xfantazy.com/video/60e2920ced696b7119a44c73
104.26.0.188302 Found 0 B URL HTTP/1.1 xfantazy.com/video/60e2920ced696b7119a44c73
IP 104.26.0.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/60e2920ced696b7119a44c73 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 06 Sep 2022 06:53:55 GMT
Content-Length: 0
Connection: keep-alive
location: https://xfantazy.com/video/60e2920ced696b7119a44c73
cache-control: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQo7LH7rz7z6NaPG2U0RY3jy55qUlaNmIgZF9DNQq7y0b6Q7%2Fm8jOVL%2FnLGy6e7LGyRfI5EIxa6r6yKm1ZOwQiKJX4gztIipq9mHCmrAkHQj8aNOg4kAXY5x4gCCnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74654a566ca30af6-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 06:04:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mOoDGPfYwU27okR0YAwqR-AGkhasrue1mUYbxsIZkvXItdCVBzCkhw==
Age: 2980
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17509
Expires: Tue, 06 Sep 2022 11:45:44 GMT
Date: Tue, 06 Sep 2022 06:53:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J81-P9kkoq0W17Rvap1BmkoxdrKnpth6LXyNrC9aZnlwOxSJUoq4Ow==
age: 20318
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:53:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 06 Sep 2022 06:38:18 GMT
Expires: Tue, 06 Sep 2022 07:35:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: R3TYNmnNabyXoZNY5VAHZiFBd9M9slsDLhrw7m7U8LPpIVnFQk0syA==
Age: 938
xfantazy.com/_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js
104.26.1.188200 OK 1.3 kB URL HTTP/2 xfantazy.com/_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (1564), with no line terminators
Hash 575d243e4859d3adb5a776442b8d0fbc
cc8ac3eb5b760674652c511c5b91bef2497d2bf4
ca7b6f4957c542d7e7b81e06cd014f635f2c3e6a15b2956c6fd9f5af3838cce6
GET /_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:19:48 GMT
etag: W/"61c-179fb7179e1"
cf-cache-status: HIT
age: 28904304
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqWCzrjPOSSXOCFgkopB4F37mUh12lItCQo4aFUBIAaFCE4FlmmuzfAooPhpPrg9zUK51oMk%2BloDYpT%2Buyd5NsI47ocvv1YmIeeoIJLI6YGs%2BQcW5PGduMQD8XmACQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5abd490b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c8992582996fa78ca6044536891df4af
47c3c05a957a3f8a0d125f1cc1903d52bb5ff5ae
173b9e140765564f07c9956157c75de4e117da5ebdeba621b8058de06470b21c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:53:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 03:14:20 GMT
Expires: Sat, 10 Sep 2022 03:14:19 GMT
Etag: "47c3c05a957a3f8a0d125f1cc1903d52bb5ff5ae"
Cache-Control: max-age=331822,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74654a5baaa30b41-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c8992582996fa78ca6044536891df4af
47c3c05a957a3f8a0d125f1cc1903d52bb5ff5ae
173b9e140765564f07c9956157c75de4e117da5ebdeba621b8058de06470b21c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:53:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 03:14:20 GMT
Expires: Sat, 10 Sep 2022 03:14:19 GMT
Etag: "47c3c05a957a3f8a0d125f1cc1903d52bb5ff5ae"
Cache-Control: max-age=331822,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74654a5baa8ab503-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:53:56 GMT
Last-Modified: Tue, 06 Sep 2022 05:08:47 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
static-cache.k2s.cc/thumbnail/IO7AtH_0n63o-D3B-Q/w320h240/0.jpeg
188.72.235.185200 OK 12 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/IO7AtH_0n63o-D3B-Q/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash a177496d4fc05a3945a0388c467a42e3
0585ae7565cedb41c60970e3a3b942f7ff6b983c
c411265cacd5375c9e168c25a982e958a96e0261e8d4b86e097101673fc2137c
GET /thumbnail/IO7AtH_0n63o-D3B-Q/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: image/jpeg
content-length: 12028
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/IeTBunL3nvq9rjqRrQ/w320h240/0.jpeg
188.72.235.185200 OK 17 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/IeTBunL3nvq9rjqRrQ/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 0ed4a15d01d6f1137580e846ef609b9e
5d54b3e3e1119b2cd90026569b1afcff0cdf41b8
0d7a2e9324ba143af7ebae2b3c9ffc9d42e322b306b45f117a22fd82762423e4
GET /thumbnail/IeTBunL3nvq9rjqRrQ/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: image/jpeg
content-length: 16992
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:53:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static-cache.k2s.cc/thumbnail/cu2b6HOgw6--rGjD_Q/w320h240/0.jpeg
188.72.235.185200 OK 13 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/cu2b6HOgw6--rGjD_Q/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 664767add3e0eccb4b2466972261fc10
e03635075790493b8de14d327207d66402b02fb8
fcb16c06556b8f7b53299b711ef05d39635076fa930e402c7eff0620e2809ab6
GET /thumbnail/cu2b6HOgw6--rGjD_Q/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: image/jpeg
content-length: 13199
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/IeiWtXeiwq268WnGrQ/w320h240/0.jpeg
188.72.235.185200 OK 14 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/IeiWtXeiwq268WnGrQ/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 9399e14388de9b7ab8949e46e8f3efa3
0951ca83d4ff90ec57f5626f453ad5c085df0420
d0665782ccb2a6b313891d536719084ae87ae13885acdf2bb92a795a71dcd384
GET /thumbnail/IeiWtXeiwq268WnGrQ/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: image/jpeg
content-length: 13925
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX
142.250.74.72200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX
IP 142.250.74.72:0
File type ASCII text, with very long lines (15971)
Hash 62627a5893913325ac638bea520ff746
4daa8f839b066776221b9fd7dadb63dff88aa4fd
e6849c4106cb033ed323811e0d48cf1774aa20ce6863909a8a183572560711bd
GET /gtm.js?id=GTM-PLKQLTX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 06:53:56 GMT
expires: Tue, 06 Sep 2022 06:53:56 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52663
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap
142.250.74.10200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap
IP 142.250.74.10:0
Hash 8d61468fcaa07d80659a7a7cc83eaafb
0baaf3d94bfc799982657b52d3ee37f91e21c8db
9b7c03ead976f6323f709f8ae7bed4a306bf96a4f1715af9ab2ef69e35bc805b
GET /css?family=Roboto:100,300,400,500,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 06:53:56 GMT
date: Tue, 06 Sep 2022 06:53:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:53:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:53:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 472788
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
xfantazy.com/static/logo-tv-light.svg
104.26.1.188200 OK 1.8 kB URL HTTP/2 xfantazy.com/static/logo-tv-light.svg
IP 104.26.1.188:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1395)
Hash 435ac2c24ae3800eb752ad2b8b3e6ed8
2712b51be7d326aebb331fb6b41c4f87d66c5fb7
d4da1d6ad9bb4ba34c169e299fd316eebbe7f82da6841fc6818a25075bbf393b
GET /static/logo-tv-light.svg HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: image/svg+xml
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Fri, 05 Aug 2022 08:39:16 GMT
etag: W/"101b-1826d28a6e5"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BXJrdBZ4ctBbiti6%2BJRAdXOqQTvFkV6HkkgAh16by7qERFTC5nf4zq92mPlMcoqYugdpJ8GKlZvFj3aXINuSUbI%2FMoPxMxRbDmwEv%2FdLK3GRe4eSgUrMXwhC0kXAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5acd500b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:53:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xfantazy.com/_next/static/runtime/webpack-f4d22593ad73f080a168.js
104.26.1.188200 OK 21 kB URL HTTP/2 xfantazy.com/_next/static/runtime/webpack-f4d22593ad73f080a168.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (12210), with no line terminators
Hash 3ec65f147763a104f2497ec8d3a69a5b
cb4cca0e1cb450f211d6a68059df210bb4683740
ae877393b3f7f9fcb54b7623db63fb82142eaebe088273b6ef9a9973d0b54741
GET /_next/static/runtime/webpack-f4d22593ad73f080a168.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:28 GMT
etag: W/"2fb2-1826d2b92c0"
cf-cache-status: HIT
age: 2758177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTBYEKFsR%2Bd9mLNgcMTEfiYo1Cm9emjfesgfcmi1FYW0rMl2UKROdHBp7exuiO79QC3mMedma8cCvuo5vhk4kw9NpoSXEU4XIc1%2FXKyXqMMlmhGDaKh8cUSpQVNU%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5acd4a0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 02:02:22 GMT
expires: Sun, 03 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 276694
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/00e3772596bf1/main/0.jpeg
188.72.235.185200 OK 94 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/00e3772596bf1/main/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 1920x1080, components 3\012- data
Hash 79c909459985b11b1a4817e10fff8c1f
8b0885232380bd9956fea88f034b38acc51c8d83
83d8e1b8772dbe0750466ff103d147e464854df584bac4da2579455f6970ce9b
GET /thumbnail/00e3772596bf1/main/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: image/jpeg
content-length: 93590
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: MISS
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/commons.9b890646c0aa33eb63fe.js
104.26.1.188200 OK 401 kB URL HTTP/2 xfantazy.com/_next/static/chunks/commons.9b890646c0aa33eb63fe.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 401 kB (400656 bytes)
Hash 4a2588d135bd4ac08da4b3614f383a24
9aac82862d83cf8ca3a4a34ae2813d48391f62a7
0453ea20a42fb0dc63358a2d1900577f9a1fd7cf2b9ace9b602fe08cfdf03f7b
GET /_next/static/chunks/commons.9b890646c0aa33eb63fe.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:36 GMT
etag: W/"152f62-1826d2bb0af"
cf-cache-status: HIT
age: 2758177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11%2FC%2BmjusC1Gm32YA8pXGaOotEmIwENx%2FpOaUGkGU6hvfndPcJLCJMwT0IXRfVtVTQepvrhrre69J8bTNoMwuS%2B7DzDyFObmxfCyUA73cI1OIj%2FkbDSL4G1KHhLATQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5aad390b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/static/xf-small.png
104.26.1.188200 OK 1.2 kB URL HTTP/2 xfantazy.com/static/xf-small.png
IP 104.26.1.188:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 73788af337ff4a5e7c8d8ea19dba155f
e0bd72878475603f40ebd05077c626816ed3285c
be4a320fd44fdaaced2a2056ff7a4c0765a6ed0996c9b4c94a0cb2458967e8df
GET /static/xf-small.png HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: image/png
content-length: 1153
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Fri, 05 Aug 2022 08:39:19 GMT
etag: W/"481-1826d28b1ec"
cf-cache-status: HIT
age: 2265
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbmewfjeDDTMEjXJK1LfQHmVbg7GJY9Kpdy%2BJIj7oaLuD2zyxkbrlfZjYk%2FrhsL3V0vuyxH8FU%2BIcphFwHy7EQKIdKHPsN2h%2BQMEDApr35MiTz6EbSp1lBoktks4xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5d0f420b02-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:53:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xfantazy.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1662436800
104.26.1.188200 OK 33 kB URL HTTP/2 xfantazy.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1662436800
IP 104.26.1.188:0
File type ASCII text, with very long lines (37681), with no line terminators
Hash 6d53d016b67b6b430f63599a211e5cc9
4c70fcde7e279261d33895d77831f962344914d2
89ce877ad26f3862f3fed8ce8fa3bf04c40ce8f725875f694e337b9a56446201
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1662436800 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-control-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGgYKzE9JZtOUcdeiJ7TV%2FDt7YAeOIsJDwRHeeirP8gpuh35%2FGXcO5Pis7NVX8mSamOYBPPVCCaq9TePt8GAbzqJCZ2qzqOwA4wW0Xtc6JEbSiLdfyr4gYpTAqS2IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5caee40b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
151.101.85.229200 OK 83 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP 151.101.85.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (681)
Hash 5e95fd71c0607321599b2ed694f30adc
15e75c6e8fd13c12afb93e659206ec28893f7d17
eb5c363392c61c58e2ab8088a17da732d4c552a8a063e8276082192d5aa81a77
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.242.0
x-jsd-version-type: version
etag: W/"3364d-8zUodyTu6b7iC+HzYMc9hdc5tyQ"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 06:53:56 GMT
age: 35002
x-served-by: cache-fra19168-FRA, cache-bma1679-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 83361
X-Firefox-Spdy: h2
xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js
104.26.1.188200 OK 27 kB URL HTTP/2 xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b0bd7a895ae466b0da3531e99fce0a87
5ae912ba5cc29801ae374b1636c47a1bbae49639
68d73c8dc126937f72489608e246d992ce12e5ca12e5ad097395f9d71f60f850
GET /_next/static/runtime/main-8daa673a54696bb62abb.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:19:48 GMT
etag: W/"11cd7-179fb717a09"
cf-cache-status: HIT
age: 28904303
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZ1UHm4%2BRuk8HMEDuz%2FNnD%2BbPPjIxOtx68mmLDryTaoTUjiG0nvI4PYwjZNZuL9fyIBegCmNPP6GiYEc%2Bohg39lVhjiVSheYWXz2v2rYyLeDdcIreW5QVmLqiGcKpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5acd4b0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.38.227.80101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.227.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8fL0Duegrau9OIc0dq+n6Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vmtkNa8shbQskA0StIEzHCSXMoo=
xfantazy.com/_next/static/chunks/51.21792104df3f91cda445.js
104.26.1.188200 OK 1.6 kB URL HTTP/2 xfantazy.com/_next/static/chunks/51.21792104df3f91cda445.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (3301), with no line terminators
Hash 4973591acd0442614083d61ad71de2f6
a050ff8c14f9ab93bc380d45ed83fd5ca9203d39
dd568b1a5d115abf90f2daa5b4652d5ace1048c64033529e882a4268ac1b426f
GET /_next/static/chunks/51.21792104df3f91cda445.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"ce5-181397f9e59"
cf-cache-status: HIT
age: 7893486
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4eAoJag%2BgIkbfEZAv8adDjq19V7BhUvNu22KmxCU6DUZe1kxfXmNqwxvSZHN9X0KCm4fuMW2R%2B6EcT1TajtJETATS7h6kyt%2FOGkHt3HCMLUUHLH497xrgUtapj2kA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5f59870b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/styles.77acb212b856be16971e.js
104.26.1.188200 OK 872 B URL HTTP/2 xfantazy.com/_next/static/chunks/styles.77acb212b856be16971e.js
IP 104.26.1.188:0
File type ASCII text, with no line terminators
Hash 24d2f78647dccc281849591149889cc1
26a55f354b6d7f681566d051798e638710c55be8
f81a772ea5d3fe272499ab44e9e94b52326d4aeca2a38b91de7488adb6ff290b
GET /_next/static/chunks/styles.77acb212b856be16971e.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:19:05 GMT
etag: W/"55-179fb70cfea"
cf-cache-status: HIT
age: 28904056
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWxbYJM0sg4HcwBaYJ5FUjx5RpvOggcmJXCTx6VZe78odYyjGAchxxZnAr4Zl9DDXLhAWKmZmLc9DrI%2FHzFAxKWujW6JclSol9M2AV0HO1ICfo11zxqgGAXsbnJgeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5ea8b90b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/59.edff5ae0d8d83054b552.js
104.26.1.188200 OK 36 kB URL HTTP/2 xfantazy.com/_next/static/chunks/59.edff5ae0d8d83054b552.js
IP 104.26.1.188:0
File type ASCII text, with very long lines (3211), with no line terminators
Hash afd6ee365c2b44229dc4462621ecb8ec
20aa346c4b1cb455f759044788105ff1e3f6e529
afd5d72703693b18e2fb2d0b997d86a313af595222b358871fecc10fb90876b8
GET /_next/static/chunks/59.edff5ae0d8d83054b552.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:20:14 GMT
etag: W/"c8b-179fb71df0d"
cf-cache-status: HIT
age: 28904304
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMV1USdOVHeR7YOXeZ1lKwPIKMGfpWLEWL%2BBEhxANDWeFEm2uxxIeAvkaiEpEq6K8vTbyXmoPYUxBfZZ2hMd%2BYCr7De7kDX5yaxN3%2BytTGfE%2BjAQpxVlQg1HOvmYzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5abd410b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.focusde.info/5qpfbg7.js
135.181.208.216200 OK 34 kB URL HTTP/2 a.focusde.info/5qpfbg7.js
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (37787), with NEL line terminators
Hash d1687996fe2e7823e5b8affdfcea8e98
f61abc52f5f4df8518904c4956199f06504dddeb
d744dbd12bc20312975d13472cec984daeee4da3bda44d90ceaac5d80070217a
GET /5qpfbg7.js HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:53:57 GMT
content-type: application/javascript
content-length: 34376
expires: Sat, 02 Sep 2023 11:02:20 GMT
content-encoding: gzip
last-modified: Fri, 02 Sep 2022 10:59:39 GMT
etag: "6311e21b-8648"
cache-control: max-age=315360000, public
x-hw: 1662116540.dop216.am5.t,1662116540.cds267.am5.c
access-control-allow-origin: *
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76c6ad39ad355f829170427e9076311a
26a82c7dd26986900a4964464e43d9837dfef1f8
40c6ca74d92e002befb684bce24ba4714c260ba30918cc4e9a4bb02ed4f809dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:53:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121614197-2&cid=656588541.1662447232&jid=983817088&gjid=399968569&_gid=2109603355.1662447232&_u=YGBAiEABBAAAAE~&z=456695676
142.251.1.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121614197-2&cid=656588541.1662447232&jid=983817088&gjid=399968569&_gid=2109603355.1662447232&_u=YGBAiEABBAAAAE~&z=456695676
IP 142.251.1.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121614197-2&cid=656588541.1662447232&jid=983817088&gjid=399968569&_gid=2109603355.1662447232&_u=YGBAiEABBAAAAE~&z=456695676 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://xfantazy.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Sep 2022 06:53:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76c6ad39ad355f829170427e9076311a
26a82c7dd26986900a4964464e43d9837dfef1f8
40c6ca74d92e002befb684bce24ba4714c260ba30918cc4e9a4bb02ed4f809dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:53:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0ae93089c2c1d8d44ddd88a73a82e7db
93424bf27d2f8a2f488aa964710f5d67b36dd0f6
c21628fffab335036efd5ca7233d1a65cfb70e9b12cfbe3c45662a5d631156ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C21628FFFAB335036EFD5CA7233D1A65CFB70E9B12CFBE3C45662A5D631156BA"
Last-Modified: Sun, 04 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13804
Expires: Tue, 06 Sep 2022 10:44:01 GMT
Date: Tue, 06 Sep 2022 06:53:57 GMT
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 2af1ddb3bcabf5e42d7e65764cea6a98
3fb1c9a7e9f7617d69f618949d39edc68b5db90e
99119a009cd6e7270c5a13559ee04723edc0d5c6733bea7c10d326b04e292670
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:53:57 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sat, 10 Sep 2022 05:53:39 GMT
ETag: "3fb1c9a7e9f7617d69f618949d39edc68b5db90e"
Last-Modified: Tue, 06 Sep 2022 05:53:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 82
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74654a626cea1c0a-OSL
d192r5l88wrng7.cloudfront.net/?rwlrd=961956
54.230.245.16200 OK 112 kB URL HTTP/2 d192r5l88wrng7.cloudfront.net/?rwlrd=961956
IP 54.230.245.16:0
File type Unicode text, UTF-8 text, with very long lines (15952)
Size 112 kB (111872 bytes)
Hash a32db14903c5b2a51c4d3c8b150ce1ee
d2366f551eb69f57b34358a7cc628c687e3ab693
0f77ccbfbd605f8c2b6ee2d75915b79e208eb717f55e7146e96db96e65538b00
GET /?rwlrd=961956 HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 111872
date: Tue, 06 Sep 2022 06:53:57 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wYrPtQEN7cC1npBgesA7w4QKtNuMsJjsKwDz1D0obNGqQts8cRGxZg==
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afp%3A1043%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065352%3Aet%3A1662447232%3Ac%3A1%3Arn%3A797792532%3Arqn%3A1%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662447230276%3Ads%3A1%2C17%2C298%2C0%2C309%2C0%2C%2C310%2C5%2C%2C%2C%2C1039%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447232%3At%3AMiss%20Bellerose%20-%20Encouraging%20Addiction%20JOI%20-%20%5BFemdom%20porn%5D%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.250.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afp%3A1043%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065352%3Aet%3A1662447232%3Ac%3A1%3Arn%3A797792532%3Arqn%3A1%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662447230276%3Ads%3A1%2C17%2C298%2C0%2C309%2C0%2C%2C310%2C5%2C%2C%2C%2C1039%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447232%3At%3AMiss%20Bellerose%20-%20Encouraging%20Addiction%20JOI%20-%20%5BFemdom%20porn%5D%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 2ffc15eda7399ad300528e35fcf9bb59
3cbcc1394299c67aa2bf088beb6a7ed58708d7fe
8280147c4dc1d5edabd9c3cd04dad61f673ff95a22816c75b8c9ce046195ffb5
GET /watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afp%3A1043%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065352%3Aet%3A1662447232%3Ac%3A1%3Arn%3A797792532%3Arqn%3A1%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662447230276%3Ads%3A1%2C17%2C298%2C0%2C309%2C0%2C%2C310%2C5%2C%2C%2C%2C1039%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447232%3At%3AMiss%20Bellerose%20-%20Encouraging%20Addiction%20JOI%20-%20%5BFemdom%20porn%5D%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afp%3A1043%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065352%3Aet%3A1662447232%3Ac%3A1%3Arn%3A797792532%3Arqn%3A1%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662447230276%3Ads%3A1%2C17%2C298%2C0%2C309%2C0%2C%2C310%2C5%2C%2C%2C%2C1039%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447232%3At%3AMiss%20Bellerose%20-%20Encouraging%20Addiction%20JOI%20-%20%5BFemdom%20porn%5D%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 06 Sep 2022 06:53:57 GMT
access-control-allow-origin: https://xfantazy.com
set-cookie: yandexuid=8081208671662447237; Expires=Wed, 06-Sep-2023 06:53:57 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8081208671662447237; Expires=Wed, 06-Sep-2023 06:53:57 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1903994911662447237; Path=/; SameSite=None; Secure
i=UDos36VK1JbzjjyRWyB4oKcnoHbHYPO1Fkh+zfNWAORi7V14nRcRzKUq/DqevllMglzowDlOYwSTkK8yZdF75GPlPtk=; Expires=Fri, 03-Sep-2032 06:53:50 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1693983237.yrts.1662447237#1693983237.yrtsi.1662447237; Expires=Wed, 06-Sep-2023 06:53:57 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Sep-2022 06:53:57 GMT
last-modified: Tue, 06-Sep-2022 06:53:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
addresseetransportationsyndrome.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js
192.243.59.13200 OK 13 kB URL HTTP/1.1 addresseetransportationsyndrome.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37172), with no line terminators
Hash 0ed30c3e689dfd1c015dedb0f64ed8b5
0b881041da68d2a8fe506ab09b58fd2c3aeb0916
32fe5cda8b5b2d5e6de873c38d9c3196c8cb4566668329e0873b429c90283975
GET /a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js HTTP/1.1
Host: addresseetransportationsyndrome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Sep 2022 06:53:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f4306d0bd7fe1e13c9f152b16c20f51f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
tefections.xyz/VlBkcGt5bwcDVjM9ABE4DhIgJVljZDUlUgcJCjItBQYABQ0TEUIEAjJtXUZab2VSVhs/NFlDWXAjEBEfIyNZQU0/PgIfVnAmWUBFbn5dXlpwJVlBTSIgBRdWZ3YUBB86bVVGXWRkUEdZZWJQR14
104.21.86.23204 No Content 0 B URL HTTP/2 tefections.xyz/VlBkcGt5bwcDVjM9ABE4DhIgJVljZDUlUgcJCjItBQYABQ0TEUIEAjJtXUZab2VSVhs/NFlDWXAjEBEfIyNZQU0/PgIfVnAmWUBFbn5dXlpwJVlBTSIgBRdWZ3YUBB86bVVGXWRkUEdZZWJQR14
IP 104.21.86.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VlBkcGt5bwcDVjM9ABE4DhIgJVljZDUlUgcJCjItBQYABQ0TEUIEAjJtXUZab2VSVhs/NFlDWXAjEBEfIyNZQU0/PgIfVnAmWUBFbn5dXlpwJVlBTSIgBRdWZ3YUBB86bVVGXWRkUEdZZWJQR14 HTTP/1.1
Host: tefections.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 06:53:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BH4oHjkYGiEqWPi4ZvXE8nkvMcKEtPk98OXI5AWf09Fh8yM5XKq9qp76xKlMpx440IFHuUlvMzIqNkF0Q8shTmcKsJESM7jQaCBEeGxgoGOKgu9455d5hDTix2ou0syTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a63ed960afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tefections.xyz/dzRIc29YCysAUi1fIEYgIXItFV8QdRFCC1IGDiIuRl0QHSk1dyU+SQNdLE5WQQZ4Ql1RRCEXUkYMbgAbFkA9AFJGEiEdCRgJbgVSRhp4XV5ZB24GUkYSPAMOEAl5VR8DQCROXkECekdbQAZ7QVtOBg
104.21.86.23204 No Content 0 B URL HTTP/2 tefections.xyz/dzRIc29YCysAUi1fIEYgIXItFV8QdRFCC1IGDiIuRl0QHSk1dyU+SQNdLE5WQQZ4Ql1RRCEXUkYMbgAbFkA9AFJGEiEdCRgJbgVSRhp4XV5ZB24GUkYSPAMOEAl5VR8DQCROXkECekdbQAZ7QVtOBg
IP 104.21.86.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dzRIc29YCysAUi1fIEYgIXItFV8QdRFCC1IGDiIuRl0QHSk1dyU+SQNdLE5WQQZ4Ql1RRCEXUkYMbgAbFkA9AFJGEiEdCRgJbgVSRhp4XV5ZB24GUkYSPAMOEAl5VR8DQCROXkECekdbQAZ7QVtOBg HTTP/1.1
Host: tefections.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 06:53:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvEHqt8QaMZlRy2x9YnB7kmBIz0HBK49osJbu7TFtMNpYB8yJc5wVaAKdxu%2BdrmcOp%2BgUeMbjP5gTfjruY%2FHj1Ndfsc7VbFEjDOxwqm1M%2FxqStdFLBIaqfXpLaIfbT31vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a63ed970afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tefections.xyz/T0NlWXVgfAYqSB1xNxAiJRlAazcaCx0rN3wJMToyAgcBHyd3IRIAUzsqAWRMeXJcbENpMww9SHxxQyoBLjcQKkh9c1VuUyYtAzZIfmUTZEVhe0tgW35lEGREaTcVOBJyckMpATsvWGhDeXFRbUJ9cFdtQnc
104.21.86.23204 No Content 0 B URL HTTP/2 tefections.xyz/T0NlWXVgfAYqSB1xNxAiJRlAazcaCx0rN3wJMToyAgcBHyd3IRIAUzsqAWRMeXJcbENpMww9SHxxQyoBLjcQKkh9c1VuUyYtAzZIfmUTZEVhe0tgW35lEGREaTcVOBJyckMpATsvWGhDeXFRbUJ9cFdtQnc
IP 104.21.86.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /T0NlWXVgfAYqSB1xNxAiJRlAazcaCx0rN3wJMToyAgcBHyd3IRIAUzsqAWRMeXJcbENpMww9SHxxQyoBLjcQKkh9c1VuUyYtAzZIfmUTZEVhe0tgW35lEGREaTcVOBJyckMpATsvWGhDeXFRbUJ9cFdtQnc HTTP/1.1
Host: tefections.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 06:53:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Auue15BASsvX4eAaR%2BFtgU%2BNO%2FVcaVpQ3Nr3WX%2B%2BU2Prz5JwtU9GSsbYCrVNSmfgYctq%2BNUwpDADyGedxEdznydfJgtUeq951Ry1FNKYLAh%2BOViAMCF0OTYRz6es1Tc9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a63fd9c0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ktobedirectu.autos/ZkRxaHQHJhIFSwd5E04BFChMTUYgYUMuEFd9QxpBCnxJHwYII0ZGFworBAwSFCsfHFoIIQVNRiAPJAQEKSA0MQwoFzA7ETUdCyMfCmFDLi4hMEI5LCR0PCxEBA8yIhoqBhoPOwEzMikwJykwES0NBzUmTCkjRQEWVDQeLzcFfCEwOjUNCx9BBXQnDzkccAI7LCx0PQJABAgmUAIvBjACOiIJFi0nLHQ9EU0sDwtYEyw8Fhk5VX1JJRoofBAFACEgHwcdAHQnAi00LAM6Gj9hQyo5HwUzOBoCKxcPDEN2MzI1MHAgLzoOAzYcMwItMBsVVic5CUYeIyMvTVUlOUVAMg0LLQwvEjdYMiEsVFo2NBwrARVVcTcxRiQ1OipEVgoLHxwiAz8PPC4gMgkzLHw+WBhVYhsbGwg0TAoZACwnJAAQMCgAJCgl
143.204.55.29200 OK 1.2 kB URL HTTP/2 ktobedirectu.autos/ZkRxaHQHJhIFSwd5E04BFChMTUYgYUMuEFd9QxpBCnxJHwYII0ZGFworBAwSFCsfHFoIIQVNRiAPJAQEKSA0MQwoFzA7ETUdCyMfCmFDLi4hMEI5LCR0PCxEBA8yIhoqBhoPOwEzMikwJykwES0NBzUmTCkjRQEWVDQeLzcFfCEwOjUNCx9BBXQnDzkccAI7LCx0PQJABAgmUAIvBjACOiIJFi0nLHQ9EU0sDwtYEyw8Fhk5VX1JJRoofBAFACEgHwcdAHQnAi00LAM6Gj9hQyo5HwUzOBoCKxcPDEN2MzI1MHAgLzoOAzYcMwItMBsVVic5CUYeIyMvTVUlOUVAMg0LLQwvEjdYMiEsVFo2NBwrARVVcTcxRiQ1OipEVgoLHxwiAz8PPC4gMgkzLHw+WBhVYhsbGwg0TAoZACwnJAAQMCgAJCgl
IP 143.204.55.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3021), with no line terminators
Hash 82d7bcaf7948bd86ac2f33ef69493ce5
dcf3ff97283a3122b01d4f005f519a6773eaa70c
a3e52883728f7724aa4160d9ea8f87b4d02dfaf2709a298502925d871c3c93ff
GET /ZkRxaHQHJhIFSwd5E04BFChMTUYgYUMuEFd9QxpBCnxJHwYII0ZGFworBAwSFCsfHFoIIQVNRiAPJAQEKSA0MQwoFzA7ETUdCyMfCmFDLi4hMEI5LCR0PCxEBA8yIhoqBhoPOwEzMikwJykwES0NBzUmTCkjRQEWVDQeLzcFfCEwOjUNCx9BBXQnDzkccAI7LCx0PQJABAgmUAIvBjACOiIJFi0nLHQ9EU0sDwtYEyw8Fhk5VX1JJRoofBAFACEgHwcdAHQnAi00LAM6Gj9hQyo5HwUzOBoCKxcPDEN2MzI1MHAgLzoOAzYcMwItMBsVVic5CUYeIyMvTVUlOUVAMg0LLQwvEjdYMiEsVFo2NBwrARVVcTcxRiQ1OipEVgoLHxwiAz8PPC4gMgkzLHw+WBhVYhsbGwg0TAoZACwnJAAQMCgAJCgl HTTP/1.1
Host: ktobedirectu.autos
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1179
date: Tue, 06 Sep 2022 06:53:57 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _X2LqYxmVlgdKc6PFQghnC0A9UqmngzKzBK6IN-stv85hMoKYG_u3A==
