantazy.com
Access-Control-Allow-Origin: https://xfantazy.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15600826; expires=Thu, 22 Sep 2022 08:31:00 GMT; secure; SameSite=None
uid_id2=50f43b0d-64f1-4026-8df9-320953ee0baa:3:1; expires=Wed, 28 Sep 2022 08:31:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 22 Sep 2022 08:31:00 GMT; secure; SameSite=None
uncs=1; expires=Thu, 22 Sep 2022 08:31:00 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 22 Sep 2022 08:31:00 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 22 Sep 2022 08:31:00 GMT; secure; SameSite=None
sleca2f990f10476061c719d1c1aa3a2ecd2=[3357660]; expires=Wed, 21 Sep 2022 08:31:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 733c0df335b170c1b46a9b880a96aa52
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bb9f5419c8aa26b7c363cd9ab183f062
2ab4f2330b6a78b9300852b26d4333b7fe67663f
c964acb0c35eca69b54b77c031be23480c34b8a7b737618410a6a685508c987c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C964ACB0C35ECA69B54B77C031BE23480C34B8A7B737618410A6A685508C987C"
Last-Modified: Mon, 19 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4670
Expires: Wed, 21 Sep 2022 09:48:50 GMT
Date: Wed, 21 Sep 2022 08:31:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a2b39113a70529527307eb2feae6d112
a91848aee8648b986ee238008b30c19211afee7e
5503aa902278ea78a58fee7b81e884975ce8c4c29c596812b9ca6e6711ad9231
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4137
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:31:00 GMT
Last-Modified: Wed, 21 Sep 2022 07:22:03 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a72130ae7c499a48ceed4d717ba04279
686cf6c69ee0bc3b20f334e1f40162b0a348ece2
18117375cc72fba620f3e53df7f99a61ab02c4adf834566eb46d63be66f1ca54
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "18117375CC72FBA620F3E53DF7F99A61AB02C4ADF834566EB46D63BE66F1CA54"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16645
Expires: Wed, 21 Sep 2022 13:08:26 GMT
Date: Wed, 21 Sep 2022 08:31:01 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a72130ae7c499a48ceed4d717ba04279
686cf6c69ee0bc3b20f334e1f40162b0a348ece2
18117375cc72fba620f3e53df7f99a61ab02c4adf834566eb46d63be66f1ca54
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "18117375CC72FBA620F3E53DF7F99A61AB02C4ADF834566EB46D63BE66F1CA54"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16645
Expires: Wed, 21 Sep 2022 13:08:26 GMT
Date: Wed, 21 Sep 2022 08:31:01 GMT
Connection: keep-alive
astonishedmule.com/ren.gif?sid=H4sIAAAAAAAC%2F1SST2skRRjGqzc5CHpQ2YuKMgcPKma2umfSM%2BMeFmOMBLN%2F2FUUPGh1VfWkTHVXU9U9PRkQwi7IHme%2FQeeZZMNqEL0KLjIJ7CGnHU8BzcEPIIjgSVBmNjhal%2Fd963kOP573%2FXK3OCMUBTtdvWoGSmt2ablOa6997PuXaxsqLfq1fjv8NGxertneW52wTl%2BvvSf5lrkUUJ9Sn%2Fq1NWVlbPqXpiJUdtjx6x1abwZ1f7mJvv3%2F7AoPjnkQvTPyPJSYLB57F6H4GGny7ap0W7nJ3nw3KTTLjUVPHHyYbqWmTJHM29h6iNODczeMe7z2ECbdn%2BHC9P41RmpCvEcPEaUH55CIenszzkhDpojE0yh7Y0g9hmJjcHMHSjwmABe4dh1pcv%2BasSXbfqKyqTohi3%2F%2BAVVOyOIvF5Em36xo1a%2FdMrrIlUkd%2BnEF1R9DdcfIiiPkgwtQ5RF4fhtKEKRJBSVOX12mcbMRUbEUNmN%2FqUmDcKkt4s5SI6Cd5YaUNGJsFoxSY6h4DC2HYG4BhfNQKA9F7KHIPCTitMZ9329RwRltdzhviJaMQkF91op95tOwjYJP2YfIsyG4HoLbHWR2B1vq3oSQ23uwxY9wmxWc8OBygp6oUEqC0hGUjKBUBGVOUPaqfaFd4Kr7Qrsi8s9rcF4b1cjk3V22b%2FKuTMludkaem6X22zPfY0ue1lgQdzo09mmzFdLQ5y2%2FI3zuM9ZggeQigFMVlLsA5jwM1IRcfOlXZNNNfvE3InYEp4%2FA1bNgxctg5agVULDNUbNNMUgP%2BzFLczbYrnOTQJgKWb6IfNvb1WfkhRlH4%2FLPkPzkymfR1cnvD%2F4CtxUyW%2BFzdUzQ1XdHN01J9m6a0pHvrme5StSATTd7K2e5XPjqfbldGivWV93wwdt8Kkzbww%2BkyzdYKlTadeTrFSWEtGvGckl%2BWHcfyehG4TZXCpsW2caNd9bWk8xK55RJx2BqQsijE3A1IU%2BJcna0L7pPoOwYtqiQFCfk%2FEGZI%2FBsBy6b8zuzAKvnnijzUBbVyAbR%2FFMrAi3nM4squP%2FM0bzfdXfRta%2BA5Xdmt9qzFXq6AtNDuGJhlGf25MpPjdlDpL1RpK23F2mr7z0J16nTWqvRoCzsLPutFpOtqBm049AXjAXNMAhD1kDuJvyNk%2BN%2FAAAA%2F%2F8BAAD%2F%2FwDDvDl%2FBAAA
192.243.59.13200 OK 7 B URL HTTP/1.1 astonishedmule.com/ren.gif?sid=H4sIAAAAAAAC%2F1SST2skRRjGqzc5CHpQ2YuKMgcPKma2umfSM%2BMeFmOMBLN%2F2FUUPGh1VfWkTHVXU9U9PRkQwi7IHme%2FQeeZZMNqEL0KLjIJ7CGnHU8BzcEPIIjgSVBmNjhal%2Fd963kOP573%2FXK3OCMUBTtdvWoGSmt2ablOa6997PuXaxsqLfq1fjv8NGxertneW52wTl%2BvvSf5lrkUUJ9Sn%2Fq1NWVlbPqXpiJUdtjx6x1abwZ1f7mJvv3%2F7AoPjnkQvTPyPJSYLB57F6H4GGny7ap0W7nJ3nw3KTTLjUVPHHyYbqWmTJHM29h6iNODczeMe7z2ECbdn%2BHC9P41RmpCvEcPEaUH55CIenszzkhDpojE0yh7Y0g9hmJjcHMHSjwmABe4dh1pcv%2BasSXbfqKyqTohi3%2F%2BAVVOyOIvF5Em36xo1a%2FdMrrIlUkd%2BnEF1R9DdcfIiiPkgwtQ5RF4fhtKEKRJBSVOX12mcbMRUbEUNmN%2FqUmDcKkt4s5SI6Cd5YaUNGJsFoxSY6h4DC2HYG4BhfNQKA9F7KHIPCTitMZ9329RwRltdzhviJaMQkF91op95tOwjYJP2YfIsyG4HoLbHWR2B1vq3oSQ23uwxY9wmxWc8OBygp6oUEqC0hGUjKBUBGVOUPaqfaFd4Kr7Qrsi8s9rcF4b1cjk3V22b%2FKuTMludkaem6X22zPfY0ue1lgQdzo09mmzFdLQ5y2%2FI3zuM9ZggeQigFMVlLsA5jwM1IRcfOlXZNNNfvE3InYEp4%2FA1bNgxctg5agVULDNUbNNMUgP%2BzFLczbYrnOTQJgKWb6IfNvb1WfkhRlH4%2FLPkPzkymfR1cnvD%2F4CtxUyW%2BFzdUzQ1XdHN01J9m6a0pHvrme5StSATTd7K2e5XPjqfbldGivWV93wwdt8Kkzbww%2BkyzdYKlTadeTrFSWEtGvGckl%2BWHcfyehG4TZXCpsW2caNd9bWk8xK55RJx2BqQsijE3A1IU%2BJcna0L7pPoOwYtqiQFCfk%2FEGZI%2FBsBy6b8zuzAKvnnijzUBbVyAbR%2FFMrAi3nM4squP%2FM0bzfdXfRta%2BA5Xdmt9qzFXq6AtNDuGJhlGf25MpPjdlDpL1RpK23F2mr7z0J16nTWqvRoCzsLPutFpOtqBm049AXjAXNMAhD1kDuJvyNk%2BN%2FAAAA%2F%2F8BAAD%2F%2FwDDvDl%2FBAAA
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SST2skRRjGqzc5CHpQ2YuKMgcPKma2umfSM%2BMeFmOMBLN%2F2FUUPGh1VfWkTHVXU9U9PRkQwi7IHme%2FQeeZZMNqEL0KLjIJ7CGnHU8BzcEPIIjgSVBmNjhal%2Fd963kOP573%2FXK3OCMUBTtdvWoGSmt2ablOa6997PuXaxsqLfq1fjv8NGxertneW52wTl%2BvvSf5lrkUUJ9Sn%2Fq1NWVlbPqXpiJUdtjx6x1abwZ1f7mJvv3%2F7AoPjnkQvTPyPJSYLB57F6H4GGny7ap0W7nJ3nw3KTTLjUVPHHyYbqWmTJHM29h6iNODczeMe7z2ECbdn%2BHC9P41RmpCvEcPEaUH55CIenszzkhDpojE0yh7Y0g9hmJjcHMHSjwmABe4dh1pcv%2BasSXbfqKyqTohi3%2F%2BAVVOyOIvF5Em36xo1a%2FdMrrIlUkd%2BnEF1R9DdcfIiiPkgwtQ5RF4fhtKEKRJBSVOX12mcbMRUbEUNmN%2FqUmDcKkt4s5SI6Cd5YaUNGJsFoxSY6h4DC2HYG4BhfNQKA9F7KHIPCTitMZ9329RwRltdzhviJaMQkF91op95tOwjYJP2YfIsyG4HoLbHWR2B1vq3oSQ23uwxY9wmxWc8OBygp6oUEqC0hGUjKBUBGVOUPaqfaFd4Kr7Qrsi8s9rcF4b1cjk3V22b%2FKuTMludkaem6X22zPfY0ue1lgQdzo09mmzFdLQ5y2%2FI3zuM9ZggeQigFMVlLsA5jwM1IRcfOlXZNNNfvE3InYEp4%2FA1bNgxctg5agVULDNUbNNMUgP%2BzFLczbYrnOTQJgKWb6IfNvb1WfkhRlH4%2FLPkPzkymfR1cnvD%2F4CtxUyW%2BFzdUzQ1XdHN01J9m6a0pHvrme5StSATTd7K2e5XPjqfbldGivWV93wwdt8Kkzbww%2BkyzdYKlTadeTrFSWEtGvGckl%2BWHcfyehG4TZXCpsW2caNd9bWk8xK55RJx2BqQsijE3A1IU%2BJcna0L7pPoOwYtqiQFCfk%2FEGZI%2FBsBy6b8zuzAKvnnijzUBbVyAbR%2FFMrAi3nM4squP%2FM0bzfdXfRta%2BA5Xdmt9qzFXq6AtNDuGJhlGf25MpPjdlDpL1RpK23F2mr7z0J16nTWqvRoCzsLPutFpOtqBm049AXjAXNMAhD1kDuJvyNk%2BN%2FAAAA%2F%2F8BAAD%2F%2FwDDvDl%2FBAAA HTTP/1.1
Host: astonishedmule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=50f43b0d-64f1-4026-8df9-320953ee0baa:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 21 Sep 2022 08:31:00 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fcc95db9a4d29bb2bc3ba026b58e8c51
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/close.png
172.64.200.2200 OK 6.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/close.png
IP 172.64.200.2:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:01 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4227984
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKplmYWRUIKteiNtD%2FDWZa6zJf%2BFRnOoTDagvLQchdOn8woL%2B1UQLVAC9skNuNh%2FlPkbuUnbtaOAY4dA6GtKeJdkvWPVo8nbNKeYxi5VHk1By6GR5PeP9MPv7Zu4rBx1IHI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1712fa8977488-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/arrow.png
172.64.200.2200 OK 2.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/arrow.png
IP 172.64.200.2:0
File type PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:01 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2937884
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqoskCnQJE5N78TaeaQR0Qur215pwICLdTMZA2st1WWUiQeoMKUOeJCJdn8Rf8zaKa6Lpa0r4d%2BlZBkdxh1qHihS4SNxn9rGlrEiSG32tuQNtGBM%2FFxfOEecFUGrwGcY%2B6c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1712fa89a7488-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/number.png
172.64.200.2200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/number.png
IP 172.64.200.2:0
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:01 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4227984
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXomA0GlvkWH3WVQpknFwm8ykKrKjx1nGzE6p6XpwmVZLbesTPap5UDVVnZr5niX%2BMcO8BV9GM6d2HjoWRzZNspeon8cmHp85Gna5017NX2%2BuTDD6dizV1QjFvXIFEbsFtE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1712fa89d7488-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a72130ae7c499a48ceed4d717ba04279
686cf6c69ee0bc3b20f334e1f40162b0a348ece2
18117375cc72fba620f3e53df7f99a61ab02c4adf834566eb46d63be66f1ca54
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "18117375CC72FBA620F3E53DF7F99A61AB02C4ADF834566EB46D63BE66F1CA54"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16645
Expires: Wed, 21 Sep 2022 13:08:26 GMT
Date: Wed, 21 Sep 2022 08:31:01 GMT
Connection: keep-alive
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/index.html
104.26.6.19200 OK 572 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/index.html
IP 104.26.6.19:0
File type HTML document, ASCII text
Hash 7e111e84ac45ada71323d218ea05d02b
f7f6a35ab4b8e07a613d2389896ce47784515c79
5a737352d2da8abd1b48ff4e4cca93e8e9d6065bf15b4fae714587eab3510714
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:00 GMT
content-type: text/html
last-modified: Tue, 01 Feb 2022 13:22:32 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 510662