X-Firefox-Spdy: h2
ktobedirectu.autos/Wlp6VWc7OBk4WDtnGHMSKDZHcFUcf0gTA2tjSCdSNmJCIhU0PU17BDY1DzEBKDUUIUk0Pw5wVRw1NQAXKjs/DwYQCxkaAg9qEBExDH9IEyNpMiACPws8MxcIEhE/OVQVGT8cATApTBgPCA04FjY/HzIPFBIIMzwlEioqFyQ+AjYDNRUTSzYXDBwWMjAZbjYDPxM8KiIPDBFLDBAbGyskMB1jGBkJFwIfPh87PhIQHg0cFj8kPTI3AgkADDMiBD4KEi1TDQg4cFUYHgIDAQIdNx4kHyIbMQwpYi4TFBIbMi0vDR1CNgIcMSocVjUyOD5WajxJPT0NAiMfAmt3Fg8+LS5MERAfaiIWEB0fPRgrHhw4MAYbNgkdIQxpXD8UNTQKaDYTFD0kNAAIFRsqLAw1
143.204.55.29200 OK 1.2 kB URL HTTP/2 ktobedirectu.autos/Wlp6VWc7OBk4WDtnGHMSKDZHcFUcf0gTA2tjSCdSNmJCIhU0PU17BDY1DzEBKDUUIUk0Pw5wVRw1NQAXKjs/DwYQCxkaAg9qEBExDH9IEyNpMiACPws8MxcIEhE/OVQVGT8cATApTBgPCA04FjY/HzIPFBIIMzwlEioqFyQ+AjYDNRUTSzYXDBwWMjAZbjYDPxM8KiIPDBFLDBAbGyskMB1jGBkJFwIfPh87PhIQHg0cFj8kPTI3AgkADDMiBD4KEi1TDQg4cFUYHgIDAQIdNx4kHyIbMQwpYi4TFBIbMi0vDR1CNgIcMSocVjUyOD5WajxJPT0NAiMfAmt3Fg8+LS5MERAfaiIWEB0fPRgrHhw4MAYbNgkdIQxpXD8UNTQKaDYTFD0kNAAIFRsqLAw1
IP 143.204.55.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3001), with no line terminators
Hash c24d89c51b7f5525bb36dd252bf7aed1
d3771150bece7d599e029ec652bc5cebe1f065c1
ee4e5f5c153e95b127ffa125e46eb7815bbfddffc0a731bb8d5a945807b946a9
GET /Wlp6VWc7OBk4WDtnGHMSKDZHcFUcf0gTA2tjSCdSNmJCIhU0PU17BDY1DzEBKDUUIUk0Pw5wVRw1NQAXKjs/DwYQCxkaAg9qEBExDH9IEyNpMiACPws8MxcIEhE/OVQVGT8cATApTBgPCA04FjY/HzIPFBIIMzwlEioqFyQ+AjYDNRUTSzYXDBwWMjAZbjYDPxM8KiIPDBFLDBAbGyskMB1jGBkJFwIfPh87PhIQHg0cFj8kPTI3AgkADDMiBD4KEi1TDQg4cFUYHgIDAQIdNx4kHyIbMQwpYi4TFBIbMi0vDR1CNgIcMSocVjUyOD5WajxJPT0NAiMfAmt3Fg8+LS5MERAfaiIWEB0fPRgrHhw4MAYbNgkdIQxpXD8UNTQKaDYTFD0kNAAIFRsqLAw1 HTTP/1.1
Host: ktobedirectu.autos
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1158
date: Tue, 06 Sep 2022 06:53:57 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VyT8OLgxS4hWUgM4euJJvR5DUhJP7s2vmBP41p1ORhXnbpqSNrKGRg==
X-Firefox-Spdy: h2
tefections.xyz/ZWwwcllKU1MBZDEGciYMCwQJMx4VBmNBLi01XTwQAAtmGgMgKRYGMAFRCURrVV0EVCkMCA1DfxYYUQYsFlEBVDALCl9PfxNRAVxqUUICSndUSkVPaEMYQBM+WF0WAi0RAA1Db1NeBEZuV18CR2td
104.21.86.23204 No Content 0 B URL HTTP/2 tefections.xyz/ZWwwcllKU1MBZDEGciYMCwQJMx4VBmNBLi01XTwQAAtmGgMgKRYGMAFRCURrVV0EVCkMCA1DfxYYUQYsFlEBVDALCl9PfxNRAVxqUUICSndUSkVPaEMYQBM+WF0WAi0RAA1Db1NeBEZuV18CR2td
IP 104.21.86.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZWwwcllKU1MBZDEGciYMCwQJMx4VBmNBLi01XTwQAAtmGgMgKRYGMAFRCURrVV0EVCkMCA1DfxYYUQYsFlEBVDALCl9PfxNRAVxqUUICSndUSkVPaEMYQBM+WF0WAi0RAA1Db1NeBEZuV18CR2td HTTP/1.1
Host: tefections.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 06:53:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYQ5sQfXUZbJ%2B33%2FGDOraJOIv47XmPat4xxV0dLPF4PUOgcRMFgPVnQv4uJge2vcfqeCjzgJn5ZVAMjH30m0XMXz0dhwU19ceNEKmDrbXh2CrFiTIoy31JJImtlEvHCgBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a642dc50afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ktobedirectu.autos/dDNGd0cVUSUaeBUOJFEyBl97UnUyFnQxI0UKdAVyGAt+ADUaVHFZJBhcMxMhBlwoA2kaVjJSdTJpFBs3BlERMis6YhM7Hx56PDN2NmolMC8WawAhIDlxITQDDmkoOwMHSwMNLEB0PxQVEnF+LwUsRzcjFjFyDTN2I2AxJig7ZRwUFQ1QY0UFN2UEIR43ByQ2IAQEDTUoInQVEHY3cRczC0dEIzMBA0EIJQIxdxUYcCBffhkkR2EkJAE6ASUfCRdmATk3P2YuIyMeagU2PyUWdDUhRV8iMB9BQAgxMyJqdBw3J3UIRQw2Ag8iIBBZHiIJJlF1Th0sYh8dCCUeBzQVPGIlIBFFYiIaNxVrEDUtFXU1OwQwYmNFATBiDy0eRlQyIQEQXCccdy1rDhRhHkApGTdJdBAnEhdgMDEQ
143.204.55.29200 OK 1.2 kB URL HTTP/2 ktobedirectu.autos/dDNGd0cVUSUaeBUOJFEyBl97UnUyFnQxI0UKdAVyGAt+ADUaVHFZJBhcMxMhBlwoA2kaVjJSdTJpFBs3BlERMis6YhM7Hx56PDN2NmolMC8WawAhIDlxITQDDmkoOwMHSwMNLEB0PxQVEnF+LwUsRzcjFjFyDTN2I2AxJig7ZRwUFQ1QY0UFN2UEIR43ByQ2IAQEDTUoInQVEHY3cRczC0dEIzMBA0EIJQIxdxUYcCBffhkkR2EkJAE6ASUfCRdmATk3P2YuIyMeagU2PyUWdDUhRV8iMB9BQAgxMyJqdBw3J3UIRQw2Ag8iIBBZHiIJJlF1Th0sYh8dCCUeBzQVPGIlIBFFYiIaNxVrEDUtFXU1OwQwYmNFATBiDy0eRlQyIQEQXCccdy1rDhRhHkApGTdJdBAnEhdgMDEQ
IP 143.204.55.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3011), with no line terminators
Hash f2889e1dd1c46db233ed23de52219e9c
9bae102e53e617ce2af9cb5c0932c1f415f3a84f
0f60ef7904c61222d0d7f0ed8afb59ef5a5aff3115add350d819122fe957ac3e
GET /dDNGd0cVUSUaeBUOJFEyBl97UnUyFnQxI0UKdAVyGAt+ADUaVHFZJBhcMxMhBlwoA2kaVjJSdTJpFBs3BlERMis6YhM7Hx56PDN2NmolMC8WawAhIDlxITQDDmkoOwMHSwMNLEB0PxQVEnF+LwUsRzcjFjFyDTN2I2AxJig7ZRwUFQ1QY0UFN2UEIR43ByQ2IAQEDTUoInQVEHY3cRczC0dEIzMBA0EIJQIxdxUYcCBffhkkR2EkJAE6ASUfCRdmATk3P2YuIyMeagU2PyUWdDUhRV8iMB9BQAgxMyJqdBw3J3UIRQw2Ag8iIBBZHiIJJlF1Th0sYh8dCCUeBzQVPGIlIBFFYiIaNxVrEDUtFXU1OwQwYmNFATBiDy0eRlQyIQEQXCccdy1rDhRhHkApGTdJdBAnEhdgMDEQ HTTP/1.1
Host: ktobedirectu.autos
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1169
date: Tue, 06 Sep 2022 06:53:57 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uJ0QsiRJ-co4ZCc0VJ6JOxwl3TDjmXs_NvTaAQuLxoq3WluYz5YXlA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5518
Expires: Tue, 06 Sep 2022 08:25:56 GMT
Date: Tue, 06 Sep 2022 06:53:58 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 7c15aaf9c736453f18ac0b48241edfec
64882e0185434278fff4122edca9db6e9d6f0a6d
44d6ce5abab83eee7f1738cfe79781d4dedac1315c636ea4ada3d6874b257cd6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110810
Date: Tue, 06 Sep 2022 06:53:57 GMT
Etag: "6315ec04-1d7"
Expires: Wed, 07 Sep 2022 13:40:47 GMT
Last-Modified: Mon, 05 Sep 2022 12:31:00 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hVBYsr9lRqolJSCZydkXVfYRPdCm5FNLUEHztN_i1AZCw_BpsWDCgg==
Age: 4187
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5518
Expires: Tue, 06 Sep 2022 08:25:56 GMT
Date: Tue, 06 Sep 2022 06:53:58 GMT
Connection: keep-alive
creepingbrings.com/sfp.js
104.21.234.232200 OK 24 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.232:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 364b6593499a976c47c496fe0ba5ef9e
a65501953f660e699fc19d3dab3d7b9d65c607e7
b1433edbb4a38610648b0c1e9757ef389596e2fa7b3f234c73e6b44e3f99317d
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:58 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: cefe81bc9b20e7a3ecb8377a258fb31f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 06 Sep 2022 06:53:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pe3Tl6%2B2SbROW5Z38ssP0Ilw374ahhDiQ43XOyffPsyBhLL7CxD%2BMD7kZdRud0QilQdz8wyunMWATwK6TnWvC%2BiHEZpXxPKFmuK28z8F7pxDNkBvTHpu%2BtHDpxbzWmtMrZaqWc4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74654a64ebc68926-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5518
Expires: Tue, 06 Sep 2022 08:25:56 GMT
Date: Tue, 06 Sep 2022 06:53:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:33 GMT
age: 32965
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/KUlpOdEYxNSASeSYzKkl/ZGt3QXB0MD0bKCJnLBkgOgwCADAmAyYkCDN8Og4ib2poGCc8PXNSIzw5c0VgMz4sSXJ0Lj4bLW8vIBAjNDMgESJ0Ly9JKz0gJxgqM398MnN8amtGdnoif0VjYRhrRnY+MyABPndofgx+ZAV4QGNhGGtGdiAsa0cHa2xgRG93aH-4TIzExIVF0FGh+RXZia35FY2BqKB00NzwhDGNgHHdCaGJ8O0l3
54.230.245.16200 OK 333 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/KUlpOdEYxNSASeSYzKkl/ZGt3QXB0MD0bKCJnLBkgOgwCADAmAyYkCDN8Og4ib2poGCc8PXNSIzw5c0VgMz4sSXJ0Lj4bLW8vIBAjNDMgESJ0Ly9JKz0gJxgqM398MnN8amtGdnoif0VjYRhrRnY+MyABPndofgx+ZAV4QGNhGGtGdiAsa0cHa2xgRG93aH-4TIzExIVF0FGh+RXZia35FY2BqKB00NzwhDGNgHHdCaGJ8O0l3
IP 54.230.245.16:0
File type ASCII text, with very long lines (410), with no line terminators
Hash 154dfc3e59ad302c74a163ec387abb1a
2a4ccaa37b61862bfc6c000ba2b72e932dd8850e
84d43a056197a0ed5b87f658652b844a75dbeecdaf5347f35ab8e031a3bfcb11
GET /KUlpOdEYxNSASeSYzKkl/ZGt3QXB0MD0bKCJnLBkgOgwCADAmAyYkCDN8Og4ib2poGCc8PXNSIzw5c0VgMz4sSXJ0Lj4bLW8vIBAjNDMgESJ0Ly9JKz0gJxgqM398MnN8amtGdnoif0VjYRhrRnY+MyABPndofgx+ZAV4QGNhGGtGdiAsa0cHa2xgRG93aH-4TIzExIVF0FGh+RXZia35FY2BqKB00NzwhDGNgHHdCaGJ8O0l3 HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ktobedirectu.autos/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 333
date: Tue, 06 Sep 2022 06:53:58 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P2HozBRfseBnhP-XfUv7-scgu9XaCGMjYtXsGRLGi8U73Mh6qOhorQ==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86e2429c-04f6-4791-b0ac-bfe10ee01611.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86e2429c-04f6-4791-b0ac-bfe10ee01611.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 567b5c4783f4affe56eab1cd640447d0
e02a994b68bca6eb31847ca69e574759629d1029
f3b8af815de503b88bba689b28a1d2b4b7616936ecc5d62d15fa00adaa5e340f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86e2429c-04f6-4791-b0ac-bfe10ee01611.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7021
x-amzn-requestid: 110fef70-1cfe-4d9c-b70b-ae79bae60d7f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X32-4EFZoAMF7jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313052b-1481c6fe0e01c53b56608e14;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:41:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xWd68t8cJN-4D3x_veAgxzFX0uUClx7T0U6dPnHukKaAPzjt7mnOvA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 05:49:51 GMT
age: 3847
etag: "e02a994b68bca6eb31847ca69e574759629d1029"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41c7f9a9-3c6b-4941-9798-9ec7dacff0e6.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41c7f9a9-3c6b-4941-9798-9ec7dacff0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fba6ee2bc4b89cbba972478520565d2
204faf6513d9145bc8412b8b6bcedd7c70a1ba2c
9a2b97e196232b9ee8d36045ec97bb7d573609f1ae18c56cb158c7c1ab2ed9a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41c7f9a9-3c6b-4941-9798-9ec7dacff0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8146
x-amzn-requestid: 41398033-67f0-4a17-863d-db69747514ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYIYG8GoAMFhWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d68-09abc90f73f3cc2a1a629840;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iocOBWse_L_nfOvUKE11ocxHZxLEgcjWV_CIbvAjAxt9IEl0eoTKjg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:11:09 GMT
etag: "204faf6513d9145bc8412b8b6bcedd7c70a1ba2c"
content-type: image/jpeg
age: 31369
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78f3c06-9254-405a-8dbf-2fa65b66376b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78f3c06-9254-405a-8dbf-2fa65b66376b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 022be15c9cc450f4af703fe8b9fcc702
82342473945f187bbf9b4455c440a01f9269c12b
df07001b8e2b79632e1a3100d957a215fcec7550a9802df87d6d3bee42c14696
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78f3c06-9254-405a-8dbf-2fa65b66376b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8322
x-amzn-requestid: 9ea441c6-67b1-4325-96b0-54862e35c2bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYHkFKEIAMFR7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d63-5c6ce0ad219286c66f7280bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6uMJTARUoTKpxJQmsg2jOYLz1-wew33PQECfoW_7FR2s3ccBk8QqIg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:58:51 GMT
etag: "82342473945f187bbf9b4455c440a01f9269c12b"
content-type: image/jpeg
age: 32107
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ce50dfa23e7f34ff68cc6426c2823f7
b1685694999272feb4d9fc39296418cd95480678
4df89827b1b34bb577f28f281ed85067a2e34dd48923b9bae1561e81f67be49b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7152
x-amzn-requestid: 2571ff54-e2f8-4072-8a26-3d0dd4cd3523
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsfHz_IAMFaXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-6a598849314cdc433f9f82f7;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I6xmRiAaxHPKpBlCPaRWoMiISlrXRrltO57N3NayiuIvv3gCWTWCZQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:53:35 GMT
age: 32423
etag: "b1685694999272feb4d9fc39296418cd95480678"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d13129-50cd-414b-b7d2-918afd9144b6.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d13129-50cd-414b-b7d2-918afd9144b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bf0314072a1c7cc981f0640ee708c25
47109d3c10438ee4a598d60e43c6f92645eaf0c9
31cc505951d7d9ced676d6b4c600e986bdd835e44ff67a65d1138552291abcbf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d13129-50cd-414b-b7d2-918afd9144b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7677
x-amzn-requestid: e1fcebb9-140c-4a2d-bcb2-79e192757079
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYH6EQgIAMFR4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d65-62f355c751c3c7250070ed91;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:43:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3Rjz2v5eU-sicy0iBG2nxIA4DTp878y_igYE4eyXkGXBaqDvB3TbMg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:58:51 GMT
etag: "47109d3c10438ee4a598d60e43c6f92645eaf0c9"
content-type: image/jpeg
age: 32107
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.127.140.33200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.127.140.33:0
File type ASCII text, with no line terminators
Hash 44d918b0a1cd778fdbd1df0295b04ed2
c7829bb29f99c9a50a48db6d2ee17b3b24543586
2ac80db1ac79c1347dfa011bda2c179e6b65a5f7d02e6a261d82b46dfe37379c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
set-cookie: uid_id2=b516671c-cecc-4c6b-a5c4-e84416182a16:1:1; expires=Fri, 03 Sep 2032 06:53:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/oOUppaEZaJQcOeU0jDVV/D3hZWXQfIBoHKEl3OCEIfjs6MhRWBCQeEHZsHRIiBHpPBCdXLVROI1cpVFlgWC4LVXIfPwhVK1YwAAQqWG9bLnMXekxadhEyWFljCghMWnZVIwcdPhx4WRB+DxVfXGMKCExadks8TFsHAHxHWG8ceFkPI1ohBk10f3hZWXYJe1-lZYwt6DwE0XCwGEGMLDFBeaAlsHFV3
54.230.245.16200 OK 186 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/oOUppaEZaJQcOeU0jDVV/D3hZWXQfIBoHKEl3OCEIfjs6MhRWBCQeEHZsHRIiBHpPBCdXLVROI1cpVFlgWC4LVXIfPwhVK1YwAAQqWG9bLnMXekxadhEyWFljCghMWnZVIwcdPhx4WRB+DxVfXGMKCExadks8TFsHAHxHWG8ceFkPI1ohBk10f3hZWXYJe1-lZYwt6DwE0XCwGEGMLDFBeaAlsHFV3
IP 54.230.245.16:0
File type ASCII text, with no line terminators
Hash 9707b3f19b53375b9db3384ebb53534a
80f94cb05cc2b27a2074a8f8b2f4f605efa9cbdc
e1ba59e5e72cdb968c07b0f98654f7608540ee2a0c33447babaed15d3b354eed
GET /oOUppaEZaJQcOeU0jDVV/D3hZWXQfIBoHKEl3OCEIfjs6MhRWBCQeEHZsHRIiBHpPBCdXLVROI1cpVFlgWC4LVXIfPwhVK1YwAAQqWG9bLnMXekxadhEyWFljCghMWnZVIwcdPhx4WRB+DxVfXGMKCExadks8TFsHAHxHWG8ceFkPI1ohBk10f3hZWXYJe1-lZYwt6DwE0XCwGEGMLDFBeaAlsHFV3 HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ktobedirectu.autos/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 186
date: Tue, 06 Sep 2022 06:53:58 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r8p0Gpl8Arbe-IX6t_KB-afs9x9FNMIbCsV-M311X2GqSrSC-sFTeA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aef96b8749f0e29989a71ca97f4f4e91
4f9552bfc8060b9e04a80b2ad5f4b2595021b4e9
94861633123af64f2ca88f2b66bd1c26edb80d13e058d20971e4c6ecead0a604
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94861633123AF64F2CA88F2B66BD1C26EDB80D13E058D20971E4C6ECEAD0A604"
Last-Modified: Sat, 03 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1781
Expires: Tue, 06 Sep 2022 07:23:39 GMT
Date: Tue, 06 Sep 2022 06:53:58 GMT
Connection: keep-alive
d192r5l88wrng7.cloudfront.net/ZRlprbWElNQULXjIzD1BYcGhbXFVgMBgCDzZnLDsxEzk4GycRfB8XBXtqTQEAKD1WSwQoOVZcRyc+CVBVYC4bAgp7KBoVGSg1CBQDL3weDFwrNREEDSo7Tl8nc3RbSFN2chNcUGNpKUhTdjYCAxQ+f1ldGX5sNFtVY2kpSFN2KB1IUgdjXUNRb39ZXQYjOQ-ACRHQcWV1QdmpaXVBjaFsLCDQ/DQIZY2gtVFdoak0YXHc
54.230.245.16200 OK 594 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/ZRlprbWElNQULXjIzD1BYcGhbXFVgMBgCDzZnLDsxEzk4GycRfB8XBXtqTQEAKD1WSwQoOVZcRyc+CVBVYC4bAgp7KBoVGSg1CBQDL3weDFwrNREEDSo7Tl8nc3RbSFN2chNcUGNpKUhTdjYCAxQ+f1ldGX5sNFtVY2kpSFN2KB1IUgdjXUNRb39ZXQYjOQ-ACRHQcWV1QdmpaXVBjaFsLCDQ/DQIZY2gtVFdoak0YXHc
IP 54.230.245.16:0
File type ASCII text, with very long lines (837), with no line terminators
Hash 518a3af8029435ac4091f8b25fb0394e
75e2c7a2cdb035df0a7bf3a715c8b8e53c610668
f15036dfc73a9e1edf6b4a6bb49a8af11a11bbaaf9815820478aaecc255bd8ee
GET /ZRlprbWElNQULXjIzD1BYcGhbXFVgMBgCDzZnLDsxEzk4GycRfB8XBXtqTQEAKD1WSwQoOVZcRyc+CVBVYC4bAgp7KBoVGSg1CBQDL3weDFwrNREEDSo7Tl8nc3RbSFN2chNcUGNpKUhTdjYCAxQ+f1ldGX5sNFtVY2kpSFN2KB1IUgdjXUNRb39ZXQYjOQ-ACRHQcWV1QdmpaXVBjaFsLCDQ/DQIZY2gtVFdoak0YXHc HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ktobedirectu.autos/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 594
date: Tue, 06 Sep 2022 06:53:58 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZpHYV_C4DoWol3B-flhSVdI0cnZ72g0Jw3k12dwcZMA-frTbkTv9wg==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a06cb209fdc15ecf8329895a6c0fc705
cb50f7e79c5db17b1b6bdaa5078d6a2bcb16b978
456a815459be52bda7348e51591a765c94a46e7ed36b70a69142c4163b3f62dc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "456A815459BE52BDA7348E51591A765C94A46E7ED36B70A69142C4163B3F62DC"
Last-Modified: Sun, 04 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9835
Expires: Tue, 06 Sep 2022 09:37:53 GMT
Date: Tue, 06 Sep 2022 06:53:58 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a06cb209fdc15ecf8329895a6c0fc705
cb50f7e79c5db17b1b6bdaa5078d6a2bcb16b978
456a815459be52bda7348e51591a765c94a46e7ed36b70a69142c4163b3f62dc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "456A815459BE52BDA7348E51591A765C94A46E7ED36B70A69142C4163B3F62DC"
Last-Modified: Sun, 04 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9835
Expires: Tue, 06 Sep 2022 09:37:53 GMT
Date: Tue, 06 Sep 2022 06:53:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07869ddc8aa688fe8a93876ef1264055
636614db9c01c03fcc2d10f5f949b513e1a338c9
ab8f4fcf2e21b2e44d69d6e4a6478a7eb6cf8e451202c7dc2854ef68b8e91b2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5588
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:53:58 GMT
Last-Modified: Tue, 06 Sep 2022 05:20:50 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 06 Sep 2022 06:53:58 GMT
access-control-allow-origin: *
etag: "6315c3a4-2b"
expires: Tue, 06 Sep 2022 07:53:58 GMT
accept-ranges: bytes
last-modified: Mon, 05 Sep 2022 12:38:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 25e68f68b7c18642454155d7298bd572
063e5205568cc6e411d43ed5bc4cf0c4f503ffc7
f1c0014f27300523b095e7bce59b78f41a77c474722ecb5444658916017b3dab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 25e68f68b7c18642454155d7298bd572
063e5205568cc6e411d43ed5bc4cf0c4f503ffc7
f1c0014f27300523b095e7bce59b78f41a77c474722ecb5444658916017b3dab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a06cb209fdc15ecf8329895a6c0fc705
cb50f7e79c5db17b1b6bdaa5078d6a2bcb16b978
456a815459be52bda7348e51591a765c94a46e7ed36b70a69142c4163b3f62dc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "456A815459BE52BDA7348E51591A765C94A46E7ED36B70A69142C4163B3F62DC"
Last-Modified: Sun, 04 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9835
Expires: Tue, 06 Sep 2022 09:37:53 GMT
Date: Tue, 06 Sep 2022 06:53:58 GMT
Connection: keep-alive
ktobedirectu.autos/utx?cb=9jczsz8XhD3O&top=xfantazy.com&tid=961956
143.204.55.29204 No Content 0 B URL HTTP/2 ktobedirectu.autos/utx?cb=9jczsz8XhD3O&top=xfantazy.com&tid=961956
IP 143.204.55.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=9jczsz8XhD3O&top=xfantazy.com&tid=961956 HTTP/1.1
Host: ktobedirectu.autos
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 06:53:58 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://xfantazy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 06 Sep 2022 06:54:58 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Pn_JTxv4NHmvfqJhCYez_rWo8aUGlV6I8zcCUEEC-Ajlu1Qk9EEpQQ==
X-Firefox-Spdy: h2
ktobedirectu.autos/utx?cb=yOSJdx6eKND0&top=xfantazy.com&tid=962014
143.204.55.29204 No Content 0 B URL HTTP/2 ktobedirectu.autos/utx?cb=yOSJdx6eKND0&top=xfantazy.com&tid=962014
IP 143.204.55.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=yOSJdx6eKND0&top=xfantazy.com&tid=962014 HTTP/1.1
Host: ktobedirectu.autos
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 06:53:58 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://xfantazy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 06 Sep 2022 06:54:58 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tjAmYuFaLGp40KMaqSEUIqXoiXjVMi02ZVCsCxU0XS4MmYhdTtv-Ow==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash adec0ed45fe0fb734cda1501be5b4c74
03e8b3717dd8949183689463f79291c85d2b74f5
0279ca308ab6b7fd7e8fa2be2787f81cee4287ae7365fc0f73313201f1f6bb4a
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 06:53:58 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S789101659%3A1662447238271008&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmWa9WgVwMuHyMFkOXTlAL7qbKhR194q7_sW77ajavcMW0OEgNfrqhITgoMlaZmRjvuGIgEo1A
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-f_8EGRi2yuWyMT-B01RF2w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:-D8S9M73ussR5liJ7WSfNtQZgl2pGw:MBMCGj3O_VI4uBf7;Path=/;Expires=Thu, 05-Sep-2024 06:53:58 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 395 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 734d0c2248d50eb17d9b396b9a396067
86e7cf3fb039c08688c93267b874eff33efcaaa1
b537397f33df57f2f1b27bd71a9f78be4a1ea913465e3e87fa6ee403eebb59a0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 06:53:58 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1693742199%3A1662447238284620&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUiR8v1wkTJUIguWgqkU9JU2imiDPwqhqQJqWqapHaWdqh3lS7ANSY-j3B3UC_hlyr3FvfQqA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-9C2IwaOR7sBmcticnuMOUQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:JDw_Z-_fZDATZhdZXdlSoJNd9MPNPQ:1cgPKYm8nPCACsN7;Path=/;Expires=Thu, 05-Sep-2024 06:53:58 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 80f29cbbe260408ee1418a6fbce5a537
96cfe52bcf90cfdba5cba7907d49a91f44adc032
de264b42b7c59bdadf606387adaca04af680705a947096d048f288c3e5be8517
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07869ddc8aa688fe8a93876ef1264055
636614db9c01c03fcc2d10f5f949b513e1a338c9
ab8f4fcf2e21b2e44d69d6e4a6478a7eb6cf8e451202c7dc2854ef68b8e91b2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5588
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:53:58 GMT
Last-Modified: Tue, 06 Sep 2022 05:20:50 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
graduatewonderentreaty.com/4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js
192.243.59.12200 OK 29 kB URL HTTP/1.1 graduatewonderentreaty.com/4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 997ee12cd5f25844e470ee9bc74b80dc
b0700f39316957aa0faea686824aa148c867cdc8
b7e7b1943497db5b9cb23ce6283c8369e2ca4e42f26413329d84e0e198c6cd78
Analyzer Verdict Alert quad9 Sinkholed
GET /4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Sep 2022 06:53:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b5c9089336ad899f78601376af2d4adc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
3.127.140.33200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.127.140.33:0
File type ASCII text, with no line terminators
Hash 44d918b0a1cd778fdbd1df0295b04ed2
c7829bb29f99c9a50a48db6d2ee17b3b24543586
2ac80db1ac79c1347dfa011bda2c179e6b65a5f7d02e6a261d82b46dfe37379c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: uid_id2=b516671c-cecc-4c6b-a5c4-e84416182a16:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1693742199%3A1662447238284620&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUiR8v1wkTJUIguWgqkU9JU2imiDPwqhqQJqWqapHaWdqh3lS7ANSY-j3B3UC_hlyr3FvfQqA
216.58.207.237403 Forbidden 1.2 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1693742199%3A1662447238284620&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUiR8v1wkTJUIguWgqkU9JU2imiDPwqhqQJqWqapHaWdqh3lS7ANSY-j3B3UC_hlyr3FvfQqA
IP 216.58.207.237:0
Hash fe5afb002df62b6a62d114584f3bbb05
4d902553fe921f9d6b9adb4cbf9fd98e5605ae1c
682a83d10011af184459828f1d74c5efdfeeb666d59c4f1e147a519b61b7ed1f
GET /v3/signin/identifier?dsh=S-1693742199%3A1662447238284620&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUiR8v1wkTJUIguWgqkU9JU2imiDPwqhqQJqWqapHaWdqh3lS7ANSY-j3B3UC_hlyr3FvfQqA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 06:53:58 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-gZEJg3fcnRYKPIbYK2fq-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=dOkUo_nUx2q6BiBPPXCDah6r30zmUCvEnWw02IBR2vuaKDQuVVyqj9Vp2WTWm-eUTxKSfcqzSXHne1zbzd4IdRgccZUKGmcMep5ru8r-8nNyBkUW3I7oQ-p_fZbn2OY2JWM-11ili7n6Ao7YwdnlkgXLx7Xzw1viweBiSSZPYUk; expires=Wed, 08-Mar-2023 06:53:58 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 7.7 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
Hash a7f8e3a1507ebe0b54b5a3cfad9d637e
42fde09f496d2046fd1cb3fd877acb3f51df5647
a69deebc1515b6eca1501d14fbcd7ad8e1dbb86751c0708b9ef79dcfb15c976e
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: poOJEkHLvqWhf5A+G7Bl6CuEag1m2fDNxtlRbZHGeopuaFKupCOv1L7nKsAVuMQcqMTJCsRa7UP/ldQyA46IZQ==
date: Tue, 06 Sep 2022 06:53:58 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
104.21.86.231200 OK 70 B IP 104.21.86.231:0
File type ASCII text, with no line terminators
Hash 21f9523f5223c30f98c108a159ecbfd5
e40985794e1f14d6b1dd8e712123dccb27fe7c8d
1d8624d5c2a0f5a019f72c2e6ee4850bb5d334c72222fe452748db781ccb0ab8
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Origin: https://xfantazy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:58 GMT
content-type: text/plain
set-cookie: csu=1818452992575475@1@1662447238; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwZpwmvrnIAa5%2BFDY6OqW7yFaDMe0xmOn0RptCySGcW497IJcAQmGKfr8osNbToVTJBF1Y7VC%2FGtNxOw7o9G0EIgPHIN43DXdC1t1iPyWGfuLv4sUyS5O2TxmhcoOuJL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a66e9e7b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A208294997%3Arqn%3A6%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A208294997%3Arqn%3A6%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A208294997%3Arqn%3A6%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 99
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 06 Sep 2022 06:53:58 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Sep-2022 06:53:58 GMT
last-modified: Tue, 06-Sep-2022 06:53:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A467001518%3Arqn%3A4%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A467001518%3Arqn%3A4%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A467001518%3Arqn%3A4%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 122
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 06 Sep 2022 06:53:58 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Sep-2022 06:53:58 GMT
last-modified: Tue, 06-Sep-2022 06:53:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A837995834%3Arqn%3A5%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A837995834%3Arqn%3A5%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A837995834%3Arqn%3A5%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 06 Sep 2022 06:53:58 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Sep-2022 06:53:58 GMT
last-modified: Tue, 06-Sep-2022 06:53:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
graduatewonderentreaty.com/sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2
192.243.59.12200 OK 4.4 kB URL HTTP/1.1 graduatewonderentreaty.com/sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (6188), with no line terminators
Hash 3f0a7d51035879f4c488daecbc6af906
9a8a24153f39ebdd8bab550dffa8e602a8d552d4
3f0c4b92658caff433fde331f773400d0c8b86bdec1963f45558709da54908f7
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Sep 2022 06:53:58 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://xfantazy.com
Access-Control-Allow-Origin: https://xfantazy.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15600826; expires=Wed, 07 Sep 2022 06:53:58 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 07 Sep 2022 06:53:58 GMT; secure; SameSite=None
uncs=1; expires=Wed, 07 Sep 2022 06:53:58 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 07 Sep 2022 06:53:58 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 07 Sep 2022 06:53:58 GMT; secure; SameSite=None
sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]; expires=Tue, 06 Sep 2022 06:54:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8fc7c6bbb04084b33632b88c1b3be1a5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A540234514%3Arqn%3A7%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A540234514%3Arqn%3A7%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A540234514%3Arqn%3A7%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 06 Sep 2022 06:53:58 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Sep-2022 06:53:58 GMT
last-modified: Tue, 06-Sep-2022 06:53:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
104.21.86.231200 OK 102 kB IP 104.21.86.231:0
Size 102 kB (102443 bytes)
Hash 3bb3e134e15f9db8ca962e65622030b4
d70eb42555f0467b7eba8cc18b91d25b7fced587
13b834de9ab04e04f4b7414cc74d68ff04b9f3797cb58784641bb192094697eb
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Origin: https://xfantazy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:58 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5848
last-modified: Tue, 06 Sep 2022 05:16:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tr1uohE0TmnCQBgfuAADWcCVhEU%2FM4LdaaeyQxhjdLlZSLkTqPLUrqCSW9%2FzZDu%2Bjup%2F9Gx66GmvEUyfCNkx0K4jt%2BwpR%2B7UPhCkKEvW43727mxG57I0G0AvyO4KnM4E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74654a66e9e6b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 61a1d49aa535963841c587d8263dd108
0efb6da29383ab32455f2df3490eb3cb2c27ae81
604f30f23d59dfe745af62dfe586c0135acd11f5c369298abca51ed81a20a2a2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "604F30F23D59DFE745AF62DFE586C0135ACD11F5C369298ABCA51ED81A20A2A2"
Last-Modified: Mon, 05 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6503
Expires: Tue, 06 Sep 2022 08:42:21 GMT
Date: Tue, 06 Sep 2022 06:53:58 GMT
Connection: keep-alive
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A39364593%3Arqn%3A8%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233%3At%3AMiss%20Bellerose%20-%20Encouraging%20Addiction%20JOI%20-%20%5BFemdom%20porn%5D%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%288%29fip%281%29rqnl%281%29ti%282%29
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A39364593%3Arqn%3A8%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233%3At%3AMiss%20Bellerose%20-%20Encouraging%20Addiction%20JOI%20-%20%5BFemdom%20porn%5D%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%288%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&charset=utf-8&hittoken=1662447237_cd1f3954457f434f7edeab3b8a96f1e7f39259457313e8fa031a3fa24654e848&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A454293999355%3Ahid%3A1068801231%3Az%3A0%3Ai%3A20220906065353%3Aet%3A1662447233%3Ac%3A1%3Arn%3A39364593%3Arqn%3A8%3Au%3A1662447232675299073%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662447230276%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662447233%3At%3AMiss%20Bellerose%20-%20Encouraging%20Addiction%20JOI%20-%20%5BFemdom%20porn%5D%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%288%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 06 Sep 2022 06:53:58 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Sep-2022 06:53:58 GMT
last-modified: Tue, 06-Sep-2022 06:53:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8111723dc8ced7303e439f9941caffcd
5333468fa189daa1fef7d2f9c38bf7c93b59b54e
344e924674ddf2db585758888c419aace672672e9ad0abcb3de7a51233109d6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "344E924674DDF2DB585758888C419AACE672672E9AD0ABCB3DE7A51233109D6F"
Last-Modified: Mon, 05 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12172
Expires: Tue, 06 Sep 2022 10:16:50 GMT
Date: Tue, 06 Sep 2022 06:53:58 GMT
Connection: keep-alive
reasonablelandmark.com/pixel/purst?dl=0&th=0&sc=0&rs=2899&rd=2899&fd=574&bv=22.8.v.2&tmpl=136
192.243.61.227200 OK 0 B URL HTTP/1.1 reasonablelandmark.com/pixel/purst?dl=0&th=0&sc=0&rs=2899&rd=2899&fd=574&bv=22.8.v.2&tmpl=136
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2899&rd=2899&fd=574&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: reasonablelandmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 06 Sep 2022 06:53:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 33fb6f8c1fb48f27b58d21e1d8d7bd27
23225ab4d426fbd7a0a44a33f747c1b7c0cf991d
8e801f87ac67f3c273535216d93c7ce19cb43c9be44e7e41741988ff92cfc75b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E801F87AC67F3C273535216D93C7CE19CB43C9BE44E7E41741988FF92CFC75B"
Last-Modified: Mon, 05 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17994
Expires: Tue, 06 Sep 2022 11:53:53 GMT
Date: Tue, 06 Sep 2022 06:53:59 GMT
Connection: keep-alive
ktobedirectu.autos/floater?cs=WlkwOWVjbQQIVG9uCABQaWkEDFU&abt=0&red=1&sm=83&k=xfantazy%20miss%20bellerose%20encouraging%20addiction%20femdom%20porn&v=0.8.9.1&sts=0&prn=1&emb=0&tid=961956&fs=1&t=600&m=1&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&jst=4&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi3_&_6IRU=1662447233271&crc=1
143.204.55.29200 OK 1.2 kB URL HTTP/2 ktobedirectu.autos/floater?cs=WlkwOWVjbQQIVG9uCABQaWkEDFU&abt=0&red=1&sm=83&k=xfantazy%20miss%20bellerose%20encouraging%20addiction%20femdom%20porn&v=0.8.9.1&sts=0&prn=1&emb=0&tid=961956&fs=1&t=600&m=1&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&jst=4&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi3_&_6IRU=1662447233271&crc=1
IP 143.204.55.29:0
Hash ea36efa4627222f7ed3278149ebb0d23
5ea7aa3a8cad6fd0d8ced7f986077e5efbe1fb73
40d4449d99d9f931852ac083569ed3187cb1c6f9d05c9312908622b6caa8a714
GET /floater?cs=WlkwOWVjbQQIVG9uCABQaWkEDFU&abt=0&red=1&sm=83&k=xfantazy%20miss%20bellerose%20encouraging%20addiction%20femdom%20porn&v=0.8.9.1&sts=0&prn=1&emb=0&tid=961956&fs=1&t=600&m=1&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fxfantazy.com%2Fvideo%2F60e2920ced696b7119a44c73&jst=4&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi3_&_6IRU=1662447233271&crc=1 HTTP/1.1
Host: ktobedirectu.autos
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1207
date: Tue, 06 Sep 2022 06:53:59 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://xfantazy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=bc7507e8-9bb7-46eb-a6dc-d8c28e2f5c44
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ebmeht-poT-D3tjtrBXTv7PgIOmPjRhAzThTW6VEmud06AyoedKe7Q==
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.235.2200 OK 23 kB URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.235.2:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 506828123879d0cbbb3d138cafea056e
08be5a3473ece8248e5487b1cd93872193d0bb90
266395cf35ed60ba56c82aabd7289bd2db57a57939b5c6eeef63c7abf10399d1
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:58 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 817a49aa1097f34e66a129ef59aa73f4
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 06 Sep 2022 06:53:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ajs2xvuiZYMAz6jmPzmPQVVAmYJA9tS2ygYqOa%2BDDAuFy86bIHL%2BMRvTNVthWf0jL9DRVMCmqr6eGlrmXtMgxJo5ibsSu10efVz1NFZGJP3c%2BOXE053popUAtb3e8dUbZ%2BHwcQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74654a68bea37795-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bb22075867a180a59587c55e0facccb8
9af4960264c36cebebd5601a9a5a4fcc1b630c64
5d4e2ee6f555b320ef3e62390c1f3d8934f690e4f4d859cd19c015967f69a018
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5D4E2EE6F555B320EF3E62390C1F3D8934F690E4F4D859CD19C015967F69A018"
Last-Modified: Mon, 05 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13113
Expires: Tue, 06 Sep 2022 10:32:32 GMT
Date: Tue, 06 Sep 2022 06:53:59 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bb22075867a180a59587c55e0facccb8
9af4960264c36cebebd5601a9a5a4fcc1b630c64
5d4e2ee6f555b320ef3e62390c1f3d8934f690e4f4d859cd19c015967f69a018
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5D4E2EE6F555B320EF3E62390C1F3D8934F690E4F4D859CD19C015967F69A018"
Last-Modified: Mon, 05 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13113
Expires: Tue, 06 Sep 2022 10:32:32 GMT
Date: Tue, 06 Sep 2022 06:53:59 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bb22075867a180a59587c55e0facccb8
9af4960264c36cebebd5601a9a5a4fcc1b630c64
5d4e2ee6f555b320ef3e62390c1f3d8934f690e4f4d859cd19c015967f69a018
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5D4E2EE6F555B320EF3E62390C1F3D8934F690E4F4D859CD19C015967F69A018"
Last-Modified: Mon, 05 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13113
Expires: Tue, 06 Sep 2022 10:32:32 GMT
Date: Tue, 06 Sep 2022 06:53:59 GMT
Connection: keep-alive
graduatewonderentreaty.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F18%2F52%2F6a%2F18526a6becad408914fcf53d946360f0%2F1651134763.html&l=1558&fd=90
192.243.59.12200 OK 0 B URL HTTP/1.1 graduatewonderentreaty.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F18%2F52%2F6a%2F18526a6becad408914fcf53d946360f0%2F1651134763.html&l=1558&fd=90
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F18%2F52%2F6a%2F18526a6becad408914fcf53d946360f0%2F1651134763.html&l=1558&fd=90 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Sep 2022 06:53:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
pogothere.xyz/asd100.bin
104.21.86.231200 OK 108 kB IP 104.21.86.231:0
Size 108 kB (108382 bytes)
Hash c8a00f208b2e45ae3f9055e3e9b401ce
7272899d211247a9eb08745f6c6e40cf3b44db9c
4e03efe41b5ccdc9856b92c837d2ae374990bcdf181a07e1c5b7611b13504c32
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Origin: https://xfantazy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:58 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5848
last-modified: Tue, 06 Sep 2022 05:16:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FsDGw2f%2FsyXLTKA%2BLJW0EyTTlLsw4b1CB9z9B4y%2Bzi2DhIoIAH0I2TVm0kVqiq6ZSPz5MxdnVYdWp1bxItEX1vjMhN1Td06UI%2BcSYDfXjnVW4TIOi7D9qhcg0i1%2BJkI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74654a66e9eab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fdaa3919b9ba998d302973cf78060da7
be8697f38399f372352bad57131fd4e4812525c3
ee1cf02126c1311b6da7d80d30bd3a69d33f592fe6d11ec8ded804465d0eba7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE1CF02126C1311B6DA7D80D30BD3A69D33F592FE6D11EC8DED804465D0EBA7A"
Last-Modified: Sun, 04 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6002
Expires: Tue, 06 Sep 2022 08:34:01 GMT
Date: Tue, 06 Sep 2022 06:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fdaa3919b9ba998d302973cf78060da7
be8697f38399f372352bad57131fd4e4812525c3
ee1cf02126c1311b6da7d80d30bd3a69d33f592fe6d11ec8ded804465d0eba7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE1CF02126C1311B6DA7D80D30BD3A69D33F592FE6D11EC8DED804465D0EBA7A"
Last-Modified: Sun, 04 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6002
Expires: Tue, 06 Sep 2022 08:34:01 GMT
Date: Tue, 06 Sep 2022 06:53:59 GMT
Connection: keep-alive
static-cache.k2s.cc/thumbnail/d76QuHOnzPjp_22e-Q/w320h240/0.jpeg
188.72.235.185200 OK 12 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/d76QuHOnzPjp_22e-Q/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash aa0e96444a4ba31b71edf6ca42a06f1a
9d38b7bc74e4f128c77a0c8410a53f41db01ebf8
4e047011cc5699a13ce5c36ad38b7b75463018907986c5e1d32c29bd5b741e1f
GET /thumbnail/d76QuHOnzPjp_22e-Q/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: image/jpeg
content-length: 11527
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/curG6X_1wv268DTB-w/w320h240/0.jpeg
188.72.235.185200 OK 13 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/curG6X_1wv268DTB-w/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 4928692d04cc9c9b0ff1412107aee101
50cee0050ea531e3de8fcedf1092bf96fe16194b
9c5a07c66d2e340418ba07a9c56862c3bf2c2c81c1fd5da985fad6921ac08c01
GET /thumbnail/curG6X_1wv268DTB-w/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: image/jpeg
content-length: 12893
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/drnGv3ainq7vqTqT9g/w320h240/0.jpeg
188.72.235.185200 OK 15 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/drnGv3ainq7vqTqT9g/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 7a40c2684675ce4c94608fd9f5a6eded
95002a236fac3096892885763766d1589d44094d
59678b8948952ac72ff82d86a27038360f915d722b134ece68c7e82be59a447d
GET /thumbnail/drnGv3ainq7vqTqT9g/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: image/jpeg
content-length: 14565
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/25/f8/67/25f8672a8dede505f1d482a0fae4ce30/1655369803.jpg
45.133.44.10200 OK 11 kB URL HTTP/2 cdn.cloudimagesb.com/si/25/f8/67/25f8672a8dede505f1d482a0fae4ce30/1655369803.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash fdd0d70787cbe32ddf0f337191cd073e
c69ec6c3647241c0fecb67eba56195414120253b
e2014a64037f30864207347c73f351be90f4cf3b5abaed05f86252d9007cb40d
GET /si/25/f8/67/25f8672a8dede505f1d482a0fae4ce30/1655369803.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: image/jpeg
content-length: 11257
server: nginx/1.17.6
last-modified: Thu, 16 Jun 2022 08:56:51 GMT
etag: "62aaf053-2bf9"
expires: Thu, 08 Sep 2022 06:53:59 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/d0/a0/d8/d0a0d821060389d259eacced98d832d6/1655369780.jpg
45.133.44.10200 OK 11 kB URL HTTP/2 cdn.cloudimagesb.com/si/d0/a0/d8/d0a0d821060389d259eacced98d832d6/1655369780.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 3f40e4f0a14d71c9e6f54240628972a6
40f2097b5d23a3a724f67d7b1a00347638777e69
6917138d08085819df6ded4e805183cbe3987695f8861aea7d84e5449406be1f
GET /si/d0/a0/d8/d0a0d821060389d259eacced98d832d6/1655369780.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: image/jpeg
content-length: 11220
server: nginx/1.17.6
last-modified: Thu, 16 Jun 2022 08:56:28 GMT
etag: "62aaf03c-2bd4"
expires: Thu, 08 Sep 2022 06:53:59 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/JOiRvCOnwq7urTqR9w/w320h240/0.jpeg
188.72.235.185200 OK 10 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/JOiRvCOnwq7urTqR9w/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 4caa4b36369b2c98e8ee4303d2b6860a
611e0752c141f9c7a6928e448122c6f3d2d58103
3363e17eee15c7a0726fc3b51311efbc855266a4d10ceae3e04a618c7408b323
GET /thumbnail/JOiRvCOnwq7urTqR9w/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: image/jpeg
content-length: 10469
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/cbnGvXWhw6q48D2R_g/w320h240/0.jpeg
188.72.235.185200 OK 21 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/cbnGvXWhw6q48D2R_g/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 5d69850ac778eef801df90c4e81485d4
a5d2a2ab96bc8c25dfaab016cdff814c7536b71c
50809d7dbd713cb5d216a790b93d3447c6cdbc3d14da7443236886f17d3dd524
GET /thumbnail/cbnGvXWhw6q48D2R_g/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: image/jpeg
content-length: 20884
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/cuiStCOmzv29_D-erg/w320h240/0.jpeg
188.72.235.185200 OK 15 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/cuiStCOmzv29_D-erg/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash f228920d593983ade21cf5da3c1d895a
1b572c4f8e44e2a9e10ffbe043b9130cd7ee52e1
fc23c867be8444c7465947de18267ca70874b1366adc3830131807c6c4d7579c
GET /thumbnail/cuiStCOmzv29_D-erg/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: image/jpeg
content-length: 14600
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/JL6bviCjnvi4-GiR9w/w320h240/0.jpeg
188.72.235.185200 OK 14 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/JL6bviCjnvi4-GiR9w/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 3b22513ebb8142231f4879d412490038
7194d44f254aa28201f694aa17216557741c69d6
cc39ef3e7db14a0d607cb0e41762b13d98fe8974d836983e835225427365356f
GET /thumbnail/JL6bviCjnvi4-GiR9w/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: image/jpeg
content-length: 14285
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/IbzC7n7wzP_orTjCrQ/w320h240/0.jpeg
188.72.235.185200 OK 15 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/IbzC7n7wzP_orTjCrQ/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 12d0c4de48b45c93965b05b02406a0bc
7e43c0f51b2abb318b20527b45108b90523c37cd
11e93f1877cb98d7793db9d1fb8dd57467753a18627b19304cc52e3257a008b0
GET /thumbnail/IbzC7n7wzP_orTjCrQ/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: image/jpeg
content-length: 15445
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/J7iSvnb3n_y_rGnC_g/w320h240/0.jpeg
188.72.235.185200 OK 16 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/J7iSvnb3n_y_rGnC_g/w320h240/0.jpeg
IP 188.72.235.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash a43721ef79c09ff50087ab72511a8f7c
0db1048260f49849cc14dca7c0829f773d36de2a
b795b374bd8a88bbf12e24b5f752899c8500362df595d84e02b3fdea61471822
GET /thumbnail/J7iSvnb3n_y_rGnC_g/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: image/jpeg
content-length: 15714
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
graduatewonderentreaty.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=42
192.243.59.12200 OK 0 B URL HTTP/1.1 graduatewonderentreaty.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=42
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=42 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Sep 2022 06:53:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
a.focusde.info/api/spots/382499?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 508 B URL HTTP/2 a.focusde.info/api/spots/382499?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (654)
Hash a3903b028653102e88ea34eacb349295
03cc29902774b1f28cdf300b70f5cfa1d7b0d924
fa6d560ef113177dff26df8d0f80cb4589960117a166d005aeb7e1930b04ebf0
GET /api/spots/382499?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=aEYWYZ6IM6krQgnbyq4o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
graduatewonderentreaty.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fstyle.css&l=8924&fd=40
192.243.59.12200 OK 0 B URL HTTP/1.1 graduatewonderentreaty.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fstyle.css&l=8924&fd=40
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fstyle.css&l=8924&fd=40 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Sep 2022 06:53:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
media.aso1.net/js/ifr.html
104.21.234.154200 OK 1.2 kB URL HTTP/2 media.aso1.net/js/ifr.html
IP 104.21.234.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fb00fc73173785157efcb8b220593db5
df50d0bab14c4cfd2b9e96723b90904ffd63e3f9
7935dce03649b3a1312da7206c0e54032ed1b9d1b5747cdf39b8017cd76b1fc3
GET /js/ifr.html HTTP/1.1
Host: media.aso1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: text/html
last-modified: Thu, 28 Jul 2022 09:55:04 GMT
etag: W/"62e25cf8-6ea"
expires: Tue, 02 Aug 2022 06:53:11 GMT
cache-control: max-age=259200
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-cache-status: HIT
age: 632565
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peAUC4yT0sVoveFerpWqQoJ7N2qVJB%2BcUbP%2Fzxn5W%2FBH0DFuBMaRxvBsqI659mI18qPQMShWOvltLZTlQARXR%2BA0yVbugLHiQqyATScKuRgHzGO7ZN%2B%2BJ2RD3Y271jISTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74654a6ede5c7738-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
graduatewonderentreaty.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fjs%2Fscript.js&l=1173&fd=12
192.243.59.12200 OK 426 B URL HTTP/1.1 graduatewonderentreaty.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fjs%2Fscript.js&l=1173&fd=12
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash 1c6adec0c880716a47f72ab05ec5273e
4f834281a17ebef39b7b3adc6fd7ec5ea1a9a408
ffbc323c673b0854824d7743db75021f47ae71f19fefa2c851a4b62eb549028c
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fjs%2Fscript.js&l=1173&fd=12 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Sep 2022 06:53:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
a.focusde.info/api/spots/391868?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 65 B URL HTTP/2 a.focusde.info/api/spots/391868?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 51490ccdc27fbd6385afb337fd5fec83
2092986933e45aac2c59ac7e758401f0e696114c
f69b51921898bc2b289bc250a0ef41da47b332dbb2e695a59b8a3e2fe0043129
GET /api/spots/391868?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=aEYWYZ6IM6krQgnbyq4o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
xfantazy.com/assets/fdm/red.jpg
104.26.1.188200 OK 47 kB URL HTTP/2 xfantazy.com/assets/fdm/red.jpg
IP 104.26.1.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=3, software=paint.net 4.3.11], baseline, precision 8, 950x150, components 3\012- data
Hash 03182adc3cdb1b7267447d2b71d72280
c24bab2446ef9d32bf80ebe6ac98ffd7439a30ee
914d5ef593b0c5cbdc3c1d07bbc942cb5092ac4d9b1f0981b9dafd8c96f6f5b9
GET /assets/fdm/red.jpg HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiI2NGYwMzAxZWU2MGI3IiwiaWF0IjoxNjYyNDQ3MjM3LCJleHAiOjE2NjMwNTIwMzd9.2SOlUQ6qq2j8v_YQPSuPpxR2uj9g83Jd_dKuyp0oyyI; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiNGJjZDgwYTQ0ZTI0ZCIsImlhdCI6MTY2MjQ0NzIzNywiZXhwIjoxNjY1MDM5MjM3fQ.g8pP1rQSCecLT-d6L4QkQJhnurLE6fclmX_p0mmcpU0; _ga=GA1.2.656588541.1662447232; _gid=GA1.2.2109603355.1662447232; _dc_gtm_UA-121614197-2=1; _ym_uid=1662447232675299073; _ym_d=1662447232; visitorGetPop=no; _ym_isad=2; sb_page_a2f990f10476061c719d1c1aa3a2ecd2=1; sb_onpage_a2f990f10476061c719d1c1aa3a2ecd2=1; sb_main_a2f990f10476061c719d1c1aa3a2ecd2=1; sb_count_a2f990f10476061c719d1c1aa3a2ecd2=1; _ym_visorc=b; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b516671c-cecc-4c6b-a5c4-e84416182a16%3A1%3A1; ppu_idelay_4d0afc2425eea6b0cd5a468c9f8a69ed=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=graduatewonderentreaty.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: image/jpeg
cf-bgj: h2pri
vary: Origin, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 306
last-modified: Tue, 06 Sep 2022 06:48:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IPqiA50%2B1Ipg%2BhltvKfKNLkAQMHWCEG52y3pk9oUNZsCGJboZS22SqTIfQZjIyFBXEFznEEUhuCSU6JEKxv%2FUy%2FMW0%2Bl1xlkf7hg1WedFuMPMfeZJinVfd%2FP5DoGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a6deee80b02-OSL
X-Firefox-Spdy: h2
graduatewonderentreaty.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r40L0YU%2FgiBFmZ0KOnlvfo9dBGNNDY1NTRXdyf31Jtfc9%2B7j3vfmTUaE0Eqpu%2Bl%2F8HImaVBD0a1gkEnRRUDIuMrCgC5cVkHoVplpaPCDx%2Fd975zFOee7t7ayE%2BIjo8eX3jN9pTWdq5f90qsfB8HF0rKKs16p12p80qhdLNnum%2B1G2X%2BtdFnydTNX8QPfD%2FygtKisDE1vbgJCJXvtoNz2y7VKOajX0LP%2F313mwVEPontCnoMS45n73iwUHyGOvr0k3XpqktffiTJNU2PRFbsfxuuxyWNEZ2NoPYTx7ikbxh0t7sPEO1O5MN3HRKbGxPt5HyzePRUJ1t2e6mQaMgYTTyHvjiD1CIqOwM1NKHFEAC5wdQVxdPeqsTndeITSCTomMw%2F%2FgcrHZOa3WcTRvQWteqXrRmepMrFDLyygeiOozghJdoC0fw4qPwBPb0CJX8jcw2XE0faK0wZKFFPvSo2gwhG0HIA6D9nkUx6y0EOWeIjEcYkHQdD0Bad%2Bq815VTQlawg%2FoM0woIHfaCHjE3kDpMkAXA%2FA7SYSu4l1dWdMyI1t2OxHuLUCTnhw6Zh472%2BiKwrkkiB3BDklyBVBnhLk3WJHaFdxxV2hXcaC01457dViaNLOFt0xaUfGZCs5Ic9Ow3nw9PdYl8clWgnbbT8M%2FFqz4TcC3gzaIuABpVVakVxU4FQB5c5N%2FfbVmMxe%2BAPJ5GCf%2FwtGD%2BD0Abh6BjR7CTQfNis%2B6Nqw1vLRj%2Fd6IY1T2t8ocxNBmAJJOoN0w9vSJ%2BTFqY76GwaSH84fvfJXZZUNwW2BxBb4VN0n6Ojbw1WTk%2B1Vkzvy3UqSqkj16eSA11Oayie%2BviI3cmPF0iU3%2BOotPgEm494H0qXLNBYq7jjyzYISQtpFY7kkPyy5jyS7lrm1hczGWbJ87e3FpSix0jll4hHoxNrz74KrMXlyQU7f5oX9P6HsCDYrEGWH5LSgzAF4sgmXHM5%2F0f%2F98r3Zz%2BDMeVh9xmGJhzwrhrbCzn5qRaDl2U5ZAScP54%2B%2FbF75afdvMPk4kC13Gx37Mmh6E3FUoGsLdHUBqgdw2flhmtjD%2BV%2Br0wLT3pBp620zbfWdR%2BE6dVyq%2BqLJZCibTNbqtVBywep15vOQs6potThSN%2BYvPLj1HwAAAP%2F%2FAQAA%2F%2F93DUM3ZgQAAA%3D%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 graduatewonderentreaty.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r40L0YU%2FgiBFmZ0KOnlvfo9dBGNNDY1NTRXdyf31Jtfc9%2B7j3vfmTUaE0Eqpu%2Bl%2F8HImaVBD0a1gkEnRRUDIuMrCgC5cVkHoVplpaPCDx%2Fd975zFOee7t7ayE%2BIjo8eX3jN9pTWdq5f90qsfB8HF0rKKs16p12p80qhdLNnum%2B1G2X%2BtdFnydTNX8QPfD%2FygtKisDE1vbgJCJXvtoNz2y7VKOajX0LP%2F313mwVEPontCnoMS45n73iwUHyGOvr0k3XpqktffiTJNU2PRFbsfxuuxyWNEZ2NoPYTx7ikbxh0t7sPEO1O5MN3HRKbGxPt5HyzePRUJ1t2e6mQaMgYTTyHvjiD1CIqOwM1NKHFEAC5wdQVxdPeqsTndeITSCTomMw%2F%2FgcrHZOa3WcTRvQWteqXrRmepMrFDLyygeiOozghJdoC0fw4qPwBPb0CJX8jcw2XE0faK0wZKFFPvSo2gwhG0HIA6D9nkUx6y0EOWeIjEcYkHQdD0Bad%2Bq815VTQlawg%2FoM0woIHfaCHjE3kDpMkAXA%2FA7SYSu4l1dWdMyI1t2OxHuLUCTnhw6Zh472%2BiKwrkkiB3BDklyBVBnhLk3WJHaFdxxV2hXcaC01457dViaNLOFt0xaUfGZCs5Ic9Ow3nw9PdYl8clWgnbbT8M%2FFqz4TcC3gzaIuABpVVakVxU4FQB5c5N%2FfbVmMxe%2BAPJ5GCf%2FwtGD%2BD0Abh6BjR7CTQfNis%2B6Nqw1vLRj%2Fd6IY1T2t8ocxNBmAJJOoN0w9vSJ%2BTFqY76GwaSH84fvfJXZZUNwW2BxBb4VN0n6Ojbw1WTk%2B1Vkzvy3UqSqkj16eSA11Oayie%2BviI3cmPF0iU3%2BOotPgEm494H0qXLNBYq7jjyzYISQtpFY7kkPyy5jyS7lrm1hczGWbJ87e3FpSix0jll4hHoxNrz74KrMXlyQU7f5oX9P6HsCDYrEGWH5LSgzAF4sgmXHM5%2F0f%2F98r3Zz%2BDMeVh9xmGJhzwrhrbCzn5qRaDl2U5ZAScP54%2B%2FbF75afdvMPk4kC13Gx37Mmh6E3FUoGsLdHUBqgdw2flhmtjD%2BV%2Br0wLT3pBp620zbfWdR%2BE6dVyq%2BqLJZCibTNbqtVBywep15vOQs6potThSN%2BYvPLj1HwAAAP%2F%2FAQAA%2F%2F93DUM3ZgQAAA%3D%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r40L0YU%2FgiBFmZ0KOnlvfo9dBGNNDY1NTRXdyf31Jtfc9%2B7j3vfmTUaE0Eqpu%2Bl%2F8HImaVBD0a1gkEnRRUDIuMrCgC5cVkHoVplpaPCDx%2Fd975zFOee7t7ayE%2BIjo8eX3jN9pTWdq5f90qsfB8HF0rKKs16p12p80qhdLNnum%2B1G2X%2BtdFnydTNX8QPfD%2FygtKisDE1vbgJCJXvtoNz2y7VKOajX0LP%2F313mwVEPontCnoMS45n73iwUHyGOvr0k3XpqktffiTJNU2PRFbsfxuuxyWNEZ2NoPYTx7ikbxh0t7sPEO1O5MN3HRKbGxPt5HyzePRUJ1t2e6mQaMgYTTyHvjiD1CIqOwM1NKHFEAC5wdQVxdPeqsTndeITSCTomMw%2F%2FgcrHZOa3WcTRvQWteqXrRmepMrFDLyygeiOozghJdoC0fw4qPwBPb0CJX8jcw2XE0faK0wZKFFPvSo2gwhG0HIA6D9nkUx6y0EOWeIjEcYkHQdD0Bad%2Bq815VTQlawg%2FoM0woIHfaCHjE3kDpMkAXA%2FA7SYSu4l1dWdMyI1t2OxHuLUCTnhw6Zh472%2BiKwrkkiB3BDklyBVBnhLk3WJHaFdxxV2hXcaC01457dViaNLOFt0xaUfGZCs5Ic9Ow3nw9PdYl8clWgnbbT8M%2FFqz4TcC3gzaIuABpVVakVxU4FQB5c5N%2FfbVmMxe%2BAPJ5GCf%2FwtGD%2BD0Abh6BjR7CTQfNis%2B6Nqw1vLRj%2Fd6IY1T2t8ocxNBmAJJOoN0w9vSJ%2BTFqY76GwaSH84fvfJXZZUNwW2BxBb4VN0n6Ojbw1WTk%2B1Vkzvy3UqSqkj16eSA11Oayie%2BviI3cmPF0iU3%2BOotPgEm494H0qXLNBYq7jjyzYISQtpFY7kkPyy5jyS7lrm1hczGWbJ87e3FpSix0jll4hHoxNrz74KrMXlyQU7f5oX9P6HsCDYrEGWH5LSgzAF4sgmXHM5%2F0f%2F98r3Zz%2BDMeVh9xmGJhzwrhrbCzn5qRaDl2U5ZAScP54%2B%2FbF75afdvMPk4kC13Gx37Mmh6E3FUoGsLdHUBqgdw2flhmtjD%2BV%2Br0wLT3pBp620zbfWdR%2BE6dVyq%2BqLJZCibTNbqtVBywep15vOQs6potThSN%2BYvPLj1HwAAAP%2F%2FAQAA%2F%2F93DUM3ZgQAAA%3D%3D HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Sep 2022 06:53:59 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cce33b61506898ce1d8fb4a8079d93cb
Strict-Transport-Security: max-age=0; includeSubdomains
graduatewonderentreaty.com/pixel/sbs?c=1
192.243.59.12200 OK 1.3 kB URL HTTP/1.1 graduatewonderentreaty.com/pixel/sbs?c=1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash da167b6f5238c5443409fd1414572e5e
5d5f94ef5b46cc621a7827fefbf823f13d88d436
809f7d456ee7b003aa3d86bb4b199eb5828d6227acd0e71267c36bc5d9b4eb1a
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Sep 2022 06:53:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
a.bestcontentfood.top/warp/4787912?r=98645
104.21.52.148200 OK 1.8 kB URL HTTP/2 a.bestcontentfood.top/warp/4787912?r=98645
IP 104.21.52.148:0
File type ASCII text, with very long lines (4180), with no line terminators
Hash 24e1e584fcb2ef2ce73814c2abe5b7d3
4d8a581ae06e729ae1b8b5b39195503cd329a590
5e5a48f76c4edcb2347190be6ccb1a06765e092247340100f3e3ba8c046b79e1
Analyzer Verdict Alert fortinet Phishing
GET /warp/4787912?r=98645 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: application/javascript; charset=UTF-8
referer: b.bestcontentfood.top
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cPrJLYQ6KCEazmNd%2F794F9EmVKxq7gFzGG%2BTOWoiVqq07BskBnoKUlzGDglsvM3ZN25O2UAeiYzyWovVy5Mt%2B2VgWW1Bo8Cblrrw9jPO9uyzo79T0m70n6OBKIJ4RYpaRJRM%2F4JXY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a700fa0b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.tubecorp.com/i/b.html?spot=4692&src=562949385&pid=19775&width=300&height=250&spaceid=859
45.133.44.24200 OK 19 kB URL HTTP/2 cdn.tubecorp.com/i/b.html?spot=4692&src=562949385&pid=19775&width=300&height=250&spaceid=859
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash 05623f56dd1d2601da7f5d8c26809d4d
aaed8924d5b4f27a35345ef7283eaf1b7018c723