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VD8UszxGCdo%2FNsi8c%2BJ1UpuYlnvNcB0sxeM%2FpmIcpQvRQbx8bKr6kvXEYDfWfn%2FjsFFKbgTCi18IuGZw%2FbrrCXr8w42szvlcXCiuW%2BlAn4bSmtV6PpSsGbfQMSrQUgPu3p3E7sg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1712ecfa3b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/icon.png
172.64.200.2200 OK 46 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/icon.png
IP 172.64.200.2:0
File type PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Hash 0d687af39faa7241d1a584f1c3eec050
ccd68a2138d3da9c44c93a139a72fcd8fd750614
cdd30ab847b158f337faaca366647fa594365de0c63b58c9e8243dec575df329
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:01 GMT
content-type: image/png
content-length: 45627
last-modified: Tue, 01 Feb 2022 11:50:51 GMT
etag: "61f91e9b-b23b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4227984
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5fXG9OfaZFEmhb0gIz2zQTe7UVIe7ngbnICAXD%2BPjAfxXDlWXpLOMWUe16Oy2gCoSOtBxRtpA%2F8Sej86VFzZ0%2BUUkS4fnz8%2B%2BoUEMyjwqc9jbovd335P4%2BDQUivg1FT4OA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1712fa8a07488-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wadmargincling.com/pixel/purst?dl=0&th=0&sc=0&rs=4634&rd=4634&fd=752&bv=22.8.v.2&tmpl=136
192.243.59.13200 OK 0 B URL HTTP/1.1 wadmargincling.com/pixel/purst?dl=0&th=0&sc=0&rs=4634&rd=4634&fd=752&bv=22.8.v.2&tmpl=136
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=4634&rd=4634&fd=752&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: wadmargincling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 21 Sep 2022 08:31:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
astonishedmule.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fstyle.css&l=9494&fd=91
192.243.59.13200 OK 0 B URL HTTP/1.1 astonishedmule.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fstyle.css&l=9494&fd=91
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fstyle.css&l=9494&fd=91 HTTP/1.1
Host: astonishedmule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=50f43b0d-64f1-4026-8df9-320953ee0baa:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 21 Sep 2022 08:31:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
astonishedmule.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fanimate.css&l=79249&fd=94
192.243.59.13200 OK 0 B URL HTTP/1.1 astonishedmule.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fanimate.css&l=79249&fd=94
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fanimate.css&l=79249&fd=94 HTTP/1.1
Host: astonishedmule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=50f43b0d-64f1-4026-8df9-320953ee0baa:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 21 Sep 2022 08:31:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
astonishedmule.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fjs%2Fscript.js&l=711&fd=29
192.243.59.13200 OK 0 B URL HTTP/1.1 astonishedmule.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fjs%2Fscript.js&l=711&fd=29
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fjs%2Fscript.js&l=711&fd=29 HTTP/1.1
Host: astonishedmule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=50f43b0d-64f1-4026-8df9-320953ee0baa:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 21 Sep 2022 08:31:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
astonishedmule.com/pixel/sbs?c=1
192.243.59.13200 OK 0 B URL HTTP/1.1 astonishedmule.com/pixel/sbs?c=1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: astonishedmule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=50f43b0d-64f1-4026-8df9-320953ee0baa:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 21 Sep 2022 08:31:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
astonishedmule.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGqzc5CHpQ2YuKMgcPKmZSPd9jDosxRoLZD3YVBQ9aXz0pU9PVVHVPTwaEsAuyx9n%2FoPNMsmE1iF4FF5kE9pDTjqeA5uAfIIjgSVBmNjhal%2Fd963kOP573%2FXIvOycUGTtbu2oH2hi2XC%2FT0msfh%2BFKaVPHWb%2FUbzU%2BbdRWSq73VrtRpq%2BX3lNi2y5XaEhpSMPSunYqsv3lqQidHLXDcpuWa5VyWK%2Bh7%2F4%2F%2ByyAZwFk75w8Dy0niyfBZWgxRtz9dk357dQmb77bzQxLrUNPHn4Yb8c2j9Gdt5ELEMWHF25Y%2F3j9IWx8MMOF7f1r5HpCgkcPwePDC0jw3v6MkxuoGFw%2Bjbw3hjJjaDaGsHeg5WMCCIlr1xF371%2BzLmc7T1Q2VSdk8c8%2FoPMJWfzlMuLuN6tG90u3rMlSbWOPflRA98fQnTGS7Bjp4BJ0fgyR3oaWBHG3gJZnr9ZpVKtyKpcatShcqtFKY6klo%2FZStULb9apSlDM2C0brMXQ0hlFDML%2BAzAfIdIAsCpAlAbryrCTCMGxSKRhttYWoyqbiDUlD1oxCFtJGC5mYsg%2BRJkMIM4Rwu0jcLrb1vQkht%2Ffhsh%2Fhtwp4GcCnBD1ZIFcEuSfIGUGuCfKUIO8VB9L4ii%2FuS%2BMzHl7UykWtFiObdvbYgU07KiZ7yTl5bpbab898j211VmKVqN2mUUhrzQZthKIZtmUoQsaqrKKErMDrAtpfAvMBBnpCLr%2F0K5LpJr%2F4G5wdw5tjCP0sWPYyWD5qVijY1qjWohjER%2F2IxSkb7JSF7ULaAkm6iHQn2DPn5IUZR3XlZyhxeuUzfnXy%2B4O%2FIFyBxBX4XJ8QdMzd0U2bk%2F2bNvfku%2BtJqrt6wKabvZWyVC189b7aya2TG2t%2B%2BOBtMRWm7dEHyqebLJY67njy9aqWUrl164QiP2z4jxS%2Fkfmt1czFWbJ54531jW7ilPfaxmMwPSHk0SmEnpCnZD472hf9J9BuDJcV6Gan5OJB22OIZBc%2BmfN7uwBn5h6eBMizYuQqfP5pNIFR85nxAv4%2FM5%2F3e%2F4uOu4VsPTO7FZ7rkDPFGBmCJ8tjNLEnV75qTp74CYYceOCfW6cufckXK%2FPSlUqm1xFqslVrV6LlJC8XudURIJXZaslkPqJeOP05B8AAAD%2F%2FwEAAP%2F%2FgBdp0X8EAAA%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 astonishedmule.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGqzc5CHpQ2YuKMgcPKmZSPd9jDosxRoLZD3YVBQ9aXz0pU9PVVHVPTwaEsAuyx9n%2FoPNMsmE1iF4FF5kE9pDTjqeA5uAfIIjgSVBmNjhal%2Fd963kOP573%2FXIvOycUGTtbu2oH2hi2XC%2FT0msfh%2BFKaVPHWb%2FUbzU%2BbdRWSq73VrtRpq%2BX3lNi2y5XaEhpSMPSunYqsv3lqQidHLXDcpuWa5VyWK%2Bh7%2F4%2F%2ByyAZwFk75w8Dy0niyfBZWgxRtz9dk357dQmb77bzQxLrUNPHn4Yb8c2j9Gdt5ELEMWHF25Y%2F3j9IWx8MMOF7f1r5HpCgkcPwePDC0jw3v6MkxuoGFw%2Bjbw3hjJjaDaGsHeg5WMCCIlr1xF371%2BzLmc7T1Q2VSdk8c8%2FoPMJWfzlMuLuN6tG90u3rMlSbWOPflRA98fQnTGS7Bjp4BJ0fgyR3oaWBHG3gJZnr9ZpVKtyKpcatShcqtFKY6klo%2FZStULb9apSlDM2C0brMXQ0hlFDML%2BAzAfIdIAsCpAlAbryrCTCMGxSKRhttYWoyqbiDUlD1oxCFtJGC5mYsg%2BRJkMIM4Rwu0jcLrb1vQkht%2Ffhsh%2Fhtwp4GcCnBD1ZIFcEuSfIGUGuCfKUIO8VB9L4ii%2FuS%2BMzHl7UykWtFiObdvbYgU07KiZ7yTl5bpbab898j211VmKVqN2mUUhrzQZthKIZtmUoQsaqrKKErMDrAtpfAvMBBnpCLr%2F0K5LpJr%2F4G5wdw5tjCP0sWPYyWD5qVijY1qjWohjER%2F2IxSkb7JSF7ULaAkm6iHQn2DPn5IUZR3XlZyhxeuUzfnXy%2B4O%2FIFyBxBX4XJ8QdMzd0U2bk%2F2bNvfku%2BtJqrt6wKabvZWyVC189b7aya2TG2t%2B%2BOBtMRWm7dEHyqebLJY67njy9aqWUrl164QiP2z4jxS%2Fkfmt1czFWbJ54531jW7ilPfaxmMwPSHk0SmEnpCnZD472hf9J9BuDJcV6Gan5OJB22OIZBc%2BmfN7uwBn5h6eBMizYuQqfP5pNIFR85nxAv4%2FM5%2F3e%2F4uOu4VsPTO7FZ7rkDPFGBmCJ8tjNLEnV75qTp74CYYceOCfW6cufckXK%2FPSlUqm1xFqslVrV6LlJC8XudURIJXZaslkPqJeOP05B8AAAD%2F%2FwEAAP%2F%2FgBdp0X8EAAA%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGqzc5CHpQ2YuKMgcPKmZSPd9jDosxRoLZD3YVBQ9aXz0pU9PVVHVPTwaEsAuyx9n%2FoPNMsmE1iF4FF5kE9pDTjqeA5uAfIIjgSVBmNjhal%2Fd963kOP573%2FXIvOycUGTtbu2oH2hi2XC%2FT0msfh%2BFKaVPHWb%2FUbzU%2BbdRWSq73VrtRpq%2BX3lNi2y5XaEhpSMPSunYqsv3lqQidHLXDcpuWa5VyWK%2Bh7%2F4%2F%2ByyAZwFk75w8Dy0niyfBZWgxRtz9dk357dQmb77bzQxLrUNPHn4Yb8c2j9Gdt5ELEMWHF25Y%2F3j9IWx8MMOF7f1r5HpCgkcPwePDC0jw3v6MkxuoGFw%2Bjbw3hjJjaDaGsHeg5WMCCIlr1xF371%2BzLmc7T1Q2VSdk8c8%2FoPMJWfzlMuLuN6tG90u3rMlSbWOPflRA98fQnTGS7Bjp4BJ0fgyR3oaWBHG3gJZnr9ZpVKtyKpcatShcqtFKY6klo%2FZStULb9apSlDM2C0brMXQ0hlFDML%2BAzAfIdIAsCpAlAbryrCTCMGxSKRhttYWoyqbiDUlD1oxCFtJGC5mYsg%2BRJkMIM4Rwu0jcLrb1vQkht%2Ffhsh%2Fhtwp4GcCnBD1ZIFcEuSfIGUGuCfKUIO8VB9L4ii%2FuS%2BMzHl7UykWtFiObdvbYgU07KiZ7yTl5bpbab898j211VmKVqN2mUUhrzQZthKIZtmUoQsaqrKKErMDrAtpfAvMBBnpCLr%2F0K5LpJr%2F4G5wdw5tjCP0sWPYyWD5qVijY1qjWohjER%2F2IxSkb7JSF7ULaAkm6iHQn2DPn5IUZR3XlZyhxeuUzfnXy%2B4O%2FIFyBxBX4XJ8QdMzd0U2bk%2F2bNvfku%2BtJqrt6wKabvZWyVC189b7aya2TG2t%2B%2BOBtMRWm7dEHyqebLJY67njy9aqWUrl164QiP2z4jxS%2Fkfmt1czFWbJ54531jW7ilPfaxmMwPSHk0SmEnpCnZD472hf9J9BuDJcV6Gan5OJB22OIZBc%2BmfN7uwBn5h6eBMizYuQqfP5pNIFR85nxAv4%2FM5%2F3e%2F4uOu4VsPTO7FZ7rkDPFGBmCJ8tjNLEnV75qTp74CYYceOCfW6cufckXK%2FPSlUqm1xFqslVrV6LlJC8XudURIJXZaslkPqJeOP05B8AAAD%2F%2FwEAAP%2F%2FgBdp0X8EAAA%3D HTTP/1.1
Host: astonishedmule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; uid_id2=50f43b0d-64f1-4026-8df9-320953ee0baa:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 21 Sep 2022 08:31:01 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a0095ec347116cec3bc336a70bb2ed09
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:31:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 703 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type gzip compressed data, max compression\012- data
Hash dfa65d3774041563940f153a5204cc31
b8c822c195d0f20a8223985f649d20c32e4de855
4d98c5605920b2fd6ad605f9b969680cff9149dda8fcf87ad0b95f7808674730
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 21 Sep 2022 08:31:01 GMT
access-control-allow-origin: *
etag: "63295b76-2b"
expires: Wed, 21 Sep 2022 09:31:01 GMT
accept-ranges: bytes
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-121614197-2&cid=4945502.1663749059&jid=1453007931&gjid=543015626&_gid=18003163.1663749059&_u=YGBAiEABBAAAAE~&z=1815271377
142.251.1.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-121614197-2&cid=4945502.1663749059&jid=1453007931&gjid=543015626&_gid=18003163.1663749059&_u=YGBAiEABBAAAAE~&z=1815271377
IP 142.251.1.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-121614197-2&cid=4945502.1663749059&jid=1453007931&gjid=543015626&_gid=18003163.1663749059&_u=YGBAiEABBAAAAE~&z=1815271377 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://xfantazy.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Sep 2022 08:31:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:31:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d192r5l88wrng7.cloudfront.net/?rwlrd=961956
54.230.245.4200 OK 112 kB URL HTTP/2 d192r5l88wrng7.cloudfront.net/?rwlrd=961956
IP 54.230.245.4:0
File type Unicode text, UTF-8 text, with very long lines (15952)
Size 112 kB (111860 bytes)
Hash c3c47beec460d225cdbc284b8c1bd994
96800518e24c01725d50f2a3dee541ac4659bbb5
2e2987b1325ebeb10b13a9b6bac27d9819de2c759de7a488aea724e5f396d650
GET /?rwlrd=961956 HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 111860
date: Wed, 21 Sep 2022 08:31:01 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: urEBN3tX3GG5WUAtreegShra7s5b1yFW3N-X31ZGMQD3I14YuvT3aw==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 359edf3112df375e1800fb176242c6bf
77136382fac9194ee5bad925bfe229dd4a495c86
77ebbb15481bf7f879714fe74da0df603558e67469fbac837eea61d061be86eb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "77EBBB15481BF7F879714FE74DA0DF603558E67469FBAC837EEA61D061BE86EB"
Last-Modified: Tue, 20 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15628
Expires: Wed, 21 Sep 2022 12:51:30 GMT
Date: Wed, 21 Sep 2022 08:31:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 359edf3112df375e1800fb176242c6bf
77136382fac9194ee5bad925bfe229dd4a495c86
77ebbb15481bf7f879714fe74da0df603558e67469fbac837eea61d061be86eb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "77EBBB15481BF7F879714FE74DA0DF603558E67469FBAC837EEA61D061BE86EB"
Last-Modified: Tue, 20 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15628
Expires: Wed, 21 Sep 2022 12:51:30 GMT
Date: Wed, 21 Sep 2022 08:31:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 359edf3112df375e1800fb176242c6bf
77136382fac9194ee5bad925bfe229dd4a495c86
77ebbb15481bf7f879714fe74da0df603558e67469fbac837eea61d061be86eb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "77EBBB15481BF7F879714FE74DA0DF603558E67469FBAC837EEA61D061BE86EB"
Last-Modified: Tue, 20 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15628
Expires: Wed, 21 Sep 2022 12:51:30 GMT
Date: Wed, 21 Sep 2022 08:31:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e7425029cb87581653a2d298f1e0f1cf
8c79864e7d39c9bd209b6d051f98f4f44d92f804
1b61227954588bd684190c9897ba69590605e5d0f42e85de265506255329d2c6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "1B61227954588BD684190C9897BA69590605E5D0F42E85DE265506255329D2C6"
Last-Modified: Mon, 19 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3302
Expires: Wed, 21 Sep 2022 09:26:04 GMT
Date: Wed, 21 Sep 2022 08:31:02 GMT
Connection: keep-alive
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083102%3Aet%3A1663749062%3Ac%3A1%3Arn%3A352930322%3Arqn%3A8%3Au%3A1663749059904946911%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1663749055784%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663749062&t=gdpr(14)mc(p-5-h-1)clc(0-0-0)aw(1)rqnt(8)ecs(1)rqnl(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083102%3Aet%3A1663749062%3Ac%3A1%3Arn%3A352930322%3Arqn%3A8%3Au%3A1663749059904946911%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1663749055784%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663749062&t=gdpr(14)mc(p-5-h-1)clc(0-0-0)aw(1)rqnt(8)ecs(1)rqnl(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083102%3Aet%3A1663749062%3Ac%3A1%3Arn%3A352930322%3Arqn%3A8%3Au%3A1663749059904946911%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1663749055784%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663749062&t=gdpr(14)mc(p-5-h-1)clc(0-0-0)aw(1)rqnt(8)ecs(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 39
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 21 Sep 2022 08:31:02 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 08:31:02 GMT
last-modified: Wed, 21-Sep-2022 08:31:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ningukmodu.one/NlFGM1EZbiVAbGIrBEM1YAN+cAdOFRxrCHEEA3ElUiYMYgNxJmBHOFJsfwVgD2RwFSFfNXsAYxAiMlIlQyJ7AndfPyBcbBAnewN/Dn9/HWAQJHsCd0IhJ1RsB3c2RyVabHcFZwVmcgphAGN2BWY
172.67.129.77204 No Content 0 B URL HTTP/2 ningukmodu.one/NlFGM1EZbiVAbGIrBEM1YAN+cAdOFRxrCHEEA3ElUiYMYgNxJmBHOFJsfwVgD2RwFSFfNXsAYxAiMlIlQyJ7AndfPyBcbBAnewN/Dn9/HWAQJHsCd0IhJ1RsB3c2RyVabHcFZwVmcgphAGN2BWY
IP 172.67.129.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NlFGM1EZbiVAbGIrBEM1YAN+cAdOFRxrCHEEA3ElUiYMYgNxJmBHOFJsfwVgD2RwFSFfNXsAYxAiMlIlQyJ7AndfPyBcbBAnewN/Dn9/HWAQJHsCd0IhJ1RsB3c2RyVabHcFZwVmcgphAGN2BWY HTTP/1.1
Host: ningukmodu.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 21 Sep 2022 08:31:02 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqO3YWcOsuTIyQni32iCTDJRpf6DpC1dDb4uM7shaNSI4SFapHhEOit46Tr6dSuELdL2i%2BDBy7nMF0rfg5GiBP55Im6Nb%2FDoN%2BpxNqvwo7wZaKnSv4Hdwjt5ARITkfD9hA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171367a7a0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/4emw79TnHXI
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/4emw79TnHXI
IP 142.250.74.3:0
Hash 5d80efc104b25c70fb522e52677e9628
0865e49ebc8af0ee1777cac38f5042bc3070301b
48c937929426deb5602c66002f220ab60ca6a0c1eb8a65cce1ee7b298ce785ef
POST /s/gts1p5/4emw79TnHXI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:31:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e7425029cb87581653a2d298f1e0f1cf
8c79864e7d39c9bd209b6d051f98f4f44d92f804
1b61227954588bd684190c9897ba69590605e5d0f42e85de265506255329d2c6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "1B61227954588BD684190C9897BA69590605E5D0F42E85DE265506255329D2C6"
Last-Modified: Mon, 19 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3302
Expires: Wed, 21 Sep 2022 09:26:04 GMT
Date: Wed, 21 Sep 2022 08:31:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 359edf3112df375e1800fb176242c6bf
77136382fac9194ee5bad925bfe229dd4a495c86
77ebbb15481bf7f879714fe74da0df603558e67469fbac837eea61d061be86eb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "77EBBB15481BF7F879714FE74DA0DF603558E67469FBAC837EEA61D061BE86EB"
Last-Modified: Tue, 20 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15628
Expires: Wed, 21 Sep 2022 12:51:30 GMT
Date: Wed, 21 Sep 2022 08:31:02 GMT
Connection: keep-alive
ningukmodu.one/ZVp3UkJKZRQhfwcPGyEPImsWNwQwHi8+EEBoNQUTNz8vYQQAGCE9ZBEzE297U2hHY3ZDKh42f1R8BCYjES8Eb3NDMxk0LVh8AW9zS2lDfHBddEZ0N1hrUSYyBD1KY2QVLgM+f1RsQWF1UWNHZHBUa08
172.67.129.77204 No Content 0 B URL HTTP/2 ningukmodu.one/ZVp3UkJKZRQhfwcPGyEPImsWNwQwHi8+EEBoNQUTNz8vYQQAGCE9ZBEzE297U2hHY3ZDKh42f1R8BCYjES8Eb3NDMxk0LVh8AW9zS2lDfHBddEZ0N1hrUSYyBD1KY2QVLgM+f1RsQWF1UWNHZHBUa08
IP 172.67.129.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZVp3UkJKZRQhfwcPGyEPImsWNwQwHi8+EEBoNQUTNz8vYQQAGCE9ZBEzE297U2hHY3ZDKh42f1R8BCYjES8Eb3NDMxk0LVh8AW9zS2lDfHBddEZ0N1hrUSYyBD1KY2QVLgM+f1RsQWF1UWNHZHBUa08 HTTP/1.1
Host: ningukmodu.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 21 Sep 2022 08:31:02 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4D4MhU3gN1fUfKH%2FnxzJZuLg7itvjzB3C5CawR7TkU9GnMXQdorE8uVoDrl89QS9YyYnr7RNBb4ljDhwd%2FlErYy0qTH0n%2FW4LrvwQK8L3NfbbtL6Od61RBTtHCaMWLVHeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171369aa80b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ningukmodu.one/bmgxVENBV1InfiBZXSMVAgd0DQY4D1Ajdhg7ZhopKlpFHhlcIRcgKgpVCGJyV10HcjMHDAxncUgbRTU3GxsMZnNeXxc9LQgHDGVlGFUBentAUR9lZRtVAHI3HglWaXJIGEUgL1NZB2JwWVwIZHVcWAds
172.67.129.77204 No Content 0 B URL HTTP/2 ningukmodu.one/bmgxVENBV1InfiBZXSMVAgd0DQY4D1Ajdhg7ZhopKlpFHhlcIRcgKgpVCGJyV10HcjMHDAxncUgbRTU3GxsMZnNeXxc9LQgHDGVlGFUBentAUR9lZRtVAHI3HglWaXJIGEUgL1NZB2JwWVwIZHVcWAds
IP 172.67.129.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bmgxVENBV1InfiBZXSMVAgd0DQY4D1Ajdhg7ZhopKlpFHhlcIRcgKgpVCGJyV10HcjMHDAxncUgbRTU3GxsMZnNeXxc9LQgHDGVlGFUBentAUR9lZRtVAHI3HglWaXJIGEUgL1NZB2JwWVwIZHVcWAds HTTP/1.1
Host: ningukmodu.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 21 Sep 2022 08:31:02 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zY63V2UpXeCkWLA2L4C%2BI8LbP%2FQ6vyAZYxGKY70VrKUpeZ0bBzcpdr4xTul0m5O36XDxQ9H8XoIqnoNr08l4JHFYKGjf1GFjtjhqhvtOweRJZhq68ZOMu9HOMTT5rLlU6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e17136aaac0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ningukmodu.one/Q3RKRXRsSyk2SScfBzIncyIOIBMvQS4QTXQ2JAtGETwPAxEtA2wxHSdJc3NGc0V4YwQqEHd0TGUHPiQANgd3dFIqGiwqSWUCd3Rac1p7a0dlAXd0UjcEKyJJclI6MQAvSXtzQnBDfnxEdUZ6ckw
172.67.129.77204 No Content 0 B URL HTTP/2 ningukmodu.one/Q3RKRXRsSyk2SScfBzIncyIOIBMvQS4QTXQ2JAtGETwPAxEtA2wxHSdJc3NGc0V4YwQqEHd0TGUHPiQANgd3dFIqGiwqSWUCd3Rac1p7a0dlAXd0UjcEKyJJclI6MQAvSXtzQnBDfnxEdUZ6ckw
IP 172.67.129.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Q3RKRXRsSyk2SScfBzIncyIOIBMvQS4QTXQ2JAtGETwPAxEtA2wxHSdJc3NGc0V4YwQqEHd0TGUHPiQANgd3dFIqGiwqSWUCd3Rac1p7a0dlAXd0UjcEKyJJclI6MQAvSXtzQnBDfnxEdUZ6ckw HTTP/1.1
Host: ningukmodu.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 21 Sep 2022 08:31:02 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbFlZ8UBD%2BVPlRoGZ2nvX7F9NfIyKw5DtHKz737c%2F4JahQkt9wWGMEogdmOQbOfPcUpiJ73ZINY5v8Ii57VauQri6X4Lj%2BUsi%2BI8%2BgnFwO1eL1Eihvs8DYltx%2Bc8jXdCFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e17136bac90b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/4emw79TnHXI
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/4emw79TnHXI
IP 142.250.74.3:0
Hash 5d80efc104b25c70fb522e52677e9628
0865e49ebc8af0ee1777cac38f5042bc3070301b
48c937929426deb5602c66002f220ab60ca6a0c1eb8a65cce1ee7b298ce785ef