ad7db4ba6b4dbe63c18920a9f47fedcce1d97b4620d2c1e00f2cf1163aa89e15
GET /i/b.html?spot=4692&src=562949385&pid=19775&width=300&height=250&spaceid=859 HTTP/1.1
Host: cdn.tubecorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.20.1
last-modified: Sat, 20 Nov 2021 06:50:54 GMT
etag: W/"df-5d132d02c9e77"
x-request-id: 1641954d1127b285a37f795a5f9b4a50
content-encoding: gzip
expires: Tue, 06 Sep 2022 07:53:59 GMT
cache-control: max-age=3600
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0990eb9ff79276276adb65436bf6741e
167bc93278ced6a1166bdfe8f184d36ec1de8381
fa5626743e5d3c507924471084c73aaab785757dc014b5ea458580746be5bff3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:54:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 20:27:02 GMT
Expires: Fri, 09 Sep 2022 20:27:01 GMT
Etag: "167bc93278ced6a1166bdfe8f184d36ec1de8381"
Cache-Control: max-age=307380,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74654a733bbbb4fd-OSL
a.focusde.info/api/spots/391866?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 564 B URL HTTP/2 a.focusde.info/api/spots/391866?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 85f926af4ae8b7e60b86675353c2f79f
fb2886470b493aa820d5061f9b50f55f400efa37
c1c5f4fe6b2bedbe3fd78523de78045614409efacbf5c81fc46d91a446a3dd96
GET /api/spots/391866?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=aEYWYZ6IM6krQgnbyq4o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9375a8bb15c7a37f48fa1892af85bf0a
2c0b1199c04d7404d90192c16ca54bb862bfd2b8
872a9f851bec0448d56a1363cc27a8103bf7695d2afd4c64c850e4449c098bfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "872A9F851BEC0448D56A1363CC27A8103BF7695D2AFD4C64C850E4449C098BFA"
Last-Modified: Sat, 03 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5436
Expires: Tue, 06 Sep 2022 08:24:36 GMT
Date: Tue, 06 Sep 2022 06:54:00 GMT
Connection: keep-alive
poweredby.jads.co/js/jads.js
185.94.236.247301 Moved Permanently 1.4 kB URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.236.247:0
Hash d8710356b874f610bebb9b76db940fd1
c8bf3681591d27e95ee2b0d6d2539c884d43b99e
2ab72140b2cf6c561b16368f4c9f67fef9a93f330976271d0351eb0b30498ce0
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Sep 2022 06:54:00 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
a.focusde.info/api/spots/303894?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 5.3 kB URL HTTP/2 a.focusde.info/api/spots/303894?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (3767)
Hash e6bb3e2a7480585dc0ae4e5fb1813c74
9c5838052f32260bd0ac77e7e9e51bd8b31ebfd2
a0b3bcd1e39c5eebd48b901cc660e66811b76721cb6d426c4face5c6b60aad7d
GET /api/spots/303894?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=aEYWYZ6IM6krQgnbyq4o
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 601d02860a32cd0667c2b4b6d5746e29
cd419b7dbf9f54edca0ceca468d14627d70f0764
18b245d8cf9427a2fab1793342ec08d8b1967083aad465785540d7f6bbc1af01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18B245D8CF9427A2FAB1793342EC08D8B1967083AAD465785540D7F6BBC1AF01"
Last-Modified: Mon, 05 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12110
Expires: Tue, 06 Sep 2022 10:15:50 GMT
Date: Tue, 06 Sep 2022 06:54:00 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0990eb9ff79276276adb65436bf6741e
167bc93278ced6a1166bdfe8f184d36ec1de8381
fa5626743e5d3c507924471084c73aaab785757dc014b5ea458580746be5bff3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:54:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 20:27:02 GMT
Expires: Fri, 09 Sep 2022 20:27:01 GMT
Etag: "167bc93278ced6a1166bdfe8f184d36ec1de8381"
Cache-Control: max-age=307380,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74654a7338feb503-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 601d02860a32cd0667c2b4b6d5746e29
cd419b7dbf9f54edca0ceca468d14627d70f0764
18b245d8cf9427a2fab1793342ec08d8b1967083aad465785540d7f6bbc1af01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18B245D8CF9427A2FAB1793342EC08D8B1967083AAD465785540D7F6BBC1AF01"
Last-Modified: Mon, 05 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12110
Expires: Tue, 06 Sep 2022 10:15:50 GMT
Date: Tue, 06 Sep 2022 06:54:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1796d761d3bd91a7573d4342c7412249
fa2b68d5dc94a8b6a4cd9b892234e6bff54a3ab3
218ee5f9f59121418b933a1f08182f11ba1bb43952a3f13c1abd09ccddaada09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "218EE5F9F59121418B933A1F08182F11BA1BB43952A3F13C1ABD09CCDDAADA09"
Last-Modified: Sun, 04 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=451
Expires: Tue, 06 Sep 2022 07:01:31 GMT
Date: Tue, 06 Sep 2022 06:54:00 GMT
Connection: keep-alive
media.aso1.net/js/ifr.html
104.21.234.154200 OK 1.1 kB URL HTTP/2 media.aso1.net/js/ifr.html
IP 104.21.234.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ba3caeee1942a0eee2654d81c4578d85
814e5b2ccf64d193338fd2405c65e94176872650
53db5992209a357ca8349804e9c4889c9de67d24660a0fe0ef42b13837b45409
GET /js/ifr.html HTTP/1.1
Host: media.aso1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: text/html
last-modified: Thu, 28 Jul 2022 09:55:04 GMT
etag: W/"62e25cf8-6ea"
expires: Tue, 02 Aug 2022 06:53:11 GMT
cache-control: max-age=259200
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-cache-status: HIT
age: 632565
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyXOL8hcEDZBi7bN%2B8m1ltsKgkgA7oSWXAklyqJddz%2Fr7wvt4AWHHMPhTDfDFQvnoB4IniFvndzaTgjePTF9Zb0QGvCuSqzri4xTAi0iuaWgrfL5l1En16h1dXuI%2FX6Cxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74654a6eae327738-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.tsyndicate.com/sdk/v1/video.instant.message.js
8.247.218.249200 OK 3.5 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/video.instant.message.js
IP 8.247.218.249:0
File type ASCII text, with very long lines (539)
Hash b4ccf5d14fbe6be7a62784f96fbed92e
9d3391b4a10cc28bb455ebfbe1caccb3db1c4efd
e3f294d4f9f7227ebaaeb508792345e6bda148885c2d6335e8595338312b67e1
GET /sdk/v1/video.instant.message.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:00 GMT
content-type: application/javascript
content-length: 3512
last-modified: Thu, 21 Jul 2022 11:18:31 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"62d93607-21d4"
age: 4043849
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.adx1.com/964ea29fa8c906c50a6ce6278bed628d.png
149.6.163.10200 OK 19 kB URL HTTP/2 cdn.adx1.com/964ea29fa8c906c50a6ce6278bed628d.png
IP 149.6.163.10:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 749dc1a761b4cadc07648fe3ed87796a
0023796a9b6c8ec9c554b3aac96f99753568a6c1
d865312aaaacbcb21bf9525e62c3c93e889c543a2976e786772369981d9500c0
GET /964ea29fa8c906c50a6ce6278bed628d.png HTTP/1.1
Host: cdn.adx1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.15.8.3
date: Tue, 06 Sep 2022 06:54:00 GMT
content-type: image/png
content-length: 19427
last-modified: Tue, 21 Jun 2022 21:25:16 GMT
etag: "62b2373c-4be3"
expires: Thu, 15 Sep 2022 10:56:56 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=1946672005&pid=0&site=4692&sc=NO&usage_type=DCH&subid=562949385&sid=0&cid=12774&price=0&is_cpm=1&cpm=0.0048&ecpm=0.0048&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=a.focusde.info&hostname=auc-banner-hz-7&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=4692&utm_campaign=19775&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=&min_cpm=0.0001&placement_type_id=-1&skin_test=&verify_hash=&score=1&ml=&ttl=&space_id=859&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=&url=%2F%2Fin16.zog.link%2Fin%2Ftishow%2F%3Fkatds_ep%3DrGEfwgwiPCVKUm9BdtaSf4v_CLaRulkmwBV9tev7TQRuqM1T6xy60Zyls-ppNv7EnoCDz76bNUHqgr_I5cn7QjGj8H8Y4WGrDYMIYSSpyxTVt3ZMGi8whtIFIE6PagngMocQrLBagnUrAeQnox8159lBMXYE9zRX2FPdDtZbrxPSqe3Wdbe67dmqjGErCloa-tlPSW31B0pA3-350n_4pipxlZ3mfJvwoOMd2OnltGm5gT5v77B6gsJi5jk0oeia6gyvA_OieVFq3g_1X7h5WvWXrZvgNKqyiXw3m8cXvaCqghOPep9FICz6a6X36ArH8wU5s81h9ueKJYlpCmp8wmZKb_Ca_hks8P5hUlaqETXxU9LycnhB13AV4TtJx1-JkBqFR_P6izOZVv9XJ7N9SuqzsoQBWNE-oJgUFVPySTnVNlY4qDadWLrv3HIac8PS2NUwjtgoBLT8ExSDDyYpeUzAIBtC6zbxAcgAM-q6ICJpjAeKvRab2C_MCs1jVZXoLT2zTiexpTXS1BMCccM3iHs472Mfh5fQg0sEU_mEy5fkUBxgzIslWaV5cOkhGlniDEoNo3iSEHWKGRG_ZgDvKS0mKMjVmqS-nMDySBTI8cKjzJYY_yx75s_0drqHnS8gJLfpkutMpPljDDOPAIN8SxNdNJhOUxT7RGnk_zDCho1lMVt9axruqp-mlMmMgpb1gkc6nDTrvLIewuRqH5dFVBD2PKJ8guSa3mGujECQMmyy022vbbI_zO7Yi393E6Yd9IAeV8mP7INdyIqm1ChoRETzy2-P_jpL_dIOJYC8u3wXvP4j4IEQOL3zHC9SDQIAZsrdPmLeB5xfUNBuksUDMYv8YRDSF-egHJTJTy7bgDMZ50TUO_oCvte6y9GSBZDA6nMEP5kOXLEy4yTYyUrcsPIR8MukGoY58XsBokaQK7sug5ZBdwzHe_NI48H0_G3AnNBgh0j7gjyeEvoZY0W8-JRXxhbhxtyxs9s7FiDlkbN-KOjn6qLCWk_w77oTZDGwo9bXLMSPNCU-FB3lxws3Gew_hWQM4q-ZEEuCv-3OI6m8BcmuYaE_0bFL7Z_XOApphw1iDV2Xhk2mOk2_xLiCwrd1wlFYCj1uLYb8gHvDKEACy6FxYT3W0DAjfLV97sjDdz2hNoSqHLZ3-Oob-KlU6VLsya14HiJLG2MmKN9F-BKVlnFVwatv_W8dteemS2qJND4wi3TsMG2WNGrdLgjlbijaSz5sk_6Tad1hKoWmpD8m--nd5Tbmcw5qRpjiFSC8PI_2ilgsCxvWJ_1l2rxYxqLF41h3IPr9T_yYlMTVf0p49nHDoJju0V99WbzkCdTrX1UXU8G8Z2nrOG3hVsA1E_FDFqWNLKFBp23oTn5U9_jqhYJRteoXqz_rrXjL2yUALI4w8ta8grGpFonkCdO0lhxHsyhJPJ0hC04mdHT_zZPngK4fguhMvvUzWLC3FAXkEO1Y74ePIEEGDOiBmzmiTnyrivBT3_QZyoD7a4s0wEDlOvrVYFJNkUzOI7W_jHY0fJEk-YoiCYedBmwAS38Fa7yt2Z9xakQJd4gYoWJFvcibGh1hZjiOyF3FCIVUvEi9bjX2ae-3SWC_MfDQdiCPoppjPFxLwjF7OvA4TC_W8eSrAoIABBTejwkYEnFIy35YyXy-59A_vsKJdzAmsHX4kZwYgFPN6pwQ4uR31d9piahiDbszQ37qArhPTaeY4bwtCBiw44ygjJdY3e_ySsMvGHtwcs6da-8AcLDouymlXSVJJ_bmvefeq3muzv_10go14NCvhCqzGpUgzcN-adMrgL6UaoAPcuXhrRiSFZeSs5Vnp2uEu7MbzDTFHCvMhu9Oz5bCHJ7jdvGC2sDAps17s1r-qySa1Pt0Z-CFCCnDC9vONcWZnD1twJrr0yLxHR6iMV9wLwe8K5i9LzZXhpv5--d6hmKKgtLQMCtlUOkEIXQJ-XlU0_9xYSvueJy3Z_MK_SDIKSG1XTNCxdi3DQRMjSA9Cbsdjp-ONkspBlyymf85EBNwFXPK4_dldaC0SLwJKnDSoMiLwkZDkNY4xFs%26sp%3D0.0048&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=
159.69.163.6302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=1946672005&pid=0&site=4692&sc=NO&usage_type=DCH&subid=562949385&sid=0&cid=12774&price=0&is_cpm=1&cpm=0.0048&ecpm=0.0048&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=a.focusde.info&hostname=auc-banner-hz-7&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=4692&utm_campaign=19775&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=&min_cpm=0.0001&placement_type_id=-1&skin_test=&verify_hash=&score=1&ml=&ttl=&space_id=859&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=&url=%2F%2Fin16.zog.link%2Fin%2Ftishow%2F%3Fkatds_ep%3DrGEfwgwiPCVKUm9BdtaSf4v_CLaRulkmwBV9tev7TQRuqM1T6xy60Zyls-ppNv7EnoCDz76bNUHqgr_I5cn7QjGj8H8Y4WGrDYMIYSSpyxTVt3ZMGi8whtIFIE6PagngMocQrLBagnUrAeQnox8159lBMXYE9zRX2FPdDtZbrxPSqe3Wdbe67dmqjGErCloa-tlPSW31B0pA3-350n_4pipxlZ3mfJvwoOMd2OnltGm5gT5v77B6gsJi5jk0oeia6gyvA_OieVFq3g_1X7h5WvWXrZvgNKqyiXw3m8cXvaCqghOPep9FICz6a6X36ArH8wU5s81h9ueKJYlpCmp8wmZKb_Ca_hks8P5hUlaqETXxU9LycnhB13AV4TtJx1-JkBqFR_P6izOZVv9XJ7N9SuqzsoQBWNE-oJgUFVPySTnVNlY4qDadWLrv3HIac8PS2NUwjtgoBLT8ExSDDyYpeUzAIBtC6zbxAcgAM-q6ICJpjAeKvRab2C_MCs1jVZXoLT2zTiexpTXS1BMCccM3iHs472Mfh5fQg0sEU_mEy5fkUBxgzIslWaV5cOkhGlniDEoNo3iSEHWKGRG_ZgDvKS0mKMjVmqS-nMDySBTI8cKjzJYY_yx75s_0drqHnS8gJLfpkutMpPljDDOPAIN8SxNdNJhOUxT7RGnk_zDCho1lMVt9axruqp-mlMmMgpb1gkc6nDTrvLIewuRqH5dFVBD2PKJ8guSa3mGujECQMmyy022vbbI_zO7Yi393E6Yd9IAeV8mP7INdyIqm1ChoRETzy2-P_jpL_dIOJYC8u3wXvP4j4IEQOL3zHC9SDQIAZsrdPmLeB5xfUNBuksUDMYv8YRDSF-egHJTJTy7bgDMZ50TUO_oCvte6y9GSBZDA6nMEP5kOXLEy4yTYyUrcsPIR8MukGoY58XsBokaQK7sug5ZBdwzHe_NI48H0_G3AnNBgh0j7gjyeEvoZY0W8-JRXxhbhxtyxs9s7FiDlkbN-KOjn6qLCWk_w77oTZDGwo9bXLMSPNCU-FB3lxws3Gew_hWQM4q-ZEEuCv-3OI6m8BcmuYaE_0bFL7Z_XOApphw1iDV2Xhk2mOk2_xLiCwrd1wlFYCj1uLYb8gHvDKEACy6FxYT3W0DAjfLV97sjDdz2hNoSqHLZ3-Oob-KlU6VLsya14HiJLG2MmKN9F-BKVlnFVwatv_W8dteemS2qJND4wi3TsMG2WNGrdLgjlbijaSz5sk_6Tad1hKoWmpD8m--nd5Tbmcw5qRpjiFSC8PI_2ilgsCxvWJ_1l2rxYxqLF41h3IPr9T_yYlMTVf0p49nHDoJju0V99WbzkCdTrX1UXU8G8Z2nrOG3hVsA1E_FDFqWNLKFBp23oTn5U9_jqhYJRteoXqz_rrXjL2yUALI4w8ta8grGpFonkCdO0lhxHsyhJPJ0hC04mdHT_zZPngK4fguhMvvUzWLC3FAXkEO1Y74ePIEEGDOiBmzmiTnyrivBT3_QZyoD7a4s0wEDlOvrVYFJNkUzOI7W_jHY0fJEk-YoiCYedBmwAS38Fa7yt2Z9xakQJd4gYoWJFvcibGh1hZjiOyF3FCIVUvEi9bjX2ae-3SWC_MfDQdiCPoppjPFxLwjF7OvA4TC_W8eSrAoIABBTejwkYEnFIy35YyXy-59A_vsKJdzAmsHX4kZwYgFPN6pwQ4uR31d9piahiDbszQ37qArhPTaeY4bwtCBiw44ygjJdY3e_ySsMvGHtwcs6da-8AcLDouymlXSVJJ_bmvefeq3muzv_10go14NCvhCqzGpUgzcN-adMrgL6UaoAPcuXhrRiSFZeSs5Vnp2uEu7MbzDTFHCvMhu9Oz5bCHJ7jdvGC2sDAps17s1r-qySa1Pt0Z-CFCCnDC9vONcWZnD1twJrr0yLxHR6iMV9wLwe8K5i9LzZXhpv5--d6hmKKgtLQMCtlUOkEIXQJ-XlU0_9xYSvueJy3Z_MK_SDIKSG1XTNCxdi3DQRMjSA9Cbsdjp-ONkspBlyymf85EBNwFXPK4_dldaC0SLwJKnDSoMiLwkZDkNY4xFs%26sp%3D0.0048&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=1946672005&pid=0&site=4692&sc=NO&usage_type=DCH&subid=562949385&sid=0&cid=12774&price=0&is_cpm=1&cpm=0.0048&ecpm=0.0048&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=a.focusde.info&hostname=auc-banner-hz-7&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=4692&utm_campaign=19775&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=&min_cpm=0.0001&placement_type_id=-1&skin_test=&verify_hash=&score=1&ml=&ttl=&space_id=859&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=&url=%2F%2Fin16.zog.link%2Fin%2Ftishow%2F%3Fkatds_ep%3DrGEfwgwiPCVKUm9BdtaSf4v_CLaRulkmwBV9tev7TQRuqM1T6xy60Zyls-ppNv7EnoCDz76bNUHqgr_I5cn7QjGj8H8Y4WGrDYMIYSSpyxTVt3ZMGi8whtIFIE6PagngMocQrLBagnUrAeQnox8159lBMXYE9zRX2FPdDtZbrxPSqe3Wdbe67dmqjGErCloa-tlPSW31B0pA3-350n_4pipxlZ3mfJvwoOMd2OnltGm5gT5v77B6gsJi5jk0oeia6gyvA_OieVFq3g_1X7h5WvWXrZvgNKqyiXw3m8cXvaCqghOPep9FICz6a6X36ArH8wU5s81h9ueKJYlpCmp8wmZKb_Ca_hks8P5hUlaqETXxU9LycnhB13AV4TtJx1-JkBqFR_P6izOZVv9XJ7N9SuqzsoQBWNE-oJgUFVPySTnVNlY4qDadWLrv3HIac8PS2NUwjtgoBLT8ExSDDyYpeUzAIBtC6zbxAcgAM-q6ICJpjAeKvRab2C_MCs1jVZXoLT2zTiexpTXS1BMCccM3iHs472Mfh5fQg0sEU_mEy5fkUBxgzIslWaV5cOkhGlniDEoNo3iSEHWKGRG_ZgDvKS0mKMjVmqS-nMDySBTI8cKjzJYY_yx75s_0drqHnS8gJLfpkutMpPljDDOPAIN8SxNdNJhOUxT7RGnk_zDCho1lMVt9axruqp-mlMmMgpb1gkc6nDTrvLIewuRqH5dFVBD2PKJ8guSa3mGujECQMmyy022vbbI_zO7Yi393E6Yd9IAeV8mP7INdyIqm1ChoRETzy2-P_jpL_dIOJYC8u3wXvP4j4IEQOL3zHC9SDQIAZsrdPmLeB5xfUNBuksUDMYv8YRDSF-egHJTJTy7bgDMZ50TUO_oCvte6y9GSBZDA6nMEP5kOXLEy4yTYyUrcsPIR8MukGoY58XsBokaQK7sug5ZBdwzHe_NI48H0_G3AnNBgh0j7gjyeEvoZY0W8-JRXxhbhxtyxs9s7FiDlkbN-KOjn6qLCWk_w77oTZDGwo9bXLMSPNCU-FB3lxws3Gew_hWQM4q-ZEEuCv-3OI6m8BcmuYaE_0bFL7Z_XOApphw1iDV2Xhk2mOk2_xLiCwrd1wlFYCj1uLYb8gHvDKEACy6FxYT3W0DAjfLV97sjDdz2hNoSqHLZ3-Oob-KlU6VLsya14HiJLG2MmKN9F-BKVlnFVwatv_W8dteemS2qJND4wi3TsMG2WNGrdLgjlbijaSz5sk_6Tad1hKoWmpD8m--nd5Tbmcw5qRpjiFSC8PI_2ilgsCxvWJ_1l2rxYxqLF41h3IPr9T_yYlMTVf0p49nHDoJju0V99WbzkCdTrX1UXU8G8Z2nrOG3hVsA1E_FDFqWNLKFBp23oTn5U9_jqhYJRteoXqz_rrXjL2yUALI4w8ta8grGpFonkCdO0lhxHsyhJPJ0hC04mdHT_zZPngK4fguhMvvUzWLC3FAXkEO1Y74ePIEEGDOiBmzmiTnyrivBT3_QZyoD7a4s0wEDlOvrVYFJNkUzOI7W_jHY0fJEk-YoiCYedBmwAS38Fa7yt2Z9xakQJd4gYoWJFvcibGh1hZjiOyF3FCIVUvEi9bjX2ae-3SWC_MfDQdiCPoppjPFxLwjF7OvA4TC_W8eSrAoIABBTejwkYEnFIy35YyXy-59A_vsKJdzAmsHX4kZwYgFPN6pwQ4uR31d9piahiDbszQ37qArhPTaeY4bwtCBiw44ygjJdY3e_ySsMvGHtwcs6da-8AcLDouymlXSVJJ_bmvefeq3muzv_10go14NCvhCqzGpUgzcN-adMrgL6UaoAPcuXhrRiSFZeSs5Vnp2uEu7MbzDTFHCvMhu9Oz5bCHJ7jdvGC2sDAps17s1r-qySa1Pt0Z-CFCCnDC9vONcWZnD1twJrr0yLxHR6iMV9wLwe8K5i9LzZXhpv5--d6hmKKgtLQMCtlUOkEIXQJ-XlU0_9xYSvueJy3Z_MK_SDIKSG1XTNCxdi3DQRMjSA9Cbsdjp-ONkspBlyymf85EBNwFXPK4_dldaC0SLwJKnDSoMiLwkZDkNY4xFs%26sp%3D0.0048&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem= HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbbnr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Tue, 06 Sep 2022 06:54:00 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: //in16.zog.link/in/tishow/?katds_ep=rGEfwgwiPCVKUm9BdtaSf4v_CLaRulkmwBV9tev7TQRuqM1T6xy60Zyls-ppNv7EnoCDz76bNUHqgr_I5cn7QjGj8H8Y4WGrDYMIYSSpyxTVt3ZMGi8whtIFIE6PagngMocQrLBagnUrAeQnox8159lBMXYE9zRX2FPdDtZbrxPSqe3Wdbe67dmqjGErCloa-tlPSW31B0pA3-350n_4pipxlZ3mfJvwoOMd2OnltGm5gT5v77B6gsJi5jk0oeia6gyvA_OieVFq3g_1X7h5WvWXrZvgNKqyiXw3m8cXvaCqghOPep9FICz6a6X36ArH8wU5s81h9ueKJYlpCmp8wmZKb_Ca_hks8P5hUlaqETXxU9LycnhB13AV4TtJx1-JkBqFR_P6izOZVv9XJ7N9SuqzsoQBWNE-oJgUFVPySTnVNlY4qDadWLrv3HIac8PS2NUwjtgoBLT8ExSDDyYpeUzAIBtC6zbxAcgAM-q6ICJpjAeKvRab2C_MCs1jVZXoLT2zTiexpTXS1BMCccM3iHs472Mfh5fQg0sEU_mEy5fkUBxgzIslWaV5cOkhGlniDEoNo3iSEHWKGRG_ZgDvKS0mKMjVmqS-nMDySBTI8cKjzJYY_yx75s_0drqHnS8gJLfpkutMpPljDDOPAIN8SxNdNJhOUxT7RGnk_zDCho1lMVt9axruqp-mlMmMgpb1gkc6nDTrvLIewuRqH5dFVBD2PKJ8guSa3mGujECQMmyy022vbbI_zO7Yi393E6Yd9IAeV8mP7INdyIqm1ChoRETzy2-P_jpL_dIOJYC8u3wXvP4j4IEQOL3zHC9SDQIAZsrdPmLeB5xfUNBuksUDMYv8YRDSF-egHJTJTy7bgDMZ50TUO_oCvte6y9GSBZDA6nMEP5kOXLEy4yTYyUrcsPIR8MukGoY58XsBokaQK7sug5ZBdwzHe_NI48H0_G3AnNBgh0j7gjyeEvoZY0W8-JRXxhbhxtyxs9s7FiDlkbN-KOjn6qLCWk_w77oTZDGwo9bXLMSPNCU-FB3lxws3Gew_hWQM4q-ZEEuCv-3OI6m8BcmuYaE_0bFL7Z_XOApphw1iDV2Xhk2mOk2_xLiCwrd1wlFYCj1uLYb8gHvDKEACy6FxYT3W0DAjfLV97sjDdz2hNoSqHLZ3-Oob-KlU6VLsya14HiJLG2MmKN9F-BKVlnFVwatv_W8dteemS2qJND4wi3TsMG2WNGrdLgjlbijaSz5sk_6Tad1hKoWmpD8m--nd5Tbmcw5qRpjiFSC8PI_2ilgsCxvWJ_1l2rxYxqLF41h3IPr9T_yYlMTVf0p49nHDoJju0V99WbzkCdTrX1UXU8G8Z2nrOG3hVsA1E_FDFqWNLKFBp23oTn5U9_jqhYJRteoXqz_rrXjL2yUALI4w8ta8grGpFonkCdO0lhxHsyhJPJ0hC04mdHT_zZPngK4fguhMvvUzWLC3FAXkEO1Y74ePIEEGDOiBmzmiTnyrivBT3_QZyoD7a4s0wEDlOvrVYFJNkUzOI7W_jHY0fJEk-YoiCYedBmwAS38Fa7yt2Z9xakQJd4gYoWJFvcibGh1hZjiOyF3FCIVUvEi9bjX2ae-3SWC_MfDQdiCPoppjPFxLwjF7OvA4TC_W8eSrAoIABBTejwkYEnFIy35YyXy-59A_vsKJdzAmsHX4kZwYgFPN6pwQ4uR31d9piahiDbszQ37qArhPTaeY4bwtCBiw44ygjJdY3e_ySsMvGHtwcs6da-8AcLDouymlXSVJJ_bmvefeq3muzv_10go14NCvhCqzGpUgzcN-adMrgL6UaoAPcuXhrRiSFZeSs5Vnp2uEu7MbzDTFHCvMhu9Oz5bCHJ7jdvGC2sDAps17s1r-qySa1Pt0Z-CFCCnDC9vONcWZnD1twJrr0yLxHR6iMV9wLwe8K5i9LzZXhpv5--d6hmKKgtLQMCtlUOkEIXQJ-XlU0_9xYSvueJy3Z_MK_SDIKSG1XTNCxdi3DQRMjSA9Cbsdjp-ONkspBlyymf85EBNwFXPK4_dldaC0SLwJKnDSoMiLwkZDkNY4xFs&sp=0.0048
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 01b61129dc4e1618464944f9f7771f3f
b788c3d9ca291be1394b9bc33a199589f7b21731
a38a15bfcc85ef688470cad4c86696466b6d1538b06c5c2e7c95d41959c2a47d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A38A15BFCC85EF688470CAD4C86696466B6D1538B06C5C2E7C95D41959C2A47D"
Last-Modified: Mon, 05 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12405
Expires: Tue, 06 Sep 2022 10:20:45 GMT
Date: Tue, 06 Sep 2022 06:54:00 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=b516671c-cecc-4c6b-a5c4-e84416182a16&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
192.243.61.227200 OK 1.3 kB URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=b516671c-cecc-4c6b-a5c4-e84416182a16&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash 25b154660ae6ec2582656716fe2dad97
b1a22ae0c393e3518d49fe7e49ed37d071e35bbc
a7187e6387bc0cae2ba1e0ab04f15323468c6c78818d210c15e4212811719ba4
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=b516671c-cecc-4c6b-a5c4-e84416182a16&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 06 Sep 2022 06:54:00 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9639dc91d2ef33c55811a4b5484a6bdc
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=b516671c-cecc-4c6b-a5c4-e84416182a16&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=b516671c-cecc-4c6b-a5c4-e84416182a16&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=b516671c-cecc-4c6b-a5c4-e84416182a16&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 06 Sep 2022 06:54:00 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 74e5dbdcd65eb7d3fc6d60e9cf4a8444
Strict-Transport-Security: max-age=0; includeSubdomains
in16.zog.link/in/tishow/?katds_ep=rGEfwgwiPCVKUm9BdtaSf4v_CLaRulkmwBV9tev7TQRuqM1T6xy60Zyls-ppNv7EnoCDz76bNUHqgr_I5cn7QjGj8H8Y4WGrDYMIYSSpyxTVt3ZMGi8whtIFIE6PagngMocQrLBagnUrAeQnox8159lBMXYE9zRX2FPdDtZbrxPSqe3Wdbe67dmqjGErCloa-tlPSW31B0pA3-350n_4pipxlZ3mfJvwoOMd2OnltGm5gT5v77B6gsJi5jk0oeia6gyvA_OieVFq3g_1X7h5WvWXrZvgNKqyiXw3m8cXvaCqghOPep9FICz6a6X36ArH8wU5s81h9ueKJYlpCmp8wmZKb_Ca_hks8P5hUlaqETXxU9LycnhB13AV4TtJx1-JkBqFR_P6izOZVv9XJ7N9SuqzsoQBWNE-oJgUFVPySTnVNlY4qDadWLrv3HIac8PS2NUwjtgoBLT8ExSDDyYpeUzAIBtC6zbxAcgAM-q6ICJpjAeKvRab2C_MCs1jVZXoLT2zTiexpTXS1BMCccM3iHs472Mfh5fQg0sEU_mEy5fkUBxgzIslWaV5cOkhGlniDEoNo3iSEHWKGRG_ZgDvKS0mKMjVmqS-nMDySBTI8cKjzJYY_yx75s_0drqHnS8gJLfpkutMpPljDDOPAIN8SxNdNJhOUxT7RGnk_zDCho1lMVt9axruqp-mlMmMgpb1gkc6nDTrvLIewuRqH5dFVBD2PKJ8guSa3mGujECQMmyy022vbbI_zO7Yi393E6Yd9IAeV8mP7INdyIqm1ChoRETzy2-P_jpL_dIOJYC8u3wXvP4j4IEQOL3zHC9SDQIAZsrdPmLeB5xfUNBuksUDMYv8YRDSF-egHJTJTy7bgDMZ50TUO_oCvte6y9GSBZDA6nMEP5kOXLEy4yTYyUrcsPIR8MukGoY58XsBokaQK7sug5ZBdwzHe_NI48H0_G3AnNBgh0j7gjyeEvoZY0W8-JRXxhbhxtyxs9s7FiDlkbN-KOjn6qLCWk_w77oTZDGwo9bXLMSPNCU-FB3lxws3Gew_hWQM4q-ZEEuCv-3OI6m8BcmuYaE_0bFL7Z_XOApphw1iDV2Xhk2mOk2_xLiCwrd1wlFYCj1uLYb8gHvDKEACy6FxYT3W0DAjfLV97sjDdz2hNoSqHLZ3-Oob-KlU6VLsya14HiJLG2MmKN9F-BKVlnFVwatv_W8dteemS2qJND4wi3TsMG2WNGrdLgjlbijaSz5sk_6Tad1hKoWmpD8m--nd5Tbmcw5qRpjiFSC8PI_2ilgsCxvWJ_1l2rxYxqLF41h3IPr9T_yYlMTVf0p49nHDoJju0V99WbzkCdTrX1UXU8G8Z2nrOG3hVsA1E_FDFqWNLKFBp23oTn5U9_jqhYJRteoXqz_rrXjL2yUALI4w8ta8grGpFonkCdO0lhxHsyhJPJ0hC04mdHT_zZPngK4fguhMvvUzWLC3FAXkEO1Y74ePIEEGDOiBmzmiTnyrivBT3_QZyoD7a4s0wEDlOvrVYFJNkUzOI7W_jHY0fJEk-YoiCYedBmwAS38Fa7yt2Z9xakQJd4gYoWJFvcibGh1hZjiOyF3FCIVUvEi9bjX2ae-3SWC_MfDQdiCPoppjPFxLwjF7OvA4TC_W8eSrAoIABBTejwkYEnFIy35YyXy-59A_vsKJdzAmsHX4kZwYgFPN6pwQ4uR31d9piahiDbszQ37qArhPTaeY4bwtCBiw44ygjJdY3e_ySsMvGHtwcs6da-8AcLDouymlXSVJJ_bmvefeq3muzv_10go14NCvhCqzGpUgzcN-adMrgL6UaoAPcuXhrRiSFZeSs5Vnp2uEu7MbzDTFHCvMhu9Oz5bCHJ7jdvGC2sDAps17s1r-qySa1Pt0Z-CFCCnDC9vONcWZnD1twJrr0yLxHR6iMV9wLwe8K5i9LzZXhpv5--d6hmKKgtLQMCtlUOkEIXQJ-XlU0_9xYSvueJy3Z_MK_SDIKSG1XTNCxdi3DQRMjSA9Cbsdjp-ONkspBlyymf85EBNwFXPK4_dldaC0SLwJKnDSoMiLwkZDkNY4xFs&sp=0.0048
109.206.163.116302 Found 0 B URL HTTP/2 in16.zog.link/in/tishow/?katds_ep=rGEfwgwiPCVKUm9BdtaSf4v_CLaRulkmwBV9tev7TQRuqM1T6xy60Zyls-ppNv7EnoCDz76bNUHqgr_I5cn7QjGj8H8Y4WGrDYMIYSSpyxTVt3ZMGi8whtIFIE6PagngMocQrLBagnUrAeQnox8159lBMXYE9zRX2FPdDtZbrxPSqe3Wdbe67dmqjGErCloa-tlPSW31B0pA3-350n_4pipxlZ3mfJvwoOMd2OnltGm5gT5v77B6gsJi5jk0oeia6gyvA_OieVFq3g_1X7h5WvWXrZvgNKqyiXw3m8cXvaCqghOPep9FICz6a6X36ArH8wU5s81h9ueKJYlpCmp8wmZKb_Ca_hks8P5hUlaqETXxU9LycnhB13AV4TtJx1-JkBqFR_P6izOZVv9XJ7N9SuqzsoQBWNE-oJgUFVPySTnVNlY4qDadWLrv3HIac8PS2NUwjtgoBLT8ExSDDyYpeUzAIBtC6zbxAcgAM-q6ICJpjAeKvRab2C_MCs1jVZXoLT2zTiexpTXS1BMCccM3iHs472Mfh5fQg0sEU_mEy5fkUBxgzIslWaV5cOkhGlniDEoNo3iSEHWKGRG_ZgDvKS0mKMjVmqS-nMDySBTI8cKjzJYY_yx75s_0drqHnS8gJLfpkutMpPljDDOPAIN8SxNdNJhOUxT7RGnk_zDCho1lMVt9axruqp-mlMmMgpb1gkc6nDTrvLIewuRqH5dFVBD2PKJ8guSa3mGujECQMmyy022vbbI_zO7Yi393E6Yd9IAeV8mP7INdyIqm1ChoRETzy2-P_jpL_dIOJYC8u3wXvP4j4IEQOL3zHC9SDQIAZsrdPmLeB5xfUNBuksUDMYv8YRDSF-egHJTJTy7bgDMZ50TUO_oCvte6y9GSBZDA6nMEP5kOXLEy4yTYyUrcsPIR8MukGoY58XsBokaQK7sug5ZBdwzHe_NI48H0_G3AnNBgh0j7gjyeEvoZY0W8-JRXxhbhxtyxs9s7FiDlkbN-KOjn6qLCWk_w77oTZDGwo9bXLMSPNCU-FB3lxws3Gew_hWQM4q-ZEEuCv-3OI6m8BcmuYaE_0bFL7Z_XOApphw1iDV2Xhk2mOk2_xLiCwrd1wlFYCj1uLYb8gHvDKEACy6FxYT3W0DAjfLV97sjDdz2hNoSqHLZ3-Oob-KlU6VLsya14HiJLG2MmKN9F-BKVlnFVwatv_W8dteemS2qJND4wi3TsMG2WNGrdLgjlbijaSz5sk_6Tad1hKoWmpD8m--nd5Tbmcw5qRpjiFSC8PI_2ilgsCxvWJ_1l2rxYxqLF41h3IPr9T_yYlMTVf0p49nHDoJju0V99WbzkCdTrX1UXU8G8Z2nrOG3hVsA1E_FDFqWNLKFBp23oTn5U9_jqhYJRteoXqz_rrXjL2yUALI4w8ta8grGpFonkCdO0lhxHsyhJPJ0hC04mdHT_zZPngK4fguhMvvUzWLC3FAXkEO1Y74ePIEEGDOiBmzmiTnyrivBT3_QZyoD7a4s0wEDlOvrVYFJNkUzOI7W_jHY0fJEk-YoiCYedBmwAS38Fa7yt2Z9xakQJd4gYoWJFvcibGh1hZjiOyF3FCIVUvEi9bjX2ae-3SWC_MfDQdiCPoppjPFxLwjF7OvA4TC_W8eSrAoIABBTejwkYEnFIy35YyXy-59A_vsKJdzAmsHX4kZwYgFPN6pwQ4uR31d9piahiDbszQ37qArhPTaeY4bwtCBiw44ygjJdY3e_ySsMvGHtwcs6da-8AcLDouymlXSVJJ_bmvefeq3muzv_10go14NCvhCqzGpUgzcN-adMrgL6UaoAPcuXhrRiSFZeSs5Vnp2uEu7MbzDTFHCvMhu9Oz5bCHJ7jdvGC2sDAps17s1r-qySa1Pt0Z-CFCCnDC9vONcWZnD1twJrr0yLxHR6iMV9wLwe8K5i9LzZXhpv5--d6hmKKgtLQMCtlUOkEIXQJ-XlU0_9xYSvueJy3Z_MK_SDIKSG1XTNCxdi3DQRMjSA9Cbsdjp-ONkspBlyymf85EBNwFXPK4_dldaC0SLwJKnDSoMiLwkZDkNY4xFs&sp=0.0048
IP 109.206.163.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/tishow/?katds_ep=rGEfwgwiPCVKUm9BdtaSf4v_CLaRulkmwBV9tev7TQRuqM1T6xy60Zyls-ppNv7EnoCDz76bNUHqgr_I5cn7QjGj8H8Y4WGrDYMIYSSpyxTVt3ZMGi8whtIFIE6PagngMocQrLBagnUrAeQnox8159lBMXYE9zRX2FPdDtZbrxPSqe3Wdbe67dmqjGErCloa-tlPSW31B0pA3-350n_4pipxlZ3mfJvwoOMd2OnltGm5gT5v77B6gsJi5jk0oeia6gyvA_OieVFq3g_1X7h5WvWXrZvgNKqyiXw3m8cXvaCqghOPep9FICz6a6X36ArH8wU5s81h9ueKJYlpCmp8wmZKb_Ca_hks8P5hUlaqETXxU9LycnhB13AV4TtJx1-JkBqFR_P6izOZVv9XJ7N9SuqzsoQBWNE-oJgUFVPySTnVNlY4qDadWLrv3HIac8PS2NUwjtgoBLT8ExSDDyYpeUzAIBtC6zbxAcgAM-q6ICJpjAeKvRab2C_MCs1jVZXoLT2zTiexpTXS1BMCccM3iHs472Mfh5fQg0sEU_mEy5fkUBxgzIslWaV5cOkhGlniDEoNo3iSEHWKGRG_ZgDvKS0mKMjVmqS-nMDySBTI8cKjzJYY_yx75s_0drqHnS8gJLfpkutMpPljDDOPAIN8SxNdNJhOUxT7RGnk_zDCho1lMVt9axruqp-mlMmMgpb1gkc6nDTrvLIewuRqH5dFVBD2PKJ8guSa3mGujECQMmyy022vbbI_zO7Yi393E6Yd9IAeV8mP7INdyIqm1ChoRETzy2-P_jpL_dIOJYC8u3wXvP4j4IEQOL3zHC9SDQIAZsrdPmLeB5xfUNBuksUDMYv8YRDSF-egHJTJTy7bgDMZ50TUO_oCvte6y9GSBZDA6nMEP5kOXLEy4yTYyUrcsPIR8MukGoY58XsBokaQK7sug5ZBdwzHe_NI48H0_G3AnNBgh0j7gjyeEvoZY0W8-JRXxhbhxtyxs9s7FiDlkbN-KOjn6qLCWk_w77oTZDGwo9bXLMSPNCU-FB3lxws3Gew_hWQM4q-ZEEuCv-3OI6m8BcmuYaE_0bFL7Z_XOApphw1iDV2Xhk2mOk2_xLiCwrd1wlFYCj1uLYb8gHvDKEACy6FxYT3W0DAjfLV97sjDdz2hNoSqHLZ3-Oob-KlU6VLsya14HiJLG2MmKN9F-BKVlnFVwatv_W8dteemS2qJND4wi3TsMG2WNGrdLgjlbijaSz5sk_6Tad1hKoWmpD8m--nd5Tbmcw5qRpjiFSC8PI_2ilgsCxvWJ_1l2rxYxqLF41h3IPr9T_yYlMTVf0p49nHDoJju0V99WbzkCdTrX1UXU8G8Z2nrOG3hVsA1E_FDFqWNLKFBp23oTn5U9_jqhYJRteoXqz_rrXjL2yUALI4w8ta8grGpFonkCdO0lhxHsyhJPJ0hC04mdHT_zZPngK4fguhMvvUzWLC3FAXkEO1Y74ePIEEGDOiBmzmiTnyrivBT3_QZyoD7a4s0wEDlOvrVYFJNkUzOI7W_jHY0fJEk-YoiCYedBmwAS38Fa7yt2Z9xakQJd4gYoWJFvcibGh1hZjiOyF3FCIVUvEi9bjX2ae-3SWC_MfDQdiCPoppjPFxLwjF7OvA4TC_W8eSrAoIABBTejwkYEnFIy35YyXy-59A_vsKJdzAmsHX4kZwYgFPN6pwQ4uR31d9piahiDbszQ37qArhPTaeY4bwtCBiw44ygjJdY3e_ySsMvGHtwcs6da-8AcLDouymlXSVJJ_bmvefeq3muzv_10go14NCvhCqzGpUgzcN-adMrgL6UaoAPcuXhrRiSFZeSs5Vnp2uEu7MbzDTFHCvMhu9Oz5bCHJ7jdvGC2sDAps17s1r-qySa1Pt0Z-CFCCnDC9vONcWZnD1twJrr0yLxHR6iMV9wLwe8K5i9LzZXhpv5--d6hmKKgtLQMCtlUOkEIXQJ-XlU0_9xYSvueJy3Z_MK_SDIKSG1XTNCxdi3DQRMjSA9Cbsdjp-ONkspBlyymf85EBNwFXPK4_dldaC0SLwJKnDSoMiLwkZDkNY4xFs&sp=0.0048 HTTP/1.1
Host: in16.zog.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbbnr.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Tue, 06 Sep 2022 06:54:00 GMT
content-length: 0
location: https://12112336.pix-cdn.org/m/p/0/11/11508/yPndOg0m.html?__OS_FAMILY__={{ __OS_FAMILY__ }}&__OS_TYPE__={{ __OS_TYPE__ }}&__GEOIP_COUNTRY_SHORT__={{ __GEOIP_COUNTRY_SHORT__ }}&__IP2L_MOBILE__={{ __IP2L_MOBILE__ }}&__BROWSER_FAMILY__={{ __BROWSER_FAMILY__ }}&OS_FAMILY=[OS_FAMILY]&OS_TYPE=[OS_TYPE]&COUNTRY_ISO_CODE=[COUNTRY_ISO_CODE]&MOBILE_BRAND=[MOBILE_BRAND]&BROWSER_FAMILY=[BROWSER_FAMILY]&DOMAIN=a.focusde.info&PRICE=0.0050&PRICING_MODEL=[PRICING_MODEL]&CAMPAIGN_ID=6435&CLICK_ID=2d984f9d-7ea6-46ff-8713-ddc1f6f35f2c&id_zone=[idzone]&site={{ site }}&out_name=37319%7C4317%7Ccpm%7C0.0048%7C%24%200.0050&campaign_id=37319&price=0.0050&bidding_price=0.0048&pricebox_price=0.0200&pricing_model=cpm&click_id=2d984f9d-7ea6-46ff-8713-ddc1f6f35f2c&priority=[PRIORITY]&ad_sub=173501021&utm1=tcb&utm2=878669509-100&utm3=249-6435-14933&utm4=0-10346131-0
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 2325.0=1; expires=Wed, 07 Sep 2022 06:54:00 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4f5e2bc0dce5ff5d8010e200ade9ee06
f64593c774949732244e82776d7a5c7a4930e604
169706feaecf7716133a05df1267a080fa18304f017ed3fe4c80e33077bb56c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "169706FEAECF7716133A05DF1267A080FA18304F017ED3FE4C80E33077BB56C2"
Last-Modified: Sun, 04 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5389
Expires: Tue, 06 Sep 2022 08:23:49 GMT
Date: Tue, 06 Sep 2022 06:54:00 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 6974f1f6cbc2108e5de0646e66bcac14
c4bb058f22e2194f42d8b8910ee5eadd2c8c674c
201f676ea4a98f2b98a0d893a3b28fe7b6f8a6da88a8b01edb255b17591bfd10
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:54:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 15:56:20 GMT
Expires: Sat, 10 Sep 2022 15:56:19 GMT
Etag: "c4bb058f22e2194f42d8b8910ee5eadd2c8c674c"
Cache-Control: max-age=377538,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74654a767ef80b41-OSL
tsyndicate.com/iframes2/81050e2dae874825b1263242bcb82944.html?
162.55.130.248200 OK 5.3 kB URL HTTP/2 tsyndicate.com/iframes2/81050e2dae874825b1263242bcb82944.html?
IP 162.55.130.248:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3740)
Hash b4cc6cf9bcab25b371dde81964bbdf1a
d3e136bc64b8378d94bd7d49ffdaf6c59b4f81cd
f60f80ab1a413df5f62c1d3d520c2d317f7fc756da5b4e489384088570aede67
GET /iframes2/81050e2dae874825b1263242bcb82944.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:54:00 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 1de3d5c1795c39aa
set-cookie: ts_uid=dff38f48-37f4-46ec-a234-4689538f758a; expires=Mon, 06 Mar 2023 06:54:00 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsCGjRkOFMLr0URAQ; expires=Wed, 07 Sep 2022 06:54:00 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
12112336.pix-cdn.org/m/p/0/11/11508/yPndOg0m.html?__OS_FAMILY__={{%20__OS_FAMILY__%20}}&__OS_TYPE__={{%20__OS_TYPE__%20}}&__GEOIP_COUNTRY_SHORT__={{%20__GEOIP_COUNTRY_SHORT__%20}}&__IP2L_MOBILE__={{%20__IP2L_MOBILE__%20}}&__BROWSER_FAMILY__={{%20__BROWSER_FAMILY__%20}}&OS_FAMILY=[OS_FAMILY]&OS_TYPE=[OS_TYPE]&COUNTRY_ISO_CODE=[COUNTRY_ISO_CODE]&MOBILE_BRAND=[MOBILE_BRAND]&BROWSER_FAMILY=[BROWSER_FAMILY]&DOMAIN=a.focusde.info&PRICE=0.0050&PRICING_MODEL=[PRICING_MODEL]&CAMPAIGN_ID=6435&CLICK_ID=2d984f9d-7ea6-46ff-8713-ddc1f6f35f2c&id_zone=[idzone]&site={{%20site%20}}&out_name=37319%7C4317%7Ccpm%7C0.0048%7C%24%200.0050&campaign_id=37319&price=0.0050&bidding_price=0.0048&pricebox_price=0.0200&pricing_model=cpm&click_id=2d984f9d-7ea6-46ff-8713-ddc1f6f35f2c&priority=[PRIORITY]&ad_sub=173501021&utm1=tcb&utm2=878669509-100&utm3=249-6435-14933&utm4=0-10346131-0
45.133.44.25200 OK 5.5 kB URL HTTP/2 12112336.pix-cdn.org/m/p/0/11/11508/yPndOg0m.html?__OS_FAMILY__={{%20__OS_FAMILY__%20}}&__OS_TYPE__={{%20__OS_TYPE__%20}}&__GEOIP_COUNTRY_SHORT__={{%20__GEOIP_COUNTRY_SHORT__%20}}&__IP2L_MOBILE__={{%20__IP2L_MOBILE__%20}}&__BROWSER_FAMILY__={{%20__BROWSER_FAMILY__%20}}&OS_FAMILY=[OS_FAMILY]&OS_TYPE=[OS_TYPE]&COUNTRY_ISO_CODE=[COUNTRY_ISO_CODE]&MOBILE_BRAND=[MOBILE_BRAND]&BROWSER_FAMILY=[BROWSER_FAMILY]&DOMAIN=a.focusde.info&PRICE=0.0050&PRICING_MODEL=[PRICING_MODEL]&CAMPAIGN_ID=6435&CLICK_ID=2d984f9d-7ea6-46ff-8713-ddc1f6f35f2c&id_zone=[idzone]&site={{%20site%20}}&out_name=37319%7C4317%7Ccpm%7C0.0048%7C%24%200.0050&campaign_id=37319&price=0.0050&bidding_price=0.0048&pricebox_price=0.0200&pricing_model=cpm&click_id=2d984f9d-7ea6-46ff-8713-ddc1f6f35f2c&priority=[PRIORITY]&ad_sub=173501021&utm1=tcb&utm2=878669509-100&utm3=249-6435-14933&utm4=0-10346131-0
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash 0286134d54d6725a689c8ae23e5f50ce
f148fd962bf6d29955ecf334fea85fd33dae1a5f
a659c4ecaecac10e30a7bb5f9d7daf174dcd23a9873121b6d7f6f1293b21b513
GET /m/p/0/11/11508/yPndOg0m.html?__OS_FAMILY__={{%20__OS_FAMILY__%20}}&__OS_TYPE__={{%20__OS_TYPE__%20}}&__GEOIP_COUNTRY_SHORT__={{%20__GEOIP_COUNTRY_SHORT__%20}}&__IP2L_MOBILE__={{%20__IP2L_MOBILE__%20}}&__BROWSER_FAMILY__={{%20__BROWSER_FAMILY__%20}}&OS_FAMILY=[OS_FAMILY]&OS_TYPE=[OS_TYPE]&COUNTRY_ISO_CODE=[COUNTRY_ISO_CODE]&MOBILE_BRAND=[MOBILE_BRAND]&BROWSER_FAMILY=[BROWSER_FAMILY]&DOMAIN=a.focusde.info&PRICE=0.0050&PRICING_MODEL=[PRICING_MODEL]&CAMPAIGN_ID=6435&CLICK_ID=2d984f9d-7ea6-46ff-8713-ddc1f6f35f2c&id_zone=[idzone]&site={{%20site%20}}&out_name=37319%7C4317%7Ccpm%7C0.0048%7C%24%200.0050&campaign_id=37319&price=0.0050&bidding_price=0.0048&pricebox_price=0.0200&pricing_model=cpm&click_id=2d984f9d-7ea6-46ff-8713-ddc1f6f35f2c&priority=[PRIORITY]&ad_sub=173501021&utm1=tcb&utm2=878669509-100&utm3=249-6435-14933&utm4=0-10346131-0 HTTP/1.1
Host: 12112336.pix-cdn.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbbnr.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:00 GMT
content-type: text/html; charset=utf-8
server: nginx/1.12.2
last-modified: Wed, 02 Sep 2020 10:48:37 GMT
etag: W/"5f4f7885-7e9"
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: MISS
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash cf56b10c37f3eec901a1cb8db4328984
910eb2b8bffee32864aeb3fe3cae5bf78b4d2259
d0ff96d7eb62ef17bb0ebe61052de6032f2f6181c820fd98e485848fed65ffd2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5844
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:54:00 GMT
Last-Modified: Tue, 06 Sep 2022 05:16:36 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 314
in16.zog.link/in/show/?__OS_FAMILY__=%7B%7B%20__OS_FAMILY__%20%7D%7D&__OS_TYPE__=%7B%7B%20__OS_TYPE__%20%7D%7D&__GEOIP_COUNTRY_SHORT__=%7B%7B%20__GEOIP_COUNTRY_SHORT__%20%7D%7D&__IP2L_MOBILE__=%7B%7B%20__IP2L_MOBILE__%20%7D%7D&__BROWSER_FAMILY__=%7B%7B%20__BROWSER_FAMILY__%20%7D%7D&OS_FAMILY=%5BOS_FAMILY%5D&OS_TYPE=%5BOS_TYPE%5D&COUNTRY_ISO_CODE=%5BCOUNTRY_ISO_CODE%5D&MOBILE_BRAND=%5BMOBILE_BRAND%5D&BROWSER_FAMILY=%5BBROWSER_FAMILY%5D&DOMAIN=a.focusde.info&PRICE=0.0050&PRICING_MODEL=%5BPRICING_MODEL%5D&CAMPAIGN_ID=6435&CLICK_ID=2d984f9d-7ea6-46ff-8713-ddc1f6f35f2c&id_zone=%5Bidzone%5D&site=%7B%7B%20site%20%7D%7D&out_name=37319%7C4317%7Ccpm%7C0.0048%7C%24%200.0050&campaign_id=37319&price=0.0050&bidding_price=0.0048&pricebox_price=0.0200&pricing_model=cpm&click_id=2d984f9d-7ea6-46ff-8713-ddc1f6f35f2c&priority=%5BPRIORITY%5D&ad_sub=173501021&utm1=tcb&utm2=878669509-100&utm3=249-6435-14933&utm4=0-10346131-0&banner_id=4190&banner_creative_id=8920
109.206.163.116200 OK 2 B URL HTTP/2 in16.zog.link/in/show/?__OS_FAMILY__=%7B%7B%20__OS_FAMILY__%20%7D%7D&__OS_TYPE__=%7B%7B%20__OS_TYPE__%20%7D%7D&__GEOIP_COUNTRY_SHORT__=%7B%7B%20__GEOIP_COUNTRY_SHORT__%20%7D%7D&__IP2L_MOBILE__=%7B%7B%20__IP2L_MOBILE__%20%7D%7D&__BROWSER_FAMILY__=%7B%7B%20__BROWSER_FAMILY__%20%7D%7D&OS_FAMILY=%5BOS_FAMILY%5D&OS_TYPE=%5BOS_TYPE%5D&COUNTRY_ISO_CODE=%5BCOUNTRY_ISO_CODE%5D&MOBILE_BRAND=%5BMOBILE_BRAND%5D&BROWSER_FAMILY=%5BBROWSER_FAMILY%5D&DOMAIN=a.focusde.info&PRICE=0.0050&PRICING_MODEL=%5BPRICING_MODEL%5D&CAMPAIGN_ID=6435&CLICK_ID=2d984f9d-7ea6-46ff-8713-ddc1f6f35f2c&id_zone=%5Bidzone%5D&site=%7B%7B%20site%20%7D%7D&out_name=37319%7C4317%7Ccpm%7C0.0048%7C%24%200.0050&campaign_id=37319&price=0.0050&bidding_price=0.0048&pricebox_price=0.0200&pricing_model=cpm&click_id=2d984f9d-7ea6-46ff-8713-ddc1f6f35f2c&priority=%5BPRIORITY%5D&ad_sub=173501021&utm1=tcb&utm2=878669509-100&utm3=249-6435-14933&utm4=0-10346131-0&banner_id=4190&banner_creative_id=8920
IP 109.206.163.116:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /in/show/?__OS_FAMILY__=%7B%7B%20__OS_FAMILY__%20%7D%7D&__OS_TYPE__=%7B%7B%20__OS_TYPE__%20%7D%7D&__GEOIP_COUNTRY_SHORT__=%7B%7B%20__GEOIP_COUNTRY_SHORT__%20%7D%7D&__IP2L_MOBILE__=%7B%7B%20__IP2L_MOBILE__%20%7D%7D&__BROWSER_FAMILY__=%7B%7B%20__BROWSER_FAMILY__%20%7D%7D&OS_FAMILY=%5BOS_FAMILY%5D&OS_TYPE=%5BOS_TYPE%5D&COUNTRY_ISO_CODE=%5BCOUNTRY_ISO_CODE%5D&MOBILE_BRAND=%5BMOBILE_BRAND%5D&BROWSER_FAMILY=%5BBROWSER_FAMILY%5D&DOMAIN=a.focusde.info&PRICE=0.0050&PRICING_MODEL=%5BPRICING_MODEL%5D&CAMPAIGN_ID=6435&CLICK_ID=2d984f9d-7ea6-46ff-8713-ddc1f6f35f2c&id_zone=%5Bidzone%5D&site=%7B%7B%20site%20%7D%7D&out_name=37319%7C4317%7Ccpm%7C0.0048%7C%24%200.0050&campaign_id=37319&price=0.0050&bidding_price=0.0048&pricebox_price=0.0200&pricing_model=cpm&click_id=2d984f9d-7ea6-46ff-8713-ddc1f6f35f2c&priority=%5BPRIORITY%5D&ad_sub=173501021&utm1=tcb&utm2=878669509-100&utm3=249-6435-14933&utm4=0-10346131-0&banner_id=4190&banner_creative_id=8920 HTTP/1.1
Host: in16.zog.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://12112336.pix-cdn.org
Connection: keep-alive
Referer: https://12112336.pix-cdn.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 06 Sep 2022 06:54:00 GMT
content-type: application/json
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://12112336.pix-cdn.org
cache-control: no-cache, no-store, must-revalidate
set-cookie: 770.0=1; expires=Wed, 07 Sep 2022 06:54:00 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
205.185.208.20200 OK 5.0 kB URL HTTP/1.1 hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP 205.185.208.20:0
File type ASCII text, with very long lines (5027), with no line terminators
Hash 5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:54:00 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10446621
X-HW: 1662447240.dop068.sk1.t,1662447240.cds206.sk1.shn,1662447240.cds206.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
209.197.3.25200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP 209.197.3.25:0
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:54:00 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10617726
X-HW: 1662447240.dop224.sk1.t,1662447240.cds222.sk1.shn,1662447240.cds222.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/1/49/814954/1040423/1040423_logo.png
205.185.208.20200 OK 3.3 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/1/49/814954/1040423/1040423_logo.png
IP 205.185.208.20:0
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c992f93419cff2c1c149dfc70e710c6
ea1808199ce5bb59a63edea6fd39bbbf5e7511d7
ba89161f62c517bdd776996943f3e26ed2b92d749178f1c24da07c8db904e27c
GET /a7/creatives/1/49/814954/1040423/1040423_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:54:00 GMT
Connection: Keep-Alive
ETag: "1661264183"
Content-Length: 3346
Content-Type: image/png
Last-Modified: Tue, 23 Aug 2022 14:16:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10597787
X-HW: 1662447240.dop013.sk1.t,1662447240.cds264.sk1.shn,1662447240.dop013.sk1.t,1662447240.cds204.sk1.c
Access-Control-Allow-Origin: *
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XguHGDBgwzOGy0sFGDhpkWNGbYKNNCjI0cN1qQgXGjTBkxZXKU6RhGxMMwdcZknBGjzBgzHXG02EnmJI2nOVrAHBNTxhgcVmfMgBFDJwyfEMnYWfjShoyHcOqIWTgjZA0YP-HAYUtjI1wRc-BM1EGjodaXD8e0mcs3ho0bNmb8bErxoRg3bhbKQEwjsWIRbdxg1DFZZQ60mTeT7PuwToyMaOjQgTNHx4sXYVwYpKPZxZg3bV6cKUPnRQwYwGuonPGDTpo2ZXo0zCGDRo4YNGqUJMqlDnAZNsLQGdOj7-HE1a9nhyOmR2YaX4gUcTKliBE6TpBAqZNGjpE3U_JM0fJGTBMjOaixBhl53CDDF0XE8IYbWdghRBZ14KCFHm6EscQRUShRUxVIVHGDHE3gQAcWVKTBhBEwyHDFF3a0YYMcNFghxhM2nFEHHU8gQeMUNzjRghpo6JFHGW80YSEUd4RhBRtxzOBGFF-cUUUSREhRRRpgwdFGYyK8oSWXZOCWEXJkpBFbGHO8EYMLbvAG1hjaLbQFUV2gJYdQOsDgAnAViSCGGQvpGVxgWn4Bx52B7smncw_JYQdhbz1k1Jd5KpoiTKXRl1FTZrRlRl0tzHDDpyitNEYLYcgwAw2l4pCDcDggVQMOPT2UBmEiPOdCDnrSIIMLDdEAlhxf3JqRrry64CuwJYFVR086iNDEG3qkwQYbYbxQw54goIBFDDHsAAITabhRBx4g4BHSFzbQIK6jOuRgw54pgHCEUWu88YIMXPHJFQhG1FeGGW_g8YK8e76JpwhOPAHWG8SOsXDDYLGx8HpgHWTHF3KUwQZFNXCEg0o4ANfoGZFxNusND2n8hRhyLIQDDi2XsXEbb5AhWUh9kiHHG2w99IZCnNlZcB4L0dDowKipxpprL5Bppmxprtlmb2DN4WhGP9OhHcQt1OFGGnS0AMO2ZMiQ8cIHfZE2WHRsyZANZj1loEcWtaH23HXTcPfZIy_GcRl5fREn38353dxdNhvOBkJ0ED0nDXVCJMZeIhxkBlBsTISWxYEGthkMfSgQEA%3D%3D&s=4c3d321c1e3bc6c4b5d3e2e4454205a6390ccf5330d7aeb4455c0ae341e122f01662447240&w=t&r=1&d=242&priv=false
136.243.80.153200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XguHGDBgwzOGy0sFGDhpkWNGbYKNNCjI0cN1qQgXGjTBkxZXKU6RhGxMMwdcZknBGjzBgzHXG02EnmJI2nOVrAHBNTxhgcVmfMgBFDJwyfEMnYWfjShoyHcOqIWTgjZA0YP-HAYUtjI1wRc-BM1EGjodaXD8e0mcs3ho0bNmb8bErxoRg3bhbKQEwjsWIRbdxg1DFZZQ60mTeT7PuwToyMaOjQgTNHx4sXYVwYpKPZxZg3bV6cKUPnRQwYwGuonPGDTpo2ZXo0zCGDRo4YNGqUJMqlDnAZNsLQGdOj7-HE1a9nhyOmR2YaX4gUcTKliBE6TpBAqZNGjpE3U_JM0fJGTBMjOaixBhl53CDDF0XE8IYbWdghRBZ14KCFHm6EscQRUShRUxVIVHGDHE3gQAcWVKTBhBEwyHDFF3a0YYMcNFghxhM2nFEHHU8gQeMUNzjRghpo6JFHGW80YSEUd4RhBRtxzOBGFF-cUUUSREhRRRpgwdFGYyK8oSWXZOCWEXJkpBFbGHO8EYMLbvAG1hjaLbQFUV2gJYdQOsDgAnAViSCGGQvpGVxgWn4Bx52B7smncw_JYQdhbz1k1Jd5KpoiTKXRl1FTZrRlRl0tzHDDpyitNEYLYcgwAw2l4pCDcDggVQMOPT2UBmEiPOdCDnrSIIMLDdEAlhxf3JqRrry64CuwJYFVR086iNDEG3qkwQYbYbxQw54goIBFDDHsAAITabhRBx4g4BHSFzbQIK6jOuRgw54pgHCEUWu88YIMXPHJFQhG1FeGGW_g8YK8e76JpwhOPAHWG8SOsXDDYLGx8HpgHWTHF3KUwQZFNXCEg0o4ANfoGZFxNusND2n8hRhyLIQDDi2XsXEbb5AhWUh9kiHHG2w99IZCnNlZcB4L0dDowKipxpprL5Bppmxprtlmb2DN4WhGP9OhHcQt1OFGGnS0AMO2ZMiQ8cIHfZE2WHRsyZANZj1loEcWtaH23HXTcPfZIy_GcRl5fREn38353dxdNhvOBkJ0ED0nDXVCJMZeIhxkBlBsTISWxYEGthkMfSgQEA%3D%3D&s=4c3d321c1e3bc6c4b5d3e2e4454205a6390ccf5330d7aeb4455c0ae341e122f01662447240&w=t&r=1&d=242&priv=false
IP 136.243.80.153:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XguHGDBgwzOGy0sFGDhpkWNGbYKNNCjI0cN1qQgXGjTBkxZXKU6RhGxMMwdcZknBGjzBgzHXG02EnmJI2nOVrAHBNTxhgcVmfMgBFDJwyfEMnYWfjShoyHcOqIWTgjZA0YP-HAYUtjI1wRc-BM1EGjodaXD8e0mcs3ho0bNmb8bErxoRg3bhbKQEwjsWIRbdxg1DFZZQ60mTeT7PuwToyMaOjQgTNHx4sXYVwYpKPZxZg3bV6cKUPnRQwYwGuonPGDTpo2ZXo0zCGDRo4YNGqUJMqlDnAZNsLQGdOj7-HE1a9nhyOmR2YaX4gUcTKliBE6TpBAqZNGjpE3U_JM0fJGTBMjOaixBhl53CDDF0XE8IYbWdghRBZ14KCFHm6EscQRUShRUxVIVHGDHE3gQAcWVKTBhBEwyHDFF3a0YYMcNFghxhM2nFEHHU8gQeMUNzjRghpo6JFHGW80YSEUd4RhBRtxzOBGFF-cUUUSREhRRRpgwdFGYyK8oSWXZOCWEXJkpBFbGHO8EYMLbvAG1hjaLbQFUV2gJYdQOsDgAnAViSCGGQvpGVxgWn4Bx52B7smncw_JYQdhbz1k1Jd5KpoiTKXRl1FTZrRlRl0tzHDDpyitNEYLYcgwAw2l4pCDcDggVQMOPT2UBmEiPOdCDnrSIIMLDdEAlhxf3JqRrry64CuwJYFVR086iNDEG3qkwQYbYbxQw54goIBFDDHsAAITabhRBx4g4BHSFzbQIK6jOuRgw54pgHCEUWu88YIMXPHJFQhG1FeGGW_g8YK8e76JpwhOPAHWG8SOsXDDYLGx8HpgHWTHF3KUwQZFNXCEg0o4ANfoGZFxNusND2n8hRhyLIQDDi2XsXEbb5AhWUh9kiHHG2w99IZCnNlZcB4L0dDowKipxpprL5Bppmxprtlmb2DN4WhGP9OhHcQt1OFGGnS0AMO2ZMiQ8cIHfZE2WHRsyZANZj1loEcWtaH23HXTcPfZIy_GcRl5fREn38353dxdNhvOBkJ0ED0nDXVCJMZeIhxkBlBsTISWxYEGthkMfSgQEA%3D%3D&s=4c3d321c1e3bc6c4b5d3e2e4454205a6390ccf5330d7aeb4455c0ae341e122f01662447240&w=t&r=1&d=242&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=dff38f48-37f4-46ec-a234-4689538f758a; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsCGjRkOFMLr0URAQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=969388
185.94.236.247200 OK 1.4 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=969388
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 12652f1fed36d1d9e3b171f604d72dcb
999432a1f65a3cc8d43f1f6002af60193eec9cfb
d3c0ec37d1d25a8b5e4512d3ae3c634fb5293154c5267227568ecf8de1a0faad
GET /adshow.php?adzone=969388 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 06:54:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=5a5bfc2fff01bc887e8375031adf11a3; expires=Wed, 06-Sep-2023 06:54:00 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Fri, 09-Sep-2022 06:54:00 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 09-Sep-2022 06:54:00 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=HTLWtoUgyeAzV31L_Q1WUnykiDKxwN_0ayA6MWuuA21troFTqOx9ikzVRzzTMd3O6hplDnx-AyHR2PcCuK8ehBJRBcF1YjAhr-bQHAk19049GA_gUIDRUi
66.254.114.171200 OK 9.4 kB URL HTTP/2 a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=HTLWtoUgyeAzV31L_Q1WUnykiDKxwN_0ayA6MWuuA21troFTqOx9ikzVRzzTMd3O6hplDnx-AyHR2PcCuK8ehBJRBcF1YjAhr-bQHAk19049GA_gUIDRUi
IP 66.254.114.171:0
Hash 5b402e53538f1d7a57fcec68d872a35e
577eb4e707c94732174c9e5bafa6b8de1a6a10d1
d43a759e92b7d0889359f7691dc41759456111f2cd90c7c9bfeef663d62542f6
GET /get/10005363?time=1592491455431&atc=416763&apb=HTLWtoUgyeAzV31L_Q1WUnykiDKxwN_0ayA6MWuuA21troFTqOx9ikzVRzzTMd3O6hplDnx-AyHR2PcCuK8ehBJRBcF1YjAhr-bQHAk19049GA_gUIDRUi HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 06:54:00 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KEmMW7ohCKFNR0AsNAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7041; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 6316EE88-42FE72AB01BBB9B2-1AAD2B37
X-Firefox-Spdy: h2
chaturbate.com/topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
104.18.101.40302 Found 138 B URL HTTP/2 chaturbate.com/topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
IP 104.18.101.40:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://12112336.pix-cdn.org/
Connection: keep-alive
Cookie: __cf_bm=Z3xsuTEC6c2MRtN5eFiz4oOliipxxTi6ixL2Zq0DdUI-1662447241-0-AeTHR3kw7OkT9F/uE+ganwRS5HJjd3kUllvPAXpw3oML5GQF/1IgZ3k8XXUKflSk0ZWlBHi7Bzrxj8gIHyI2vjM=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: text/html; charset=utf-8
location: /embed/pizza_biceps/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
set-cookie: stcki="pOtSwZ=1\054FqPd9a=0\0546pduSG=0\054aDBbcK=0\0548UAXRV=0"; expires=Thu, 06-Oct-2022 06:54:01 GMT; Max-Age=2592000; Path=/
affkey="eJyrVipSslJQyigpKSi20tc3NDI0NDI2NtMryKzQTU7J08svStdXqgUA0s8LMQ=="; Domain=.chaturbate.com; expires=Thu, 06-Oct-2022 06:54:01 GMT; Max-Age=2592000; Path=/
sbr=sec:sbr5e39122b-34b6-4222-a9b2-b034ca8c239c:1oVSTB:KnURk9M9UdQG-xEhL76kI0ZP2V8; Domain=.chaturbate.com; expires=Sun, 01-Jun-2025 06:54:01 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74654a785d72b4f3-OSL
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=969388
185.94.236.247200 OK 1.4 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=969388
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 12652f1fed36d1d9e3b171f604d72dcb
999432a1f65a3cc8d43f1f6002af60193eec9cfb
d3c0ec37d1d25a8b5e4512d3ae3c634fb5293154c5267227568ecf8de1a0faad
GET /adshow.php?adzone=969388 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 06:54:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=83b5db1ffc3dd48e0d434099cad0733f; expires=Wed, 06-Sep-2023 06:54:01 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Fri, 09-Sep-2022 06:54:01 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 09-Sep-2022 06:54:01 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
static-assets.highwebmedia.com/CACHE/js/output.9b823bb2f723.js
104.16.93.42200 OK 5.2 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.9b823bb2f723.js
IP 104.16.93.42:0
File type ASCII text, with very long lines (7845)
Hash d84a7af3c514381d93581b7a8df3c0e8
4fda5a04bdf366cd6a64bf7956477a6c1981a7c2
122d5723806e2fcece0b1d6efda7376208b65780a2e2bff4b2d47bb41b5e3792
GET /CACHE/js/output.9b823bb2f723.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"1360376b8f5657814f662391b765d655"
last-modified: Tue, 24 May 2022 17:14:17 GMT
x-amz-id-2: KTWJY/HCZAzfCN7zvoTtoCRDkjCDtsx43npe+RSp0Ebo2HF6WHgess4Ct9QL7Zi8XExzaRuhmCw=
x-amz-meta-s3cmd-attrs: md5:1360376b8f5657814f662391b765d655
x-amz-request-id: M1HHWCFNA8C6CV81
cf-cache-status: HIT
age: 112816
expires: Thu, 06 Oct 2022 06:54:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOP%2BMzaxeE3DGc0HmgXGGuljJWi3bq4FRv3%2FdjCSbLFecupo3fFoL%2B5cy8nb7iQHraRhn12IxKms73208r0poXiBKvTiZ5ULkwryC1rutrXbrcNh1I6e5tWcgH0ZRYRw%2FyHZFPLEIW3hkdzR2mah9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=IIJtTdIKq.p_XHDUTTDi99raciG_J036In0EehHTC2g-1662447241605-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74654a7bf9c0b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=969388
185.94.236.247200 OK 1.4 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=969388
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 12652f1fed36d1d9e3b171f604d72dcb
999432a1f65a3cc8d43f1f6002af60193eec9cfb
d3c0ec37d1d25a8b5e4512d3ae3c634fb5293154c5267227568ecf8de1a0faad
GET /adshow.php?adzone=969388 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 06:54:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=83b5db1ffc3dd48e0d434099cad0733f; expires=Wed, 06-Sep-2023 06:54:01 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Fri, 09-Sep-2022 06:54:01 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 09-Sep-2022 06:54:01 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
static-assets.highwebmedia.com/CACHE/js/output.97a5db11ca63.js
104.16.93.42200 OK 252 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.97a5db11ca63.js
IP 104.16.93.42:0
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size 252 kB (251546 bytes)
Hash 557e1e5d30cad1d191493fb223130fc6
9bc45573ade51ad26bf91258f02d6e4dee2d6b8d
644e60595df9c76ca0fa2d71ffd8154f2e031d99cbe0ae4c94f8554a4b2a9a77
GET /CACHE/js/output.97a5db11ca63.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=827275
etag: W/"692ec922d2a39b4037073f70286968b3"
last-modified: Fri, 13 May 2022 09:09:46 GMT
x-amz-id-2: VZ8ol5gj9DR4cR1Ys+gd3EdgeEH8vduV/GWCX0hMYtqbtTyLc8wtgelbUHUwXR/km7ekid2PJdA=
x-amz-meta-s3cmd-attrs: md5:692ec922d2a39b4037073f70286968b3
x-amz-request-id: WKBNH94P832M1DR9
cf-cache-status: HIT
age: 2237723
expires: Thu, 06 Oct 2022 06:54:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VswHJEjoEaF01P14uuLzY7wmPmlWy4oJis3P6LpLmdEXTYZMDMX4zfr25k%2F%2FjK5OG%2FbRZ6qy01hz%2F4Z%2BG06oo7r7HU5LY%2FAKZuMzcU%2Bdl4AcsukISP7aU%2FvgeqfAzVWo8qX3H%2Fcn5of2O%2Bejoj63rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=IIJtTdIKq.p_XHDUTTDi99raciG_J036In0EehHTC2g-1662447241605-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74654a7bf9c4b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.bc85e791cb2f.js
104.16.93.42200 OK 104 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.bc85e791cb2f.js
IP 104.16.93.42:0
File type Unicode text, UTF-8 text, with very long lines (65328)
Size 104 kB (103514 bytes)
Hash ace1ca39fe39e78aaf0750e44c54d65b
b75fe6ba679205a6722958aa390e804506729c3e
501a15bff8533bd168da52cd98a92118ff3b3c41de4242a54146e57669e673b7
GET /CACHE/js/output.bc85e791cb2f.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=202270
etag: W/"7d90e856406997eee24123ea8a61c92d"
last-modified: Fri, 10 Sep 2021 01:29:44 GMT
x-amz-id-2: HJqgrzmpP8NIgQA+YW8wx4YmDeOFkE860/zZrYgEfEOOhSRenFjn4mxx7ChaQYvyWjZAxImMIY8=
x-amz-meta-s3cmd-attrs: md5:7d90e856406997eee24123ea8a61c92d
x-amz-request-id: EVKN10SQAKNB8VZG
cf-cache-status: HIT
age: 112817
expires: Thu, 06 Oct 2022 06:54:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1j%2Fo%2BWkFLK6CSe1QdxjcI%2Feo57FbtL4j9iFyvO8idINvdLmYx1gYgzG29GlKZngfXNECrMIvvtE4owK%2FmNTp3VTukLtYlM0mPmOtJqphkYhL6F%2BJUHP96WduWm2za8ZJGPtI7xtVwhWNCZKoO57BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=IIJtTdIKq.p_XHDUTTDi99raciG_J036In0EehHTC2g-1662447241605-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74654a7bf9cab4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 5.0 kB URL HTTP/2 a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 0d0c49c4321563e5eb58b77022bef0ff
be34205e0d9f9ca8476310bd22093b3f89136959
f87283f41d7a47a905fa72524b89dd0a9d1a8afe83819452e6e98b5a34871e39
GET /api/spots/312873?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=yBuBVZsJK0jwPOYheOsu; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/jsi18n/en/djangojs.js?hash=e493c23b1695
104.16.93.42200 OK 1.7 kB URL HTTP/2 static-assets.highwebmedia.com/jsi18n/en/djangojs.js?hash=e493c23b1695
IP 104.16.93.42:0
File type ASCII text, with very long lines (1358)
Hash 8a3d5257962938a5a9b6a273c50cacb1
5e41c18a78d377e5ada28eee1fc91a212c772c32
9a3d3f02f94887f9162ba26ce0ca496751b85f6dcc63582d68e59e13a44176bd
GET /jsi18n/en/djangojs.js?hash=e493c23b1695 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=3271
etag: W/"32cad827f4958bb8450fc33065ba4b42"
last-modified: Thu, 28 Apr 2022 02:42:35 GMT
x-amz-id-2: Q4VB4wUaRbCUIp4AypGvpsgyZujTknCy0tez9vc7iZE3C5QQ0NFc0+byf+V+i1WkV5sMoIDLLc0=
x-amz-meta-s3cmd-attrs: md5:32cad827f4958bb8450fc33065ba4b42
x-amz-request-id: AVWR3ARX51YX23J0
cf-cache-status: HIT
age: 371326
expires: Thu, 06 Oct 2022 06:54:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7g%2BSsH59oKLQlgC18hbGHJaVrmxWIpZFkokgTU29jQLoVM2qZaq%2FW8yJDDZC2cwdyV%2FCbkV0AZyJQI2SonALx%2FuRAvDg%2FXb82d9FEY57qiDK2vhOOsWf6XLlv82iyA%2Fseqth7QcKOcI%2BR0o3XYeug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=QgDcPFif0eJ7Ivd.9fpI97SpXTL4.Ux23axIICt27gg-1662447241609-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74654a7bf9cfb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bongacams.com/popular-chat?bcs=aXNtaWI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
195.85.23.88302 Found 14 kB URL HTTP/2 bongacams.com/popular-chat?bcs=aXNtaWI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
IP 195.85.23.88:0
ASN #209242 Cloudflare London, LLC
Hash 75dbb85abd5226496a06be4ed0d8251f
404d3df357ade1e8fc96759a4947bde20f9ea5f1
0d796c145851ffb16cccaead126e7cb08d4afceae4d8fe6474db7bf0db4488b5
GET /popular-chat?bcs=aXNtaWI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1 HTTP/1.1
Host: bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Cookie: __cf_bm=UY8q49cWuQaYW_P3H4AXct9dh7gOeqZ3UV7oFT3YVMw-1662447241-0-Aaoxr9T4nusNr+orwgX/ir0a2wvHt3G19rizopmFrGqBcev3jNSscSQ4l1xMedTzPzhmenrUujbJpOOI33oHyRg=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: text/html; charset=utf-8
location: https://no.bongacams.com/popular-chat?bcs=aXNtaWI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
cache-control: no-cache, no-store, must-revalidate
set-cookie: bonga20120608=cf0eb726d4e0318a9c062984d9bfab1c; path=/; domain=.bongacams.com; secure; HttpOnly; SameSite=None
ts_type=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.bongacams.com
ts_type2=1; expires=Wed, 06-Sep-2023 06:54:01 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
fv=ZGDlAmD0ZwL2ZD==; expires=Wed, 06-Sep-2023 06:54:01 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
uh=FKAVpR1SsaOPo1u1EIAvMmuIDJuKZt==; expires=Wed, 06-Sep-2023 06:54:01 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
ratr=189420%3A%3A401977%3A%3A2022-09-06%2009%3A54%3A01%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A; expires=Wed, 24-Aug-2072 06:54:01 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74654a7c98c81c02-OSL
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.5914085222938356
131.153.88.93200 OK 56 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.5914085222938356
IP 131.153.88.93:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 66311e3e6dbdec1e9051e85cb72d1c17
3f2d7af4a08fc717b308ed0ce14495ea701373e7
0ee5a3528564c60f6f2b37897c5726257c0af1cbf6711d77c635e19fd9daa5f0
GET /stream?room=pizza_biceps&f=0.5914085222938356 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=xaENJt1re.21jJFRKI9Pv843VZ_mM83cPkfzEPK0DD4-1662447241621-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/jpeg
content-length: 56482
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.23331978727906855
131.153.88.93200 OK 57 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.23331978727906855
IP 131.153.88.93:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash c7f6dac5b20a86a81cbfbe3a4dd70695
891dc118e0852c26ebfede79bef7050df63ac494
d28f4ae7aca15090ee7918af70b7e0db3e4a6e62c21fcdae418a1c18bcb431de
GET /stream?room=pizza_biceps&f=0.23331978727906855 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=xaENJt1re.21jJFRKI9Pv843VZ_mM83cPkfzEPK0DD4-1662447241621-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/jpeg
content-length: 56947
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.9501323537415133
131.153.88.93200 OK 57 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.9501323537415133
IP 131.153.88.93:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 4c4b7eb19e25fbea08d7173628ab3991
cde6afaead3500f4e7666ddd2445b30667c2fe45
8604882d59b148a13f68ed8188d44b4ec7656a34f8f2ccc2edabfb56a50d54d0
GET /stream?room=pizza_biceps&f=0.9501323537415133 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=xaENJt1re.21jJFRKI9Pv843VZ_mM83cPkfzEPK0DD4-1662447241621-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/jpeg
content-length: 57054
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 06:54:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 446
x-timer: S1662447243.696576,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.49666203351257776
131.153.88.93200 OK 57 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.49666203351257776
IP 131.153.88.93:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 12418be74952011d407bbb0715490cf0
86bb63ed7b1cd09b9310091f88ff17727093c914
b5fd350941cc7ce2c537aa4677671a11bc1c67729c591c823a832ce3d8a9ef40
GET /stream?room=pizza_biceps&f=0.49666203351257776 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=xaENJt1re.21jJFRKI9Pv843VZ_mM83cPkfzEPK0DD4-1662447241621-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/jpeg
content-length: 57158
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.4171060469960688
131.153.88.93200 OK 58 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.4171060469960688
IP 131.153.88.93:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 46eca5eb6fa0c2ae56daee903277c58b
246d20633f10c67ec189cc5984eb9ffdf28df8c6
e06d79d753b11cf82d3779244d7c78b4b8d49af555b6ca7f50f346459302c9c3
GET /stream?room=pizza_biceps&f=0.4171060469960688 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=xaENJt1re.21jJFRKI9Pv843VZ_mM83cPkfzEPK0DD4-1662447241621-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/jpeg
content-length: 58531
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
no.bongacams.com/popular-chat?bcs=b3duZmI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
195.85.23.95200 OK 70 kB URL HTTP/2 no.bongacams.com/popular-chat?bcs=b3duZmI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20793)
Hash 8efffdb4a1f8b03b9ff87eac929ccfc3
8cd677dd6a9498cbd5082d0b66ac3f4557b4550d
d313b0c6e1d718508617369462d47bd93ffb320a049be563c3ca311a3ba0718c
GET /popular-chat?bcs=b3duZmI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1 HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Cookie: __cf_bm=UY8q49cWuQaYW_P3H4AXct9dh7gOeqZ3UV7oFT3YVMw-1662447241-0-Aaoxr9T4nusNr+orwgX/ir0a2wvHt3G19rizopmFrGqBcev3jNSscSQ4l1xMedTzPzhmenrUujbJpOOI33oHyRg=; bonga20120608=cf0eb726d4e0318a9c062984d9bfab1c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin
x-ua-compatible: IE=edge,chrome=1
cache-control: no-cache, no-store, must-revalidate
set-cookie: ts_type2=1; expires=Wed, 06-Sep-2023 06:54:02 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
fv=ZwDlAmD0ZwL2ZD==; expires=Wed, 06-Sep-2023 06:54:02 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
uh=DaAQZ3WPLzD2rJWxAIcWHGuzrwqKBD==; expires=Wed, 06-Sep-2023 06:54:02 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
ratr=189420%3A%3A401977%3A%3A2022-09-06%2009%3A54%3A02%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com; HttpOnly
BONGAH_HIT=b821eef9e4cb820b7653e83d3bbe9d52%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-09-06%2009%3A54%3A02; expires=Sun, 05-Mar-2023 06:54:02 GMT; Max-Age=15552000; path=/; domain=.bongacams.com; secure; HttpOnly; SameSite=None
BONGA_REF=https%3A%2F%2Fpoweredby.jads.co%2F; expires=Sun, 05-Mar-2023 06:54:02 GMT; Max-Age=15552000; path=/; domain=.bongacams.com; HttpOnly
reg_ver2=3; expires=Wed, 06-Sep-2023 06:54:02 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
sg=589; expires=Wed, 06-Sep-2023 06:54:02 GMT; Max-Age=31536000; path=/; domain=.bongacams.com; secure; SameSite=None
__ti=H4sIAAAAAAACAyWIPQ6AIAxGr2K6k5SKkn49DQkOnTU4EO6u4vR-xjASRtqgvOwclIMIC0EjTqNKmLwPb4T06fUvgRu16R0riuUc4f3t8gBs3C8XVAAAAA~~; expires=Tue, 13-Sep-2022 06:54:02 GMT; Max-Age=604800; path=/; domain=.bongacams.com
warning18=%5B%22no_NO%22%5D; expires=Wed, 06-Sep-2023 06:54:02 GMT; Max-Age=31536000; path=/; domain=.bongacams.com; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74654a7e7f800afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/107/23e/xbig_lq/fc31e9.webp
195.85.23.226200 OK 10 kB URL HTTP/2 i.bcicdn.com/live/09a/107/23e/xbig_lq/fc31e9.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0831dc788adb7510c39e7814b3a8e80a
6b345ccd1080c19ef20a4714a1622b5af4b9c537
f229a7b4c5fff12a940f8d7a25b768e3d602e76c87b463a2d703ca63c7ffbb3f
GET /live/09a/107/23e/xbig_lq/fc31e9.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 10386
last-modified: Tue, 06 Sep 2022 06:52:11 GMT
etag: "6316ee1b-2892"
expires: Tue, 13 Sep 2022 06:52:12 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 88
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e271bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/01a/1d7/34a/xbig_lq/640068.webp
195.85.23.226200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/01a/1d7/34a/xbig_lq/640068.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a2692b3a77b636e642f404afe983674
94fdb93f95064220730ed72ab870508fa2c15bd7
0a5e7a6a9f68436d48fe76955d73303adc7a13da613b24e9778502ec3fafd4af
GET /live/01a/1d7/34a/xbig_lq/640068.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 15536
last-modified: Tue, 06 Sep 2022 06:52:11 GMT
etag: "6316ee1b-3cb0"
expires: Tue, 13 Sep 2022 06:52:11 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 98
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e2c1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/015/15c/3df/xbig_lq/9af9a8.webp
195.85.23.226200 OK 22 kB URL HTTP/2 i.bcicdn.com/live/015/15c/3df/xbig_lq/9af9a8.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9ab6ad296c49f5473c0669ee8518f7cb
2f15e7b2af98f0d3c429b872b7cf5e6d85ae61dc
19362fd9b3c631b5438cb995be9d85df4e27fdeecc1ea2b48392af0d3fa63b3c
GET /live/015/15c/3df/xbig_lq/9af9a8.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 21918
last-modified: Tue, 06 Sep 2022 06:53:38 GMT
etag: "6316ee72-559e"
expires: Tue, 13 Sep 2022 06:53:39 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 16
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e2e1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/092/22d/277/xbig_lq/512fea.webp
195.85.23.226200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/092/22d/277/xbig_lq/512fea.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f04d38396e3396691e3bc1a6791ab372
8934653886413d4fa9c28f618617aec8826f4224
be737177d6d8496c6ad28c6c8905920de783c08b667fff7cd7f207ec42dd413a
GET /live/092/22d/277/xbig_lq/512fea.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 15560
last-modified: Tue, 06 Sep 2022 06:49:15 GMT
etag: "6316ed6b-3cc8"
expires: Tue, 13 Sep 2022 06:49:15 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: HIT
cf-cache-status: HIT
age: 286
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e301bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/030/2a1/xbig_lq/bde6c0.webp
195.85.23.226200 OK 9.6 kB URL HTTP/2 i.bcicdn.com/live/09b/030/2a1/xbig_lq/bde6c0.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d32ee2e0de97ea4c7f9ecbbff1a213a4
641c3e421bebddff3a7510f2b98b030e536dc0ea
f519ae7c439ba2bc1c8c2b3a8a1467b02733524bf9fd750680a6d1494e22f9ae
GET /live/09b/030/2a1/xbig_lq/bde6c0.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 9630
last-modified: Tue, 06 Sep 2022 06:53:10 GMT
etag: "6316ee56-259e"
expires: Tue, 13 Sep 2022 06:53:13 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 49
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e311bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/095/3d7/381/xbig_lq/bf231f.webp
195.85.23.226200 OK 24 kB URL HTTP/2 i.bcicdn.com/live/095/3d7/381/xbig_lq/bf231f.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2a96ab31e3f5e789860851ef35a5ff42
0e8690dd706a69eb892413c8e1751df940e6e495
834ed70d862b335bc4cbbc15229a4853e68d6412e78813e7c114cab1bcec918f
GET /live/095/3d7/381/xbig_lq/bf231f.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 24214
last-modified: Tue, 06 Sep 2022 06:50:22 GMT
etag: "6316edae-5e96"
expires: Tue, 13 Sep 2022 06:50:31 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 195
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e201bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/072/2fd/22f/xbig_lq/27649f.webp
195.85.23.226200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/072/2fd/22f/xbig_lq/27649f.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8c20c419f4a168a64de349c914380083
0ff30a61f9ae96e251b0944e3ded1046c385b989
f95e07542c983dd2a503d2e2ff96a05863a16b97b329eaa9241bf67c63fcfddc
GET /live/072/2fd/22f/xbig_lq/27649f.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 15520
last-modified: Tue, 06 Sep 2022 06:52:27 GMT
etag: "6316ee2b-3ca0"
expires: Tue, 13 Sep 2022 06:52:29 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 86
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e221bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/07b/2a3/335/xbig_lq/790a43.webp
195.85.23.226200 OK 5.6 kB URL HTTP/2 i.bcicdn.com/live/07b/2a3/335/xbig_lq/790a43.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 44da46fb324d9eec975d03622418f408
5e93959ad6b242f376fdb1b1c0d9c8d10a74f480
18836b3921244bef3a12fb3bb82ee6eb7e655ff54e34902de4149d393d7ef186
GET /live/07b/2a3/335/xbig_lq/790a43.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 5592
last-modified: Tue, 06 Sep 2022 06:50:06 GMT
etag: "6316ed9e-15d8"
expires: Tue, 13 Sep 2022 06:50:08 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 225
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e211bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/07a/3c1/292/xbig_lq/f83d76.webp
195.85.23.226200 OK 13 kB URL HTTP/2 i.bcicdn.com/live/07a/3c1/292/xbig_lq/f83d76.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ce929b1a7a2d6bb34c9f6c94daa23baf
a2f38bfb965581b41571e94ee020817194ec3439
64be4450d4ad2740679d59839fc98ad394fd28eb32d765592569f6575b4f2883
GET /live/07a/3c1/292/xbig_lq/f83d76.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 12918
last-modified: Tue, 06 Sep 2022 06:50:58 GMT
etag: "6316edd2-3276"
expires: Tue, 13 Sep 2022 06:51:05 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 177
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e1e1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/05e/25d/36e/xbig_lq/d41bfd.webp
195.85.23.226200 OK 13 kB URL HTTP/2 i.bcicdn.com/live/05e/25d/36e/xbig_lq/d41bfd.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 59f1b96c49d2a1d5cdaf97c1e749add5
6f14bce57c14fce8afb38f90bb33452e7820195d
eccc14daed85bf3ab630b22b13de48e590eaf552f6474a3f6f0e1b8df19deab8
GET /live/05e/25d/36e/xbig_lq/d41bfd.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 13068
last-modified: Tue, 06 Sep 2022 06:49:52 GMT
etag: "6316ed90-330c"
expires: Tue, 13 Sep 2022 06:49:58 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 244
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e231bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/039/185/xbig_lq/83a4e5.webp
195.85.23.226200 OK 5.5 kB URL HTTP/2 i.bcicdn.com/live/09b/039/185/xbig_lq/83a4e5.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3c3a8b8bc6d587414c22a28f65079890
a631feb82f0e5ddd3c388267f6d9ff1fa19aaff0
9c5cdcb974d6aa228f41d69912fd362ef9964246b4782e327dda90f7050f7a6a
GET /live/09b/039/185/xbig_lq/83a4e5.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 5484
last-modified: Tue, 06 Sep 2022 06:52:35 GMT
etag: "6316ee33-156c"
expires: Tue, 13 Sep 2022 06:52:35 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 86