POST /s/gts1p5/4emw79TnHXI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:31:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/jquery.min.js
172.64.200.2200 OK 135 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/jquery.min.js
IP 172.64.200.2:0
File type ASCII text, with very long lines (65451)
Size 135 kB (134723 bytes)
Hash d951e04e2e8294f56d24a787a121abca
1e4f168bc861d8baf978cc3f1a35fd481f5597d5
f558a8ff22c8ab517c37ad1c1d843786b050437666593736676502166b7b6a24
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:01 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4227984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7ljPuj3Y%2Fh2LuS9FWqaoidjLmv42x6L6ZQmKgdN5XE67X3jz%2FT5xZijEm6bakZTlt1e3OfI0Hd3JebjBL9gzC0ZYmwPOu8cRBvCoQZ23sqDjww1uPPgSomPLoAPhnlRy08%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1712fa8a37488-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/4emw79TnHXI
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/4emw79TnHXI
IP 142.250.74.3:0
Hash 5d80efc104b25c70fb522e52677e9628
0865e49ebc8af0ee1777cac38f5042bc3070301b
48c937929426deb5602c66002f220ab60ca6a0c1eb8a65cce1ee7b298ce785ef
POST /s/gts1p5/4emw79TnHXI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:31:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
autifuleedeh.xyz/SmJpOFErAApVbitfCx4kOA5UHWMMR1t+NXtbW0pkJlpRTyMkBV4WMiYNHFw3OA0HTH8kBx0dYwwXCGAfJi8uWxoCIx1vBghSCHkAewcxCBccIz9uAQ0wM14SGA4mfAk5GCZTFAYEAF84DAknfRkbUyZuAxMuKnphCSY8fRwCMzB2ByFaOnkHAAMxbgQbNz9XFAIgUGISPTc6aRADCjF+YBwkP24LHRpZegchGihyKRw0PmppBzoBcQMcDgp5GXskL3c2EDY9fRAkJD9uCwswJG4HCQoibSl/Ojh+CxIjKHkcDyNcXgAmEVhuJgg1Pm0fHyMvYhwbNERuBg4KGm8Qe1oPbBQPCCpuFwIzWXYXHQ4OHjs5DQdIbCIpPWtjJCwmczQ
172.64.173.14200 OK 1.2 kB URL HTTP/2 autifuleedeh.xyz/SmJpOFErAApVbitfCx4kOA5UHWMMR1t+NXtbW0pkJlpRTyMkBV4WMiYNHFw3OA0HTH8kBx0dYwwXCGAfJi8uWxoCIx1vBghSCHkAewcxCBccIz9uAQ0wM14SGA4mfAk5GCZTFAYEAF84DAknfRkbUyZuAxMuKnphCSY8fRwCMzB2ByFaOnkHAAMxbgQbNz9XFAIgUGISPTc6aRADCjF+YBwkP24LHRpZegchGihyKRw0PmppBzoBcQMcDgp5GXskL3c2EDY9fRAkJD9uCwswJG4HCQoibSl/Ojh+CxIjKHkcDyNcXgAmEVhuJgg1Pm0fHyMvYhwbNERuBg4KGm8Qe1oPbBQPCCpuFwIzWXYXHQ4OHjs5DQdIbCIpPWtjJCwmczQ
IP 172.64.173.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2992), with no line terminators
Hash d7acd9a1dbfdb5b297a1577ceda7e495
8dbaf74b755e7e2d15dd7ff194ce858bfa032941
41c6981d231fcc248c8d179fc99a3f4eb723d13dad1a056b1b761cf7e2a0be01
GET /SmJpOFErAApVbitfCx4kOA5UHWMMR1t+NXtbW0pkJlpRTyMkBV4WMiYNHFw3OA0HTH8kBx0dYwwXCGAfJi8uWxoCIx1vBghSCHkAewcxCBccIz9uAQ0wM14SGA4mfAk5GCZTFAYEAF84DAknfRkbUyZuAxMuKnphCSY8fRwCMzB2ByFaOnkHAAMxbgQbNz9XFAIgUGISPTc6aRADCjF+YBwkP24LHRpZegchGihyKRw0PmppBzoBcQMcDgp5GXskL3c2EDY9fRAkJD9uCwswJG4HCQoibSl/Ojh+CxIjKHkcDyNcXgAmEVhuJgg1Pm0fHyMvYhwbNERuBg4KGm8Qe1oPbBQPCCpuFwIzWXYXHQ4OHjs5DQdIbCIpPWtjJCwmczQ HTTP/1.1
Host: autifuleedeh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:02 GMT
content-type: text/html
content-length: 1152
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rgn%2BqikEGyAR3aXlGg8APIyEhUmNeX48ZG%2Bn%2F0P2PVjGADCxHaoBXw0kmPr6mtRmczihM4HpCcwS6KJZV7JQo%2FA%2FWnIsKsCyLA%2B39njGQQ7YE2RFc97bMJ5OP9MB1k11Qdcz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e17137685d7463-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
autifuleedeh.xyz/VXRQT1U0FjMiajRJMmkgJxhtamcTUWIJMWRNYj1gOUxoOCc7E2dhNjkbJSszJxs+O3s7ESRqZxM9HX0fLCMHHQQRJidqZxMjYCwZExkCKxcDOhwtExwiEw4QZzc7ATMTJTd9NgYlAR88HwUGJhg9NWENEBcdHQ4ROT4FAQQDEBIabHBGFg4DZTYEfT0WITcWBA8yERkTMj1iCyJhLBgLZRciATw2BTURGRMtOjsMAyItFzUAHCE7KxQdRRUrADkQIhkXJhUBfT0XNRMNDTRFAikWLQMjBxcPJQEmEzY2BH4QNyEVDhwTECIZEBAhBn06OTc8HTY0IWAYABBZGWpnFzUGDh8dLCgYMQM2Ey4TBDAFfx86JQEJBhMwERgDMiU0BgAQNhoKISMnNwEQF0YCGXM/Bz8hJWgTAR0XExY3CQxhJSgoNg
172.64.173.14200 OK 1.2 kB URL HTTP/2 autifuleedeh.xyz/VXRQT1U0FjMiajRJMmkgJxhtamcTUWIJMWRNYj1gOUxoOCc7E2dhNjkbJSszJxs+O3s7ESRqZxM9HX0fLCMHHQQRJidqZxMjYCwZExkCKxcDOhwtExwiEw4QZzc7ATMTJTd9NgYlAR88HwUGJhg9NWENEBcdHQ4ROT4FAQQDEBIabHBGFg4DZTYEfT0WITcWBA8yERkTMj1iCyJhLBgLZRciATw2BTURGRMtOjsMAyItFzUAHCE7KxQdRRUrADkQIhkXJhUBfT0XNRMNDTRFAikWLQMjBxcPJQEmEzY2BH4QNyEVDhwTECIZEBAhBn06OTc8HTY0IWAYABBZGWpnFzUGDh8dLCgYMQM2Ey4TBDAFfx86JQEJBhMwERgDMiU0BgAQNhoKISMnNwEQF0YCGXM/Bz8hJWgTAR0XExY3CQxhJSgoNg
IP 172.64.173.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3021), with no line terminators
Hash fdfe2c0d8d94fb4919434e7df204ed10
4702c879cf519b7ac040f57996d344fafb95f1ee
be350077aa95525966387453005e1f9c89157da143ecb454132a838c7ba91675
GET /VXRQT1U0FjMiajRJMmkgJxhtamcTUWIJMWRNYj1gOUxoOCc7E2dhNjkbJSszJxs+O3s7ESRqZxM9HX0fLCMHHQQRJidqZxMjYCwZExkCKxcDOhwtExwiEw4QZzc7ATMTJTd9NgYlAR88HwUGJhg9NWENEBcdHQ4ROT4FAQQDEBIabHBGFg4DZTYEfT0WITcWBA8yERkTMj1iCyJhLBgLZRciATw2BTURGRMtOjsMAyItFzUAHCE7KxQdRRUrADkQIhkXJhUBfT0XNRMNDTRFAikWLQMjBxcPJQEmEzY2BH4QNyEVDhwTECIZEBAhBn06OTc8HTY0IWAYABBZGWpnFzUGDh8dLCgYMQM2Ey4TBDAFfx86JQEJBhMwERgDMiU0BgAQNhoKISMnNwEQF0YCGXM/Bz8hJWgTAR0XExY3CQxhJSgoNg HTTP/1.1
Host: autifuleedeh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:02 GMT
content-type: text/html
content-length: 1173
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkqq%2BCe2gJQxHzfHr98AAlFmWJ3MgEZSdyiGJtc5cX6jtVIkOWMDB6k%2FmxrTrjxFfes7TnRauWtf693ZSohERIqWk%2F9cWr1b%2B7UogjK9o71U3uBQuR6yiz%2BWQJcSCm5RjkRu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1713798a67463-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
autifuleedeh.xyz/WkRtQnQ7Jg4vSzt5D2QBKChQZ0YcYV8EEGt9XzBBNnxVNQY0I1psFzYrGCYSKCsDNlo0IRlnRhx3DhcmKhEHJScRMw5yNi0RGQYjYgY/cS4AHRo6LBYsAnsiPQJYCjY+YV8AJgIdIQgaYgcjJSIzDAoXUWgGKRVMExIUJT0KAlQPLT0zVRVEInU5ODo5AV4uED4BGgA/LQ4bFCUfPCUGMjgGLhc5FBZZBz4MFUhwMgwzHjY2DnE3FDwDMjc6LhgdOzYdHwUBcyMSJyEPRhwmNC4lAw8FNQUSESNyMQ0rIg4aECAJNQcgHTs2HQkjCSojMgkvEEYqHgg6RR4gLG9AaRMVLQYOAy9nRhgVXhAtAyMFAxAcLF4BHx8tLAE2PgIUMSY+MwJxEgx9VQEyOTw7BTl8Lh4tGip5GAcybnYPNjMpNgFy
172.64.173.14200 OK 1.2 kB URL HTTP/2 autifuleedeh.xyz/WkRtQnQ7Jg4vSzt5D2QBKChQZ0YcYV8EEGt9XzBBNnxVNQY0I1psFzYrGCYSKCsDNlo0IRlnRhx3DhcmKhEHJScRMw5yNi0RGQYjYgY/cS4AHRo6LBYsAnsiPQJYCjY+YV8AJgIdIQgaYgcjJSIzDAoXUWgGKRVMExIUJT0KAlQPLT0zVRVEInU5ODo5AV4uED4BGgA/LQ4bFCUfPCUGMjgGLhc5FBZZBz4MFUhwMgwzHjY2DnE3FDwDMjc6LhgdOzYdHwUBcyMSJyEPRhwmNC4lAw8FNQUSESNyMQ0rIg4aECAJNQcgHTs2HQkjCSojMgkvEEYqHgg6RR4gLG9AaRMVLQYOAy9nRhgVXhAtAyMFAxAcLF4BHx8tLAE2PgIUMSY+MwJxEgx9VQEyOTw7BTl8Lh4tGip5GAcybnYPNjMpNgFy
IP 172.64.173.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators
Hash 36336f739abf501c65db3cd842df58e6
295916ca6bf12f2b06f2bba65b5590ecb8d58a92
821f7e5d143f0e5f59704f8cb7b70643fb639d5559094dd3da4d7c58a09c13c1
GET /WkRtQnQ7Jg4vSzt5D2QBKChQZ0YcYV8EEGt9XzBBNnxVNQY0I1psFzYrGCYSKCsDNlo0IRlnRhx3DhcmKhEHJScRMw5yNi0RGQYjYgY/cS4AHRo6LBYsAnsiPQJYCjY+YV8AJgIdIQgaYgcjJSIzDAoXUWgGKRVMExIUJT0KAlQPLT0zVRVEInU5ODo5AV4uED4BGgA/LQ4bFCUfPCUGMjgGLhc5FBZZBz4MFUhwMgwzHjY2DnE3FDwDMjc6LhgdOzYdHwUBcyMSJyEPRhwmNC4lAw8FNQUSESNyMQ0rIg4aECAJNQcgHTs2HQkjCSojMgkvEEYqHgg6RR4gLG9AaRMVLQYOAy9nRhgVXhAtAyMFAxAcLF4BHx8tLAE2PgIUMSY+MwJxEgx9VQEyOTw7BTl8Lh4tGip5GAcybnYPNjMpNgFy HTTP/1.1
Host: autifuleedeh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:02 GMT
content-type: text/html
content-length: 1173
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAce22oxQwiacyRydRfvLn3N4tqOimGJAl%2Bia0oT9G4lK35p20Xmnk%2FqJQ8L4SOK%2FVB7NFvkpwlxwKcSdBBxADn%2BvEe7NfUfENGGwaOeF%2FP3kHFVTDTjqmCNF9J%2Fj5F0Vwck"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e17137f91c7463-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083102%3Aet%3A1663749062%3Ac%3A1%3Arn%3A1026321067%3Arqn%3A7%3Au%3A1663749059904946911%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1663749055784%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663749062%3At%3AOnline%20Victoria%20Carvalho%2C%20Yago%20Ribeiro%20Study%20Break%20-%20XFantazy.com&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(7)ecs(1)fip(1)rqnl(1)ti(2)
77.88.21.119302 Found 472 B URL HTTP/2 mc.yandex.ru/watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083102%3Aet%3A1663749062%3Ac%3A1%3Arn%3A1026321067%3Arqn%3A7%3Au%3A1663749059904946911%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1663749055784%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663749062%3At%3AOnline%20Victoria%20Carvalho%2C%20Yago%20Ribeiro%20Study%20Break%20-%20XFantazy.com&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(7)ecs(1)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
Hash 5d80efc104b25c70fb522e52677e9628
0865e49ebc8af0ee1777cac38f5042bc3070301b
48c937929426deb5602c66002f220ab60ca6a0c1eb8a65cce1ee7b298ce785ef
GET /watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083102%3Aet%3A1663749062%3Ac%3A1%3Arn%3A1026321067%3Arqn%3A7%3Au%3A1663749059904946911%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1663749055784%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663749062%3At%3AOnline%20Victoria%20Carvalho%2C%20Yago%20Ribeiro%20Study%20Break%20-%20XFantazy.com&t=gdpr(14)mc(p-5)clc(0-0-0)aw(1)rqnt(7)ecs(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60f75bbeed696b7119a7fac5&charset=utf-8&hittoken=1663749059_d361582dcdc6252e78aa72d9de90bcf0185f5a0b368a05a880b70d7540822a37&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1080368595498%3Ahid%3A968307409%3Az%3A0%3Ai%3A20220921083102%3Aet%3A1663749062%3Ac%3A1%3Arn%3A1026321067%3Arqn%3A7%3Au%3A1663749059904946911%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1663749055784%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663749062%3At%3AOnline%20Victoria%20Carvalho%2C%20Yago%20Ribeiro%20Study%20Break%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-5%29clc%280-0-0%29aw%281%29rqnt%287%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 21 Sep 2022 08:31:02 GMT