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e351bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/0cf/13e/xbig_lq/ecedd6.webp
195.85.23.226200 OK 7.7 kB URL HTTP/2 i.bcicdn.com/live/09b/0cf/13e/xbig_lq/ecedd6.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 56d5e5ed2e622d7dbb40b8a312bd46b8
6e4c7c984b86a6289ece2de3bcc309d8f059243b
148bf5b00fd81ee732afedd31c41a22bdb6aaee279b8d0fa4f1c1c18c1a4fb21
GET /live/09b/0cf/13e/xbig_lq/ecedd6.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 7712
last-modified: Tue, 06 Sep 2022 06:53:42 GMT
etag: "6316ee76-1e20"
expires: Tue, 13 Sep 2022 06:53:43 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 18
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e391bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/078/299/32c/xbig_lq/970a02.webp
195.85.23.226200 OK 23 kB URL HTTP/2 i.bcicdn.com/live/078/299/32c/xbig_lq/970a02.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 52cc60c88a4d4570818fa6a59f470b66
250735bedd27b045081499c2871e9d7f8267291c
8f8873b5783d737d06873ea610f9df6f074ea6a04e551c2ac9bc58fefa2b6c71
GET /live/078/299/32c/xbig_lq/970a02.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 23306
last-modified: Tue, 06 Sep 2022 06:49:36 GMT
etag: "6316ed80-5b0a"
expires: Tue, 13 Sep 2022 06:49:37 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 241
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e241bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09c/09e/10f/xbig_lq/6b04ad.webp
195.85.23.226200 OK 23 kB URL HTTP/2 i.bcicdn.com/live/09c/09e/10f/xbig_lq/6b04ad.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d6b260e5671386d5db0f3ded5cbc1ae7
6fd3dd9fdc8f6481e339aef9fa04a21b0dee5120
b1584ce00f367e2c118d987e5ea228e292617e59f604fa8ac1cb2841f7fc06fd
GET /live/09c/09e/10f/xbig_lq/6b04ad.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 23438
last-modified: Tue, 06 Sep 2022 06:53:06 GMT
etag: "6316ee52-5b8e"
expires: Tue, 13 Sep 2022 06:53:08 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 53
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e321bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/27b/280/xbig_lq/6bda22.webp
195.85.23.226200 OK 13 kB URL HTTP/2 i.bcicdn.com/live/09a/27b/280/xbig_lq/6bda22.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bd9f52d5dd2a2fbc3748d71c293ad529
ec6d236643ae8f51a119748544fef98e6dd467d3
74a81cd93f55a45045ab2a5c0d846b4f6f1dc968e22dc48484bd7586e69191ff
GET /live/09a/27b/280/xbig_lq/6bda22.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 13150
last-modified: Tue, 06 Sep 2022 06:52:43 GMT
etag: "6316ee3b-335e"
expires: Tue, 13 Sep 2022 06:52:44 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 77
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e371bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/0fd/055/xbig_lq/555850.webp
195.85.23.226200 OK 8.2 kB URL HTTP/2 i.bcicdn.com/live/09b/0fd/055/xbig_lq/555850.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3789c6a570b6fc80620f52a172bfcd5e
5ddf86569b0fd10207d74bafd44298977a94ff17
ecea74fa2be7136d0b16a0bcb48b465b4409b06f3b72b784eff934ff79e8dc24
GET /live/09b/0fd/055/xbig_lq/555850.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 8228
last-modified: Tue, 06 Sep 2022 06:53:54 GMT
etag: "6316ee82-2024"
expires: Tue, 13 Sep 2022 06:54:00 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 2
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e381bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/099/201/0e5/xbig_lq/31a614.webp
195.85.23.226200 OK 30 kB URL HTTP/2 i.bcicdn.com/live/099/201/0e5/xbig_lq/31a614.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bfef266c9db16e2f1d69e8805a5ab1bc
7c5ed416b7bf64580debb7a09c03c79f9d8e1031
9628b38294fe554742cb9f95f4703d3bba9b70f876184e584872b0110ec19fa9
GET /live/099/201/0e5/xbig_lq/31a614.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 29520
last-modified: Tue, 06 Sep 2022 06:53:08 GMT
etag: "6316ee54-7350"
expires: Tue, 13 Sep 2022 06:53:09 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 38
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e291bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/277/3bd/xbig_lq/aa768e.webp
195.85.23.226200 OK 22 kB URL HTTP/2 i.bcicdn.com/live/09a/277/3bd/xbig_lq/aa768e.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 08f4fff1a8492cb4b9a3bd4241d0e3c4
a839e77e463a775601e6319cf6f3f6c1e758a4e8
aa67e69db82345dea05041440b557a2f57175fa35117de7e05404b88a7375f6b
GET /live/09a/277/3bd/xbig_lq/aa768e.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 22028
last-modified: Tue, 06 Sep 2022 06:50:41 GMT
etag: "6316edc1-560c"
expires: Tue, 13 Sep 2022 06:50:42 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 199
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e341bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/185/17e/xbig_lq/be1c5a.webp
195.85.23.226200 OK 12 kB URL HTTP/2 i.bcicdn.com/live/09a/185/17e/xbig_lq/be1c5a.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b82a5ad3d403dd20ba02502a9e80f464
21acba699c5cfce2f1fc66626e0bfc948c60b500
e15de537500acc2ac1dcbd0eacb0aeb5faade1d022192b20b3921f3787287042
GET /live/09a/185/17e/xbig_lq/be1c5a.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 11546
last-modified: Tue, 06 Sep 2022 06:50:35 GMT
etag: "6316edbb-2d1a"
expires: Tue, 13 Sep 2022 06:50:37 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: HIT
cf-cache-status: HIT
age: 199
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e3a1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/39a/131/xbig_lq/e06a5b.webp
195.85.23.226200 OK 8.5 kB URL HTTP/2 i.bcicdn.com/live/09a/39a/131/xbig_lq/e06a5b.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c83204ff3fc0c09336c7545753d7540e
6e5c52fd16afa894ca9f08817a104511d7da0649
79081c007af298ab6165577ee91986bc0d9e44f7709c1d2cba8f4e87a102a4b7
GET /live/09a/39a/131/xbig_lq/e06a5b.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 8486
last-modified: Tue, 06 Sep 2022 06:53:36 GMT
etag: "6316ee70-2126"
expires: Tue, 13 Sep 2022 06:53:37 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 24
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e3b1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/392/2ab/xbig_lq/d76ef9.webp
195.85.23.226200 OK 14 kB URL HTTP/2 i.bcicdn.com/live/09a/392/2ab/xbig_lq/d76ef9.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c8831ae364a756eee540e7fd1fd15ff5
66d98ec9596ff3990a8d2b45664cf2718894c418
240a65c9f81d3f2d6b440fe7865f1f4a9abab001a4785297e5101bfb1756ee54
GET /live/09a/392/2ab/xbig_lq/d76ef9.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 14206
last-modified: Tue, 06 Sep 2022 06:52:19 GMT
etag: "6316ee23-377e"
expires: Tue, 13 Sep 2022 06:52:21 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 98
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e3c1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/3b5/2fa/xbig_lq/32a098.webp
195.85.23.226200 OK 9.3 kB URL HTTP/2 i.bcicdn.com/live/09a/3b5/2fa/xbig_lq/32a098.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 40975464a11e6c857806cbf84de934a1
3ea685d68489af00798ff5a0698a9cd783f4bff5
568a40ba7ae05e8e49aee2d3ab2d62157c78b819790e980295bcf961b459c29c
GET /live/09a/3b5/2fa/xbig_lq/32a098.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 9324
last-modified: Tue, 06 Sep 2022 06:51:56 GMT
etag: "6316ee0c-246c"
expires: Tue, 13 Sep 2022 06:51:56 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 124
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e3d1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/091/2ae/2c4/xbig_lq/0ef8a3.webp
195.85.23.226200 OK 12 kB URL HTTP/2 i.bcicdn.com/live/091/2ae/2c4/xbig_lq/0ef8a3.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c2094b331584f967c311c07411bfafd5
9452f42d0080ddc77e63b022a69c79d7d924b1ea
5d2154e8c406b855b30e089b07dc724c803c2bf5acb6022be04b9916efa31096
GET /live/091/2ae/2c4/xbig_lq/0ef8a3.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 11838
last-modified: Tue, 06 Sep 2022 06:53:49 GMT
etag: "6316ee7d-2e3e"
expires: Tue, 13 Sep 2022 06:53:58 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e3e1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/092/1a8/2b1/xbig_lq/9d2598.webp
195.85.23.226200 OK 13 kB URL HTTP/2 i.bcicdn.com/live/092/1a8/2b1/xbig_lq/9d2598.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1baa7eeb690b8134d679a0cd13d7457c
5ab1e1ca761546817a50d4a7578134ab07307fb0
cfd3925e084522fd80fe184eedb0f7dcc56eb5fe106da81582dea5db5363c420
GET /live/092/1a8/2b1/xbig_lq/9d2598.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 12652
last-modified: Tue, 06 Sep 2022 06:53:15 GMT
etag: "6316ee5b-316c"
expires: Tue, 13 Sep 2022 06:53:15 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 37
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e3f1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/094/3c2/22b/xbig_lq/bf231f.webp
195.85.23.226200 OK 7.9 kB URL HTTP/2 i.bcicdn.com/live/094/3c2/22b/xbig_lq/bf231f.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash de111fe33476e648a9c31d86d6387f25
a2e9eb289be6063a394ca6256a90d5d7bbe96c62
1a5306d7593cfcefd2f627c4d79581fb72f9e1c75e94b2c07583575537bbe65e
GET /live/094/3c2/22b/xbig_lq/bf231f.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 7876
last-modified: Tue, 06 Sep 2022 06:50:19 GMT
etag: "6316edab-1ec4"
expires: Tue, 13 Sep 2022 06:50:19 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 206
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e461bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/065/02a/02f/xbig_lq/ef4a54.webp
195.85.23.226200 OK 11 kB URL HTTP/2 i.bcicdn.com/live/065/02a/02f/xbig_lq/ef4a54.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 03d0f0a67f3a65a698ae69062a32fb1f
1807a446d9126ef4f5ccc4b890e5c56a503d451e
362166e85b67fe8ee075758dbee5376b65b6c43b4f609f0474b5bb75d42728bb
GET /live/065/02a/02f/xbig_lq/ef4a54.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 10698
last-modified: Tue, 06 Sep 2022 06:53:51 GMT
etag: "6316ee7f-29ca"
expires: Tue, 13 Sep 2022 06:53:58 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 4
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e411bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/06a/0ed/2ee/xbig_lq/ebfb76.webp
195.85.23.226200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/06a/0ed/2ee/xbig_lq/ebfb76.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6bd576b232a8754cf08f67fd2f1c7849
c42e4c01ed9b01abf80a9e6435a43903a31d5786
d8fe9208444f29fdbebf72fc5d067fc8a19ce676a3b01ab7c78f47cdd739a44d
GET /live/06a/0ed/2ee/xbig_lq/ebfb76.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 15826
last-modified: Tue, 06 Sep 2022 06:53:21 GMT
etag: "6316ee61-3dd2"
expires: Tue, 13 Sep 2022 06:53:21 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 40
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e431bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/074/049/281/xbig_lq/f8f576.webp
195.85.23.226200 OK 14 kB URL HTTP/2 i.bcicdn.com/live/074/049/281/xbig_lq/f8f576.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dd25d1fab866a69b20e2caf986652e2b
b8cb73c52ec8aad1bc98e936abd3b7b796cccf33
78e0257b7c1acec13fcd551063d109ba094a1b94ff75e5225f674a19a249a447
GET /live/074/049/281/xbig_lq/f8f576.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 13868
last-modified: Tue, 06 Sep 2022 06:51:05 GMT
etag: "6316edd9-362c"
expires: Tue, 13 Sep 2022 06:51:07 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 172
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e451bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/054/3a0/306/xbig_lq/7f9bed.webp
195.85.23.226200 OK 11 kB URL HTTP/2 i.bcicdn.com/live/054/3a0/306/xbig_lq/7f9bed.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 01e9367a4b051bf93a08b916cfb8a4d4
a4e139e04eb0286b52546430d55892f02d7dee6d
e76a0381bacea1de5a8a1c9fc616e64f19a50a24e10e99e8b6579bad38695f12
GET /live/054/3a0/306/xbig_lq/7f9bed.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 10574
last-modified: Tue, 06 Sep 2022 06:49:56 GMT
etag: "6316ed94-294e"
expires: Tue, 13 Sep 2022 06:50:00 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 238
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e471bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/07c/1e0/0a3/xbig_lq/640068.webp
195.85.23.226200 OK 4.3 kB URL HTTP/2 i.bcicdn.com/live/07c/1e0/0a3/xbig_lq/640068.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 542fc35f0673a8e05a0a5d301f8fba00
c5b1d139f599ed61cd2c0520f639f706cabe93bd
95281863d7779b9d399ac43cb2bd12e26bc8085921320b6a980367df89f899fd
GET /live/07c/1e0/0a3/xbig_lq/640068.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 4312
last-modified: Tue, 06 Sep 2022 06:52:09 GMT
etag: "6316ee19-10d8"
expires: Tue, 13 Sep 2022 06:52:12 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 104
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a846e511bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/067/395/306/xbig_lq/2da555.webp
195.85.23.226200 OK 15 kB URL HTTP/2 i.bcicdn.com/live/067/395/306/xbig_lq/2da555.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f571c663faa7df71151f662b42b2eda0
956ee1359da5d2b401b90d2556b9531019c0c65e
0fa56443fc9f7f3b19c6ccf91c4d423ca907d7fe050dbeb9809e52daedffe94a
GET /live/067/395/306/xbig_lq/2da555.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 14742
last-modified: Tue, 06 Sep 2022 06:51:02 GMT
etag: "6316edd6-3996"
expires: Tue, 13 Sep 2022 06:51:03 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 172
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a846e4f1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/02c/109/209/xbig_lq/0a942d.webp
195.85.23.226200 OK 15 kB URL HTTP/2 i.bcicdn.com/live/02c/109/209/xbig_lq/0a942d.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 87b42a1604c33af2d400fe7ed4d81a01
ce792b3edb31cf2fbe3cf141c25dd3894e9e3623
dea55935322f20fcbd37c0a648f4656f1afdcf05d71f03d8288f6eb5360f68cf
GET /live/02c/109/209/xbig_lq/0a942d.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 15318
last-modified: Tue, 06 Sep 2022 06:50:45 GMT
etag: "6316edc5-3bd6"
expires: Tue, 13 Sep 2022 06:50:54 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 187
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a847e591bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/078/195/3dc/xbig_lq/2e52c6.webp
195.85.23.226200 OK 8.0 kB URL HTTP/2 i.bcicdn.com/live/078/195/3dc/xbig_lq/2e52c6.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 00c0f0cbd6be3e94274e8c93269b29d2
9012c2dd637d895b9d4788a1b25de60310d90681
715ae379a7ffdec5ceaa9fb676723583cf0229e1f4a766cc631b0ff860c33af1
GET /live/078/195/3dc/xbig_lq/2e52c6.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 7996
last-modified: Tue, 06 Sep 2022 06:53:10 GMT
etag: "6316ee56-1f3c"
expires: Tue, 13 Sep 2022 06:53:13 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: HIT
cf-cache-status: HIT
age: 39
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a848e6d1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/06a/26b/216/xbig_lq/462209.webp
195.85.23.226200 OK 25 kB URL HTTP/2 i.bcicdn.com/live/06a/26b/216/xbig_lq/462209.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1ea1267165d31c03ff474219179e48c9
16c42f0807fb0beb517dcbb329955e5fa915a49a
ccaefacb7e95060daa6be3de457a9690447c2a7ade48b47c99ebba669bc974ee
GET /live/06a/26b/216/xbig_lq/462209.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 25344
last-modified: Tue, 06 Sep 2022 06:52:57 GMT
etag: "6316ee49-6300"
expires: Tue, 13 Sep 2022 06:52:57 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 65
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e421bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/040/33f/12c/xbig_lq/790a43.webp
195.85.23.226200 OK 18 kB URL HTTP/2 i.bcicdn.com/live/040/33f/12c/xbig_lq/790a43.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f4312db432dec7dd62391366e3605e89
a69f4682de878b151c1e22b00a8a6a6045c01197
a931278930fcd7033e10f8b1c512b0fc296dba002b6fa19a1226e8face15d6f8
GET /live/040/33f/12c/xbig_lq/790a43.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 17708
last-modified: Tue, 06 Sep 2022 06:50:05 GMT
etag: "6316ed9d-452c"
expires: Tue, 13 Sep 2022 06:50:06 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 230
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a846e501bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/068/186/2b9/xbig_lq/3eac95.webp
195.85.23.226200 OK 20 kB URL HTTP/2 i.bcicdn.com/live/068/186/2b9/xbig_lq/3eac95.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 112a971d88d92f0c4eca6ef597c757b1
25a31928ebef6cca0578c5f8e239543b4f043d0c
3c36bafc24d90a3856f72f607ea40d53d9543a6f5941df4c90011a155541956a
GET /live/068/186/2b9/xbig_lq/3eac95.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 20538
last-modified: Tue, 06 Sep 2022 06:49:33 GMT
etag: "6316ed7d-503a"
expires: Tue, 13 Sep 2022 06:49:35 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 241
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a848e6c1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/061/26a/3c0/xbig_lq/a92712.webp
195.85.23.226200 OK 28 kB URL HTTP/2 i.bcicdn.com/live/061/26a/3c0/xbig_lq/a92712.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 560ac931e1b293f8303ba627c297f231
377cfa07f3cd65034c3753cd53f73aa58d922131
be7213a78e949311d5f2fa4bd0387abe46455a891f84f8933b5161998f0f60c8
GET /live/061/26a/3c0/xbig_lq/a92712.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 27690
last-modified: Tue, 06 Sep 2022 06:50:10 GMT
etag: "6316eda2-6c2a"
expires: Tue, 13 Sep 2022 06:50:11 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 204
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a848e671bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/07a/3c1/292/5d1619be3493b065314ac5dd4e18fdff_avatars.jpg
195.85.23.226200 OK 968 B URL HTTP/2 i.bcicdn.com/07a/3c1/292/5d1619be3493b065314ac5dd4e18fdff_avatars.jpg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, progressive, precision 8, 32x32, components 3\012- data
Hash 14d0133a7902c03582a1af140081b13c
ee7f434a6acc72447ff447f0752cbb6e17cfd16b
859d1cc1027bbe5919a97ae0ba3caf46edde7417acbf8a117d4b4b1134aa53ce
GET /07a/3c1/292/5d1619be3493b065314ac5dd4e18fdff_avatars.jpg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/jpeg
content-length: 968
access-control-allow-origin: *
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "61b1068d-3c8"
expires: Wed, 05 Oct 2022 05:24:04 GMT
last-modified: Wed, 08 Dec 2021 19:25:01 GMT
x-o1-p6: EXPIRED
x-bc-o: 1
cf-cache-status: HIT
age: 16135
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e1a1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/07a/3c1/292/5d1619be3493b065314ac5dd4e18fdff_profile_s.jpg
195.85.23.226200 OK 10 kB URL HTTP/2 i.bcicdn.com/07a/3c1/292/5d1619be3493b065314ac5dd4e18fdff_profile_s.jpg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, progressive, precision 8, 226x224, components 3\012- data
Hash 1e62a56c134a2ede5b961d92d183ddeb
0115e38009b62f575609eb420be0591e0c67c36c
9b2bb021c22dfcf86d17e9479566ea8545e9f5276c6021812f1060aea945c046
GET /07a/3c1/292/5d1619be3493b065314ac5dd4e18fdff_profile_s.jpg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/jpeg
content-length: 10089
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "61b10689-2769"
expires: Wed, 21 Sep 2022 03:19:34 GMT
last-modified: Wed, 08 Dec 2021 19:24:57 GMT
vary: Accept-Encoding
x-cache-0: 1
cf-cache-status: HIT
age: 122064
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e1b1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/061/26a/3c0/xbig_lq/d5f238.webp
195.85.23.226200 OK 7.1 kB URL HTTP/2 i.bcicdn.com/live/061/26a/3c0/xbig_lq/d5f238.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7022f5a870dc0904c0b2c4968a95306f
472a0297d4ba057a17a41d2a1b7a4c84e3e8f07a
c13168e6a681f8c2c956c7e0400c2f1514e677a1668f8dfefd9efc355a172f87
GET /live/061/26a/3c0/xbig_lq/d5f238.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/webp
content-length: 7128
last-modified: Tue, 06 Sep 2022 06:54:01 GMT
etag: "6316ee89-1bd8"
expires: Tue, 13 Sep 2022 06:54:01 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e2b1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/06d/0ed/001/xbig_lq/ec01fc.webp
195.85.23.226200 OK 17 kB URL HTTP/2 i.bcicdn.com/live/06d/0ed/001/xbig_lq/ec01fc.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a5c057154f1bcce33315d293cd8d9211
583fb4bd56b71aee5b1947eff24a01c9a7c4806c
dc2f7702087fbe6bd1d4c0be2bdc82794e781e1197d434a3a6bee46b969ad073
GET /live/06d/0ed/001/xbig_lq/ec01fc.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/webp
content-length: 17324
last-modified: Tue, 06 Sep 2022 06:53:01 GMT
etag: "6316ee4d-43ac"
expires: Tue, 13 Sep 2022 06:53:03 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 60
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84bea91bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/04c/3a0/03c/xbig_lq/4f40e6.webp
195.85.23.226200 OK 24 kB URL HTTP/2 i.bcicdn.com/live/04c/3a0/03c/xbig_lq/4f40e6.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9abd2fad5c72fc4502f3e5c09e3c6db2
08b8551b1c5c7b070faf24a78a024e7bdf61f5a0
d5ca28696ceef65e6605d4af8cf3d4db07fb8c2791e17976fa334c77aa547640
GET /live/04c/3a0/03c/xbig_lq/4f40e6.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/webp
content-length: 24470
last-modified: Tue, 06 Sep 2022 06:51:27 GMT
etag: "6316edef-5f96"
expires: Tue, 13 Sep 2022 06:51:27 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 155
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84bead1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/090/296/3ba/xbig_lq/c86f15.webp
195.85.23.226200 OK 14 kB URL HTTP/2 i.bcicdn.com/live/090/296/3ba/xbig_lq/c86f15.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5374ae6da62fec7015f75b0e400be5c3
ba1dac149590c585e5a1541ec81ddda7f9905b6d
cc287b60e655952718d691172cd2e0407d2596fbe63fc7dc4493d446f5c3b41b
GET /live/090/296/3ba/xbig_lq/c86f15.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/webp
content-length: 14398
last-modified: Tue, 06 Sep 2022 06:53:04 GMT
etag: "6316ee50-383e"
expires: Tue, 13 Sep 2022 06:53:04 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 51
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84beae1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/090/1a4/23d/xbig_lq/9f296a.webp
195.85.23.226200 OK 16 kB URL HTTP/2 i.bcicdn.com/live/090/1a4/23d/xbig_lq/9f296a.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a54a8a580ba0bf5df6f12fd8b27b27dc
0896a97eae7f4516f83c16f2d982d744361070c3
8fe3e2132a748145eb1fe28412d5b0d116857abd7e71f9f5032f8978dcacf48b
GET /live/090/1a4/23d/xbig_lq/9f296a.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/webp
content-length: 16260
last-modified: Tue, 06 Sep 2022 06:51:40 GMT
etag: "6316edfc-3f84"
expires: Tue, 13 Sep 2022 06:51:41 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 141
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84ceb11bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/06e/12f/26b/xbig_lq/cd1d67.webp
195.85.23.226200 OK 7.7 kB URL HTTP/2 i.bcicdn.com/live/06e/12f/26b/xbig_lq/cd1d67.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bcf3cb420103b26d32fbd8f012bb6108
57cb91135b94dbf7c62cec1c830f36e18639eabb
be975531d69f476b4aeb77802a3e62ec82920b820aaaed4055f4fc45f64abefe
GET /live/06e/12f/26b/xbig_lq/cd1d67.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/webp
content-length: 7724
last-modified: Tue, 06 Sep 2022 06:50:12 GMT
etag: "6316eda4-1e2c"
expires: Tue, 13 Sep 2022 06:50:12 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 207
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84ceb51bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/078/290/2b6/xbig_lq/41a09c.webp
195.85.23.226200 OK 18 kB URL HTTP/2 i.bcicdn.com/live/078/290/2b6/xbig_lq/41a09c.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b374445bbe6343095c0c74f673822de7
a3ba753e7f60e6917537403791fa6886f2303d5d
f7195bca2ab555fcc8dc259222f76bd232cd782648e154af2b74ab7395b99547
GET /live/078/290/2b6/xbig_lq/41a09c.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/webp
content-length: 17542
last-modified: Tue, 06 Sep 2022 06:50:30 GMT
etag: "6316edb6-4486"
expires: Tue, 13 Sep 2022 06:50:32 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 182
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84ceb41bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/097/34c/35f/xbig_lq/d9a4e4.webp
195.85.23.226200 OK 13 kB URL HTTP/2 i.bcicdn.com/live/097/34c/35f/xbig_lq/d9a4e4.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 27d3ffc9dceaed2b4b022807646f3563
d26df772e9f5b7d18de47bfdfa04a02e34e60798
5cac1492dc2dac2f6f21ce9f23e6a62128974fa861bdaad2ffc4acb3f77e5b61
GET /live/097/34c/35f/xbig_lq/d9a4e4.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/webp
content-length: 12668
last-modified: Tue, 06 Sep 2022 06:49:30 GMT
etag: "6316ed7a-317c"
expires: Tue, 13 Sep 2022 06:49:34 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 266
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84beab1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/promotions/traffic/2/1/182x600/no.jpg
195.85.23.226200 OK 51 kB URL HTTP/2 i.bcicdn.com/promotions/traffic/2/1/182x600/no.jpg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 182x600, components 3\012- data
Hash 37b255d5ee1fe34d42dbbd92fb2db099
0bb9d2cd02edb25070aca474b7bcf385d2f88f81
772ade780a1dc8fc6d1ad4e3b2ef26711a43a0ab22ca948ee8c0c3f71cc0fdef
GET /promotions/traffic/2/1/182x600/no.jpg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/jpeg
content-length: 50974
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "62442e16-c71e"
expires: Wed, 28 Sep 2022 04:00:30 GMT
last-modified: Wed, 30 Mar 2022 10:16:54 GMT
vary: Accept-Encoding
x-cache-0: 1
cf-cache-status: HIT
age: 701613
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84ceb61bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/099/37d/14d/xbig_lq/d156c0.webp
195.85.23.226200 OK 8.0 kB URL HTTP/2 i.bcicdn.com/live/099/37d/14d/xbig_lq/d156c0.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 967b18db6e658b4e1b15d556bf3aa64b
40efc6dc4703d5e48ee4e9f4fe2a2fa62bb9ee3e
f69f50bbf5db8b45cb09323ad4cf7d38a163fb57daf4d7d2c5687897750c5aba
GET /live/099/37d/14d/xbig_lq/d156c0.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/webp
content-length: 7986
last-modified: Tue, 06 Sep 2022 06:52:38 GMT
etag: "6316ee36-1f32"
expires: Tue, 13 Sep 2022 06:52:40 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: HIT
cf-cache-status: HIT
age: 82
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84beac1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/093/054/1c2/xbig_lq/a83d2a.webp
195.85.23.226200 OK 3.5 kB URL HTTP/2 i.bcicdn.com/live/093/054/1c2/xbig_lq/a83d2a.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5005580f8c0afeb89c43e9dc76445b8
d5c2682a36f2721f90bcb1a3516a22e4033a8f53
85e9982d3fdd7cc70e2cd3ba40c56d0c1b7864ae1184e6868e7ffd8aad610c5b
GET /live/093/054/1c2/xbig_lq/a83d2a.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/webp
content-length: 3512
last-modified: Tue, 06 Sep 2022 06:53:14 GMT
etag: "6316ee5a-db8"
expires: Tue, 13 Sep 2022 06:53:15 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 39
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84ceb31bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/00e/099/2e0/xbig_lq/ecedd6.webp
195.85.23.226200 OK 23 kB URL HTTP/2 i.bcicdn.com/live/00e/099/2e0/xbig_lq/ecedd6.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4f01a8ef5966a4f9b19837564bc931b1
17535648f5e3d35d4ffc955c44c7af91f0a2a126
5a85066ff5d303623a5ac0f382e2c8033d9e62b3efb157569b6cb833e3740caf
GET /live/00e/099/2e0/xbig_lq/ecedd6.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/webp
content-length: 23020
last-modified: Tue, 06 Sep 2022 06:53:40 GMT
etag: "6316ee74-59ec"
expires: Tue, 13 Sep 2022 06:53:42 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 16
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84ceb21bfa-OSL
X-Firefox-Spdy: h2
bam.nr-data.net/ins/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2131&ck=1&ref=https://chaturbate.com/embed/pizza_biceps/&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIPAA1QVghcBwdTVAIADxh2Yi0TFUMhJTshCU0XAwhVHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFkEIS0MAPQENAANJRhYTTRNODT0LCxASGw8bUglQTRQQAQUXAxdWVlxDHRsSCxcBPA9dFwMATRNKCBYGOwcJVFRQX0MLGwIKAhAWFFtUTVRPUlYMQE9GEQNIQFxCFW5RDhEXRllEWl1YRRRDWwAWBkoACVQXFRMDQ1YWEQYWPA9dFwMTVwMAUFNQV1tLDw1aV0wFDwIATlxbVwoYDgIHBQFQBFVUU1JcFxUTE1RfBBAGFkFcG11NRRFCA05NUlZSVwsGCgdPQVAZTwAADUhWR14eQx0bEwcSEQYVTWpUVBVZVgVAWUYkI20XFRMRSE0JDQ07FQNLRlBeDxMDQ1FNU0FKG0BYbgVUTwgBBjsFB1RcVUhDCxsuFgsBEUQVF0xQPlVcFwsAATwSQEVcE1sTXQQRCBAMFhsZG0QAblYSPQUFDg9VTBsLQ31QDxcbRk9ETFRmXhJuTwQQEA0MCBsPGxNNE0wAPQEWDBFKUEtuB1BUCA4aRllEf1xLVAdeQUNOQRECOVtHVkYSVEs%2BFAYWEA9WWxsLQwgPT1JBSEETWGpKRRNYVwZAWUYuCUNcVV0AHgxPUkNMO1cIDhl9CF9MGUIbXFU5DwECERNHA1hUTVRKRn5QWloOHgtRU1NUUlYIFX9YE1RfDhpMXVVICRcVEwZYTT4BDAkOD00XAxMEBQBSAVFXAVcPDAwTTRNJABACCRBEAxdCbUNbVggMPAsVA0tZWEg9EwNBPkFVP0QVFWUTFV5MEz5BXkM6G1FtXFFtG01CP0YAB1RFWFgGX2VDWEM4QRJYekpzPRMVQT5BAAoVWFdVVD5CVhQMBzhBXBlpGwA9ExVBPkEJDARQWVxjBFVQEwcAED9EAxVlEwBETQ4%2BQUhDOhtQVFMEVWYXCwcBDDlWW1VIPRMDQT5BVT9EFRVlExVQSwYHFzhBXBlpG24DXVgPCT9GHkQVF1xdCFZQAw4GOxAWVVxNbhVUShURQV5BRntZTEMtVlAPICREJxVaQ0tzUBF9EgEVFiFUGXFKUhdDe1JCJxcAEEt3DREzX2oRGzAMQ0QVF1xdCFZQAw4GOxAWVVxNbhVUShURPAoQRAMXGXMNREsTBwcoDAFQW3ZHBENVABtDNgYIWFhcYhFIagkNFBdDAlBGWl4XVEsYPRMFBAMZFxUTAFJNCBQGOxAWVVxNbhVUShURQV5BRntZTEMtVlAPICREJxVaQ0tzUhFrDzETHTAOGRcVEwBSTQgUBjsQFlVcTW4VVEoVETwKEEQDFxlzDURLEwcHKAwBUFt2RwRDVQAbQzYGCFhYXGIRSGoJDRQXQwJQRlpeF1RLGD0TBQQDGRcVEwJQVD4WAgNBXBtFTFMNWFpDTkEHDApWR2ZcDlVcQ1hBCAoBUUFUXgVUG01AEQsMC2ZGTVAVREpDWEEIChBcF0RM
162.247.241.14204 No Content 0 B URL HTTP/1.1 bam.nr-data.net/ins/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2131&ck=1&ref=https://chaturbate.com/embed/pizza_biceps/&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIPAA1QVghcBwdTVAIADxh2Yi0TFUMhJTshCU0XAwhVHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFkEIS0MAPQENAANJRhYTTRNODT0LCxASGw8bUglQTRQQAQUXAxdWVlxDHRsSCxcBPA9dFwMATRNKCBYGOwcJVFRQX0MLGwIKAhAWFFtUTVRPUlYMQE9GEQNIQFxCFW5RDhEXRllEWl1YRRRDWwAWBkoACVQXFRMDQ1YWEQYWPA9dFwMTVwMAUFNQV1tLDw1aV0wFDwIATlxbVwoYDgIHBQFQBFVUU1JcFxUTE1RfBBAGFkFcG11NRRFCA05NUlZSVwsGCgdPQVAZTwAADUhWR14eQx0bEwcSEQYVTWpUVBVZVgVAWUYkI20XFRMRSE0JDQ07FQNLRlBeDxMDQ1FNU0FKG0BYbgVUTwgBBjsFB1RcVUhDCxsuFgsBEUQVF0xQPlVcFwsAATwSQEVcE1sTXQQRCBAMFhsZG0QAblYSPQUFDg9VTBsLQ31QDxcbRk9ETFRmXhJuTwQQEA0MCBsPGxNNE0wAPQEWDBFKUEtuB1BUCA4aRllEf1xLVAdeQUNOQRECOVtHVkYSVEs%2BFAYWEA9WWxsLQwgPT1JBSEETWGpKRRNYVwZAWUYuCUNcVV0AHgxPUkNMO1cIDhl9CF9MGUIbXFU5DwECERNHA1hUTVRKRn5QWloOHgtRU1NUUlYIFX9YE1RfDhpMXVVICRcVEwZYTT4BDAkOD00XAxMEBQBSAVFXAVcPDAwTTRNJABACCRBEAxdCbUNbVggMPAsVA0tZWEg9EwNBPkFVP0QVFWUTFV5MEz5BXkM6G1FtXFFtG01CP0YAB1RFWFgGX2VDWEM4QRJYekpzPRMVQT5BAAoVWFdVVD5CVhQMBzhBXBlpGwA9ExVBPkEJDARQWVxjBFVQEwcAED9EAxVlEwBETQ4%2BQUhDOhtQVFMEVWYXCwcBDDlWW1VIPRMDQT5BVT9EFRVlExVQSwYHFzhBXBlpG24DXVgPCT9GHkQVF1xdCFZQAw4GOxAWVVxNbhVUShURQV5BRntZTEMtVlAPICREJxVaQ0tzUBF9EgEVFiFUGXFKUhdDe1JCJxcAEEt3DREzX2oRGzAMQ0QVF1xdCFZQAw4GOxAWVVxNbhVUShURPAoQRAMXGXMNREsTBwcoDAFQW3ZHBENVABtDNgYIWFhcYhFIagkNFBdDAlBGWl4XVEsYPRMFBAMZFxUTAFJNCBQGOxAWVVxNbhVUShURQV5BRntZTEMtVlAPICREJxVaQ0tzUhFrDzETHTAOGRcVEwBSTQgUBjsQFlVcTW4VVEoVETwKEEQDFxlzDURLEwcHKAwBUFt2RwRDVQAbQzYGCFhYXGIRSGoJDRQXQwJQRlpeF1RLGD0TBQQDGRcVEwJQVD4WAgNBXBtFTFMNWFpDTkEHDApWR2ZcDlVcQ1hBCAoBUUFUXgVUG01AEQsMC2ZGTVAVREpDWEEIChBcF0RM
IP 162.247.241.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ins/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=2131&ck=1&ref=https://chaturbate.com/embed/pizza_biceps/&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIPAA1QVghcBwdTVAIADxh2Yi0TFUMhJTshCU0XAwhVHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFkEIS0MAPQENAANJRhYTTRNODT0LCxASGw8bUglQTRQQAQUXAxdWVlxDHRsSCxcBPA9dFwMATRNKCBYGOwcJVFRQX0MLGwIKAhAWFFtUTVRPUlYMQE9GEQNIQFxCFW5RDhEXRllEWl1YRRRDWwAWBkoACVQXFRMDQ1YWEQYWPA9dFwMTVwMAUFNQV1tLDw1aV0wFDwIATlxbVwoYDgIHBQFQBFVUU1JcFxUTE1RfBBAGFkFcG11NRRFCA05NUlZSVwsGCgdPQVAZTwAADUhWR14eQx0bEwcSEQYVTWpUVBVZVgVAWUYkI20XFRMRSE0JDQ07FQNLRlBeDxMDQ1FNU0FKG0BYbgVUTwgBBjsFB1RcVUhDCxsuFgsBEUQVF0xQPlVcFwsAATwSQEVcE1sTXQQRCBAMFhsZG0QAblYSPQUFDg9VTBsLQ31QDxcbRk9ETFRmXhJuTwQQEA0MCBsPGxNNE0wAPQEWDBFKUEtuB1BUCA4aRllEf1xLVAdeQUNOQRECOVtHVkYSVEs%2BFAYWEA9WWxsLQwgPT1JBSEETWGpKRRNYVwZAWUYuCUNcVV0AHgxPUkNMO1cIDhl9CF9MGUIbXFU5DwECERNHA1hUTVRKRn5QWloOHgtRU1NUUlYIFX9YE1RfDhpMXVVICRcVEwZYTT4BDAkOD00XAxMEBQBSAVFXAVcPDAwTTRNJABACCRBEAxdCbUNbVggMPAsVA0tZWEg9EwNBPkFVP0QVFWUTFV5MEz5BXkM6G1FtXFFtG01CP0YAB1RFWFgGX2VDWEM4QRJYekpzPRMVQT5BAAoVWFdVVD5CVhQMBzhBXBlpGwA9ExVBPkEJDARQWVxjBFVQEwcAED9EAxVlEwBETQ4%2BQUhDOhtQVFMEVWYXCwcBDDlWW1VIPRMDQT5BVT9EFRVlExVQSwYHFzhBXBlpG24DXVgPCT9GHkQVF1xdCFZQAw4GOxAWVVxNbhVUShURQV5BRntZTEMtVlAPICREJxVaQ0tzUBF9EgEVFiFUGXFKUhdDe1JCJxcAEEt3DREzX2oRGzAMQ0QVF1xdCFZQAw4GOxAWVVxNbhVUShURPAoQRAMXGXMNREsTBwcoDAFQW3ZHBENVABtDNgYIWFhcYhFIagkNFBdDAlBGWl4XVEsYPRMFBAMZFxUTAFJNCBQGOxAWVVxNbhVUShURQV5BRntZTEMtVlAPICREJxVaQ0tzUhFrDzETHTAOGRcVEwBSTQgUBjsQFlVcTW4VVEoVETwKEEQDFxlzDURLEwcHKAwBUFt2RwRDVQAbQzYGCFhYXGIRSGoJDRQXQwJQRlpeF1RLGD0TBQQDGRcVEwJQVD4WAgNBXBtFTFMNWFpDTkEHDApWR2ZcDlVcQ1hBCAoBUUFUXgVUG01AEQsMC2ZGTVAVREpDWEEIChBcF0RM HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1913
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 06 Sep 2022 06:54:03 GMT
Connection: keep-alive
CF-Ray: 74654a848c2cb505-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
chatw-12.stream.highwebmedia.com/ws/938/oefhadu2/websocket
104.19.242.83101 Switching Protocols 396 B URL HTTP/1.1 chatw-12.stream.highwebmedia.com/ws/938/oefhadu2/websocket
IP 104.19.242.83:0
Hash d8974168fcb0297823f3b6f0389c443c
9581527e671be8f1548d91f7e461aac4df4eb05b
f876cc9473923eb476e97a4aa2cc63b59f3e2ae81d4e6adb8a286216b99ce5e2
GET /ws/938/oefhadu2/websocket HTTP/1.1
Host: chatw-12.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://chaturbate.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eiIefiDZThN8phnMvr8FSA==
Connection: keep-alive, Upgrade
Cookie: _cfuvid=xaENJt1re.21jJFRKI9Pv843VZ_mM83cPkfzEPK0DD4-1662447241621-0-604800000
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 06 Sep 2022 06:54:03 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oDzy5AzUk+Ay8gXRrqt8+t9BLds=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Eog1cEapv1oI9A5n5VhYbzo%2FtsvEjrIiCdJb7Q2vGI36FZCW7TUukYS1TQmcbXgg6P9ssUqU5diRT41FPCVmMpn6xOfn1yo3T1wjzs79pkzfag6PHV3y0l%2FneVXUH0IW32%2B8bDiRdMlnTUNCxT6nEDP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74654a820c5bb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.2760443089400144
131.153.88.93200 OK 57 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.2760443089400144
IP 131.153.88.93:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash b9a840a8af8ba21045d577d6c4fd745b
17ab44ab9ec6782838029790fb6a569447e66cc1
0300b78a61c0fc87ff61e0204083311da63af7d4e1fe1deed470453b8b7c4e76
GET /stream?room=pizza_biceps&f=0.2760443089400144 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=xaENJt1re.21jJFRKI9Pv843VZ_mM83cPkfzEPK0DD4-1662447241621-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/jpeg
content-length: 56961
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/bb77.js
195.85.23.226200 OK 10 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/bb77.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with no line terminators
Hash 7ff4e1cbe7fa0b1348d2420334c7ab53
49ea7686042314062740b19c4effbd4429beeda3
a5295c3af9207829e971bab8493a379babef35a42574318c3de7dca2c2ae6f15
GET /js-min/1rFlm/bb77.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-9a"
expires: Wed, 05 Oct 2022 08:12:59 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81604
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a870ac01bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/4c684.js
195.85.23.226200 OK 37 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/4c684.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (23900), with no line terminators
Hash 5d247aa09e38c06291da68cbc696c9ad
1263d9821abbe73e75ea2b975d37f9889e269288
667c0439485b347afa7d32618b2e62c781e074ee83a5d5c72577dfb22fbb960e
GET /js-min/1rFlm/4c684.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-5d5c"
expires: Wed, 05 Oct 2022 08:13:58 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a871ad91bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/2dc8.js
195.85.23.226200 OK 8.5 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/2dc8.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (6094), with no line terminators
Hash abc98f16bceb83897aaf4240d05bc5cc
dab3bd700351cfa67b870bf6771c520137a6a97e
5715e0179fa1cb38a774f2cb69d4d76e93dc7f54497274ef574d3d54c171ee4c
GET /js-min/1rFlm/2dc8.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-17ce"
expires: Wed, 05 Oct 2022 08:13:00 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81604
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a870ac51bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/c1ces.js
195.85.23.226200 OK 15 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/c1ces.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (438), with no line terminators
Hash 54629732097ceeb8c4d36dc494265fc7
db7df058671d16ecbce9b0fbe655bc5aeaf0da1f
67f34b33b72b2c7e983c80b779488ebb56237efc37844ee44b8aa5f8b3a9407c
GET /js-min/1rFlm/c1ces.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-1b6"
expires: Wed, 05 Oct 2022 08:13:58 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a875b681bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/3316.js
195.85.23.226200 OK 65 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/3316.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (12345), with no line terminators
Hash 66f7c9a9d6785ecd1f97192dff19be1a
0949fa607015d7749e7e61465471971c40ca936b
9a5fb2bb6fe1920bbc190ef5026d49c8a6aed3e9633feb1464f78172e532812f
GET /js-min/1rFlm/3316.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-3039"
expires: Wed, 05 Oct 2022 08:13:58 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81604
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a86fabc1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/64855.js
195.85.23.226200 OK 18 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/64855.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (9694), with no line terminators
Hash 2ed41239e6ea0dd209809314c73ab51e
28a2b1e0081dcd5d5df6517dfbf90114ec023042
3f67429af8328d6ff9dff9d10dfcaeb427ca2a1071a0a8ae3697caacb4af1e69
GET /js-min/1rFlm/64855.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-25de"
expires: Wed, 05 Oct 2022 08:13:00 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81604
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a870ac71bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/b9dbi.js
195.85.23.226200 OK 1.3 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/b9dbi.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (2080), with no line terminators
Hash d79b05d89029cc2b268c5c22a80113ac
a838468285ae02c12438bfcd61fc38cd47555868
1c56b4060fa90f4cd77e1fd44deb4410d9994549a220b94bed442f01ad3ff8ef
GET /js-min/1rFlm/b9dbi.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-820"
expires: Wed, 05 Oct 2022 08:13:01 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a876b831bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/03687.js
195.85.23.226200 OK 18 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/03687.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (2056), with no line terminators
Hash 913cf21a7503af934b9a17e7e0b59205
de0c5fadc1b1881f5ab5e9881302fbf105456614
73ccc01b2c77cd010c2c7a3d1896a89718a233e47b11c099425124f346636811
GET /js-min/1rFlm/03687.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-808"
expires: Wed, 05 Oct 2022 08:13:01 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a871ad61bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/1209f.js
195.85.23.226200 OK 26 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/1209f.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (881), with no line terminators
Hash cafc26911da4344a05e07d0797a2aed9
bb1ae8262b3d72757ec79db47fd5ad2a970d67f7
072cf5089e30e658bdb9f2a77bfaed1b706fd9812d1a4aaf7a615ae6955bd3c4
GET /js-min/1rFlm/1209f.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-371"
expires: Wed, 05 Oct 2022 08:13:00 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a874b3f1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/fc3el.js
195.85.23.226200 OK 18 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/fc3el.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type JSON data\012- , ASCII text, with very long lines (2914), with no line terminators
Hash d8ef7e39646bf4cc1232cd9484e50f61
d0d98a5d6ad5c9db3c002d24ee047532fe3cd992
fa767fb4fcf3467cb5eb4edbe212e99bf642e839cfb51a93a7cc10af5d29a79a
GET /js-min/1rFlm/fc3el.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-701"
expires: Wed, 05 Oct 2022 08:13:02 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a876b801bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=6482511581111235
143.204.55.44204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=6482511581111235
IP 143.204.55.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /keys/KSKw2g.L36ISg/requestToken?rnd=6482511581111235 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: ably-agent,content-type,x-ably-version
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Content-Length,Accept,Authorization,X-Ably-Version,X-Ably-Lib,X-Ably-ClientId,Ably-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://chaturbate.com
access-control-max-age: 3600
date: Tue, 06 Sep 2022 06:54:03 GMT
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SsHmzs_ZuIszPrRGnxHv5MjvY6CuMnEWWB1uIMG-0sJ37O9hoEIjVw==
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/b7de8.js
195.85.23.226200 OK 20 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/b7de8.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (10878), with no line terminators
Hash a027ebd0bd9ffebfbf33d6ffcfb03af8
45031393fd58472e7e7991f9a1f74aa5b5050296
d846ff3e2ed2dc565660d7938f883f8613214cdbcaa3b06eb481156eee4b0abe
GET /js-min/1rFlm/b7de8.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-2a7e"
expires: Wed, 05 Oct 2022 08:14:01 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81602
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8a3e9b1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/f16ba.js
195.85.23.226200 OK 10 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/f16ba.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (5517), with no line terminators
Hash 2ded4c3130e1a09316d5c5e2cbee5ea8
07bd8c2300b8ff4b812f642e43b86593fea936e2
94790fa0ae1f79d7bd5d768955c1e6e350a0ae1a9c4403f9688c486547d2a9c7
GET /js-min/1rFlm/f16ba.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-158d"
expires: Wed, 05 Oct 2022 08:12:59 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a877b931bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/0065o.js
195.85.23.226200 OK 14 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/0065o.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (6113), with no line terminators
Hash f0624ea6cade9b864a82b2c91789bf2f
d51c44caf7f92f3b7c878a9e0c9f8774e6aabd8c
164dccad1e084822e73f5f942ae77afc9a344e7bebd642b8e4377dac6f53ad31
GET /js-min/1rFlm/0065o.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-17e1"
expires: Wed, 05 Oct 2022 08:12:53 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8a5eb31bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/live/091/2ae/2c4/xbig_lq/3a1487.webp
195.85.23.226200 OK 11 kB URL HTTP/2 i.bcicdn.com/live/091/2ae/2c4/xbig_lq/3a1487.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fe985a9b599b6f365be871fdb97f0624
ddcf563fe424edec854d0f96b04e744f672fc9db
8fbdf81b9c3959fdf078f27b8c7f7acee3da20958f9906f14edf634d4991eaf0
GET /live/091/2ae/2c4/xbig_lq/3a1487.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:04 GMT
content-type: image/webp
content-length: 11120
last-modified: Tue, 06 Sep 2022 06:49:25 GMT
etag: "6316ed75-2b70"
expires: Tue, 13 Sep 2022 06:49:34 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 270
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8b1f8e1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/339/0da/xbig_lq/a08457.webp
195.85.23.226200 OK 5.5 kB URL HTTP/2 i.bcicdn.com/live/09a/339/0da/xbig_lq/a08457.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cef8f3fa952a469736ede24944c1046e
65e9b7dfe921a79db47b0b54ce5e82809bf29e54
e76caf2e2ed8d0f4df7680973c347c4b7e81923091a17cb9bba58b7f38397deb
GET /live/09a/339/0da/xbig_lq/a08457.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:04 GMT
content-type: image/webp
content-length: 5528
last-modified: Tue, 06 Sep 2022 06:50:09 GMT
etag: "6316eda1-1598"
expires: Tue, 13 Sep 2022 06:50:10 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 232
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8b2f961bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/images/svg/bc/model_of_hour/female_2.svg
195.85.23.226200 OK 14 kB URL HTTP/2 i.bcicdn.com/images/svg/bc/model_of_hour/female_2.svg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (14148), with no line terminators
Hash 85744fe61da3ecceca99d10e8551ca60
02d9330b443bac75000a3657a047df3abf9897a2
773cfb19cb05f1ebf59e4882dde91c77d57f85f96f1ac261bad7e5b3391f1dfa
GET /images/svg/bc/model_of_hour/female_2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Dec 2019 03:04:32 GMT
etag: W/"5e096940-3744"
expires: Fri, 23 Sep 2022 00:49:21 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 666482
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e1d1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
no.bongacams.com/images/sprite/bc/listing.svg
195.85.23.95200 OK 21 kB URL HTTP/2 no.bongacams.com/images/sprite/bc/listing.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (31758), with no line terminators
Hash 72d7eed1be8897e3c216224dfefe5c4d
2ef8b864ba8b695cdfd9bf128fefd713a1aed9e4
7592effd306573dd573276e1bf8f09a07b8f11c751de85c19d2136efe0816a9a
GET /images/sprite/bc/listing.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=b3duZmI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=UY8q49cWuQaYW_P3H4AXct9dh7gOeqZ3UV7oFT3YVMw-1662447241-0-Aaoxr9T4nusNr+orwgX/ir0a2wvHt3G19rizopmFrGqBcev3jNSscSQ4l1xMedTzPzhmenrUujbJpOOI33oHyRg=; bonga20120608=cf0eb726d4e0318a9c062984d9bfab1c; BONGAH_HIT=b821eef9e4cb820b7653e83d3bbe9d52%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-09-06%2009%3A54%3A02; sg=271; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Oct 2020 03:17:08 GMT
etag: W/"5f963fb4-7c0e"
expires: Thu, 06 Oct 2022 06:54:03 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1065213
vary: Accept-Encoding
server: cloudflare
cf-ray: 74654a8788600afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
no.bongacams.com/images/sprite/bc/layout3.svg
195.85.23.95200 OK 8.6 kB URL HTTP/2 no.bongacams.com/images/sprite/bc/layout3.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4519), with no line terminators
Hash 81e5d9d7d5b867b99505c1a24cf9016b
a584b65c9f8af01375abe7f8a0630e2fcba55473
cf47b4f053cac9bc013ed49f417d988e1157a0c501515cab5304a10549889347
GET /images/sprite/bc/layout3.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=b3duZmI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=UY8q49cWuQaYW_P3H4AXct9dh7gOeqZ3UV7oFT3YVMw-1662447241-0-Aaoxr9T4nusNr+orwgX/ir0a2wvHt3G19rizopmFrGqBcev3jNSscSQ4l1xMedTzPzhmenrUujbJpOOI33oHyRg=; bonga20120608=cf0eb726d4e0318a9c062984d9bfab1c; BONGAH_HIT=b821eef9e4cb820b7653e83d3bbe9d52%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-09-06%2009%3A54%3A02; sg=271; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/svg+xml
last-modified: Fri, 10 Sep 2021 08:12:27 GMT
etag: W/"613b136b-11a7"
expires: Thu, 06 Oct 2022 06:54:03 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1065235
vary: Accept-Encoding
server: cloudflare
cf-ray: 74654a87885b0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/334/20b/xbig_lq/be9f08.webp
195.85.23.226200 OK 10 kB URL HTTP/2 i.bcicdn.com/live/09a/334/20b/xbig_lq/be9f08.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b99029025fc09af5f4b868e81a6781a3
c73754337dd41e7084a8822556e06b2958c06ad9
096a9ff13c2514db06a4383998078cdcfcb11cf79e003922155ffe2709fc64f4
GET /live/09a/334/20b/xbig_lq/be9f08.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:04 GMT
content-type: image/webp
content-length: 10218
last-modified: Tue, 06 Sep 2022 06:51:21 GMT
etag: "6316ede9-27ea"
expires: Tue, 13 Sep 2022 06:51:30 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 150
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8b2fa41bfa-OSL
X-Firefox-Spdy: h2
no.bongacams.com/images/sprite/bc/icon10.svg
195.85.23.95200 OK 24 kB URL HTTP/2 no.bongacams.com/images/sprite/bc/icon10.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (25427), with no line terminators
Hash 71a196e3959dd07c714442ffa4c8d811
b9f94f4c762d31c5672b795a7e3f0505b3c669b4
e95e56be8510c95f753e5c784d5f95d6c50cc63c1eb914f3167b7f396dd0e525
GET /images/sprite/bc/icon10.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=b3duZmI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=UY8q49cWuQaYW_P3H4AXct9dh7gOeqZ3UV7oFT3YVMw-1662447241-0-Aaoxr9T4nusNr+orwgX/ir0a2wvHt3G19rizopmFrGqBcev3jNSscSQ4l1xMedTzPzhmenrUujbJpOOI33oHyRg=; bonga20120608=cf0eb726d4e0318a9c062984d9bfab1c; BONGAH_HIT=b821eef9e4cb820b7653e83d3bbe9d52%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-09-06%2009%3A54%3A02; sg=271; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Mar 2022 09:42:28 GMT
etag: W/"62305f84-6353"
expires: Thu, 06 Oct 2022 06:54:03 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2149151
vary: Accept-Encoding
server: cloudflare
cf-ray: 74654a8778540afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/095b3.js
195.85.23.226200 OK 19 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/095b3.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (713), with no line terminators
Hash e1d83d4d9dd5a5a3976b3343233eec97
de6bbac3d8fc0127b5ef5aa827241fbc7d149c45
8e0d8d868c6be58975a14f4ba63ad0a42b08e0e54cb033bd042f4824c8bee3fc
GET /js-min/1rFlm/095b3.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-2c9"
expires: Wed, 05 Oct 2022 08:12:54 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a877b9e1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
no.bongacams.com/images/sprite/bc/chat9.svg
195.85.23.95200 OK 21 kB URL HTTP/2 no.bongacams.com/images/sprite/bc/chat9.svg
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (39496), with no line terminators
Hash 8aece0c45527272a38e2b068b534beb7
4e5e7b6cfee6d16d5d3bc2e2d55aff0abcdc1e5f
d5932c4d6593c88f63fd9fa7e532f24f40d03b1e9b1d922fd5e337f8d2b304df
GET /images/sprite/bc/chat9.svg HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams.com/popular-chat?bcs=b3duZmI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
Connection: keep-alive
Cookie: __cf_bm=UY8q49cWuQaYW_P3H4AXct9dh7gOeqZ3UV7oFT3YVMw-1662447241-0-Aaoxr9T4nusNr+orwgX/ir0a2wvHt3G19rizopmFrGqBcev3jNSscSQ4l1xMedTzPzhmenrUujbJpOOI33oHyRg=; bonga20120608=cf0eb726d4e0318a9c062984d9bfab1c; BONGAH_HIT=b821eef9e4cb820b7653e83d3bbe9d52%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-09-06%2009%3A54%3A02; sg=271; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/svg+xml
last-modified: Wed, 04 May 2022 07:04:22 GMT
etag: W/"62722576-9a48"
expires: Thu, 06 Oct 2022 06:54:03 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 120717
vary: Accept-Encoding
server: cloudflare
cf-ray: 74654a8778560afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=6482511581111235
143.204.55.44201 Created 1.0 kB URL HTTP/2 realtime.pa.highwebmedia.com/keys/KSKw2g.L36ISg/requestToken?rnd=6482511581111235
IP 143.204.55.44:0
File type JSON data\012- , ASCII text, with very long lines (804)
Hash c93ae4cbc60a1ebcbdfb3ee98e9bf24d
aae4427b3c4c06122dd065410ce26f88d2cee432
f0485754313180eebd1e2cfd78f4ba38bdd7ab7dd1ccc402b6987b4b36902aa6
POST /keys/KSKw2g.L36ISg/requestToken?rnd=6482511581111235 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: application/json
X-Ably-Version: 1.2
Ably-Agent: ably-js/1.2.13 browser
Content-Length: 1039
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
content-length: 1036
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 06 Sep 2022 06:54:04 GMT
vary: Origin
x-ably-serverid: frontend.2881.4.eu-central-1-A.i-0f733e97c7216892a.e91v2r5NwBFXpj
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -b240OlIrZgbP2v6koHjD74ahDQWThr-_ssyz3eO8dNIm9reIB_TdA==
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/0fa/0c2/xbig_lq/9d4481.webp
195.85.23.226200 OK 5.2 kB URL HTTP/2 i.bcicdn.com/live/09b/0fa/0c2/xbig_lq/9d4481.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1692ca197d2bdc660df2d1cd5e75fe12
43407151a5306a63a444a4b6438c8d032008e806
47b12a4b74815b73010f155dcd973d0cb9ff9e4c6bb1a096773415f68b534db7
GET /live/09b/0fa/0c2/xbig_lq/9d4481.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:04 GMT
content-type: image/webp
content-length: 5212
last-modified: Tue, 06 Sep 2022 06:51:31 GMT
etag: "6316edf3-145c"
expires: Tue, 13 Sep 2022 06:51:36 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 142
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8b4fbf1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/120/206/xbig_lq/ea0a52.webp
195.85.23.226200 OK 20 kB URL HTTP/2 i.bcicdn.com/live/09b/120/206/xbig_lq/ea0a52.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2c5e0797f99f8e6852ed56ff78ced821
54b1666dea445a5ebef7a40ac9f142cb37cdb698
1684a0b0b1f92c5e600771227c416458883b2b9ed2a552c9966b419b451b17c1
GET /live/09b/120/206/xbig_lq/ea0a52.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:04 GMT
content-type: image/webp
content-length: 20162
last-modified: Tue, 06 Sep 2022 06:53:15 GMT
etag: "6316ee5b-4ec2"
expires: Tue, 13 Sep 2022 06:53:16 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 48
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8b5fce1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/images/svg/bc/model_of_hour/female_1.svg
195.85.23.226200 OK 20 kB URL HTTP/2 i.bcicdn.com/images/svg/bc/model_of_hour/female_1.svg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (12779), with no line terminators
Hash b49c08382449c30c341b525eeabb6933
3230c97510a54a310dcb727a9b3ae7bf2994ba38
fb68dca18103c834161944b5483e6ad3d140b97cfb99746c205dc3eb06cb7546
GET /images/svg/bc/model_of_hour/female_1.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Dec 2019 03:04:32 GMT
etag: W/"5e096940-31eb"
expires: Mon, 26 Sep 2022 10:06:22 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 666450
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e1c1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/live/09a/3b4/17a/xbig_lq/9f4e03.webp
195.85.23.226200 OK 34 kB URL HTTP/2 i.bcicdn.com/live/09a/3b4/17a/xbig_lq/9f4e03.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 350bdf9f0e2722a7928a9761f3f6bf25
36071d87a3f3dde2d638c47211ce5672a5c6eb44
0579244f1d1015638c71dd1a47cb0942fa3dd504a6acd9afc341f8acc98388ad
GET /live/09a/3b4/17a/xbig_lq/9f4e03.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:04 GMT
content-type: image/webp
content-length: 34518
last-modified: Tue, 06 Sep 2022 06:48:44 GMT
etag: "6316ed4c-86d6"
expires: Tue, 13 Sep 2022 06:48:50 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: HIT
cf-cache-status: HIT
age: 305
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8b5fcf1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/live/09b/0f1/0c8/xbig_lq/640068.webp
195.85.23.226200 OK 8.9 kB URL HTTP/2 i.bcicdn.com/live/09b/0f1/0c8/xbig_lq/640068.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 91354e9fabb40a16dad32aae652fb19d
9df08620b0ab7bb85aa55ea96bf0cc77605e5315
d1d7c2f1a25de856c2ef3d090ebdafe754fe535dcdaadb3ed148758939ce8006
GET /live/09b/0f1/0c8/xbig_lq/640068.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:04 GMT
content-type: image/webp
content-length: 8870
last-modified: Tue, 06 Sep 2022 06:52:11 GMT
etag: "6316ee1b-22a6"
expires: Tue, 13 Sep 2022 06:52:11 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 2
x-circle-r: MISS
cf-cache-status: HIT
age: 103
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8b6fda1bfa-OSL
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/d258l.js
195.85.23.226200 OK 31 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/d258l.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (13063), with no line terminators
Hash 7333de891f7a306cbc110f22590b0f7e
1918e287d7e70ae9a55f27f03d16f1b18df2b99a
10b5d59fcec0f7ee2f02523d160e482c696d5f69262a91b069ee409840e201c7
GET /js-min/1rFlm/d258l.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:04 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-3307"
expires: Wed, 05 Oct 2022 08:12:59 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81601
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8d09841bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/f74bn.js
195.85.23.226200 OK 68 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/f74bn.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (8934), with no line terminators
Hash 15875186e9d0ec95b2ead9f01c1ba989
fb32440166b56b74ff38cfdd55a7f8f2d0e8771c
0eca02d465a42eb888fd6708eb261d28d5434703ff7f1d22cec0383ec692caa9
GET /js-min/1rFlm/f74bn.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:04 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-22e6"
expires: Wed, 05 Oct 2022 08:12:59 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81592
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8d19991bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
certify.alexametrics.com/atrk.gif?frame_height=250&frame_width=900&iframe=1&title=Mest%20popul%C3%A6re%20live%20sexchatter%20med%20gratis%20cam%20p%C3%A5%20BongaCams&time=1662447239071&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=0&ref_url=https%3A%2F%2Fpoweredby.jads.co%2F&host_url=https%3A%2F%2Fno.bongacams.com%2Fpopular-chat%3Fbcs%3Db3duZmI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~%26amute%3D1&random_number=3355512140&sess_cookie=eae9be231831193bf9ee5ae9f55&sess_cookie_flag=1&user_cookie=eae9be231831193bf9ee5ae9f55&user_cookie_flag=1&dynamic=true&domain=bongacams.com&account=X2xYi1a8Dy00aY&jsv=20130128&user_lang=en-US
54.230.111.66200 OK 43 B URL HTTP/1.1 certify.alexametrics.com/atrk.gif?frame_height=250&frame_width=900&iframe=1&title=Mest%20popul%C3%A6re%20live%20sexchatter%20med%20gratis%20cam%20p%C3%A5%20BongaCams&time=1662447239071&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=0&ref_url=https%3A%2F%2Fpoweredby.jads.co%2F&host_url=https%3A%2F%2Fno.bongacams.com%2Fpopular-chat%3Fbcs%3Db3duZmI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~%26amute%3D1&random_number=3355512140&sess_cookie=eae9be231831193bf9ee5ae9f55&sess_cookie_flag=1&user_cookie=eae9be231831193bf9ee5ae9f55&user_cookie_flag=1&dynamic=true&domain=bongacams.com&account=X2xYi1a8Dy00aY&jsv=20130128&user_lang=en-US
IP 54.230.111.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /atrk.gif?frame_height=250&frame_width=900&iframe=1&title=Mest%20popul%C3%A6re%20live%20sexchatter%20med%20gratis%20cam%20p%C3%A5%20BongaCams&time=1662447239071&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=0&ref_url=https%3A%2F%2Fpoweredby.jads.co%2F&host_url=https%3A%2F%2Fno.bongacams.com%2Fpopular-chat%3Fbcs%3Db3duZmI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~%26amute%3D1&random_number=3355512140&sess_cookie=eae9be231831193bf9ee5ae9f55&sess_cookie_flag=1&user_cookie=eae9be231831193bf9ee5ae9f55&user_cookie_flag=1&dynamic=true&domain=bongacams.com&account=X2xYi1a8Dy00aY&jsv=20130128&user_lang=en-US HTTP/1.1
Host: certify.alexametrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
x-amz-meta-alexa-last-modified: 20110117123941
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 06 Sep 2022 03:28:58 GMT
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: heBfVYXNr2DG_zgJU6uJ8RYpVkC_TAhzCPbpFvs9yPGKDMmWUQUAAw==
Age: 12307
i.bcicdn.com/js-min/1rFlm/1ef5i.js
195.85.23.226200 OK 15 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/1ef5i.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (20146), with no line terminators
Hash 0d36466bac11a83a560b5d41c7df919f
10747cc8e2021fa5863375897f30b4ef4dbafc1f
e246f8bf3c2a1bccbff1d1a9e69f42cc49e084856a8950b481c564039883304c
GET /js-min/1rFlm/1ef5i.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:04 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-4eb2"
expires: Wed, 05 Oct 2022 08:13:00 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81605
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8d29af1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/connect?access_token=KSKw2g.AL36ISgOckKP1dg4k4ggY_0MemCBsWG5CemXh5EfpIfd94lH9c&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=823490888500894
143.204.55.44200 OK 572 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/connect?access_token=KSKw2g.AL36ISgOckKP1dg4k4ggY_0MemCBsWG5CemXh5EfpIfd94lH9c&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=823490888500894
IP 143.204.55.44:0
File type JSON data\012- , ASCII text
Hash 62771d45130ee343eec130bee807eca3
d772ba598f61b2745b6a60ec61039ec30cad9ab5
821e983a5a7da2d7e1560bb2d59b7f87002e88d2ee311c24c4e0f20fc9bf6967
GET /comet/connect?access_token=KSKw2g.AL36ISgOckKP1dg4k4ggY_0MemCBsWG5CemXh5EfpIfd94lH9c&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=823490888500894 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 572
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 06 Sep 2022 06:54:04 GMT
vary: Origin
x-ably-serverid: frontend.ae04.2.eu-central-1-A.i-066215763d098989a.e91Mro0wABFUcM
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PeEe0ZWMBCQfInisHer-I7MbeEHhe5UwLKXdfuddwVk8kLfO2Aqk1Q==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 450a99775a3610a3b4806c7210320cd6
9a31b824335587c7237241f059df17e5eb94726b
c5ae355b95fffa3d813c9cf76166bd80d5dac2b02e5ae24456d8a485029ec71d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=130132
Date: Tue, 06 Sep 2022 06:54:04 GMT
Etag: "631641be-1d7"
Expires: Wed, 07 Sep 2022 19:02:56 GMT
Last-Modified: Mon, 05 Sep 2022 18:36:46 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YhnpLjb4F9y-tjzbjnQ80r-4uq2VHCkevWRKt7hv0QZhzFqdmIpkxw==
Age: 1570
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f82eaf-49aa-4cfd-ab46-894119225c29.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f82eaf-49aa-4cfd-ab46-894119225c29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6287f68a964668d9dcd418f0f55cfa41
998cc906e470e1b8ec9b840ab5c3b93f1618a1e3
d1d6a242e8a5e3fa3166271473faa20fe2825f24f02a5e15c02180a066262b4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f82eaf-49aa-4cfd-ab46-894119225c29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13302
x-amzn-requestid: b3cc28ec-5792-4028-b62f-b24dd50a24af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-5FLgoAMFo9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-3ea9e3b364c0efe24b48e826;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: arLdjfE327MmTML3UwIQK2Y-ptUk35lzGyufht73gjkKYqbAxfUdEA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:46:42 GMT
etag: "998cc906e470e1b8ec9b840ab5c3b93f1618a1e3"
content-type: image/jpeg
age: 32842
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
54.68.88.222204 No Content 0 B URL HTTP/2 redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
IP 54.68.88.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x.png HTTP/1.1
Host: redirect.prod.experiment.routing.cloudfront.aws.a2z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 06:54:04 GMT
server: Server
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91Mro0wABFUcM!gJ9onuj36jNUoYEH-6820ee91Mro0wABFUcM/send?access_token=KSKw2g.AL36ISgOckKP1dg4k4ggY_0MemCBsWG5CemXh5EfpIfd94lH9c&rnd=4408172795287313
143.204.55.44204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91Mro0wABFUcM!gJ9onuj36jNUoYEH-6820ee91Mro0wABFUcM/send?access_token=KSKw2g.AL36ISgOckKP1dg4k4ggY_0MemCBsWG5CemXh5EfpIfd94lH9c&rnd=4408172795287313
IP 143.204.55.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /comet/e91Mro0wABFUcM!gJ9onuj36jNUoYEH-6820ee91Mro0wABFUcM/send?access_token=KSKw2g.AL36ISgOckKP1dg4k4ggY_0MemCBsWG5CemXh5EfpIfd94lH9c&rnd=4408172795287313 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Content-Length,Accept,Authorization,X-Ably-Version,X-Ably-Lib,X-Ably-ClientId,Ably-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://chaturbate.com
access-control-max-age: 3600
date: Tue, 06 Sep 2022 06:54:05 GMT
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KkMoQVtFqtSFWxgWX9KzYC5GhJmcZBGfQ3X3H0vp00Ia0W7upVGg1g==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91Mro0wABFUcM!gJ9onuj36jNUoYEH-6820ee91Mro0wABFUcM/close?access_token=KSKw2g.AL36ISgOckKP1dg4k4ggY_0MemCBsWG5CemXh5EfpIfd94lH9c&rnd=22007475085264805
143.204.55.44204 No Content 0 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91Mro0wABFUcM!gJ9onuj36jNUoYEH-6820ee91Mro0wABFUcM/close?access_token=KSKw2g.AL36ISgOckKP1dg4k4ggY_0MemCBsWG5CemXh5EfpIfd94lH9c&rnd=22007475085264805
IP 143.204.55.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comet/e91Mro0wABFUcM!gJ9onuj36jNUoYEH-6820ee91Mro0wABFUcM/close?access_token=KSKw2g.AL36ISgOckKP1dg4k4ggY_0MemCBsWG5CemXh5EfpIfd94lH9c&rnd=22007475085264805 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 06 Sep 2022 06:54:05 GMT
vary: Origin
x-ably-serverid: frontend.ae04.2.eu-central-1-A.i-066215763d098989a.e91Mro0wABFUcM
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: i0EofT8cJWJcUwmSojSSv8UvaVKENNp4vJcD7dtFdn5uflH2DFZDFQ==
X-Firefox-Spdy: h2
realtime.pa.highwebmedia.com/comet/e91Mro0wABFUcM!gJ9onuj36jNUoYEH-6820ee91Mro0wABFUcM/send?access_token=KSKw2g.AL36ISgOckKP1dg4k4ggY_0MemCBsWG5CemXh5EfpIfd94lH9c&rnd=4408172795287313
143.204.55.44410 Gone 315 B URL HTTP/2 realtime.pa.highwebmedia.com/comet/e91Mro0wABFUcM!gJ9onuj36jNUoYEH-6820ee91Mro0wABFUcM/send?access_token=KSKw2g.AL36ISgOckKP1dg4k4ggY_0MemCBsWG5CemXh5EfpIfd94lH9c&rnd=4408172795287313
IP 143.204.55.44:0
File type JSON data\012- , ASCII text
Hash f0ba50ae058baf52df68ea78314d8ea0
284048463a3055914cfbfca1d426a4a10ad42cbb
b3d655e00b075515c6ed5e677f38ad744b5bc972627ef14a5c4c4b3d29621719
POST /comet/e91Mro0wABFUcM!gJ9onuj36jNUoYEH-6820ee91Mro0wABFUcM/send?access_token=KSKw2g.AL36ISgOckKP1dg4k4ggY_0MemCBsWG5CemXh5EfpIfd94lH9c&rnd=4408172795287313 HTTP/1.1
Host: realtime.pa.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: application/json
Content-Length: 77
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 410 Gone
content-type: application/json
content-length: 315
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Tue, 06 Sep 2022 06:54:05 GMT
vary: Origin
x-ably-errorcode: 80022
x-ably-errormessage: Unable to find connection: gJ9onuj36jNUoYEH. (See https://help.ably.io/error/80022 for help.)
x-ably-serverid: frontend.ae04.2.eu-central-1-A.i-066215763d098989a.e91Mro0wABFUcM
x-robots-tag: noindex
x-cache: Error from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NbVSQ4YSmBuaXImBrAWQM5gwP5eXcs_uuOMRkbUxItJeyfnaKKbTkg==
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/c8a63.js
195.85.23.226200 OK 7.9 kB URL HTTP/2 i.bcicdn.com/js-min/1rFlm/c8a63.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
File type Unicode text, UTF-8 text, with very long lines (25508), with no line terminators
Hash 2f9ee7eedacc0c3707ca4c56ef7adbe9
f3ee055968af3d1d7e8a9060703903d9823e8a83
b7fdb67c6bfab1c61c8e71c858738f276028451d3049efa4a2539306b748c9d5
GET /js-min/1rFlm/c8a63.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:04 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-63a5"
expires: Wed, 05 Oct 2022 08:13:00 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81592
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8d39b81bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
certify.alexametrics.com/atrk.gif?frame_height=250&frame_width=900&iframe=1&title=Mest%20popul%C3%A6re%20live%20sexchatter%20med%20gratis%20cam%20p%C3%A5%20BongaCams&time=1662447240198&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=0&ref_url=https%3A%2F%2Fpoweredby.jads.co%2F&host_url=https%3A%2F%2Fno.bongacams.com%2Fpopular-chat%3Fbcs%3DZXN0a2I4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~%26amute%3D1&random_number=2474009805&sess_cookie=982202771831193c40438c8f176&sess_cookie_flag=1&user_cookie=982202771831193c40438c8f176&user_cookie_flag=1&dynamic=true&domain=bongacams.com&account=X2xYi1a8Dy00aY&jsv=20130128&user_lang=en-US
54.230.111.66200 OK 43 B URL HTTP/1.1 certify.alexametrics.com/atrk.gif?frame_height=250&frame_width=900&iframe=1&title=Mest%20popul%C3%A6re%20live%20sexchatter%20med%20gratis%20cam%20p%C3%A5%20BongaCams&time=1662447240198&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=0&ref_url=https%3A%2F%2Fpoweredby.jads.co%2F&host_url=https%3A%2F%2Fno.bongacams.com%2Fpopular-chat%3Fbcs%3DZXN0a2I4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~%26amute%3D1&random_number=2474009805&sess_cookie=982202771831193c40438c8f176&sess_cookie_flag=1&user_cookie=982202771831193c40438c8f176&user_cookie_flag=1&dynamic=true&domain=bongacams.com&account=X2xYi1a8Dy00aY&jsv=20130128&user_lang=en-US
IP 54.230.111.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /atrk.gif?frame_height=250&frame_width=900&iframe=1&title=Mest%20popul%C3%A6re%20live%20sexchatter%20med%20gratis%20cam%20p%C3%A5%20BongaCams&time=1662447240198&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=0&ref_url=https%3A%2F%2Fpoweredby.jads.co%2F&host_url=https%3A%2F%2Fno.bongacams.com%2Fpopular-chat%3Fbcs%3DZXN0a2I4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~%26amute%3D1&random_number=2474009805&sess_cookie=982202771831193c40438c8f176&sess_cookie_flag=1&user_cookie=982202771831193c40438c8f176&user_cookie_flag=1&dynamic=true&domain=bongacams.com&account=X2xYi1a8Dy00aY&jsv=20130128&user_lang=en-US HTTP/1.1
Host: certify.alexametrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
x-amz-meta-alexa-last-modified: 20110117123941
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 06 Sep 2022 03:28:58 GMT
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AdPzXz3UcnQBDeKNsrEhzAv3vW9fuqSF-CFt7FcpNTxJUdoQgKCQNw==
Age: 12308
cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.4138644117449446
131.153.88.93200 OK 23 kB URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.4138644117449446
IP 131.153.88.93:0
ASN #50389 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Hash 38c6e0301263b06a9ca45ab8b68d5404
fda9859106cf24abd676839bc46f1b1cfdeb18bc
05a3f7b7b93732273af80c2faf003b217dc6c836026192db547001f3b05b3b8b
GET /stream?room=pizza_biceps&f=0.4138644117449446 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=xaENJt1re.21jJFRKI9Pv843VZ_mM83cPkfzEPK0DD4-1662447241621-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:54:05 GMT
content-type: image/jpeg
content-length: 23353
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1rFlm/extra/listing_catrows.css
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1rFlm/extra/listing_catrows.css
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1rFlm/extra/listing_catrows.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-13ff"
expires: Wed, 05 Oct 2022 08:13:01 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81605
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84cebc1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/16.2fcecc4fbe403da70f1d.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/16.2fcecc4fbe403da70f1d.js
IP 104.26.1.188:0
GET /_next/static/chunks/16.2fcecc4fbe403da70f1d.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:18:49 GMT
etag: W/"4f4a-179fb7093d6"
cf-cache-status: HIT
age: 28904304
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odC%2BYeEs3Y65tUmOQgMZeYFYG14I28pBBokItdjyqJFtzUD8VPHmnes48XYpWxuqvEPJHWqNy7pkMxtiEkH1jjMScyMJHG1dOPvsrcPBSd4jHXMb%2B%2BhoCswoVr7i%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5abd400b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
trkbng.com/hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
31.192.112.221302 Found 0 B URL HTTP/2 trkbng.com/hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
IP 31.192.112.221:0
ASN #48684 Viking Host B.V.
GET /hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat HTTP/1.1
Host: trkbng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.promo-bc.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.bongocams.biz
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.bongacams.org
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.bongacams10.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.bcmspt.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.bngwlt.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.bngpt.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.bngpst.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.bngprl.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.bngpop.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.bngosv.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.bngvs.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.bngdyn.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.dynspt.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.ecdyn.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.trkbc.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.trkbng.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:03 GMT; Max-Age=1576800000; path=/; domain=.bcprm.com
location: https://bongacams.com/popular-chat?bcs=ZXN0a2I4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
expires: Tue, 06 Sep 2022 06:54:02 GMT
x-bcs: ded7724
strict-transport-security: max-age=0;
cache-control: no-cache, public
X-Firefox-Spdy: h2
a.focusde.info/api/spots/303892?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/303892?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/303892?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=aEYWYZ6IM6krQgnbyq4o; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/f63bd.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1rFlm/f63bd.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1rFlm/f63bd.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-2493"
expires: Wed, 05 Oct 2022 08:13:01 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a881c3c1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/live-message/3-2/css/animate.css
172.67.183.56200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/live-message/3-2/css/animate.css
IP 172.67.183.56:0
GET /sb/ssp/utility/live-message/3-2/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: text/css
last-modified: Thu, 28 Apr 2022 08:29:13 GMT
etag: W/"626a5059-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2926135
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iF4V%2BLYyqfd%2BX0Ig8rYJMp3iLSyF0yMtk8LQK7UcmbiEit0%2BKFaN%2F41tCjxtWofH6UsQ0wey50xJWOAOqF0TytuxMr%2FvKKatB24ntykGQHLmHGKko%2Fow6i1raemfNKx1jY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74654a6d393cfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bcprm.com/promo.php?type=direct_link&v=2&c=401977&amute=1&page=popular_chat
185.75.254.28302 Found 0 B URL HTTP/2 bcprm.com/promo.php?type=direct_link&v=2&c=401977&amute=1&page=popular_chat
IP 185.75.254.28:0
ASN #48684 Viking Host B.V.