access-control-allow-origin: https://xfantazy.com
set-cookie: yandexuid=9076456361663749062; Expires=Thu, 21-Sep-2023 08:31:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9076456361663749062; Expires=Thu, 21-Sep-2023 08:31:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1696048221663749062; Path=/; SameSite=None; Secure
i=tZDa/qDGc9HGk0lEE7G9AkYs7QJpIFnu9tQ0SVnx7Bg8Gcv3ldlCoUb7pRNMy2pDPsDUrPPerORehw6FWAcw2j3i9lw=; Expires=Sat, 18-Sep-2032 08:30:59 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695285062.yrts.1663749062#1695285062.yrtsi.1663749062; Expires=Thu, 21-Sep-2023 08:31:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 08:31:02 GMT
last-modified: Wed, 21-Sep-2022 08:31:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/uaXNlMGcKHAtWWB0aAQ1eX0FVAVVPGRZfCRlODXszOkELfigiFkNEHQ1OVRYLCB0CDUEMHQYNVk8SAVJaXVUQUVoEHB9ZCwUSQAIhXF1VFVVZWx0BVkxAJxVVWR8MXhIRVlcAH1FFOgZTTEAnFVVZARMVVChKUx5XQFZXAAAMEA5fQls1VwBWWUNUAFZMQV-VWDhsWA18fTEEjCVFHQ0NFWlg
54.230.245.4200 OK 179 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/uaXNlMGcKHAtWWB0aAQ1eX0FVAVVPGRZfCRlODXszOkELfigiFkNEHQ1OVRYLCB0CDUEMHQYNVk8SAVJaXVUQUVoEHB9ZCwUSQAIhXF1VFVVZWx0BVkxAJxVVWR8MXhIRVlcAH1FFOgZTTEAnFVVZARMVVChKUx5XQFZXAAAMEA5fQls1VwBWWUNUAFZMQV-VWDhsWA18fTEEjCVFHQ0NFWlg
IP 54.230.245.4:0
File type ASCII text, with no line terminators
Hash 2405da18708a1891e73a4eb251065b08
c8f8cb673d3a5c3e621d94cf950b92dfbed13feb
68c4a34c2043483a14e744e21157cbac3669b7607acc8bb1f0d1916ca5dd552c
GET /uaXNlMGcKHAtWWB0aAQ1eX0FVAVVPGRZfCRlODXszOkELfigiFkNEHQ1OVRYLCB0CDUEMHQYNVk8SAVJaXVUQUVoEHB9ZCwUSQAIhXF1VFVVZWx0BVkxAJxVVWR8MXhIRVlcAH1FFOgZTTEAnFVVZARMVVChKUx5XQFZXAAAMEA5fQls1VwBWWUNUAFZMQV-VWDhsWA18fTEEjCVFHQ0NFWlg HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autifuleedeh.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 179
date: Wed, 21 Sep 2022 08:31:02 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T8o6xLi4OaWTDwqWm3fZGmxwpIHMqUhkBbQKKH_xwuNdjt52gnOJtA==
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/IM2JyWWRQDRw/W0cLFmRdBVNLbFIVCAE2CkNfFQg2cSQQPiJqViMhA1BEBiMADlJUNQVdBU9/AV0BT2hCUgYQZFAVFgI2Dw4XHD0BVQscPAAVFxNkCVwYGzUIUkdAH1EdUldrVBsaQ2hBACBXa1RfCxwsHBZQQiFcBT1EbUEAIFdrVEEUV2olClRcaU0WUE-I+AVAJHXxWdVBCaFQDU0JoQQFSFDAWVgQdIUEBJEtvSgNEB2RV
54.230.245.4200 OK 331 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/IM2JyWWRQDRw/W0cLFmRdBVNLbFIVCAE2CkNfFQg2cSQQPiJqViMhA1BEBiMADlJUNQVdBU9/AV0BT2hCUgYQZFAVFgI2Dw4XHD0BVQscPAAVFxNkCVwYGzUIUkdAH1EdUldrVBsaQ2hBACBXa1RfCxwsHBZQQiFcBT1EbUEAIFdrVEEUV2olClRcaU0WUE-I+AVAJHXxWdVBCaFQDU0JoQQFSFDAWVgQdIUEBJEtvSgNEB2RV
IP 54.230.245.4:0
File type ASCII text, with very long lines (406), with no line terminators
Hash fc0e68b62a898939b106ff40e62478ac
a6ce70b91c88ffeb8520a8f73f6966e8191fbdd5
b95076497dcac145d8201b5308f3a444bb09980383758a266ce3227f5c3c0a17
GET /IM2JyWWRQDRw/W0cLFmRdBVNLbFIVCAE2CkNfFQg2cSQQPiJqViMhA1BEBiMADlJUNQVdBU9/AV0BT2hCUgYQZFAVFgI2Dw4XHD0BVQscPAAVFxNkCVwYGzUIUkdAH1EdUldrVBsaQ2hBACBXa1RfCxwsHBZQQiFcBT1EbUEAIFdrVEEUV2olClRcaU0WUE-I+AVAJHXxWdVBCaFQDU0JoQQFSFDAWVgQdIUEBJEtvSgNEB2RV HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autifuleedeh.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 331
date: Wed, 21 Sep 2022 08:31:02 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aBTxMu0Xy3RJLXY5mS0wMTMRMO8bs1kPZTI9cldgOZviVRXy0_ly3A==
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/3cURpUjgSKwc0BwUtDW8BR3ZZYwxXLho9VgF5HBd+RXYLJn8CNgViHgU+DW8IVygIPF9MYgw8W0x1TzNcE3lddEwBKwJvVQExHDFbBCUMNR4EJVQ/VwstBT5ZVHYvZxZBYVtiEAl1WHcLM2FbYlQYKhwqHUN0EWoOLnJddwszYVtiSgdhWhMBR2pZex1DdA-43WxorTGB+Q3RYYghAdFh3CkEiACBdFysRdwo3fV98CFcxVGM
54.230.245.4200 OK 586 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/3cURpUjgSKwc0BwUtDW8BR3ZZYwxXLho9VgF5HBd+RXYLJn8CNgViHgU+DW8IVygIPF9MYgw8W0x1TzNcE3lddEwBKwJvVQExHDFbBCUMNR4EJVQ/VwstBT5ZVHYvZxZBYVtiEAl1WHcLM2FbYlQYKhwqHUN0EWoOLnJddwszYVtiSgdhWhMBR2pZex1DdA-43WxorTGB+Q3RYYghAdFh3CkEiACBdFysRdwo3fV98CFcxVGM
IP 54.230.245.4:0
File type ASCII text, with very long lines (824), with no line terminators
Hash 6081f245700bb1f0f15dc58932bf2c15
8892e2f1c096d0a9991faa955d04b03bc272361a
e8f59eee259ee0ee5bd8c3dba9820057244fbf51c7a02e90b65ab99b043fe8e1
GET /3cURpUjgSKwc0BwUtDW8BR3ZZYwxXLho9VgF5HBd+RXYLJn8CNgViHgU+DW8IVygIPF9MYgw8W0x1TzNcE3lddEwBKwJvVQExHDFbBCUMNR4EJVQ/VwstBT5ZVHYvZxZBYVtiEAl1WHcLM2FbYlQYKhwqHUN0EWoOLnJddwszYVtiSgdhWhMBR2pZex1DdA-43WxorTGB+Q3RYYghAdFh3CkEiACBdFysRdwo3fV98CFcxVGM HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autifuleedeh.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 586
date: Wed, 21 Sep 2022 08:31:02 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jLh1hkFQxG7BP5R7PInXBREQ0TOCDjELlf307md-0KoZLzh2rPXPFw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14d31c538ef2caf4422a82eae13752fb
64a60fba95891f5dcc3d098c78ca3705d679c073
9bf27ebead2d15f04d2874793cb043a7d650b50902092fe6ae3a5a9891c5cabe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6594
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:31:02 GMT
Last-Modified: Wed, 21 Sep 2022 06:41:08 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/style.css
172.64.200.2200 OK 2.7 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/style.css
IP 172.64.200.2:0
Hash 691f1a29e8a6bbe82834b4f8aad336bc
b247d47325df77c3296a49a07416b933906d7f51
66fe1a144ccbc77681b8b62cc4348418f1b7f22f937d5f0eb8b805444863692d
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:01 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 805146
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPkkICBlkRQth5NWcPpkrny93KNKIQ14KdHOcRb742slZrJb%2B8rbQqeSg%2BYSRgUX8UD5Muogd2zb%2FyNQSbSZfxm6UYLu3sAJPvTAhwBh6IA9HAw8HN4B44V9Qnwgyp6FuUg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1712f583f7488-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/animate.css
172.64.200.2200 OK 5.3 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/animate.css
IP 172.64.200.2:0
Hash de8591580ae92800789fb9112fb99145
0d9a5a994113b81ba9d9cd492752d4f0c8346b3c
38922cb8a61ac3aa8a659729097fb60c7db61db5142546dbccf9aa52a28453ff
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:01 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 805146
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBLmQGgCfrqYJIvZSxZ1SSr1RxSSFA%2FQXEqiSA%2Bap5TloRdskM73eqteG29YwCCQysPzfQ39PRdkOM1iEIdOVrBI1IXsUo%2BLmDwbnuBJUaJnJvUlj%2BEEYu3DY0ndsfnVZSo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1712f68487488-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 399 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash 2b87452f8f6d3ee9f57662b7946c5a49
937cdcbe860e8df4126b52e86dbe17fd1aa0a874
88528bdfd7457123f5bba56a78e67d3c86ad7cd604be2988744592ebf5aa83f0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 21 Sep 2022 08:31:02 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1861331958%3A1663749062855148&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqzaaSK4KjMKHH-wrSfH3gbH4jhAUu3IBSOL950N7uYzNVfuzQGLJZs7AUIXy-zlEmDS3taWg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-LotAOZAoFglxhw_U4Yb1_g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 399
server: GSE
set-cookie: __Host-GAPS=1:LK4mvWkGFEPQ0ove6Az0cTnP8Hy6vw:WzNbYyaomijsbvH9;Path=/;Expires=Fri, 20-Sep-2024 08:31:02 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/styles.77acb212b856be16971e.js
104.26.1.188200 OK 1.5 kB URL HTTP/2 xfantazy.com/_next/static/chunks/styles.77acb212b856be16971e.js
IP 104.26.1.188:0
File type ASCII text, with no line terminators
Hash fd09bedf2206b553cb7d57c3d28d8d4f
e22c45d7715c296c0d44d150a72974e7a6d30c85
9df9771711fa9e48e7d5ae78e79d81bf2a132a134e88d1e24f79d46450d2feaf
GET /_next/static/chunks/styles.77acb212b856be16971e.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cf-bgj: minify
cache-control: public, max-age=31536000, immutable
etag: W/"55-179fb70cfea"
last-modified: Fri, 11 Jun 2021 14:19:05 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 30205878
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdNmidhlxh8Vm%2FiNxM3D7fCf6CTIqneMrXI%2BfAQQVARou4Uf6J48alF2QtUMHnji3A%2BBw%2B%2B7LTY6364Bb4abs2%2Fuvt4oxmME9Nnbjhab8YQ84WgElmdU8g1oohs8XA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1712179b70b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:31:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14d31c538ef2caf4422a82eae13752fb
64a60fba95891f5dcc3d098c78ca3705d679c073
9bf27ebead2d15f04d2874793cb043a7d650b50902092fe6ae3a5a9891c5cabe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6594
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:31:02 GMT
Last-Modified: Wed, 21 Sep 2022 06:41:08 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
a.focusde.info/api/click/7812465138337544095?c=90
135.181.208.216200 OK 57 B URL HTTP/2 a.focusde.info/api/click/7812465138337544095?c=90
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash bd3e1452dba80e4e8aa0ea0ce2505bfc
54edd52efc2a6f02aa4280392b48c997ed914308
95a4dc615852479342568513981f8793a2d7cd834e1623d23607acda55f23814
GET /api/click/7812465138337544095?c=90 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/api/spots/303894?p=1&s1=%subid1%&kw=
Cookie: nauid=RCC9b1Vv2aj52OKi1PLu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 08:31:03 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap
216.58.211.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap
IP 216.58.211.10:0
Hash aadcd083308203cd5f23de27431f498f
e6f66de7dbe5851f15de3519505ffa5be4d9d46c
754ada7ca4566bcb26da0f24959e9e1faa034b2a5d20fcb64f03be19dffc941e
GET /css?family=Roboto:100,300,400,500,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 08:30:58 GMT
date: Wed, 21 Sep 2022 08:30:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a0093dbac56b7a27ab47c1139f554d3
95e5b1eac324639a3d095ac86eb2382e8e2975bb
d6042aa3d1bb277bfd37caf6ea4dd9e068135550839fd1890727ab0d5e7ae8a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6042AA3D1BB277BFD37CAF6EA4DD9E068135550839FD1890727AB0D5E7AE8A8"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3690
Expires: Wed, 21 Sep 2022 09:32:33 GMT
Date: Wed, 21 Sep 2022 08:31:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a0093dbac56b7a27ab47c1139f554d3
95e5b1eac324639a3d095ac86eb2382e8e2975bb
d6042aa3d1bb277bfd37caf6ea4dd9e068135550839fd1890727ab0d5e7ae8a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6042AA3D1BB277BFD37CAF6EA4DD9E068135550839FD1890727AB0D5E7AE8A8"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3690
Expires: Wed, 21 Sep 2022 09:32:33 GMT
Date: Wed, 21 Sep 2022 08:31:03 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 797f8e0dfd59bcbe0d019dac2f3f9d93
b720b8257d471ff85fccb68f43412166f0ea4bb5
ee069cc1d0b41a955ecfb14ee78d17d71f5cc34a7070d77cc383d67d71e7d5ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EE069CC1D0B41A955ECFB14EE78D17D71F5CC34A7070D77CC383D67D71E7D5AD"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4040
Expires: Wed, 21 Sep 2022 09:38:23 GMT
Date: Wed, 21 Sep 2022 08:31:03 GMT
Connection: keep-alive
cdn3.medfoodsafety.com/14/6a/76069/00000448458.gif
172.64.172.19200 OK 106 kB URL HTTP/2 cdn3.medfoodsafety.com/14/6a/76069/00000448458.gif
IP 172.64.172.19:0
File type GIF image data, version 89a, 900 x 250\012- data
Size 106 kB (106220 bytes)
Hash bba4163bb02227a69bc754024dabc76a
b86d258476b202f475cd5a0f24b1de3aaf36dea1
f27d0742d6a9c940e843255c94550d1f7ace5bc756708a576e7101023ed7b975
GET /14/6a/76069/00000448458.gif HTTP/1.1
Host: cdn3.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.medfoodsafety.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:03 GMT
content-type: image/gif
content-length: 106220
last-modified: Wed, 18 Nov 2020 21:06:06 GMT
x-amz-server-side-encryption: AES256
etag: "bba4163bb02227a69bc754024dabc76a"
x-cache: Hit from cloudfront
via: 1.1 10131483569b12d46be11abd6f162904.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: LAOqnPPuRBB12LaPNQT5DqEAgiNyKJEJdzEmdl7XJQonCEeGRszS9A==
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLBHgwHM4NPKabEwt9LMDj%2F5UFRJlKz8y2Zxd0nEoc5vOFzH0hvsD27pusFpCEcSrg5YanKdmC%2FufuQUvvsau2OlVYhS8LOX10i8TCr2sRwleSqaJJFIgm28UNJP2nLEsjqn3gx%2BSTAL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e171402ee8770b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.medfoodsafety.com/i?tid=8d4c580c-561c-4312-8608-f332215aff86&cf=affcgdi0fc
172.64.172.19200 OK 60 B URL HTTP/2 a.medfoodsafety.com/i?tid=8d4c580c-561c-4312-8608-f332215aff86&cf=affcgdi0fc
IP 172.64.172.19:0
File type ASCII text, with no line terminators
Hash cea81d6017b53c6c7bd076407db21a0a
063acf4f87ec5b0c7f9631779c264ee045945c52
1665c0045c0d9a05857431f46362283793d0b844d9e157692079bcbc69ff6154
GET /i?tid=8d4c580c-561c-4312-8608-f332215aff86&cf=affcgdi0fc HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.medfoodsafety.com/loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:03 GMT
content-type: image/gif
content-length: 60
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHhGXq%2Bkf3rh5dyriderClRFb%2BC4v6ThsaGhZSTyHXd4pAHJOPL2CFtzKhK1%2FgVFtKufV3fDVdBdqfQitQ%2FmmZtBz0d7ato0rBmpjZ0BEiOa4SiSOxx2Ojai%2FK5XCOqQPng2J2cY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171401ecf770b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=50f43b0d-64f1-4026-8df9-320953ee0baa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=50f43b0d-64f1-4026-8df9-320953ee0baa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=50f43b0d-64f1-4026-8df9-320953ee0baa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 08:31:03 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 08256520893d904b1426452b2560a398
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=50f43b0d-64f1-4026-8df9-320953ee0baa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=50f43b0d-64f1-4026-8df9-320953ee0baa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=50f43b0d-64f1-4026-8df9-320953ee0baa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 08:31:03 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0bc38da6e94391b609864ae9e07c6a19
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b571c0afacb3012972605494bbb9303
a2d99e6bf03081d9fcc0e071f54b169b2743e80c
fdbfee32402a96555674c378ec67687e679b195d74d634c6e6c5674a0af4b06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FDBFEE32402A96555674C378EC67687E679B195D74D634C6E6C5674A0AF4B06F"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4275
Expires: Wed, 21 Sep 2022 09:42:19 GMT
Date: Wed, 21 Sep 2022 08:31:04 GMT
Connection: keep-alive
s.optnx.com/cimp.php?data=TVRZMk16YzBPVEEyTW54aVl6WXpaVE00WTJJNE1UQTBNemRoTTJGaE5tVXdPRFF4TlRjMVkyUmpNUS0tfC9saWJyYXJ5Lzc1NDY3NC9mN2Q4OWJlMjMwMzk5MWExNTVhOWQ1MDgyZWIyMDYyZjExOGRmOWE5LmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfGFkLW1hdmVuLmNvbXw3NTQ2NzR8NDMwNjc1fDg2NzMwMHw0NDQ0NzE0fDUwOHw1Mjg0ODk0fDc1MjcyODY2fDE1fDN8MHwwfDI1MzQ0fDk2MTk1Nnx8NzV8VVNEfFVTRHwxfDF8NDN8fDF8Tk9SfHwyMHwxfDF8fDliOGU4ZGJiOGYwMDUxZTVhMTViNzg4Y2FiZDQwOGI4fDFjZmZhMjZjYWI5MjI3ZTE2MDAzNDNhOWZmYmYwZGUyfDF8MHx4ZmFudGF6eS5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfaW5fcGFnZV9wdXNoX25vdGlmaWNhdGlvbnwwfDB8MHwtMXwwfDB8fHwxfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHx8OHwxfE1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wfE9LfDVjMjNmNmUwM2Q1YzFmMmU5MWFlYjRkZjdlNWYxYmNm
95.211.229.245302 Found 0 B URL HTTP/1.1 s.optnx.com/cimp.php?data=TVRZMk16YzBPVEEyTW54aVl6WXpaVE00WTJJNE1UQTBNemRoTTJGaE5tVXdPRFF4TlRjMVkyUmpNUS0tfC9saWJyYXJ5Lzc1NDY3NC9mN2Q4OWJlMjMwMzk5MWExNTVhOWQ1MDgyZWIyMDYyZjExOGRmOWE5LmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfGFkLW1hdmVuLmNvbXw3NTQ2NzR8NDMwNjc1fDg2NzMwMHw0NDQ0NzE0fDUwOHw1Mjg0ODk0fDc1MjcyODY2fDE1fDN8MHwwfDI1MzQ0fDk2MTk1Nnx8NzV8VVNEfFVTRHwxfDF8NDN8fDF8Tk9SfHwyMHwxfDF8fDliOGU4ZGJiOGYwMDUxZTVhMTViNzg4Y2FiZDQwOGI4fDFjZmZhMjZjYWI5MjI3ZTE2MDAzNDNhOWZmYmYwZGUyfDF8MHx4ZmFudGF6eS5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfaW5fcGFnZV9wdXNoX25vdGlmaWNhdGlvbnwwfDB8MHwtMXwwfDB8fHwxfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHx8OHwxfE1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wfE9LfDVjMjNmNmUwM2Q1YzFmMmU5MWFlYjRkZjdlNWYxYmNm
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cimp.php?data=TVRZMk16YzBPVEEyTW54aVl6WXpaVE00WTJJNE1UQTBNemRoTTJGaE5tVXdPRFF4TlRjMVkyUmpNUS0tfC9saWJyYXJ5Lzc1NDY3NC9mN2Q4OWJlMjMwMzk5MWExNTVhOWQ1MDgyZWIyMDYyZjExOGRmOWE5LmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfGFkLW1hdmVuLmNvbXw3NTQ2NzR8NDMwNjc1fDg2NzMwMHw0NDQ0NzE0fDUwOHw1Mjg0ODk0fDc1MjcyODY2fDE1fDN8MHwwfDI1MzQ0fDk2MTk1Nnx8NzV8VVNEfFVTRHwxfDF8NDN8fDF8Tk9SfHwyMHwxfDF8fDliOGU4ZGJiOGYwMDUxZTVhMTViNzg4Y2FiZDQwOGI4fDFjZmZhMjZjYWI5MjI3ZTE2MDAzNDNhOWZmYmYwZGUyfDF8MHx4ZmFudGF6eS5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfaW5fcGFnZV9wdXNoX25vdGlmaWNhdGlvbnwwfDB8MHwtMXwwfDB8fHwxfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHx8OHwxfE1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wfE9LfDVjMjNmNmUwM2Q1YzFmMmU5MWFlYjRkZjdlNWYxYmNm HTTP/1.1
Host: s.optnx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 21 Sep 2022 08:31:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632acbc8777359.541382802175992183%22%3B%7D; expires=Fri, 20 Sep 2024 08:31:04 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Location: https://s3t3d2y8.afcdn.net/library/754674/f7d89be2303991a155a9d5082eb2062f118df9a9.jpg
X-Robots-Tag: noindex, follow
rtb.exoclick.com/not.php?zid=4444714&data=TVRZMk16YzBPVEEyTW54aVl6WXpaVE00WTJJNE1UQTBNemRoTTJGaE5tVXdPRFF4TlRjMVkyUmpNUS0tfDIwMjItMDktMjEgMDQ6MzE6MDJ8OTEuOTAuNDIuMTU0fE5PUnw0MXxhZC1tYXZlbi5jb218NzU0Njc0fDQzMDY3NXw4NjczMDB8NDQ0NDcxNHw1MDh8NTI4NDg5NHw3NTI3Mjg2NnwxNXwzfDB8MHwyNTM0NHw5NjE5NTZ8MHwwfFVTRHxVU0R8MXwxfDQzfHwxfE5PUnx8MjB8MXwxfHw5YjhlOGRiYjhmMDA1MWU1YTE1Yjc4OGNhYmQ0MDhiOHwxY2ZmYTI2Y2FiOTIyN2UxNjAwMzQzYTlmZmJmMGRlMnx4ZmFudGF6eS5jb218MHwwfDB8MHx8MHwxMHwwfFdJTk5FUnx8MXwwLjAwOTI2OTY2MjkyMTM0ODN8NHwwfDJ8MHwwfDB8MHwtMXwwfDB8fHx8MHwwfDB8fHx8MHwwfDB8MXwwfDB8OHwxfDB8fE9LfDg0YTZiMTY1MWU0MDMwODllM2E1ODgzMjdjNDE2MDg0
198.244.162.155200 OK 14 kB URL HTTP/2 rtb.exoclick.com/not.php?zid=4444714&data=TVRZMk16YzBPVEEyTW54aVl6WXpaVE00WTJJNE1UQTBNemRoTTJGaE5tVXdPRFF4TlRjMVkyUmpNUS0tfDIwMjItMDktMjEgMDQ6MzE6MDJ8OTEuOTAuNDIuMTU0fE5PUnw0MXxhZC1tYXZlbi5jb218NzU0Njc0fDQzMDY3NXw4NjczMDB8NDQ0NDcxNHw1MDh8NTI4NDg5NHw3NTI3Mjg2NnwxNXwzfDB8MHwyNTM0NHw5NjE5NTZ8MHwwfFVTRHxVU0R8MXwxfDQzfHwxfE5PUnx8MjB8MXwxfHw5YjhlOGRiYjhmMDA1MWU1YTE1Yjc4OGNhYmQ0MDhiOHwxY2ZmYTI2Y2FiOTIyN2UxNjAwMzQzYTlmZmJmMGRlMnx4ZmFudGF6eS5jb218MHwwfDB8MHx8MHwxMHwwfFdJTk5FUnx8MXwwLjAwOTI2OTY2MjkyMTM0ODN8NHwwfDJ8MHwwfDB8MHwtMXwwfDB8fHx8MHwwfDB8fHx8MHwwfDB8MXwwfDB8OHwxfDB8fE9LfDg0YTZiMTY1MWU0MDMwODllM2E1ODgzMjdjNDE2MDg0