GET /promo.php?type=direct_link&v=2&c=401977&amute=1&page=popular_chat HTTP/1.1
Host: bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin:
location: https://bongacams.com/track?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
expires: Tue, 06 Sep 2022 06:54:02 GMT
x-bcs: ded7384
strict-transport-security: max-age=0;
cache-control: no-cache, public
x-bc-bl: 105
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1rFlm/hg.css
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1rFlm/hg.css
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1rFlm/hg.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-c440"
expires: Wed, 05 Oct 2022 08:13:57 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81605
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84ceb91bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/css/output.cc7c3355797b.css
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.cc7c3355797b.css
IP 104.16.93.42:0
GET /CACHE/css/output.cc7c3355797b.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=246489
etag: W/"ff2f3baed2820c4c9ad8a0e5faadfe11"
last-modified: Thu, 01 Sep 2022 23:26:03 GMT
x-amz-id-2: b1+VuikajRX43fI12stCWkWnRQJlXi9r7VNYuD2X0XqjtgXKMz7u53Nd5EIvISx+8bg4CCeT5Z4=
x-amz-meta-s3cmd-attrs: md5:ff2f3baed2820c4c9ad8a0e5faadfe11
x-amz-request-id: EC6KTG6NT1H753P4
cf-cache-status: HIT
age: 372305
expires: Thu, 06 Oct 2022 06:54:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vKG8wtYjnlEzOGcTfDOxifNnUTOCnvNdxdjzXCzFq%2BNgfu%2FpqBD4u6JfMjXH4e%2FfCWqboweWH%2B6NJWIXvYzSXtozo38Ww0BBOmBQfK3ACE86JZc470Y7GB44M%2FSBPMOPr8SbOVq5bAk0XuPb2WGaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=PbNXALWKQniBTHHT3nOAuYVdKtPbvESfJ6UUlZJxh1M-1662447241604-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74654a7bf9bbb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.focusde.info/api/spots/391867?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/391867?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/391867?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=aEYWYZ6IM6krQgnbyq4o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
a.bestcontentfood.top/warp/4788752?r=91291
104.21.52.148200 OK 0 B URL HTTP/2 a.bestcontentfood.top/warp/4788752?r=91291
IP 104.21.52.148:0
Analyzer Verdict Alert fortinet Phishing
GET /warp/4788752?r=91291 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: application/javascript; charset=UTF-8
referer: b.bestcontentfood.top
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OBErHoQstbAHzU49BUdIkTUR3rGAb8eBfHxgnaaUnh99kEuCiqtxnhe1y1VIbMQktKvP%2BwffqiHV0EwQ9FULDBHUgNNCDr7bn4PImkWiQpjdZ0eansuDKw1jiHSMaXqwvZhEW24%2FD4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a700fabb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/6c2et.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1rFlm/6c2et.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1rFlm/6c2et.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-11ce"
expires: Wed, 05 Oct 2022 08:12:53 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a875b6d1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/i18n-min/1662022574/messages/no.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/i18n-min/1662022574/messages/no.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /i18n-min/1662022574/messages/no.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 08:56:41 GMT
etag: W/"631073c9-23f7b"
expires: Sat, 01 Oct 2022 08:57:31 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 424497
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e181bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/6e2b8.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1rFlm/6e2b8.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1rFlm/6e2b8.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:04 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-3181"
expires: Wed, 05 Oct 2022 08:13:00 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81592
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8d39b31bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/485dt.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1rFlm/485dt.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1rFlm/485dt.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:05 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-412e"
expires: Wed, 05 Oct 2022 08:13:00 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81602
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a958aa81bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/replace/10/arial/999/bnct_add1_v2.svg
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/images/replace/10/arial/999/bnct_add1_v2.svg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /images/replace/10/arial/999/bnct_add1_v2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Mar 2022 11:31:02 GMT
etag: W/"6231ca76-35ac"
expires: Mon, 12 Sep 2022 11:34:41 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-p4: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 115464
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a847e5e1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/N_Ewu15Blv-25xn5MIsVe/pages/signup.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/N_Ewu15Blv-25xn5MIsVe/pages/signup.js
IP 104.26.1.188:0
GET /_next/static/N_Ewu15Blv-25xn5MIsVe/pages/signup.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiI2NGYwMzAxZWU2MGI3IiwiaWF0IjoxNjYyNDQ3MjM3LCJleHAiOjE2NjMwNTIwMzd9.2SOlUQ6qq2j8v_YQPSuPpxR2uj9g83Jd_dKuyp0oyyI; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiNGJjZDgwYTQ0ZTI0ZCIsImlhdCI6MTY2MjQ0NzIzNywiZXhwIjoxNjY1MDM5MjM3fQ.g8pP1rQSCecLT-d6L4QkQJhnurLE6fclmX_p0mmcpU0; _ga=GA1.2.656588541.1662447232; _gid=GA1.2.2109603355.1662447232; _dc_gtm_UA-121614197-2=1; _ym_uid=1662447232675299073; _ym_d=1662447232; visitorGetPop=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:31 GMT
etag: W/"bac-1826d2b9f2c"
cf-cache-status: HIT
age: 2758034
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJbM52BJD8qzMkmhitMVGspDO7AgHHr6XSYQpWVWYBMgB8CYK%2BM%2BbW8h%2F8Bff%2FTE%2BWd1gn8OR%2FDmEG9RBCEHceoVHDz4S8xNH8NzA2zXm9HqQTG8Arp8wU8z0Ktidg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a61abce0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.e1067846ea15.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.e1067846ea15.js
IP 104.16.93.42:0
GET /CACHE/js/output.e1067846ea15.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=108152
etag: W/"97a23c5e27826ee4bed1dbcfe0601da8"
last-modified: Thu, 24 Jun 2021 21:24:09 GMT
x-amz-id-2: gJdq637yDaGW5b/k/xLZcaVgKR2zPrz11wa1iwf3/kEEAF2JWIngCVC4T9LIrDSnBaklrTBcytM=
x-amz-meta-s3cmd-attrs: md5:97a23c5e27826ee4bed1dbcfe0601da8
x-amz-request-id: C8A0N4S7KE12CYZQ
cf-cache-status: HIT
age: 1589195
expires: Thu, 06 Oct 2022 06:54:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTUaoeeB9Zwo3%2Ffmq6Mzj9DHbD7g%2F%2BfShSnsRp%2BhKfuMCO8Z6%2FZGOoNvHAsOdEjiUHS%2FRipmxZuDTpR4gD99TGqNVgE5I472VRWlaKULDeRZRexHlpkzXRH3RgznM2kM3OZbIjwHVe1fBm8zxzQo5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=Esse1MmrxJaXM3gI8g0x6e6KBrUFPCSOPbqCY5brBgs-1662447241603-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74654a7bf9c2b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.09a0bf741d47.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.09a0bf741d47.js
IP 104.16.93.42:0
GET /CACHE/js/output.09a0bf741d47.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"bb81bca2482741d6c4dcf148cb33a79d"
last-modified: Wed, 17 Aug 2022 00:26:59 GMT
x-amz-id-2: 3dz298/kgeP1Pq/aBz8wop8Gas15qR9oG1wjU5FgYthy7g6Z9MZpPydhaAydlHaKkHGU8KIJbDw=
x-amz-meta-s3cmd-attrs: md5:bb81bca2482741d6c4dcf148cb33a79d
x-amz-request-id: RGGA1ZRYYYSSRXHH
cf-cache-status: HIT
age: 1751029
expires: Thu, 06 Oct 2022 06:54:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dQnXVBXg2emX5opJMSC7mHuSstm%2BW8R8wuyLaAHrClv86JMQjvDDDKoZItT%2FwLOQyhfj1DkFtZeSgQOl%2F1a0w9vHMtOjNmSrLF%2FSQ%2BbLwaoRYjt4T%2FZl2FknYWNa8mGYIUFd3gFB2kyzvKBE1Pf%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=JSTUThcUykD.5C.4jBrb8eYCxJTs3eCoScOXyu27.xA-1662447241606-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74654a7bf9c5b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trkbng.com/hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
31.192.112.221302 Found 0 B URL HTTP/2 trkbng.com/hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat
IP 31.192.112.221:0
ASN #48684 Viking Host B.V.
GET /hit.php?c=401977&ps=direct_link&amute=1&csurl=https://bongacams.com/popular-chat HTTP/1.1
Host: trkbng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.promo-bc.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bongocams.biz
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bongacams.org
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bongacams10.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bcmspt.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bngwlt.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bngpt.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bngpst.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bngprl.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bngpop.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bngosv.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bngvs.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bngdyn.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.dynspt.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.ecdyn.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.trkbc.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.trkbng.com
BCH_H=b821eef9e4cb820b7653e83d3bbe9d52%7C2022-09-06; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bcprm.com
location: https://bongacams.com/popular-chat?bcs=aXNtaWI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
expires: Tue, 06 Sep 2022 06:54:01 GMT
x-bcs: ded7724
strict-transport-security: max-age=0;
cache-control: no-cache, public
X-Firefox-Spdy: h2
xfantazy.com/_next/static/N_Ewu15Blv-25xn5MIsVe/pages/video.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/N_Ewu15Blv-25xn5MIsVe/pages/video.js
IP 104.26.1.188:0
GET /_next/static/N_Ewu15Blv-25xn5MIsVe/pages/video.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:32 GMT
etag: W/"597e-1826d2ba0dc"
cf-cache-status: HIT
age: 2758173
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gxqjt2xZfolhl6WxOtzp0yiaYSWSNNuMv6R9yR4msnbN5uf2urAg%2BwE%2F3KRh0fQBS7U%2BkEco3SQfY%2F%2BwSDpBNEkUJI8VbfaLP%2B2ZkdCNtOcxH3LJ4InIQteGzQtFvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5aad320b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.caee332d326d.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.caee332d326d.js
IP 104.16.93.42:0
GET /CACHE/js/output.caee332d326d.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"b61e15511bf0db70d0d422e98c465403"
last-modified: Thu, 24 Jun 2021 21:24:08 GMT
x-amz-id-2: gAJe87IyJM0OkbaBgua73HTcoEANURYYk4wpsNNClr414DBIRL/v+K+9hxRFHrgcwnw38qlmXmM=
x-amz-meta-s3cmd-attrs: md5:b61e15511bf0db70d0d422e98c465403
x-amz-request-id: 2D5TZ021KE4200HB
cf-cache-status: HIT
age: 1589201
expires: Thu, 06 Oct 2022 06:54:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fovyU5t%2BD0uX2Hhxf4pNmaSEa23N866QllKnqTxPneGI9jCSQpKdO5iSGOqjIO6iSiWDkEHfoy7yAIdo8X%2Bm%2F%2FD1NvAo3tepc0Fd4O4djkcBofudzNFGmWy3ndGk81O3xTMeMx9dZhQ4Jmhk7PKxzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=QgDcPFif0eJ7Ivd.9fpI97SpXTL4.Ux23axIICt27gg-1662447241609-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74654a7bf9bfb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1rFlm/cr.css
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1rFlm/cr.css
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1rFlm/cr.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-1335a"
expires: Wed, 05 Oct 2022 08:13:06 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81605
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84ceba1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/b709e.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1rFlm/b709e.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1rFlm/b709e.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-1a04"
expires: Wed, 05 Oct 2022 08:13:01 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a881c421bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
tsyndicate.com/do2/b5346988f58b4a3986d63c85fcf561b2/vast?w=1280&h=1024&keywords=ifr&tz=0
162.55.130.248200 OK 0 B URL HTTP/2 tsyndicate.com/do2/b5346988f58b4a3986d63c85fcf561b2/vast?w=1280&h=1024&keywords=ifr&tz=0
IP 162.55.130.248:0
ASN #24940 Hetzner Online GmbH
GET /do2/b5346988f58b4a3986d63c85fcf561b2/vast?w=1280&h=1024&keywords=ifr&tz=0 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://media.aso1.net
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:54:00 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://media.aso1.net
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-vast: 3.0
x-request-id: 6820638e9913ffae
set-cookie: ts_uid=5da821f0-643c-4aed-a542-e3c8a2eda0fd; expires=Mon, 06 Mar 2023 06:54:00 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZOWjAiDEjRhcWIsYU3OIQYpmJMWzYkFFjxgwbCrv0URAQ; expires=Wed, 07 Sep 2022 06:54:00 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/h.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1rFlm/h.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1rFlm/h.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-a71c6"
expires: Wed, 05 Oct 2022 08:12:54 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e191bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/080df.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1rFlm/080df.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1rFlm/080df.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:05 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-1c5e9"
expires: Wed, 05 Oct 2022 08:13:00 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81602
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a956a8b1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/sprite/bc/mini_profile.svg
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/images/sprite/bc/mini_profile.svg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /images/sprite/bc/mini_profile.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no.bongacams.com
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:04 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Jun 2021 04:42:41 GMT
etag: W/"60c82fc1-2c81"
expires: Tue, 27 Sep 2022 10:23:41 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 119686
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8d49d21bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/07485.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1rFlm/07485.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1rFlm/07485.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-430c"
expires: Wed, 05 Oct 2022 08:13:58 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a871adb1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/N_Ewu15Blv-25xn5MIsVe/pages/login.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/N_Ewu15Blv-25xn5MIsVe/pages/login.js
IP 104.26.1.188:0
GET /_next/static/N_Ewu15Blv-25xn5MIsVe/pages/login.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiI2NGYwMzAxZWU2MGI3IiwiaWF0IjoxNjYyNDQ3MjM3LCJleHAiOjE2NjMwNTIwMzd9.2SOlUQ6qq2j8v_YQPSuPpxR2uj9g83Jd_dKuyp0oyyI; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiNGJjZDgwYTQ0ZTI0ZCIsImlhdCI6MTY2MjQ0NzIzNywiZXhwIjoxNjY1MDM5MjM3fQ.g8pP1rQSCecLT-d6L4QkQJhnurLE6fclmX_p0mmcpU0; _ga=GA1.2.656588541.1662447232; _gid=GA1.2.2109603355.1662447232; _dc_gtm_UA-121614197-2=1; _ym_uid=1662447232675299073; _ym_d=1662447232; visitorGetPop=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:31 GMT
etag: W/"ba5-1826d2b9f2c"
cf-cache-status: HIT
age: 2758033
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuRbl4DZKuY1jjLUu5YsebjAaT1EzGNzv9gUadX1mJIx7Sc5Uxu9%2Fy584p2OanOTipTGmcXyyY5Sib0hnZ2ySV1iThkKCWNiwCtaPCJVRIChE8zvSaH818z6AtSKsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a61abc90b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S789101659%3A1662447238271008&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmWa9WgVwMuHyMFkOXTlAL7qbKhR194q7_sW77ajavcMW0OEgNfrqhITgoMlaZmRjvuGIgEo1A
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S789101659%3A1662447238271008&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmWa9WgVwMuHyMFkOXTlAL7qbKhR194q7_sW77ajavcMW0OEgNfrqhITgoMlaZmRjvuGIgEo1A
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S789101659%3A1662447238271008&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmWa9WgVwMuHyMFkOXTlAL7qbKhR194q7_sW77ajavcMW0OEgNfrqhITgoMlaZmRjvuGIgEo1A HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 06:53:58 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
content-security-policy: script-src 'nonce-kRm-0tz6gs5GUhbBBuDvVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=oGHL2QD7RusTM0yCg0VyJbbLKGNPEmLGVTXxLbXuB8gXOmHV8nxx2v1DmBEeWpcdjWWOLZwvY5Ce_QFQAWd4mWc2ofmCgX6dYG7-l8wxhyvVw31QEoMKrMwdYFQmN5rsFfFo4Mv1pGRqXkV7aEWsrACW80D_L49y0Hw3XaN5y44; expires=Wed, 08-Mar-2023 06:53:58 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/355do.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1rFlm/355do.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1rFlm/355do.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:05 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-8dc8"
expires: Wed, 05 Oct 2022 08:12:59 GMT
cache-control: max-age=2592000
x-bc-o: 1, 2
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81604
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a956a891bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/f23dj.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1rFlm/f23dj.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1rFlm/f23dj.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:05 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-c779"
expires: Wed, 05 Oct 2022 08:12:53 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81602
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a958aab1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/replace/10/arial/999/bnct_add2.svg
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/images/replace/10/arial/999/bnct_add2.svg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /images/replace/10/arial/999/bnct_add2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jun 2021 09:45:11 GMT
etag: W/"60c08da7-2a63"
expires: Mon, 12 Sep 2022 11:34:41 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-p4: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2056752
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a848e641bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/7.38d845e9473548212694.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/7.38d845e9473548212694.js
IP 104.26.1.188:0
GET /_next/static/chunks/7.38d845e9473548212694.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"97ba-181397f9e55"
cf-cache-status: HIT
age: 7887629
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoowzPDvIhTHwnplCLQdjCT923l0KdT87EoQMvYdYR%2ByRyCwjUUy8omP9EX8rz8AnYfZVns2uD7BRnK8onn0K6Kii7t0YSENdEfCj%2B2PyvpctLcvXE1vY8gi20D7Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5aad3c0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
no.bongacams.com/popular-chat?bcs=aXNtaWI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
195.85.23.95200 OK 0 B URL HTTP/2 no.bongacams.com/popular-chat?bcs=aXNtaWI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
GET /popular-chat?bcs=aXNtaWI4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1 HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Cookie: __cf_bm=UY8q49cWuQaYW_P3H4AXct9dh7gOeqZ3UV7oFT3YVMw-1662447241-0-Aaoxr9T4nusNr+orwgX/ir0a2wvHt3G19rizopmFrGqBcev3jNSscSQ4l1xMedTzPzhmenrUujbJpOOI33oHyRg=; bonga20120608=cf0eb726d4e0318a9c062984d9bfab1c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin
x-ua-compatible: IE=edge,chrome=1
cache-control: no-cache, no-store, must-revalidate
set-cookie: ts_type2=1; expires=Wed, 06-Sep-2023 06:54:01 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
fv=ZGDlAmD0ZwL2ZD==; expires=Wed, 06-Sep-2023 06:54:01 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
uh=DIq+MSx2DxM2oJV4p1IbD0AMrIcIDj==; expires=Wed, 06-Sep-2023 06:54:01 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
ratr=189420%3A%3A401977%3A%3A2022-09-06%2009%3A54%3A01%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A; expires=Wed, 24-Aug-2072 06:54:01 GMT; Max-Age=1576799999; path=/; domain=.bongacams.com; HttpOnly
BONGAH_HIT=b821eef9e4cb820b7653e83d3bbe9d52%3A%3A189420%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A%3A%3A401977%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3Adirect_link%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-09-06%2009%3A54%3A01; expires=Sun, 05-Mar-2023 06:54:01 GMT; Max-Age=15551999; path=/; domain=.bongacams.com; secure; HttpOnly; SameSite=None
BONGA_REF=https%3A%2F%2Fpoweredby.jads.co%2F; expires=Sun, 05-Mar-2023 06:54:01 GMT; Max-Age=15551999; path=/; domain=.bongacams.com; HttpOnly
reg_ver2=3; expires=Wed, 06-Sep-2023 06:54:01 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
sg=246; expires=Wed, 06-Sep-2023 06:54:01 GMT; Max-Age=31535999; path=/; domain=.bongacams.com; secure; SameSite=None
__ti=H4sIAAAAAAACAyWIOw6AIBBEr2KmJ1lWlDB7GhItqDVYEO4uYvU-vRtUGDYmWXZxSZyqKJg8L8MBTj5nqWD49P6XZzHU6Y0rs8U4VhudX6_xu6RUAAAA; expires=Tue, 13-Sep-2022 06:54:02 GMT; Max-Age=604800; path=/; domain=.bongacams.com
warning18=%5B%22no_NO%22%5D; expires=Wed, 06-Sep-2023 06:54:02 GMT; Max-Age=31536000; path=/; domain=.bongacams.com; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74654a7d2e470afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1rFlm/extra/listing.css
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1rFlm/extra/listing.css
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1rFlm/extra/listing.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-120e6"
expires: Wed, 05 Oct 2022 08:13:01 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81605
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84cebb1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/94580.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1rFlm/94580.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1rFlm/94580.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-1324"
expires: Wed, 05 Oct 2022 08:13:01 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81604
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a872b0f1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/9.be198c87e436634bf765.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/9.be198c87e436634bf765.js
IP 104.26.1.188:0
GET /_next/static/chunks/9.be198c87e436634bf765.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"9c95-181397f9e55"
cf-cache-status: HIT
age: 7887995
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJCStcFq7%2FUD2WZlVAn%2Bj4yNhdBMIhRtnWDMhi0VV4tF%2FvvTSjFx0G4yVIifY7qqn6enfs2QzfaPXKL3s7ox5UoQkRCTErYRXNX5xzmM5QpGIoNrRLNU%2FV8MA4iM7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5abd3f0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/47.6c9a4510342e4dd3af77.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/47.6c9a4510342e4dd3af77.js
IP 104.26.1.188:0
GET /_next/static/chunks/47.6c9a4510342e4dd3af77.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"620-181397f9e59"
cf-cache-status: HIT
age: 7888397
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UW%2Fl7fqApXc6nnIVOkBp6gAof3kva%2BOzzXC8iiMBcDK6Qwe8UBiQWmdF0OUxCzR2%2FFW2PkEPY7c429bcbEpUWWDj%2BIMQpmEtuUlyMgnyFQ3zigQ2nvVRbEk42Lv2qg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5abd470b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
chatw-12.stream.highwebmedia.com/ws/info?t=1662447237130
104.19.242.83200 OK 0 B URL HTTP/2 chatw-12.stream.highwebmedia.com/ws/info?t=1662447237130
IP 104.19.242.83:0
GET /ws/info?t=1662447237130 HTTP/1.1
Host: chatw-12.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Cookie: _cfuvid=xaENJt1re.21jJFRKI9Pv843VZ_mM83cPkfzEPK0DD4-1662447241621-0-604800000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6hbGf56u3U5aaoneaOdraaZwHBvsLyHy58nZ9VQyAd0XURPyTHCKopb9aDkMMiYYjlLvnKHu4w3Sgv9JBZhzp7iSvikR1ineu7XlGj2KMU80x56WSM5b2TiboVHBuEGSTtNimmOYGpW2UHoyPMtsyDp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a811c3ab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1rFlm/ft.css
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1rFlm/ft.css
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1rFlm/ft.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-3a14"
expires: Wed, 05 Oct 2022 08:13:07 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81604
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e0b1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/dc7e6.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1rFlm/dc7e6.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1rFlm/dc7e6.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:04 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-4aca"
expires: Wed, 05 Oct 2022 08:12:53 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81603
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a8f3c091bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/video/60e2920ced696b7119a44c73
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/video/60e2920ced696b7119a44c73
IP 104.26.1.188:0
GET /video/60e2920ced696b7119a44c73 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: text/html; charset=utf-8
vary: Origin
set-cookie: visitorId=elljg3gpt4zt0y4uw6wne; Domain=xfantazy.com; Path=/; Expires=Mon, 06 Sep 2032 06:53:55 GMT; HttpOnly
experiment-popup-payment-7=0; Path=/; Expires=Tue, 13 Sep 2022 06:53:55 GMT
experiment-save-to-button-2=0; Path=/; Expires=Tue, 13 Sep 2022 06:53:55 GMT
x-powered-by: Next.js
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugPWHFgPr1SdZgiV7Ywj9YhQCvQv9hfYaUVb9oMZXNunLPEkqc3KskLOseu4wMcE8rfHPdiQVdVsk2OLjUyCtl9BEzKBmY9SHJft0sYazu1xZan0ZXUx5YcFUT8eDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a582b130b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjQ2OTIsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjQ2OTIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI1NjI5NDkzODUiLCJ1dG0xIjoidGNiYW5faSIsInV0bTIiOiI0NjkyIiwidXRtMyI6IjE5Nzc1IiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiI0NjkyIiwicGFnZSI6Imh0dHBzOi8vYS5mb2N1c2RlLmluZm8vIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjM2YTBkM2RmNWY3NDQ3ZmU4NjVjNTFkNDZmYjZkNmFjIn0sImV4dCI6eyJkdCI6MTY2MjQ0NzIzNDgxNn19
159.69.163.6200 OK 0 B URL HTTP/2 rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjQ2OTIsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjQ2OTIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI1NjI5NDkzODUiLCJ1dG0xIjoidGNiYW5faSIsInV0bTIiOiI0NjkyIiwidXRtMyI6IjE5Nzc1IiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiI0NjkyIiwicGFnZSI6Imh0dHBzOi8vYS5mb2N1c2RlLmluZm8vIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjM2YTBkM2RmNWY3NDQ3ZmU4NjVjNTFkNDZmYjZkNmFjIn0sImV4dCI6eyJkdCI6MTY2MjQ0NzIzNDgxNn19
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjQ2OTIsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjQ2OTIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI1NjI5NDkzODUiLCJ1dG0xIjoidGNiYW5faSIsInV0bTIiOiI0NjkyIiwidXRtMyI6IjE5Nzc1IiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiI0NjkyIiwicGFnZSI6Imh0dHBzOi8vYS5mb2N1c2RlLmluZm8vIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjM2YTBkM2RmNWY3NDQ3ZmU4NjVjNTFkNDZmYjZkNmFjIn0sImV4dCI6eyJkdCI6MTY2MjQ0NzIzNDgxNn19 HTTP/1.1
Host: rtbbnr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.tubecorp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 06 Sep 2022 06:54:00 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/2fedd.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1rFlm/2fedd.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1rFlm/2fedd.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:05 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-2e7e"
expires: Wed, 05 Oct 2022 08:13:00 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81602
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a958aa91bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1rFlm/extra/chat.css
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1rFlm/extra/chat.css
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1rFlm/extra/chat.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-57c13"
expires: Wed, 05 Oct 2022 08:13:01 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a845e171bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/images/replace/10/arial/999/bnct_v2.svg
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/images/replace/10/arial/999/bnct_v2.svg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /images/replace/10/arial/999/bnct_v2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Mar 2022 11:31:02 GMT
etag: W/"6231ca76-345d"
expires: Mon, 12 Sep 2022 11:34:41 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-p4: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 117849
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a847e5d1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.focusde.info/api/spots/312874?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/312874?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/312874?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=XilnflEKYg3egiK8hjTW; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcicdn.com/promotions/sapphire_and_titan/3/182x600/no.svg
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/promotions/sapphire_and_titan/3/182x600/no.svg
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /promotions/sapphire_and_titan/3/182x600/no.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: image/svg+xml
last-modified: Fri, 01 Apr 2022 13:41:46 GMT
etag: W/"6247011a-115b8"
expires: Wed, 28 Sep 2022 04:01:31 GMT
cache-control: max-age=2592000
vary: Accept-Encoding
x-cache-0: 1
cf-cache-status: HIT
age: 701551
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a847e5c1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
bongacams.com/popular-chat?bcs=ZXN0a2I4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
195.85.23.88302 Found 0 B URL HTTP/2 bongacams.com/popular-chat?bcs=ZXN0a2I4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
IP 195.85.23.88:0
ASN #209242 Cloudflare London, LLC
GET /popular-chat?bcs=ZXN0a2I4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1 HTTP/1.1
Host: bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Cookie: __cf_bm=UY8q49cWuQaYW_P3H4AXct9dh7gOeqZ3UV7oFT3YVMw-1662447241-0-Aaoxr9T4nusNr+orwgX/ir0a2wvHt3G19rizopmFrGqBcev3jNSscSQ4l1xMedTzPzhmenrUujbJpOOI33oHyRg=; bonga20120608=cf0eb726d4e0318a9c062984d9bfab1c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 06 Sep 2022 06:54:02 GMT
content-type: text/html; charset=utf-8
location: https://no.bongacams.com/popular-chat?bcs=ZXN0a2I4MjFlZWY5ZTRjYjgyMGI3NjUzZTgzZDNiYmU5ZDUyOjoxODk0MjA6Omh0dHBzOi8vcG93ZXJlZGJ5LmphZHMuY28vOjo6Ojo6NDAxOTc3OjowOjowOjowOjpkaXJlY3RfbGluazo6MDo6ZGVmYXVsdDo6MA~~&amute=1
cache-control: no-cache, no-store, must-revalidate
set-cookie: ts_type2=1; expires=Wed, 06-Sep-2023 06:54:02 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
fv=ZwDlAmD0ZwL2ZD==; expires=Wed, 06-Sep-2023 06:54:02 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
uh=Mx90pIqUExMeGGMspQqYMIESEUEAoN==; expires=Wed, 06-Sep-2023 06:54:02 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
ratr=189420%3A%3A401977%3A%3A2022-09-06%2009%3A54%3A02%3A%3Ahttps%3A%2F%2Fpoweredby.jads.co%2F%3A%3A%3A%3A; expires=Wed, 24-Aug-2072 06:54:02 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74654a80bd2f1c02-OSL
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.1486cd5aa4f0.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.1486cd5aa4f0.js
IP 104.16.93.42:0
GET /CACHE/js/output.1486cd5aa4f0.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=117895
etag: W/"eb2259ff6dbd950ae158f73065752aa1"
last-modified: Thu, 21 Oct 2021 18:11:54 GMT
x-amz-id-2: k6NhlyRh+XXZM7+pSOMylQwAMSlxLRy7teDHalfRWz7mnIIf6Ig6amIFaKAolUjBHmL3PkEkULk=
x-amz-meta-s3cmd-attrs: md5:eb2259ff6dbd950ae158f73065752aa1
x-amz-request-id: FHZ86T60E9WK32PB
cf-cache-status: HIT
age: 120032
expires: Thu, 06 Oct 2022 06:54:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0ePYTEtXtE70Gd%2FACHpnmRxJhUVj74oDaWrdBJ8Kr0SBGzIEFrpv5sGxYmurypLMCCgx%2BEt4j6aQMscsXxzrp23Aw5uwsYUBjJ0KmYaJi6sF%2BN2jxK6yaBLHd0vlnUQdNANkvWNxgBWAeCUvJPNxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=Esse1MmrxJaXM3gI8g0x6e6KBrUFPCSOPbqCY5brBgs-1662447241603-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74654a7bf9bdb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/cachebust/chatembed-prod-e493c23b1695.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/cachebust/chatembed-prod-e493c23b1695.js
IP 104.16.93.42:0
GET /cachebust/chatembed-prod-e493c23b1695.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=902543
etag: W/"617263036b321f8342fbb603c1bdd9bd"
last-modified: Thu, 01 Sep 2022 23:43:16 GMT
x-amz-id-2: 8Fh5cz1xnGAx8DAuitzSQwTkzWRiXWI+ZGnxPGwYvSMBYpNAFL/mPsHjap/++GDh8E4UAqaU7sA=
x-amz-meta-s3cmd-attrs: md5:617263036b321f8342fbb603c1bdd9bd
x-amz-request-id: DNGCHBNNQW4XE7X6
cf-cache-status: HIT
age: 371251
expires: Thu, 06 Oct 2022 06:54:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIgZ2Umau1JnDZXg7tlS4Cp%2FQfqKdA3ajL%2BQ3lu%2B3pu4seA6nk57UZ7MzbCAm9HGX8bqi1jgjiLJKqrWF%2Fwv%2FvGpUYri7TU3f71bDdYL2vQaxXscvX4aY41Sgcx%2F14yQBuf%2FrlV4MgIDW8Mc%2FamyDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=JSTUThcUykD.5C.4jBrb8eYCxJTs3eCoScOXyu27.xA-1662447241606-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74654a7bf9ccb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.bcicdn.com/live/07a/208/093/xbig_lq/8e0917.webp
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/live/07a/208/093/xbig_lq/8e0917.webp
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /live/07a/208/093/xbig_lq/8e0917.webp HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/webp
content-length: 17464
last-modified: Tue, 06 Sep 2022 06:51:52 GMT
etag: "6316ee08-4438"
expires: Tue, 13 Sep 2022 06:51:55 GMT
cache-control: max-age=604800
access-control-allow-origin: *
x-bc-o: 1
x-circle-r: MISS
cf-cache-status: HIT
age: 122
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84beaa1bfa-OSL
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-616"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 06 Sep 2022 07:53:59 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
i.bcicdn.com/css-min/1rFlm/lt.css
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/css-min/1rFlm/lt.css
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /css-min/1rFlm/lt.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-1a8e2"
expires: Wed, 05 Oct 2022 08:13:02 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81605
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a84ceb81bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.focusde.info/api/spots/391865?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/391865?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/391865?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=aEYWYZ6IM6krQgnbyq4o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:53:59 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.5639074542151843
131.153.88.93200 OK 0 B URL HTTP/2 cbjpeg.stream.highwebmedia.com/stream?room=pizza_biceps&f=0.5639074542151843
IP 131.153.88.93:0
ASN #50389 Phoenix Nap, LLC.
GET /stream?room=pizza_biceps&f=0.5639074542151843 HTTP/1.1
Host: cbjpeg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=xaENJt1re.21jJFRKI9Pv843VZ_mM83cPkfzEPK0DD4-1662447241621-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: image/jpeg
content-length: 59426
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2
xfantazy.com/_next/static/N_Ewu15Blv-25xn5MIsVe/pages/_app.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/N_Ewu15Blv-25xn5MIsVe/pages/_app.js
IP 104.26.1.188:0
GET /_next/static/N_Ewu15Blv-25xn5MIsVe/pages/_app.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:31 GMT
etag: W/"20e2f-1826d2b9f2c"
cf-cache-status: HIT
age: 2758073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbJfSYuxzaGlx4MQ1iHMFGZllEgioAgY%2FTSWnex98rLEcK9SuTammSpXhNqHBt1Zl4kskpmyU%2FJ%2F6g4qg3BIU5%2FfMt0MznKuRfgFFixvie70jKgrHCMQsRZ82TVzqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5aad330b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/css/styles.f80584c6.chunk.css
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/css/styles.f80584c6.chunk.css
IP 104.26.1.188:0
GET /_next/static/css/styles.f80584c6.chunk.css HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: text/css; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Fri, 05 Aug 2022 08:43:01 GMT
etag: W/"2fd40-1826d2c1428"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lxny3dpNVqnK9dVQVE1P%2FtBDoTE7Db6Fmn05olf5bDHfgESy7bKyIMrh%2B9pc60hY%2F17GzrX3kv6GSnCQYf0M6Ad%2FJPcuVau1lFRo9um0I6UrQYk8x%2BcOv5y8y66gbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5ea8b30b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcicdn.com/js-min/1rFlm/f038f.js
195.85.23.226200 OK 0 B URL HTTP/2 i.bcicdn.com/js-min/1rFlm/f038f.js
IP 195.85.23.226:0
ASN #209242 Cloudflare London, LLC
GET /js-min/1rFlm/f038f.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:03 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:11:23 GMT
etag: W/"6315af2b-a57f"
expires: Wed, 05 Oct 2022 08:13:58 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-css: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81600
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74654a881c431bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/cachebust/theatermode-react-e493c23b1695.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/cachebust/theatermode-react-e493c23b1695.js
IP 104.16.93.42:0
GET /cachebust/theatermode-react-e493c23b1695.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=193938
etag: W/"6ebf7cd4ba318686e56afea4d43a81e2"
last-modified: Thu, 01 Sep 2022 23:43:15 GMT
x-amz-id-2: l2c4Sra2Gmci5Bb/bkSFnzGPkDvGxAXUnAjiZZ52CVsOLOSi3YsvQH7R8ey1OxxXRENhnXEc8gU=
x-amz-meta-s3cmd-attrs: md5:6ebf7cd4ba318686e56afea4d43a81e2
x-amz-request-id: H7EYYFEHA054BV7D
cf-cache-status: HIT
age: 371280
expires: Thu, 06 Oct 2022 06:54:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5B9ruqOlrWIIznGY4ncfHSKnGg53aCQatBUytjYvgJdOCI5R0SE5cfvseGBS%2FmLK8TYexiNdyOzxWZD9H3sPS2HXa1%2BGaFQnwtuWXPamMbwZapZn9RoiRRcW%2FK%2FDH5VA27O%2BxR1pg0epLFmiVndk2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=IIJtTdIKq.p_XHDUTTDi99raciG_J036In0EehHTC2g-1662447241605-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74654a7bf9c9b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/css/output.3d204bbf93b6.css
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.3d204bbf93b6.css
IP 104.16.93.42:0
GET /CACHE/css/output.3d204bbf93b6.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:54:01 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=81638
etag: W/"77a4b7340f86a2695a27c44ead4a3c3a"
last-modified: Fri, 26 Aug 2022 19:58:07 GMT
x-amz-id-2: cT2XzitaGs304rRIS5L6DtspU49RncpTLW6ZdmdBel/qFViEHV886seyqVF3DvvcxxSowlOC/S8=
x-amz-meta-s3cmd-attrs: md5:77a4b7340f86a2695a27c44ead4a3c3a
x-amz-request-id: TB1RA68HF42BCY09
cf-cache-status: HIT
age: 903173
expires: Thu, 06 Oct 2022 06:54:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ya4rlBRI%2FnNWmPtDJwTXkTwr94TZ1yg8nqdZhPVaetz434n5fsG3BxyT2S27Blo%2BakF44OTAS6uIaI4v%2FW9PkwnA7NCjWsULmMgg%2BklPMSjkOX%2BQAVxNzG2Peqcof2QAIEi7ENKbGvhS3AxxPDTaBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=xaENJt1re.21jJFRKI9Pv843VZ_mM83cPkfzEPK0DD4-1662447241621-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74654a7c09d1b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/242.e6062ff562716b6e41db.js
104.26.1.188200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/242.e6062ff562716b6e41db.js
IP 104.26.1.188:0
GET /_next/static/chunks/242.e6062ff562716b6e41db.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/60e2920ced696b7119a44c73
Cookie: visitorId=elljg3gpt4zt0y4uw6wne; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:53:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 28 Jun 2022 10:55:52 GMT
etag: W/"26cdb-181a9f40d06"
cf-cache-status: HIT
age: 6033366
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBnoQVxgBeoNlQ0weSryVeasS2boex1xSUzjao10p2Kzu449eH6Uz0%2FTbL8iRTJFgbz2SCA2CYu3SEkoo6zZ03aFOgcjvSGjz%2BrjizoC3BsEH78PgfYBLrHr38tp9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74654a5ea8ba0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2