IP 198.244.162.155:0
Hash c49f6b91928b27cd12bf3a4b4cd5de2f
9bf1cd56f929ac228bf9d715004b61c77dc6800f
a8fd8beafc2c256ec20d0d01c35603b28a67e907929ee91441c62f33e831e19d
GET /not.php?zid=4444714&data=TVRZMk16YzBPVEEyTW54aVl6WXpaVE00WTJJNE1UQTBNemRoTTJGaE5tVXdPRFF4TlRjMVkyUmpNUS0tfDIwMjItMDktMjEgMDQ6MzE6MDJ8OTEuOTAuNDIuMTU0fE5PUnw0MXxhZC1tYXZlbi5jb218NzU0Njc0fDQzMDY3NXw4NjczMDB8NDQ0NDcxNHw1MDh8NTI4NDg5NHw3NTI3Mjg2NnwxNXwzfDB8MHwyNTM0NHw5NjE5NTZ8MHwwfFVTRHxVU0R8MXwxfDQzfHwxfE5PUnx8MjB8MXwxfHw5YjhlOGRiYjhmMDA1MWU1YTE1Yjc4OGNhYmQ0MDhiOHwxY2ZmYTI2Y2FiOTIyN2UxNjAwMzQzYTlmZmJmMGRlMnx4ZmFudGF6eS5jb218MHwwfDB8MHx8MHwxMHwwfFdJTk5FUnx8MXwwLjAwOTI2OTY2MjkyMTM0ODN8NHwwfDJ8MHwwfDB8MHwtMXwwfDB8fHx8MHwwfDB8fHx8MHwwfDB8MXwwfDB8OHwxfDB8fE9LfDg0YTZiMTY1MWU0MDMwODllM2E1ODgzMjdjNDE2MDg0 HTTP/1.1
Host: rtb.exoclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:04 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
x-served-by: hap08-web33-lon1-0
X-Firefox-Spdy: h2
xfantazy.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663747200
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663747200
IP 104.26.1.188:0
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663747200 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-control-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QIxewaXpGzRlQzUY22aLgKq10bGUhseghV5kSIwRnY78cXwk0HbHl6HOrfLUionmpjDP9YrgNsqYVxtXvWKqj0iF7PcOnbvoxP90l8PKUSzhW5C1F92KdUVxlB75A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1711f48010b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/categories.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/categories.js
IP 104.26.1.188:0
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/categories.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2CTest-Code%20
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"240b-18350163506"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 251445
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziJPB5VDZSf%2BqBWAFoD32LdVjI4RO0LQz%2FsIMt99kEkxBWEp6HSA92ETdhkn50gsk1PZ3qd5i3NC6En%2FtYfIWLruXmNF%2BRBjc5G%2F6zdI8V%2BfzuGcVXhHS5HznBDugg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171226a850b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/9.be198c87e436634bf765.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/9.be198c87e436634bf765.js
IP 104.26.1.188:0
GET /_next/static/chunks/9.be198c87e436634bf765.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"9c95-181397f9e55"
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 9189817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BEtYN84GnBl84fFXpzAEyd1PiCNvNoctQQQD3PSiUXcOXwmp%2B013BGN%2FXE0dSB1wxY0fkcVGXC2GV3CPrlP4HABdBWswDSWXBi2og6n6MtyQqhUff7I3alIkfDCjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1711dbe7f0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/static/logo-tv-light.svg
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/static/logo-tv-light.svg
IP 104.26.1.188:0
GET /static/logo-tv-light.svg HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: image/svg+xml
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Sun, 18 Sep 2022 10:07:55 GMT
etag: W/"101b-18350119cac"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVGxz9MafxILQI5uYblK91fyNEIDxLjc%2B3SG4Gkw24dGfhuU4B8awqDb3qz0iDOYJR4BKcmFZeDyOZnqmCGhlm1D9reQwR2ERzDdf%2FlF4sbry4FFAxnbRGC32FzE8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1711dce830b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/channels.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/channels.js
IP 104.26.1.188:0
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/channels.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2CTest-Code%20
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"975-18350163506"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 251445
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s56%2FKDtVb94TdYz%2BdBbXQrDO0pFh38GX6To1AjcIONQP0Xf0SzX3i7S6xzClf8O38vKsv3VfD0sJ1KURjNulcshpPeNInNiMSOhsgVRqRlE0Ze3newbLr2D38TT42g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171226a890b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/top.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/top.js
IP 104.26.1.188:0
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/top.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2CTest-Code%20
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"582-18350163506"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 251245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20ZyAG3K%2FrR9Sy0v3q1jBSIX291eSf%2BDbtBpY1H7deMzzUAhhSN5EoNeO6EKie2uHHx9pEuReipM116ubJxnP0zlI7qnAVejloGpjlp%2FZMoDBVUVzTx%2BUiMj9LXrWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171226a820b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/search.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/search.js
IP 104.26.1.188:0
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/search.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2CTest-Code%20
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"6e7-18350163506"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 252967
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKk2%2BXumeCrChhMU4OULD60t%2FXpugfouS6%2BQuKcGW6ZganmaHSwHUN%2Fip9fBFxxvkjjaG10dzFrwPVm1jhdp6KasUuY8bEHfsLYPEXz8LOtb9oiy4OURKjAni7k%2F9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171227a970b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/dmca.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/dmca.js
IP 104.26.1.188:0
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/dmca.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2CTest-Code%20
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"fbd-18350163506"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 239897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=es%2BTZ5EnwntpBNdOoMN9uwee124R6dzfcAPGFKI6v7yeb5H1TWUjKmzGVV%2B2ntOciI%2By5CdF2J%2BqU4Ktn6FmooeN8RKYz829Tm4V3fEeAjjTC91KNrow4lyCM%2FVYXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171228a9f0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/51.21792104df3f91cda445.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/51.21792104df3f91cda445.js
IP 104.26.1.188:0
GET /_next/static/chunks/51.21792104df3f91cda445.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"ce5-181397f9e59"
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 9195307
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbEOXPNnKu0by45FkA%2BZXUL733M1uQQBFHE6lpsRn9EnYjlspN0MmDaaltg2ZqrwfHNS7YdiOdoIrOilMh%2BNGR4deLP%2Fh5aHuNwadIqIij45qzGDqAHGnG7TnhdsSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e17121b9e60b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/index.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/index.js
IP 104.26.1.188:0
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/index.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2CTest-Code%20
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"2b7-18350163502"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 251245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weat1Xu93WBCfAIqxUtkcAQPWNlQ%2BUTmkyUj5ifBIrAacaPwSE7VYNwIixC2VfJgEKtWPd7HPaBHGSbBFdkC0%2BkdL9kuDdk20TKsocaKyy08EgXfueZRd1cnLknq7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171225a770b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/privacy.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/privacy.js
IP 104.26.1.188:0
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/privacy.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2CTest-Code%20
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"b59-18350163506"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 240335
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oogqSkm17WNcwq1RhKSEUE458mrVJQ0XGtKQF82cYQPOWIeXPKbBGU%2Bx%2FsweeB%2Bk50wSmampizeh8xojdr08PKuFf6w%2B9mD6z7NiZoCgaR44yNwUm4YZNLSk4HtwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171228a9e0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
172.64.100.4200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 172.64.100.4:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:00 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: df544673f50710c3b54aea1ca227a7f5
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 21 Sep 2022 08:31:00 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XF6GYvhrNoODbU5Aq6Ceap%2FyXZxxInqveYeA%2Fz%2F%2BJOeUgP5i4AXfqalP%2BSqdKE%2BtT1Zs2QQb8a%2FgzsEx%2FLcRI0FGsXw3QFir3ts%2BOQTEBEfOCv59W41ZL5nsLGvl%2FTp840kq4YA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1712c4cf275bd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1861331958%3A1663749062855148&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqzaaSK4KjMKHH-wrSfH3gbH4jhAUu3IBSOL950N7uYzNVfuzQGLJZs7AUIXy-zlEmDS3taWg
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1861331958%3A1663749062855148&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqzaaSK4KjMKHH-wrSfH3gbH4jhAUu3IBSOL950N7uYzNVfuzQGLJZs7AUIXy-zlEmDS3taWg
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S-1861331958%3A1663749062855148&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqzaaSK4KjMKHH-wrSfH3gbH4jhAUu3IBSOL950N7uYzNVfuzQGLJZs7AUIXy-zlEmDS3taWg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 21 Sep 2022 08:31:02 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-security-policy: script-src 'nonce-JchmifViW2foV1loZH0T7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=uIlN1inPxgeo6-wws-AFgobdIzp8OO5MXfkMpRxBkJ60N7GXg_UvprNa_23bY1KjbvsMNLSfKoqvZXPL1pAuXz4ergFprIWhBazQ-Qj9bqN5p9rbRB8mjRn0zSWU5XL12ak_iFHToOoo8t-9Fc3IZN2AxzkbZu5keDOuHinVHok; expires=Thu, 23-Mar-2023 08:31:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/242.e6062ff562716b6e41db.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/242.e6062ff562716b6e41db.js
IP 104.26.1.188:0
GET /_next/static/chunks/242.e6062ff562716b6e41db.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"26cdb-181a9f40d06"
last-modified: Tue, 28 Jun 2022 10:55:52 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 7335188
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqcpg9rAY%2FKXo06EzH5775rJXIV%2BRs1b8qmP9VF7Ff9FQDZgHODy03%2Fx6Y5IllP0pYwhVFq07nUO2jPaOGTLT4DED8bmb2s9qGIVoWLHY8el8VYXN1OLhdaUo4O9bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1712179b80b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/css/styles.f80584c6.chunk.css
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/css/styles.f80584c6.chunk.css
IP 104.26.1.188:0
GET /_next/static/css/styles.f80584c6.chunk.css HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: text/css; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Sun, 18 Sep 2022 10:12:53 GMT
etag: W/"2fd40-18350162924"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfMbu1fWhZhW1GUYLaTqBdXr2LzRjfDEWKH8DN5jyiWBYoDDfD%2FqRX7hL7MenVrtSwKtVxaxGUJrOiBkIJ1jD8bIiWTM53cMRkrpQZCNnLN91LVTnKFMenAAfTwpXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1712179b40b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/faq.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/faq.js
IP 104.26.1.188:0
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/faq.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2CTest-Code%20
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"98c-18350163506"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 250586
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAJkAqgvn9awGGwZqgWUYcS7BMfX8w5ELPRzCYtBZn%2BDqHm90qLH%2FPvV1yvZHLvlN5cmYTneSuFZ0mEjfSoM%2FZxZFsu2f4IVNikFmrZp1qOfqvZA7No2KmQgHm5a3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171228aa20b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1779003847%3A1663749062856285&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpIdCd2O1X8ljrl68ZBo-uHbwr5syRpIU9vvcwAjV7RYlyVSEpi4hZD41990ssurJYnJCRRBg
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1779003847%3A1663749062856285&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpIdCd2O1X8ljrl68ZBo-uHbwr5syRpIU9vvcwAjV7RYlyVSEpi4hZD41990ssurJYnJCRRBg
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S1779003847%3A1663749062856285&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpIdCd2O1X8ljrl68ZBo-uHbwr5syRpIU9vvcwAjV7RYlyVSEpi4hZD41990ssurJYnJCRRBg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 21 Sep 2022 08:31:02 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-s1ahIHD56xXEZ0d89PpdUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=aI0t4W1eEhUt07ZoUDwAKVJdGix53uawKq1d05hixStwMPpb5Rp0YvuuzWSaC3GAFlcVacq8BE8okv0_SjY1NsUq_H08dAg8Vg8yqFcn-h8yolThUjtrMVnhN2nKnKnpnWbU_URBshFyPsKQYkrOaO0iCbNLAhZjiZQ-FVz68Ik; expires=Thu, 23-Mar-2023 08:31:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
xfantazy.com/video/60f75bbeed696b7119a7fac5
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/video/60f75bbeed696b7119a7fac5
IP 104.26.1.188:0
GET /video/60f75bbeed696b7119a7fac5 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: text/html; charset=utf-8
vary: Origin
set-cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; Domain=xfantazy.com; Path=/; Expires=Tue, 21 Sep 2032 08:30:56 GMT; HttpOnly
experiment-popup-payment-7=0; Path=/; Expires=Wed, 28 Sep 2022 08:30:56 GMT
experiment-save-to-button-2=0; Path=/; Expires=Wed, 28 Sep 2022 08:30:56 GMT
x-powered-by: Next.js
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALo6A85nTTvCrFny1dXecPFsxI2sr%2Bqg0cr2tWnwLH42jbKJdajU%2BqXf%2BUHHc0sj%2FxZ%2BKE%2FKVusWhhPl%2BvlWaUPWjvfipMSvXNazUkT97%2FLFitSY37aZU%2FgDdQWkcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1711079640b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/category.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/category.js
IP 104.26.1.188:0
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/category.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2CTest-Code%20
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"818-18350163506"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 251245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rc0ol3Jfqxnn0CUHmaDQOEITmzC7Cw6%2B3C3UW%2F%2BoBlJMLac1IcOsw8saIAnHI54TJEYL8vW68Z0cLDkIN9WIrQ%2BtCytcykaKaqC2aK74wQh0OgL%2BZTxcoShVw4cWjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171227a8d0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/2257.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/2257.js
IP 104.26.1.188:0
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/2257.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2CTest-Code%20
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"990-18350163502"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 240335
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zu3MgyMzDPMtwtB1dv0vXDiQNQpBr%2F%2FTS6y15qsY0XHCZ%2BLRjxhrNyCoMhJRFackBwAHE71E%2F%2F5G9uYwEJi%2FMLyOCBvOkb0WozHW5GGBuJuukEQgM%2F4veKZymfPcfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171228aa10b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.200.35:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: Vu+KRRAsRXJhC4aICnFcD/CxgiYrYAi1mK97Se/t1qvg0pFyms2KGbMsI2A0zf7N6VJ2a2xsExI/z3Q/SmuHyA==
date: Wed, 21 Sep 2022 08:31:02 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.medfoodsafety.com/loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true
172.64.172.19200 OK 0 B URL HTTP/2 a.medfoodsafety.com/loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true
IP 172.64.172.19:0
GET /loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:31:03 GMT
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AN%2FqyJFdGr24K1BOscplCSbnDfSYYRIkX1LjuzTTbyxoq97MvwhAnLxjRDUJHDLu3TcBIBKuABiVr1dTuEclEa5Dsqk3lf6XGuzTzqYKj0%2B5x1AdWaOOL5qawhHwJQ5HC8rEQc%2Ff"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1713efcc9770b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/terms.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/terms.js
IP 104.26.1.188:0
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/terms.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2CTest-Code%20
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"a00-18350163506"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 250586
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6n8tjzqPw77ObcxfzzQw4yeqzwH5P%2BaIUvf9ZaWqb1UIK3nEoJlm%2F6uP8UWYVK4aNYdnIOxaGiur2cztXeiXXeaTBw6AThmG6lT37CCbLVv067EEhrx8zwsVBJbjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171227a9d0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/commons.9b890646c0aa33eb63fe.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/commons.9b890646c0aa33eb63fe.js
IP 104.26.1.188:0
GET /_next/static/chunks/commons.9b890646c0aa33eb63fe.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=1388386
etag: W/"152f62-1826d2bb0af"
last-modified: Fri, 05 Aug 2022 08:42:36 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 4059999
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0KCOX3WTnu6rlpepW%2BfqEafnJWe5H4Ap1%2BPEraKUohXZWqr4%2BeCt5sw8aCDlW3%2BYWewq1geaxwBrJyZYxP4G70t0gkkbbcT6vw1N9PFf6Sj3wxqEfUIfM4mxElKZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1711dbe7d0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/login.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/login.js
IP 104.26.1.188:0
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/login.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2CTest-Code%20
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"ba5-18350163502"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 252472
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tj%2FD7yo%2BgVHGT%2FDc0qmTbOg5iaPIEZFAfHerCdRyHD%2F0gtXNJeHUFGVmTRR2lUM6uxXG1%2FccpKnDxG0Mwgy%2BFUye%2FWX8foGJlgAix9xL4g%2BLn4JuGkWsnouHjR%2B1VA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171226a780b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/tags.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/651Mf8y3uJ8FYIPevibrI/pages/tags.js
IP 104.26.1.188:0
GET /_next/static/651Mf8y3uJ8FYIPevibrI/pages/tags.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60f75bbeed696b7119a7fac5
Cookie: visitorId=d2jrmt2qkxp5oz4n7d7cgi; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2CTest-Code%20
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:30:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"f20-18350163506"
last-modified: Sun, 18 Sep 2022 10:12:56 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 251096
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KibML5Tj25cSwHmnIKMOU4dcxXZMt9WRF2k%2B1Svr2m57ctsBfoRMgl3g5bBq9HPTXI4rRicFuxLOEyU5Us6gxxm416n9H0Qm5UMRvh8mdbu%2BKCsCgSM9vRgXavMwEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e171226a840b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2